# dnf install -y https://rdoproject.org/repos/rdo-release.rpm
# dnf install -y openstack-packstack
However, in meantime, the openstack-packstack package coming from RDO QuickStart page won't work for you as expected. The workaround below may be also viewed on RH's RDO blog roundup as of 06/29/2015. The package required for packstack run on F22 is currently (06/26/2015) pushed to Fedora Rawhide.
# dnf install fedora-repos-rawhide
# dnf --enablerepo=rawhide update openstack-packstack
Fedora - Rawhide - Developmental packages for the next Fedora re 1.7 MB/s | 45 MB 00:27
Last metadata expiration check performed 0:00:39 ago on Sat Jun 27 13:23:03 2015.
Dependencies resolved.
==============================================================
Package Arch Version Repository Size
==============================================================
Upgrading:
openstack-packstack noarch 2015.1-0.7.dev1577.gc9f8c3c.fc23 rawhide 233 k
openstack-packstack-puppet noarch 2015.1-0.7.dev1577.gc9f8c3c.fc23 rawhide 233 k
Transaction Summary
==============================================================
Upgrade 2 Packages
. . . . .
# dnf install python3-pyOpenSSL.noarch
Now generate the answer file to update CONFIG_KEYSTONE_SERVICE_NA# packstack --gen-answer-file answer-file-aio.txt
and set
CONFIG_KEYSTONE_SERVICE_NAME=httpd
You also need to pre-patch provision_demo.pp (see required patch in http://textuploader.com/yn'packstack --answer-file=./answer-file-aio.txt'
Upon completion you may try follow https://www.rdoproject.org# source keystonerc_admin
# keystone user-create --name demo --pass fedora
# keystone role-create --name user
# keystone tenant-create --name ostenant
# keystone user-role-add --user demo \
--role user --tenant ostenant
# cat >> ~/keystonerc_demo << EOF
export OS_USERNAME=demo
unset OS_SERVICE_TOKEN
export OS_TENANT_NAME=ostenant
export OS_PASSWORD=fedora
export OS_AUTH_URL=http://192.168.1.90:35357/v2.0/
export OS_REGION_NAME=RegionOne
export PS1='[\u@\h \W(keystone_demo)]\$ '
EOF
Switch environment to newly created tenant - ostenant. Create Neutron Router && tenant's (private) subnet:
# source keystonerc_demo
Create a router attached to the external network. This router routes traffic to the internal subnets:
# neutron router-create router1
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | d72adddf-4c02-4916-ae6d-16bfdaf59d99 |
| name | router1 |
| status | ACTIVE |
| tenant_id | 2c845a6ad20e45ccb0b045cee27a9661 |
+-----------------------+--------------------------------------+
Connect the router to external_network by setting the gateway for the router:
# neutron router-gateway-set router1 external_network
Set gateway for router router1. Create an internal network and its associated subnet:
# neutron net-create int
Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | 1a4157a6-5cf2-46e3-bdea-1533c8f54cdf |
| name | int |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 2c845a6ad20e45ccb0b045cee27a9661 |
+----------------+--------------------------------------+
Create private subnet with DHCP enabled and DNS server:
# neutron subnet-create int 30.0.0.0/24 --dns_nameservers list=true 8.8.8.8
Created a new subnet:
+------------------+--------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------+
| allocation_pools | {"start": "30.0.0.2", "end": "30.0.0.254"} |
| cidr | 30.0.0.0/24 |
| dns_nameservers | 8.8.8.8 |
| enable_dhcp | True |
| gateway_ip | 30.0.0.1 |
| host_routes | |
| id | 04b95f13-cc77-4f9a-8206-7f6ed183461d |
| ip_version | 4 |
| name | |
| network_id | 1a4157a6-5cf2-46e3-bdea-1533c8f54cdf |
| tenant_id | 2c845a6ad20e45ccb0b045cee27a9661 |
+------------------+--------------------------------------------+
Connect the above subnet to the router by setting it as a port:
# neutron router-interface-add router1 \
04b95f13-cc77-4f9a-8206-7f6ed183461d
Added interface 63ea2815-b524-4a12-931d-3e7db60ea170 to router router1.
List subnets (as keystonerc_demo):
# neutron subnet-list
+--------------------------------------+------+-------------+--------------------------------------------+
| id | name | cidr | allocation_pools |
+--------------------------------------+------+-------------+--------------------------------------------+
| 04b95f13-cc77-4f9a-8206-7f6ed183461d | | 30.0.0.0/24 | {"start": "30.0.0.2", "end": "30.0.0.254"} |
+--------------------------------------+------+-------------+--------------------------------------------+
Here we turn back to Fedora 22 tuning:
[root@ServerFedora22 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="192.168.1.32"
NETMASK="255.255.255.0"
DNS1="8.8.8.8"
BROADCAST="192.168.1.255"
GATEWAY="192.168.1.1"
NM_CONTROLLED="no"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
[root@ServerFedora22 network-scripts(keystone_admin)]# cat ifcfg-enp2s0
DEVICE="enp2s0"
ONBOOT="yes"
HWADDR="90:E6:BA:2D:11:EB"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no
# chkconfig network on
# systemctl stop NetworkManager
# systemctl disable NetworkManager
# reboot
Proceed with switching to Spice Console:
# dnf -y install spice-html5
# dnf -y install openstack-nova-spicehtml5proxy
# rpm -qa | grep openstack-nova-spicehtml5proxy
openstack-nova-spicehtml5proxy-2015.1.0-3.fc23.noarch
Update /etc/nova/nova.conf:
[DEFAULT]
. . . . .
web=/usr/share/spice-html5
. . . . . .
spicehtml5proxy_host=0.0.0.0
spicehtml5proxy_port=6082
. . . . . . .
# Disable VNC
vnc_enabled=false
. . . . . . .
[spice]
# AIO host IP 192.168.1.37
html5proxy_base_url=http://192.168.1.37:6082/spice_auto.html
server_proxyclient_address=127.0.0.1
server_listen=0.0.0.0
enabled=true
agent_enabled=true
keymap=en-us
:wq
# service httpd restart
# service openstack-nova-compute restart
# service openstack-nova-spicehtml5proxy start
# systemctl enable openstack-nova-spicehtml5proxy
Follow http://www.slideshare.net/LoadModule ssl_module modules/mod_ssl.so <== ADD
Listen 443 https
##
## SSL Global Context
##
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
# SSLSessionCache shmcb:/run/httpd/sslcache(512000) <== Comment out
SSLSessionCacheTimeout 300
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (0)