Metonymical Deflection

ゆるく日々のコト・たまにITインフラ

Open Stack Neutron環境構築 その2:OpenStack のインストール

tech Windows Linux NW 仮想化

Open Stack(pike)のインストールを実施します。*1
構成などは前回記事を確認してください。

  1. 各種サービスなどのインストール
  2. Keystone
  3. Glance
  4. Nova1:Controller
  5. Nova2:Compute
  6. Horizon

1.各種サービスなどのインストール

対象:Controllerのみ

1-1.OpenStackクライアント
apt -y install python-openstackclient
1-2.MySQL
apt -y install mariadb-server python-pymysql

vi /etc/mysql/mariadb.conf.d/99-openstack.cnf

[mysqld]
bind-address = 10.10.0.100
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

systemctl restart mysql

mysql_secure_installation
#パスワードは全てopenstackとします。

以下出力例です。*2

root@controller01:~# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): Enter
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Enter
New password: openstackと入力
Re-enter new password: openstackと入力
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Enter
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Enter
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Enter
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Enter
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
1-3.RabbitMQ
apt -y install rabbitmq-server

rabbitmqctl add_user openstack rabbit
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
1-4.Memcached
apt -y install memcached python-memcache

vi /etc/memcached.conf

#-l 127.0.0.1
-l 10.10.0.100

systemctl restart memcached

2.Keystone

対象:Controllerのみ

2-1.DBの設定
mysql

CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';
quit;

以下出力例です。

root@controller01:~# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 40
Server version: 10.0.38-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit;
Bye
root@controller01:~#
2-2.インストールと設定
apt -y install keystone apache2 libapache2-mod-wsgi

vi /etc/keystone/keystone.conf

[database]
#connection = sqlite:////var/lib/keystone/keystone.db
connection = mysql+pymysql://keystone:keystone@controller01/keystone

[token]
provider = fernet
2-3.DB登録と初期化
su -s /bin/sh -c "keystone-manage db_sync" keystone

keystone-manage fernet_setup \
--keystone-user keystone --keystone-group keystone

keystone-manage credential_setup \
--keystone-user keystone --keystone-group keystone
2-4.Endpoint設定
keystone-manage bootstrap --bootstrap-password openstack \
--bootstrap-admin-url http://controller01:35357/v3/ \
--bootstrap-internal-url http://controller01:5000/v3/ \
--bootstrap-public-url http://controller01:5000/v3/ \
--bootstrap-region-id RegionOne
2-5.Webサービス設定&再起動
sed -i '1s/^/ServerName controller01\n&/' /etc/apache2/apache2.conf
systemctl restart apache2
2-6.環境変数ファイル生成
cat >> ~/adminrc <<EOF
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://controller01:35357/v3
export OS_IDENTITY_API_VERSION=3
EOF

cat >> ~/demorc <<EOF
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://controller01:35357/v3
export OS_IDENTITY_API_VERSION=3
EOF

source adminrc

#これ以降、openstackコマンドを打つときは、
#sshログイン直後に上記adminrcを読み込んでください。
#読み込まずにopenstackコマンドを打つと以下のエラーが表示されます。
#demorcはほぼ使用しないと思いますが念のため。

root@controller01:~# openstack endpoint list
Missing value auth-url required for auth plugin password
2-7.動作確認
openstack endpoint list
openstack service list
2-8.ProjectやRoleの登録
openstack project create --description "Service Project" service
openstack project create --description "Demo Project" demo
openstack user create demo --password=demo
openstack role create user
openstack role add --project demo --user demo user

3.Glance

対象:Controllerのみ

3-1.DBの設定
mysql

CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance';
quit;
3-2.ユーザ登録・サービス登録・Endpoint作成・インストール
openstack user create glance --domain default --password=glance
openstack role add --project service --user glance admin

openstack service create --name glance \
--description "OpenStack Image" image

openstack endpoint create --region RegionOne \
image public http://controller01:9292

openstack endpoint create --region RegionOne \
image internal http://controller01:9292

openstack endpoint create --region RegionOne \
image admin http://controller01:9292

apt -y install glance
3-3.glance-api.comf設定
vi /etc/glance/glance-api.conf

[database]
connection = mysql+pymysql://glance:glance@controller01/glance

[keystone_authtoken]
auth_uri = http://controller01:5000
auth_url = http://controller01:35357
memcached_servers = controller01:11211
auth_type = password
user_domain_name = default
project_domain_name = default
project_name = service
username = glance
password = glance

[paste_deploy]
flavor = keystone

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images
3-4.glance-registry.comf設定
vi /etc/glance/glance-registry.conf

[database]
connection = mysql+pymysql://glance:glance@controller01/glance

[keystone_authtoken]
auth_uri = http://controller01:5000
auth_url = http://controller01:35357
memcached_servers = controller01:11211
auth_type = password
user_domain_name = default
project_domain_name = default
project_name = service
username = glance
password = glance

[paste_deploy]
flavor = keystone
3-5.DB登録&設定ファイル読込み
su -s /bin/sh -c "glance-manage db_sync" glance

systemctl restart glance-registry glance-api
3-6.イメージ登録
mkdir /tmp/images

#cirrosの登録
wget -P /tmp/images http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img

openstack image create "cirros-0.4.0" \
--file /tmp/images/cirros-0.4.0-x86_64-disk.img \
--disk-format qcow2 \
--container-format bare \
--public

#ubuntuの登録
wget -P /tmp/images http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img

openstack image create "ubuntu-xenial-16.04" \
--file /tmp/images/xenial-server-cloudimg-amd64-disk1.img \
--disk-format qcow2 \
--container-format bare \
--public

#登録イメージの確認
openstack image list

root@controller01:~# openstack image list
+--------------------------------------+---------------------+--------+
| ID                                   | Name                | Status |
+--------------------------------------+---------------------+--------+
| 749433d2-2f69-47bf-9de7-a0a9e3a72bb6 | cirros-0.4.0        | active |
| 6819234c-4757-41d8-867a-c3b44a9f5a47 | ubuntu-xenial-16.04 | active |
+--------------------------------------+---------------------+--------+
3-7.簡易動作確認

この時点で以下のように登録されていればOKです。

openstack endpoint list
openstack service list

root@controller01:~# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                           |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
| 266e4c678cda43ab9bec4a70ddccfb97 | RegionOne | glance       | image        | True    | internal  | http://controller01:9292      |
| 6256b9ec413d4a9ca8bc1feb90448260 | RegionOne | glance       | image        | True    | public    | http://controller01:9292      |
| 7ab5e26b0f524c60a9ba33870283940a | RegionOne | keystone     | identity     | True    | admin     | http://controller01:35357/v3/ |
| e414354758e04ac7802ba300a864258f | RegionOne | keystone     | identity     | True    | internal  | http://controller01:5000/v3/  |
| e8a1585c91754424a2c7432e2bb31116 | RegionOne | keystone     | identity     | True    | public    | http://controller01:5000/v3/  |
| f1fb03de6fb24d6e818b239ad0276083 | RegionOne | glance       | image        | True    | admin     | http://controller01:9292      |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
root@controller01:~# openstack service list
+----------------------------------+----------+----------+
| ID                               | Name     | Type     |
+----------------------------------+----------+----------+
| 42e7a20b30944518ae5c345aab323d3d | glance   | image    |
| f3d100b18b794f649ee80c651787eb22 | keystone | identity |
+----------------------------------+----------+----------+

4.Nova1:Controller

対象:Controllerのみ

4-1.DBの設定・ユーザ登録・サービス登録・Endpoint作成
#DB設定
mysql

CREATE DATABASE nova;
CREATE DATABASE nova_api;
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova';
quit;

#ユーザ登録
openstack user create nova --domain default --password=nova
openstack user create placement \
--domain default --password=placement

openstack role add --project service --user nova admin
openstack role add --project service --user placement admin

#サービス登録
openstack service create --name nova \
--description "OpenStack Compute" compute
openstack service create --name placement \
--description "Placement API" placement

#Endpoint作成
openstack endpoint create --region RegionOne \
compute public http://controller01:8774/v2.1
openstack endpoint create --region RegionOne \
compute internal http://controller01:8774/v2.1
openstack endpoint create --region RegionOne \
compute admin http://controller01:8774/v2.1

openstack endpoint create --region RegionOne \
placement public http://controller01:8778
openstack endpoint create --region RegionOne \
placement internal http://controller01:8778
openstack endpoint create --region RegionOne \
placement admin http://controller01:8778
4-2.インストール・nova.conf設定
#インストール
apt -y install nova-api nova-conductor nova-consoleauth \
nova-novncproxy nova-scheduler nova-placement-api

#nova.conf設定
vi /etc/nova/nova.conf

[DEFAULT]
transport_url = rabbit://openstack:rabbit@controller01
my_ip = 10.10.0.100

[api_database]
#connection = sqlite:////var/lib/nova/nova_api.sqlite
connection = mysql+pymysql://nova:nova@controller01/nova_api

[database]
#connection = sqlite:////var/lib/nova/nova.sqlite
connection = mysql+pymysql://nova:nova@controller01/nova

[vnc]
enabled = true
vncserver_listen = 10.10.0.100
vncserver_proxyclient_address = 10.10.0.100

[api]
auth_strategy= keystone

[keystone_authtoken]
auth_uri = http://controller01:5000
auth_url = http://controller01:35357
memcached_servers = controller01:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova

[glance]
api_servers = http://controller01:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
#os_region_name = openstack
os_region_name = RegionOne
auth_url = http://controller01:35357/v3
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = placement
4-3.DB登録&設定ファイル読込み
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova

systemctl restart nova-api nova-consoleauth nova-scheduler nova-conductor nova-novncproxy

以下出力例です。

root@controller01:~# su -s /bin/sh -c "nova-manage api_db sync" nova
root@controller01:~# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
root@controller01:~# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
e0e3f86a-8b85-4184-9287-7e4dcd53db81
root@controller01:~# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/dist-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.')
  result = self._query(query)
/usr/lib/python2.7/dist-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.')
  result = self._query(query)
root@controller01:~# systemctl restart nova-api nova-consoleauth nova-scheduler nova-conductor nova-novncproxy
root@controller01:~#

This is deprecated and will be disallowed in a future release.と表示されますが、このまま先に進めてください。

<補足>
上記と似たようなコマンドで、以下の設定を実施する必要があります。
後ほど設定しますので現段階では不要です。

su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
4-4.簡易動作確認

この時点で以下のように登録されていればOKです。

openstack endpoint list
openstack service list

root@controller01:~# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                           |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
| 266e4c678cda43ab9bec4a70ddccfb97 | RegionOne | glance       | image        | True    | internal  | http://controller01:9292      |
| 4a8adf71ef9848b096819cf12e54c747 | RegionOne | placement    | placement    | True    | public    | http://controller01:8778      |
| 6256b9ec413d4a9ca8bc1feb90448260 | RegionOne | glance       | image        | True    | public    | http://controller01:9292      |
| 7ab5e26b0f524c60a9ba33870283940a | RegionOne | keystone     | identity     | True    | admin     | http://controller01:35357/v3/ |
| 8578d6dedb1742e2a190b261cddd831b | RegionOne | placement    | placement    | True    | admin     | http://controller01:8778      |
| 92a1b113381d4bd692879d335776928b | RegionOne | nova         | compute      | True    | admin     | http://controller01:8774/v2.1 |
| a8a9533b8b6345a1ba9fbedf840434d8 | RegionOne | nova         | compute      | True    | public    | http://controller01:8774/v2.1 |
| de3c9c2ca4484068b7e24a1dca3064a9 | RegionOne | placement    | placement    | True    | internal  | http://controller01:8778      |
| e414354758e04ac7802ba300a864258f | RegionOne | keystone     | identity     | True    | internal  | http://controller01:5000/v3/  |
| e8a1585c91754424a2c7432e2bb31116 | RegionOne | keystone     | identity     | True    | public    | http://controller01:5000/v3/  |
| f1fb03de6fb24d6e818b239ad0276083 | RegionOne | glance       | image        | True    | admin     | http://controller01:9292      |
| fe3a19d428c24042acb57218376f5fa6 | RegionOne | nova         | compute      | True    | internal  | http://controller01:8774/v2.1 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+

root@controller01:~# openstack service list
+----------------------------------+-----------+-----------+
| ID                               | Name      | Type      |
+----------------------------------+-----------+-----------+
| 35ae7499a8474de6b2650335cee9c38e | placement | placement |
| 42e7a20b30944518ae5c345aab323d3d | glance    | image     |
| bf8c25de6879401ea107f0462e8da1a4 | nova      | compute   |
| f3d100b18b794f649ee80c651787eb22 | keystone  | identity  |
+----------------------------------+-----------+-----------+

5.Nova2:Compute

対象:Computeのみ
x」となっている箇所は、Compute01と02でそれぞれ固有の値*3を入れる必要があります。

5-1.インストール・nova.conf設定・設定読込み
#インストール
apt -y install nova-compute

#nova.conf設定
vi /etc/nova/nova.conf

[DEFAULT]
transport_url = rabbit://openstack:rabbit@controller01
my_ip = 10.10.0.10x
##xについて##
#compute01=1, compute02=2となります。

[api]
auth_strategy= keystone

[keystone_authtoken]
auth_uri = http://controller01:5000
auth_url = http://controller01:35357
memcached_servers = controller01:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova

[vnc]
vncserver_proxyclient_address = 10.10.0.10x
enabled = True
vncserver_listen = 0.0.0.0
novncproxy_base_url = http://controller01:6080/vnc_auto.html
##xについて、上記と同様です##

[glance]
api_servers = http://controller01:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
#os_region_name = openstack
os_region_name = RegionOne
auth_url = http://controller01:35357/v3
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = placement

##VMWare上のu16.04の場合##
[libvirt]
hw_machine_type = x86_64=pc-i440fx-xenial

#設定読込み
systemctl restart nova-compute
5-2.簡易動作確認

この時点で以下のようにCompute01と02が登録されていればOKです。
Controller01で以下のコマンドにて確認してください。

openstack compute service list

root@controller01:~# openstack compute service list
+----+------------------+--------------+----------+---------+-------+----------------------------+
| ID | Binary           | Host         | Zone     | Status  | State | Updated At                 |
+----+------------------+--------------+----------+---------+-------+----------------------------+
|  1 | nova-scheduler   | controller01 | internal | enabled | up    | 2019-05-27T14:07:43.000000 |
|  2 | nova-consoleauth | controller01 | internal | enabled | up    | 2019-05-27T14:07:43.000000 |
|  3 | nova-conductor   | controller01 | internal | enabled | up    | 2019-05-27T14:07:44.000000 |
|  7 | nova-compute     | compute01    | nova     | enabled | up    | 2019-05-27T14:07:45.000000 |
|  8 | nova-compute     | compute02    | nova     | enabled | up    | 2019-05-27T14:07:41.000000 |
+----+------------------+--------------+----------+---------+-------+----------------------------+

6.Horizon

対象:Controllerのみ

6-1.インストール・nova.conf設定・設定読込み
#インストール
apt -y install openstack-dashboard

#nova.conf設定
vi /etc/openstack-dashboard/local_settings.py

#Defaultで以下の設定が入っていますが、全てコメントアウトしてください。
#OPENSTACK_HOST = "127.0.0.1"
#OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
#OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"

#以下の設定を投入。
OPENSTACK_HOST = "controller01"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"

#OPENSTACK_API_VERSIONSの設定は、Defaultでコメントアウトされているため、
#以下の設定をそのまま投入してください。
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}

#Defaultで以下の設定が入っていますが、全てコメントアウトしてください。
#かなり画面をスクロールしないと最後まで表示されないと思います。
#OPENSTACK_NEUTRON_NETWORK = {
#    'enable_router': True,
#    'enable_quotas': True,
#    'enable_ipv6': True,
#    'enable_distributed_router': False,
#    'enable_ha_router': False,
#    'enable_fip_topology_check': True,

    # Default dns servers you would like to use when a subnet is
    # created.  This is only a default, users can still choose a different
    # list of dns servers when creating a new subnet.
    # The entries below are examples only, and are not appropriate for
    # real deployments
    # 'default_dns_nameservers': ["8.8.8.8", "8.8.4.4", "208.67.222.222"],

    # Set which provider network types are supported. Only the network types
    # in this list will be available to choose from when creating a network.
    # Network types include local, flat, vlan, gre, vxlan and geneve.
    # 'supported_provider_types': ['*'],

    # You can configure available segmentation ID range per network type
    # in your deployment.
    # 'segmentation_id_range': {
    #     'vlan': [1024, 2048],
    #     'vxlan': [4094, 65536],
    # },

    # You can define additional provider network types here.
    # 'extra_provider_types': {
    #     'awesome_type': {
    #         'display_name': 'Awesome New Type',
    #         'require_physical_network': False,
    #         'require_segmentation_id': True,
    #     }
    # },

    # Set which VNIC types are supported for port binding. Only the VNIC
    # types in this list will be available to choose from when creating a
    # port.
    # VNIC types include 'normal', 'direct', 'direct-physical', 'macvtap',
    # 'baremetal' and 'virtio-forwarder'
    # Set to empty list or None to disable VNIC type selection.
#    'supported_vnic_types': ['*'],

    # Set list of available physical networks to be selected in the physical
    # network field on the admin create network modal. If it's set to an empty
    # list, the field will be a regular input field.
    # e.g. ['default', 'test']
#    'physical_networks': [],

#}

#以下の設定を投入。
#現段階では全てFalseでOKです。後でrouterとdistributed_routerをTrueにします。
OPENSTACK_NEUTRON_NETWORK = {
    'enable_router': False,
    'enable_quotas': False,
    'enable_ipv6': False,
    'enable_distributed_router': False,
    'enable_ha_router': False,
    'enable_lb': False,
    'enable_firewall': False,
    'enable_vpn': False,
    'enable_fip_topology_check': False,
}

#DEFAULT_THEME = 'ubuntu'
DEFAULT_THEME = 'default'

#設定読込み
systemctl reload apache2
6-2.簡易動作確認

以下のURLにアクセスし、ログインしてください。

http://controller01/horizon/
domain default
username admin
password openstack

ログイン画面は以下の通りです。
f:id:metonymical:20190527234147p:plain

ログイン後、いくつかのページが開ければOKです。
f:id:metonymical:20190527234201p:plain

以上です。

7.最後に

Neutron+OvS+DVR&Trunkをメインの内容にしたいと考えていたため、OpenStack のインストールまで書くのはどうかな?と正直悩みました。
RDO(PackStack)やDevStackを使えば、サクッとできると思うので。。。

しかし、物理筐体のNW周りからスタートしたこと*4により、

  • 物理NW周り
  • OpenStackの主要コンポーネント準備
  • Neutron:NWシステム(dhcp&metadata含む)
  • OvS:L2agent
  • DVR:L3agent
  • Trunk:L2トランク

という風に、段階的に構築していくことで、
より理解が深まりやすいのではないか?と考えました。

最初からDevStackなどで構築してしまうと、とりあえずDNSでLookupしてPing通るようになったけど、そこから自分がやりたい構成に変更する場合は、どこをいじったらいいのか?すぐにはピンと来ないかなと考えたからです。

というのも、
今回の構成を実際に構築して理解した上で
 L2agentであれば、LinuxBridge
 L3agentであれば、スタンドアローンRouterやHA Router(VRRP)
に変更することは容易いです。

また、Tungsten FabricやMidoNetに構成変更することも、今回の構成を理解していれば、それほど敷居は高くないかなと考えています。
なので、復習の意味も込めて、OpenStackのインストールも書くことにしました。

*1:進める前に現段階での仮想マシンのクローンやスナップショットは取得しておくことをお勧めします。

*2:以降、大事な箇所のみ出力例を記載します。

*3:compute01=1, compute02=2となります。今後もちょくちょく登場するので気を付けてください。

*4:今回はOpenStackのHostOSはVMWare上の仮想マシンですが…