| Deletions are marked like this. | Additions are marked like this. |
| Line 66: | Line 66: |
| * [[gold.club.cc.cmu.edu|gold.club.cc.cmu.edu]]: 07/22/14 To Be added as Worker in ccvm-us-east-1 |
* [[gold.club.cc.cmu.edu|gold.club.cc.cmu.edu]]: To Be added as Worker in ccvm-us-east-1 == Add/Remove boot disk images == TBA/Use the WebUI for now |
| Line 71: | Line 76: |
|
We had the idea of setting the subnet to be the entire B6 network and reserving already used ips. (Speculation) Openstack uses the first ip in it's range as the router. |
For Openstack deployment and installation instructions see Projects/ccvms/Openstack
Provide easy-to-obtain virtual machines to members of the CMU community. Located at https://openstack.club.cc.cmu.edu.
Quickly tell me how to Use this
You'll need an CCVM Openstack User, so create one as follows or have someone create one for you.
Create an account (to be migrated to webui)
1 # As root on cobalt, or authorize your command line as admin user with keystone arguments
2
3 #############
4 #REPLACE ssosothi with desired name
5 #############
6
7 # create the user environment
8 keystone tenant-create --name ssosothi --description "ssosothi's project"
9 # allow admin to moderate the environment
10 keystone user-role-add --user admin --role admin --tenant ssosothi
11
12 # setup firewall defaults on new instances
13 nova --os-tenant-name ssosothi secgroup-add-rule default tcp 22 22 0.0.0.0/24
14 nova --os-tenant-name ssosothi secgroup-add-rule default icmp -1 -1 0.0.0.0/24
15
16 # create the user
17 keystone user-create --name ssosothi --tenant ssosothi --pass temp_password --email ssosothi@club.cc.cmu.edu
18
19 # prompt to change the user password
20 keystone user-password-update ssosothi
21
22 # you can also change the password at https://openstack.club.cc.cmu.edu/settings/password/
23
Done!
You can login at https://openstack.club.cc.cmu.edu
Creating a Private Key
You'll need this to login to a new instance.
Goto https://openstack.club.cc.cmu.edu/project/access_and_security/
- Create a keypair or upload one if you already have one
- Download it from the creation popup. YOU ONLY HAVE ONE CHANCE TO DOWNLOAD
Once your instance is created login with -i args
1 bouncer$ ssh -i key.pem debian@10.5.5.2
Using CCVM
This section is a stub. You can help by Computer Club Wiki by expanding it
For Openstack deployment and installation instructions see Projects/ccvms/Openstack
cobalt.club.cc.cmu.edu: Controller/Network
osmium.club.cc.cmu.edu: Worker in ccvm-us-east-1
nitrogen.club.cc.cmu.edu: Worker in ccvm-us-east-1
gold.club.cc.cmu.edu: To Be added as Worker in ccvm-us-east-1
Add/Remove boot disk images
TBA/Use the WebUI for now
Release/Reserve IP address
Web UI is available for the Admin user at https://openstack.club.cc.cmu.edu/auth/switch/dbee0e9f6c444ba08d9936ac89cb201d/?next=/project/access_and_security/
We had the idea of setting the subnet to be the entire B6 network and reserving already used ips. (Speculation) Openstack uses the first ip in it's range as the router.
1 # To see the current subnet settings
2 neutron subnet-list
3
4 # To see all allocated ip
5 neutron floatingip-list
6
7 # To see reserved ip
8 nova --os-tenant-name=service floating-ip-list
9
10 # To delete a reserved ip
11 nova --os-tenant-name=service floating-ip-delete 128.237.157.160
12
13 # To reserve an ip, beginning at the first unreserved ip (There's no way to reserve a specific ip) :(
14 nova --os-tenant-name=service floating-ip-create ext-net
Delete User
If there ever comes the need to manually delete a user, these are the steps:
1 # As root on cobalt, or auth as admin on openstack
2
3 #############
4 #REPLACE ssosothi with desired name
5 #############
6
7 ########
8 # Delete each vm and free floating ip:
9 ########
10 nova --os-tenant-name ssosothi list
11
12 nova remove-floating-ip ecc59606-200f-4e28-bfa4-81b2cb19f577 128.237.157.160
13 nova --os-tenant-name ssosothi floating-ip-delete 128.237.157.160
14 nova delete ecc59606-200f-4e28-bfa4-81b2cb19f577
15
16 ###########
17 # Delete the user itself
18 ###########
19 keystone user-delete ssosothi
20 keystone tenant-delete ssosothi
Managing Availability Zones and Host Aggregates
The idea of Availability Zone is to create a pool of hosts, where each zone has a separate redundancy in the same server room. In our case, an Availability Zones could be each Rack in B6.
Host Aggregates are a group of hosts inside an Availability Zone sharing a common feature, such as a group for CPU bound hosts, and a group for Disk bound hosts. This is controlled via metadata on instance type and aggregate.
By Default hypervisors in each Host Aggregate will be selected in a round robin manner when launching an instance into that Aggregate.
To use Availability Zones we need at least one Host Aggregate in that zone.
Currently we have 1 Availability Zone:
- cclub-us-east-1: Rack 6 all CCVM hosts
And 1 Host Aggregate:
- ccvm-aggregate: Rack 6 all CCVM hosts
The commands to manage Availability Zones and Host Aggregates are:
1 # Prints a tree of all availability zone
2 nova availability-zone-list
3
4 # Prints all host aggregate
5 nova aggregate-list
6
7 nova aggregate-delete
8 nova aggregate-update
9 nova aggregate-set-metadata
10
11 # Manually add a host to an aggregate inside an availability zone
12 nova aggregate-add-host
13
14 # Manually remove a host to an aggregate inside an availability zone
15 aggregate-remove-host
Debugging
Contact #ssosothi@irc.freenode.net or ssosothi@club for any additional assistance
Get service status
On Cobalt
1 nova-manage service list
Instance not starting
If Cobalt status is all OK, go check nova log on the compute node.
1 cat /var/log/nova/nova-compute.log
Some errors can be ignored such as
nbd module not loaded Device allocation failed after repeated retries Deprecated: The LibvirtHybridOVSBridgeDriver VIF driver is now deprecated libvirtError: internal error: Cannot find suitable CPU model for given data
No Network/Network Problem
From an instance/ create a new cirrOS instance
1 # Ping the DHCP server, failure usually means problem in cobalt's neutron-dhcp-agent service
2 ping 10.5.5.3
3
4 # Ping the Router, failure usually means problem in cobalt's neutron-l3-agent service or problems outside the netns
5 ping 10.5.5.1
6
7 # Test the autoprovison server, failure usually means problem in cobalt's neutron-metadata-agent service
8 curl 169.254.169.254
Check keystone log
Some problems can be caused by services not authenticating against keystone correctly. First bet is to check this log:
1 tail -F /var/log/keystone/keystone.log
Nova debug & Restart Nova
1 vi /etc/nova/nova.conf
2 /debug = true
3
4 service nova-api restart
5 service nova-cert restart
6 service nova-consoleauth restart
7 service nova-scheduler restart
8 service nova-conductor restart
9 service nova-novncproxy restart