This guide starts by creating two nodes: a controller node to host most services, and a compute node to run virtual machine instances. Later chapters create additional nodes to run more services. OpenStack offers a lot of flexibility in how and where you run each service, so this is not the only possible configuration. However, you do need to configure certain aspects of the operating system on each node. This chapter details a sample configuration for both the controller node and any additional nodes. It's possible to configure the operating system in other ways, but the remainder of this guide assumes you have a configuration compatible with the one shown here. All of the commands throughout this guide assume you have administrative privileges. Either run the commands as the root user, or prefix them with the sudo command.

For a production deployment of OpenStack, most nodes should have two network interface cards: one for external network traffic, and one to communicate only with other OpenStack nodes. For simple test cases, you can use machines with only a single network interface card. This section sets up networking on two networks with static IP addresses and manually manages a list of host names on each machine. If you manage a large network, you probably already have systems in place to manage this. If so, you may skip this section, but note that the rest of this guide assumes that each node can reach the other nodes on the internal network using host names like controller and compute1. Start by disabling the NetworkManager service and enabling the network service. The network service is more suitable for the static network configuration done in this guide. # service NetworkManager stop # service network start # chkconfig NetworkManager off # chkconfig network on Since Fedora 19, firewalld replaced iptables as the default firewall system. You can configure firewalld successfully, but this guide currently recommends and demonstrates the use of iptables. For Fedora 19 systems, run the following commands to disable firewalld and enable iptables. # service firewalld stop # service iptables start # chkconfig firewalld off # chkconfig iptables on When you setup your system, use the traditional network scripts and do not use the NetworkManager. You can change the settings also after installation with the YaST network module: # yast2 network Next, create the configuration for both eth0 and eth1. This guide uses 192.168.0.x address for the internal network and 10.0.0.x addresses for the external network. Make sure that the corresponding network devices are connected to the correct network. In this guide, the controller node uses the IP addresses 192.168.0.10 and 10.0.0.10. When creating the compute node, use 192.168.0.11 and 10.0.0.11 instead. Additional nodes added in later chapters will follow this pattern.

# Internal Network DEVICE=eth0 TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.0.10 NETMASK=255.255.255.0 DEFROUTE=yes ONBOOT=yes # External Network DEVICE=eth1 TYPE=Ethernet BOOTPROTO=static IPADDR=10.0.0.10 NETMASK=255.255.255.0 DEFROUTE=yes ONBOOT=yes To set up the two network interfaces, start the YaST network module, as follows: # yast2 network Use the following parameters to set up the first ethernet card eth0 for the internal network: Statically assigned IP Address IP Address: 192.168.0.10 Subnet Mask: 255.255.255.0 Use the following parameters to set up the second ethernet card eth1 for the external network: Statically assigned IP Address IP Address: 10.0.0.10 Subnet Mask: 255.255.255.0 Setup a default route on the external network. # Internal Network auto eth0 iface eth0 inet static address 192.168.0.10 netmask 255.255.255.0 # External Network auto eth1 iface eth1 inet static address 10.0.0.10 netmask 255.255.255.0 Once you've configured the network, restart the daemon for changes to take effect: # service networking restart # service network restart Set the host name of each machine. Name the controller node controller and the first compute node compute1. These are the host names used in the examples throughout this guide. Use the hostname command to set the host name: # hostname controller Use yast network to set the host name with YaST. To have the host name change persist when the system reboots, you need to specify it in the proper configuration file. In Red Hat Enterprise Linux, CentOS, and older versions of Fedora, you set this in the file /etc/sysconfig/network. Change the line starting with HOSTNAME=. HOSTNAME=controller As of Fedora 18, Fedora now uses the file /etc/hostname. This file contains a single line with just the host name. To have this host name set when the system reboots, you need to specify it in the file /etc/hostname. This file contains a single line with just the host name. Finally, ensure that each node can reach the other nodes using host names. In this guide, we will manually edit the /etc/hosts file on each system. For large-scale deployments, you should use DNS or a configuration management system like Puppet. 127.0.0.1 localhost 192.168.0.10 controller 192.168.0.11 compute1

To keep all the services in sync across multiple machines, you need to install NTP. In this guide, we will configure the controller node to be the reference server, and configure all additional nodes to set their time from the controller node. Install the ntp package on each system running OpenStack services. # apt-get install ntp # yum install ntp # zypper install ntp Set up the NTP server on your controller node so that it receives data by modifying the ntp.conf file and restarting the service. # service ntpd start # chkconfig ntpd on # service ntp start # chkconfig ntp on Set up all additional nodes to synchronize their time from the controller node. The simplest way to do this is to add a daily cron job. Add a file at /etc/cron.daily/ntpdate that contains the following: # ntpdate controller # hwclock -w Make sure to mark this file as executable. # chmod a+x /etc/cron.daily/ntpdate

Most OpenStack services require a database to store information. In this guide, we use a MySQL database running on the controller node. The controller node needs to have the MySQL database installed. Any additional nodes that access MySQL need to have the MySQL client software installed: Most OpenStack services require a database to store information. In this guide, we use a MySQL database on SUSE Linux Enterprise Server and a compatible database on openSUSE running on the controller node. This compatible database for openSUSE is MariaDB. The controller node needs to have the MariaDB database installed. Any additional nodes that access the MariaDB database need to have the MariaDB client software installed: For SUSE Linux Enterprise Server: On the controller node, install the MySQL client, the MySQL database, and the MySQL Python library. # zypper install mysql-client mysql python-mysql For openSUSE: On the controller node, install the MariaDB client, the MariaDB database, and the MySQL Python library. # zypper install mariadb-client mariadb python-mysql # apt-get install python-mysqldb mysql-server # yum install mysql mysql-server MySQL-python When you install the server package, you will be asked to enter a root password for the database. Be sure to choose a strong password and remember it - it will be needed later. Edit /etc/mysql/my.cnf/etc/my.cnf and set the bind-address to the internal IP address of the controller, to allow access from outside the controller node. # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. bind-address = 192.168.0.10 On any nodes besides the controller node, just install the MySQL MariaDB (on openSUSE) client and the MySQL Python library. This is all you need to do on any system not hosting the MySQL database. # apt-get install python-mysqldb # yum install mysql MySQL-python # zypper install mariadb-client python-mysql For SUSE Linux Enterprise, install MySQL: # zypper install mysql-client python-mysql Start the MySQL MariaDB or MySQL database server and set it to start automatically when the system boots. # service mysqld start # chkconfig mysqld on # service mysql start # chkconfig mysql on Finally, you should set a root password for your MySQL MariaDB or MySQL database. The OpenStack programs that set up databases and tables will prompt you for this password if it's set. You also need to delete the anonymous users that are created when the database is first started. Otherwise, you will get database connection problems when following the instructions in this guide. You can do both of these with the mysql_secure_installation command. You need to delete the anonymous users that are created when the database is first started. Otherwise, you will get database connection problems when following the instructions in this guide. You can do this with the mysql_secure_installation command. # mysql_secure_installation If you have not already set a root database password, press enter when first prompted for the password. This command will present a number of options for you to secure your database installation. Answer yes to all of them unless you have a good reason to do otherwise.

Distribution releases and OpenStack releases are often independent of each other and thus you might need to add some extra steps to access the latest OpenStack release after installation of the machine before installation of any OpenStack packages. This guide uses the OpenStack packages from the RDO repository. These packages work on Red Hat Enterprise Linux 6 and compatible versions of CentOS, as well as Fedora 19. Enable the RDO repository by downloading and installing the rdo-release-havana package. # yum install http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-6.noarch.rpm The EPEL package includes GPG keys for package signing and repository information. This should only be installed on Red Hat Enterprise Linux and CentOS, not Fedora. Install the latest epel-release package (see http://download.fedoraproject.org/pub/epel/6/x86_64/repoview/epel-release.html). For example: # yum install http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm The openstack-utils package contains utility programs that make installation and configuration easier. These programs will be used throughout this guide. Install openstack-utils. This will also verify that you can access the RDO repository. # yum install openstack-utils Use the Open Build Service repositories for Havana based on your openSUSE or SUSE Linux Enterprise Server version, for example if you run openSUSE 12.3 use: # zypper addrepo -f obs://Cloud:OpenStack:Havana/openSUSE_12.3 Havana If you use SUSE Linux Enterprise Server 11 SP3, use: # zypper addrepo -f obs://Cloud:OpenStack:Havana/SLE_11_SP3 Havana For openSUSE 13.1, nothing needs to be done since OpenStack Havana packages are part of the distribution itself. The openstack-utils package contains utility programs that make installation and configuration easier. These programs will be used throughout this guide. Install openstack-utils. This will also verify that you can access the Open Build Service repository: # zypper install openstack-utils The Ubuntu Cloud Archive is a special repository that allows you to install newer releases of OpenStack on the stable supported version of Ubuntu. Install the Ubuntu Cloud Archive for Havana: # apt-get install python-software-properties # add-apt-repository cloud-archive:havana Upgrade the system (and reboot if you need): # apt-get update && apt-get dist-upgrade The Havana release is available only in Debian Sid (otherwise called Unstable). However, the Debian maintainers of OpenStack also maintain a non-official Debian repository for OpenStack containing Wheezy backports. Install the Debian Wheezy backport repository Havana: # echo "deb http://archive.gplhost.com/debian havana-backports main" >>/etc/apt/sources.list Install the Debian Wheezy OpenStack repository for Havana: # echo "deb http://archive.gplhost.com/debian havana main" >>/etc/apt/sources.list Upgrade the system and install the repository key: # apt-get update && apt-get install gplhost-archive-keyring && apt-get update && apt-get dist-upgrade There are also numerous mirrors of archive.gplhost.com available from around the world, all available with both FTP and HTTP protocols (you should use the closest mirror). The list of mirrors is available at http://archive.gplhost.com/readme.mirrors.

On the controller node, install the messaging queue server. Typically this is RabbitMQQpid but QpidRabbitMQ and ZeroMQ (0MQ) are also available. # apt-get install rabbitmq-server # zypper install rabbitmq-server # yum install qpid-cpp-server memcached The rabbitmq-server package configures the RabbitMQ service to start automatically and creates a guest user with a default guest password. The RabbitMQ examples in this guide use the guest account, though it is strongly advised to change its default password, especially if you have IPv6 available: by default the RabbitMQ server will allow anyone to connect to it using guest as login and password, and with IPv6, it will be reachable from the outside. To change the default guest password of RabbitMQ, you can do: # rabbitmqctl change_password guest NEW_PASS Disable Qpid authentication by editing /etc/qpidd.conf file and changing the auth option to no. auth=no Start Qpid and set it to start automatically when the system boots. # service qpidd start # chkconfig qpidd on Start the messaging service and set it to start automatically when the system boots: # service rabbitmq-server start # chkconfig rabbitmq-server on Congratulations, now you are ready to start installing OpenStack services!