39,59 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Fachliteratur
- Sprache: Englisch
OpenStack Open Source software is one of the most used cloud infrastructures to support software development and big data analysis. It is developed by a thriving community of individual developers from around the globe and backed by most of the leading players in the cloud space today.
It is simple to implement, massively scalable, and can store a large pool of data and networking resources. OpenStack has a strong ecosystem that helps you provision your cloud storage needs. Add OpenStack's enterprise features to reduce the cost of your business.
This book will show you the steps to build up a private cloud environment. At the beginning, you'll discover the uses of cloud services such as the identity service, image service, and compute service. You'll dive into Neutron, the OpenStack Networking service, and get your hands dirty with configuring ML2, networks, routers, and Distributed Virtual Routers. You’ll then gather more expert knowledge on OpenStack cloud computing by managing your cloud's security and migration. After that, we delve in to OpenStack Object storage and how to manage servers and work with objects, cluster, and storage functionalities. Also, as you go deeper into the realm of OpenStack, you'll learn practical examples of Block storage, LBaaS, and FWaaS: installation and configuration covered ground up. Finally, you will learn OpenStack dashboard, Ansible and Foreman, Keystone, and other interesting topics.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Seitenzahl: 412
Veröffentlichungsjahr: 2015
Ähnliche
Table of Contents
OpenStack Cloud Computing Cookbook Third Edition
OpenStack Cloud Computing Cookbook Third Edition
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: September 2012
Second edition: October 2013
Third edition: August 2015
Production reference: 1170815
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78217-478-3
www.packtpub.com
Credits
Authors
Kevin Jackson
Cody Bunch
Egle Sigler
Reviewers
Chris Beatty
Walter Bentley
Victoria Martinez de la Cruz
Stefan Lenz
Andy McCrae
Melissa Palmer
Sriram Rajan
Commissioning Editor
Kartikey Pandey
Acquisition Editor
Indrajit Das
Content Development Editor
Akashdeep Kundu
Technical Editors
Naveenkumar Jain
Narsimha Pai
Copy Editors
Roshni Banerjee
Trishya Hajare
Project Coordinator
Milton Dsouza
Proofreader
Safis Editing
Indexer
Hemangini Bari
Graphics
Sheetal Aute
Production Coordinator
Nitesh Thakur
Cover Work
Nitesh Thakur
Foreword
At CERN, the European Organization for Nuclear Research, physicists and engineers are probing the fundamental structure of the universe. They use the world's largest and most complex scientific instruments to study the basic constituents of matter—the fundamental particles. The particles are made to collide together at close to the speed of light. The process gives clues to physicists about how the particles interact and provides insights into the fundamental laws of nature.
The Large Hadron Collider (LHC) is the world's largest and most powerful particle accelerator. The LHC consists of a 27-kilometer ring of superconducting magnets with a number of accelerating structures to boost the energy of the particles along the way. Inside the accelerator, two high-energy particle beams travel at close to the speed of light, before they are made to collide. This produces 27 petabytes of data every year, which is recorded and analyzed by thousands of computers in the CERN data centre.
With an upgrade to the LHC in 2015 to nearly double the collision energy, it was clear that further computing resources were needed. To provide the additional capacity and be more responsive to the users, a new approach was needed. In 2012, a small team at CERN started looking at OpenStack, a piece of open source software, to create computing clouds. It was a very promising technology with an enthusiastic community but a significant level of complexity. Along with the code being very new, those were very early days for the documentation and training. We wanted to educate people rapidly to start the project and so looked for guides to make the new administrators productive. This was when we encountered the first edition of the book, OpenStack Cloud Computing Cookbook. It became the standard document for newcomers in the team to understand the concepts, set up their first clouds, and then start work on the CERN cloud.
As the cloud evolved and the OpenStack technology matured, we continued to use this guide, even as the members of the team rotated, building small clouds to try out new concepts and investigate the flexibility of cloud computing.
Over the years, I have frequently met Kevin, Cody and Egle at the OpenStack summits that give the community an opportunity to meet and exchange experiences. With OpenStack evolving so rapidly, it also gives an opportunity to get the latest editions of the cookbook, which they have continued to keep up to date.
The CERN cloud is now in production across two data centers in Geneva and Budapest, with over 3,000 servers running tens of thousands of virtual machines. With new staff members joining frequently, we continue to use the cookbook as a key part of the team's training and look forward to the updates in the latest edition.
Tim Bell
Infrastructure Manager, CERN
About the Authors
Kevin Jackson is married and has three children. He is an experienced IT professional working with business and enterprises of all sizes at Rackspace as an OpenStack and private cloud specialist. Kevin has been working with OpenStack since early 2011 and has extensive experience of various flavors of Linux, Unix, and hosting environments. Kevin can be found on Twitter at @itarchitectkev.
Kevin authored the first edition and coauthored the second edition of the OpenStack Cloud Computing Cookbook, Packt Publishing. Kevin also coauthored OpenStack Foundation's OpenStack Architecture Design Guide during a 5-day book sprint in California.
I'd like to thank Cody for stepping up to the plate again to go through the pain and anguish to get another edition of the book out. Also thanks, of course, go to Egle, whom we somehow commandeered to help get this out the door bigger and better than before. We have a whole bunch of tech reviewers from across the globe too who have helped keep us within reach of our goals, so thanks for keeping it real.
I'd also like to thank my family, although I'm not sure they have realized I wrote another one. I think I may have just about gotten away with this one unscathed.
Finally, I'd like to thank Rackspace for giving me the opportunity and support to pursue such endeavors and the many people I bug now for answers to stupid questions.
Cody Bunch is a principal architect in the Rackspace Private Cloud group based out of San Antonio, Texas. Cody has been working with OpenStack since early 2012, coauthored the second edition of this book and also coauthored OpenStack Security Guide. Cody has extensive experience with virtualized and cloud environments in various-sized enterprises and hosting environments. Cody can be found on Twitter at @cody_bunch.
I'd like to thank Kevin for coming along on this crazy ride, yet again. I would also like to thank Egle, who jumped into the fray and has gone above and beyond to make this book more awesome than the last one. This book would not be possible without the wonderful reviewers, as well as the folks at Packt who stepped up their game between editions.
Next up, and likely much more important, to thank are my kids and loving wife. Without their support, well, I'm not entirely sure this edition would have made it out the door. Also, on the time, understanding, and support list is my employer, Rackspace.
I'd like to thank the writers, publisher, reviewers, and employer. While this is a small army of folks who help with the writing and publishing of this edition, I think it would be super amiss if I didn't thank the awesome-tastic OpenStack community for whom we wrote this. Y'all provide not just the support, technical guidance, and such, but also the "why" behind putting another volume out in the market. Thanks!
Egle Sigler is an OpenStack Foundation board member and a principal architect in the Rackspace Private Cloud group based out of San Antonio, Texas. Egle holds an M.S. degree in computer science. She started her career as a software developer and still has a soft spot for all the people who write, test, and deploy code, since she has had the chance to do all of those tasks throughout her career. Egle dreams about a day when writing, testing, and deploying code will be a seamless and easy process—bug and frustration free for all. Egle believes that knowledge should be shared and has tried to do this by writing this book, giving talks and workshops at conferences, and blogging. Egle can be found on Twitter at @eglute.
She has coauthored DevOps for VMware Administrators (VMware Press Technology).
I would like to thank my husband, my love, and my technical advisor for his constant and unwavering support while writing, traveling, installing, and troubleshooting. For some reason, it is always the networking that needs troubleshooting.
I ask for forgiveness from my friends and family, who didn't get to talk to me very much while I was working on this book.
OpenStack developers, quality engineers, operators, users, and documentation writers, thank you for making OpenStack better each day!
Kevin and Cody, thank you for bringing me along on this adventure! I cannot believe how much quality work was already put into this book, as well as into the Vagrant environment scripts. Technical reviewers, thank you for volunteering hundreds of hours to review everything. Reviewers and editors from Packt, thank you for your prompt communication and constant feedback. Rackers, thank you for your advice and guidance. Lastly, thanks to Rackspace for supporting my writing endeavors.
About the Reviewers
Chris Beatty is a seasoned IT professional with a varied background in systems administration and infrastructure architecture. He is currently working for Rackspace, helping enterprise customers design and run high-performant hosted solutions.
I'd like to thank my wife and children for giving me the time to review this book, as well as my colleagues for asking me to help out!!
Walter Bentley is a Rackspace private cloud solutions architect. He is a new Racker with a diverse background in production systems administration and solutions architecture. He brings over 17 years of experience across numerous industries, such as online marketing, financial, insurance, aviation, the food industry, and education. In the past, he has always been the requestor, consumer, and advisor to companies to use technologies such as OpenStack. Now, he is a promoter of the OpenStack technology and a cloud educator.
I would like to sincerely thank the authors for allowing me to be part of this great publication and opportunity.
Victoria Martinez de la Cruz is a licentiate in computer sciences from the Computer Sciences and Engineering department of Universidad Nacional del Sur in Bahia Blanca, Argentina. During her last years in college, she got started with OpenStack through the GNOME Outreachy and Google Summer of Code internships. She is currently a software engineer at Red Hat and a core member of OpenStack's Trove and Zaqar projects. Her main interests are operative systems, networks, and databases. She is FOSS passionate and loves to help newcomers to get involved with open source projects. Victoria can be contacted at <[email protected]>.
I would like to thank the authors and publishers of OpenStack Cookbook Third Edition for giving me the opportunity to join as a technical reviewer; it was a great experience!
Stefan Lenz works for BMW in Munich. He is a manager of the data center and cloud services division in BMW's global IT organization. In this role, he is responsible for the delivery of compute, storage, and network services for BMW worldwide.
He holds a PhD in nuclear physics from Erlangen University in Germany and has worked as a postdoctoral associate at Yale university, doing nuclear research on high-performance computers. He worked as a consultant for high-performance computing in the German automotive industry before becoming an IT architect for high-performance computers and engineering IT at BMW. From 2002 to 2014, he worked in several initiatives and projects to consolidate and globalize BMW's IT organization.
He is married, lives in Munich, and likes to ski, hike, and bike in the Alps. Together with his wife, he has written six books on hiking, mountain bike tours, and the Camino de Santiago in Spain. You can contact him on Twitter as @stefan_km_lenz or via his website www.serverfabrik.de.
During the summer of 2014, I spent long hours in my private computer lab in the basement of our house, learning the basics of Openstack. My guide on that journey was the first edition of OpenStack Cookbook. I'd like to thank the authors, who have helped me a lot. I would also like to thank my wife for her support, her patience, and for donating two old computers from her own business to my lab.
Andy McCrae is a software developer at Rackspace working within the Rackspace Private Cloud team. Andy began his career in 2007 as a Linux system administrator for Rackspace after completing master's of engineering (MEng), majoring in computer science at University College London (UCL).
Andy specializes in Swift (Object Storage) and Ansible. Andy was the core contributor to OpenStack-Chef and is now working on the os-ansible-deployment community projects within OpenStack.
Recently, Andy spoke at the Vancouver OpenStack Summit on managing logging within an OpenStack environment.
Melissa Palmer is a systems engineer and architect and a virtualization, infrastructure, and OpenStack enthusiast. She has bachelor's and master's of engineering degrees focused on electrical engineering and secure networked systems design. As a strong advocate of the community, Melissa is a VMUG member and has been featured on panel discussions and podcasts for IT architecture and community programs. She is also the creative director of the Virtual Design Master challenge located at http://virtualdesignmaster.com. Melissa enjoys cooking, writing, and attending rocket launches in her free time. You can find Melissa on Twitter at @vMiss33 or on her blog at http://vMiss.net.
Sriram Rajan is a principal engineer at Rackspace, where he is responsible for designing solutions for its customers and assists them with their automation needs. Prior to Rackspace, he worked as a systems programmer at Texas State University, from where he also earned his master's degree in computer science. He has more than a decade of professional experience working with Linux systems, networks, programming, and security. In his nonprofessional life, he spends time traveling, working on home automation, watching cricket, programming for fun, and discussing technology.
www.PacktPub.com
Support files, eBooks, discount offers, and more
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at <[email protected]> for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why Subscribe?
Free Access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.
Preface
OpenStack is open source software for building public and private clouds. It is now a global success and is developed and supported by thousands of people around the globe; backed by leading players in the cloud space today. This book is specifically designed to quickly help you get up to speed with OpenStack and give you the confidence and understanding to roll it out into your own data centers. From test installations of OpenStack running under VirtualBox to automated installation recipes that help you scale out production environments, this book covers a wide range of topics that help you install and configure a private cloud. This book will show you the following:
The OpenStack Cloud Computing Cookbook gives you clear, step-by-step instructions to install and run your own private cloud successfully. It is full of practical and applicable recipes that enable you to use the latest capabilities of OpenStack and implement them.
What this book covers
Chapter 1, Keystone – OpenStack Identity Service, takes you through the installation and configuration of Keystone, which underpins all of the other OpenStack services.
Chapter 2, Glance – OpenStack Image Service, teaches you how to install, configure, and use the Image service within an OpenStack environment.
Chapter 3, Neutron – OpenStack Networking, helps you install and configure OpenStack networking, including new features such as DVR.
Chapter 4, Nova – OpenStack Compute, teaches you how to set up and use OpenStack Compute along with examples to get you started by running OpenStack Compute within a VirtualBox environment.
Chapter 5, Swift – OpenStack Object Storage, teaches you how to configure and use OpenStack Object Storage along with examples showing this service running within a VirtualBox environment.
Chapter 6, Using OpenStack Object Storage, teaches you how to use the storage service to store and retrieve files and objects.
Chapter 7, Administering OpenStack Object Storage, takes you through how to use tools and techniques that can be used to run OpenStack Storage within data centers.
Chapter 8, Cinder – OpenStack Block Storage, teaches you how to install and configure the persistent block storage service for use, by using instances running in an OpenStack Compute environment.
Chapter 9, More OpenStack, explores other features of OpenStack such as Neutron's LBaaS and FWaaS services, Ceilometer, and Heat.
Chapter 10, Using the OpenStack Dashboard, teaches you how to install and use the web user interface to perform tasks such as creating users, modifying security groups, and launching instances.
Chapter 11, Production OpenStack, shows you how to use Ansible for automated installations and introduces you to tools and techniques for making OpenStack services resilient and highly available.
What you need for this book
To use this book, you will need access to computers or servers that have hardware virtualization capabilities. In a typical small starter installation of OpenStack, you will need a Controller host, Network host, and Compute host. To run Swift, we provide the steps to create a multi-node environment consisting of a proxy server and five storage nodes.
To set up the lab environment, you will install and use Oracle's VirtualBox and Vagrant. You can access details of how to set up your computer using VirtualBox and Vagrant by visiting http://bit.ly/OpenStackCoobookSandbox.
There are additional recipes to get you started with the lab environment, and these are available at http://www.openstackcookbook.com. Refer to this website for information on the installation of supporting software such as MariaDB/MySQL. More information can be found at http://bit.ly/OpenStackCookbookPreReqs.
To fully utilize the automated Ansible scripts in Chapter 11, Production OpenStack, it is assumed that the reader has access to six physical servers.
Who this book is for
This book is aimed at system administrators and technical architects moving from a virtualized environment to cloud environments; who are familiar with cloud computing platforms. Knowledge of virtualization and managing Linux environments is expected. Prior knowledge or experience of OpenStack is not required, although beneficial.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files for this book at https://github.com/OpenStackCookbook/OpenStackCookbook. All the support files are available here.
Downloading the color images of this book
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from: http://www.packtpub.com/sites/default/files/downloads/4783OS_ColoredImages.pdf.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
Questions
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.
Chapter 1. Keystone – OpenStack Identity Service
In this chapter, we will cover:
Introduction
The OpenStack Identity service, known asKeystone, provides services for authenticating and managing user accounts and role information for our OpenStack cloud environment. It is a crucial service that underpins the authentication and verification between all of our OpenStack cloud services and is the first service that needs to be installed within an OpenStack environment. The OpenStack Identity service authenticates users and tenants by sending a validated authorization token between all OpenStack services. This token is used for authentication and verification so that you can use that service, such as OpenStack Storage and Compute. Therefore, configuration of the OpenStack Identity service must be completed first, consisting of creating appropriate roles for users and services, tenants, the user accounts, and the service API endpoints that make up our cloud infrastructure.
In Keystone, we have the concepts of tenants, roles and users. A tenant is like a project and has resources such as users, images, and instances, as well as networks in it that are only known to that particular project. A user can belong to one or more tenants and is able to switch between these projects to gain access to those resources. Users within a tenant can have various roles assigned. In the most basic scenario, a user can be assigned either the role of admin or just be a member. When a user has admin privileges within a tenant, they are able to utilize features that can affect the tenant (such as modifying external networks), whereas a normal user is assigned the member role, which is generally assigned to perform user-related roles, such as spinning up instances, creating volumes, and creating tenant only networks.
Creating tenants in Keystone
A tenant in OpenStack is a project, and the two terms are generally used interchangeably. Users can't be created without having a tenant assigned to them, so these must be created first. For this section, we will create a tenant called cookbook for our users.
Getting ready
We will be using the keystone client to operate Keystone. If the python-keystoneclient tool isn't available, follow the steps described at http://bit.ly/OpenStackCookbookClientInstall.
Ensure that we have our environment set correctly to access our OpenStack environment for administrative purposes:
Tip
You can use the controller node if no other machines are available on your network, as this has the python-keystoneclient and the relevant access to the OpenStack environment. If you are using the Vagrant environment issue the following command to get access to the Controller:
How to do it...
To create a tenant in our OpenStack environment, perform the following steps:
This will produce output similar to:
How it works...
Creation of the tenants is achieved by using the keystone client, specifying the tenant-create option with the following syntax:
The tenant_name is an arbitrary string and must not contain spaces. On creation of the tenant, this returns an ID associated with it that we use when adding users to this tenant. To see a list of tenants and the associated IDs in our environment, we can issue the following command:
Configuring roles in Keystone
Roles are the permissions given to users within a tenant. Here, we will configure two roles: an admin role that allows for the administration of our environment, and a member role that is given to ordinary users who will be using the cloud environment.
Getting ready
We will be using the keystone client to operate Keystone. If the python-keystoneclient tool isn't available, follow the steps described at http://bit.ly/OpenStackCookbookClientInstall.
Ensure that we have our environment set correctly to access our OpenStack environment for administrative purposes:
Tip
You can use the controller node if no other machines are available on your network, as this has the python-keystoneclient and the relevant access to the OpenStack environment. If you are using the Vagrant environment, issue the following command to get access to the Controller:
How to do it...
To create the required roles in our OpenStack environment, perform the following steps:
How it works...
Creation of the roles is simply achieved by using the keystone client and specifying the role-create option with the following syntax:
The role_name attribute can't be arbitrary for admin and Member roles. The admin role has been set by default in /etc/keystone/policy.json as having administrative rights:
The Member role is also configured by default in the OpenStack Dashboard, Horizon, for a non-admin user created through the web interface.
On creation of the role, the ID associated with is returned, and we can use it when assigning roles to users. To see a list of roles and the associated IDs in our environment, we can issue the following command:
Adding users to Keystone
Adding users to the OpenStack Identity service requires that the user has a tenant that they can exist in and there is a defined role that can be assigned to them. For this section, we will create two users. The first user will be named admin and will have the admin role assigned to them in the cookbook tenant. The second user will be named demo and will have the Member role assigned to them in the same cookbook tenant.
Getting ready
We will be using the keystone client to operate Keystone. If the python-keystoneclient tool isn't available, follow the steps described at http://bit.ly/OpenStackCookbookClientInstall.
Ensure that we have our environment set correctly to access our OpenStack environment for administrative purposes:
Tip
You can use the controller node if no other machines are available on your network, as this has the python-keystoneclient and the relevant access to the OpenStack environment. If you are using the Vagrant environment, issue the following command to get access to the Controller:
How to do it...
To create the required users in our OpenStack environment, perform the following steps:
