Configure OpenStack¶

Now that OpenStack is deployed it must now be configured for it to become functional. Use the values collected on the Collect local settings page.

Install the OpenStack clients¶

You’ll need the OpenStack clients in order to manage the cloud from the command line. Install them now:

sudo snap install openstackclients

Access the cloud¶

This openrc file will assist in setting up admin access to the cloud. Download it under ~/tutorial. Then source it and test cloud access by querying Keystone:

source ~/tutorial/openrc
openstack service list

You should get a listing of registered cloud services:

+----------------------------------+-----------+--------------+
| ID                               | Name      | Type         |
+----------------------------------+-----------+--------------+
| 1510cd32376e4b2783970c292255fee2 | cinderv3  | volumev3     |
| 1e3f5eb0e1e24d82a683d421adbba85c | cinderv2  | volumev2     |
| 27fadff76abe4f829a25081aa8bbd98b | placement | placement    |
| 685053e8c6f04ccc992ac1809437d4e5 | nova      | compute      |
| 8e65d64be77240539e4d44409aa3bbca | s3        | s3           |
| 94e467ff95124e9c8b4c608077e61376 | glance    | image        |
| aeba7526d4064b2f97e9f5c72e0688c1 | keystone  | identity     |
| b79d5dddc89847419c131deaf333daf1 | neutron   | network      |
| f1d4699a8bbd40b793a151ecb3ca8de6 | swift     | object-store |
+----------------------------------+-----------+--------------+

Import an image¶

Import a boot image into Glance in order to create instances.

First download a Focal amd64 image:

curl http://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img \
   --output ~/tutorial/focal-amd64.img

Now import it (calling it ‘focal-amd64’):

openstack image create \
   --public --container-format bare --disk-format qcow2 \
   --file ~/tutorial/focal-amd64.img \
   focal-amd64

Configure networking¶

Create the external network and external subnet:

openstack network create \
   --external --share --default \
   --provider-network-type flat --provider-physical-network physnet1 \
   ext_net

openstack subnet create \
   --allocation-pool start=$EXT_POOL_START,end=$EXT_POOL_END \
   --subnet-range $EXT_SUBNET --no-dhcp --gateway $EXT_GW --network ext_net \
   ext_subnet

Create the internal network and internal subnet:

openstack network create --internal int_net

openstack subnet create \
   --allocation-pool start=192.168.0.10,end=192.168.0.99 \
   --subnet-range 192.168.0.0/24 --dns-nameserver $EXT_DNS --network int_net \
   int_subnet

Create the router and configure it:

openstack router create router1

openstack router add subnet router1 int_subnet

openstack router set router1 --external-gateway ext_net

Create a flavor¶

Create at least one flavor to define a hardware profile for new instances. Here, to save resources, we create a minimal one called ‘m1.micro’:

openstack flavor create \
   --ram 320 --disk 5 --vcpus 1 \
   m1.micro

If you define a larger flavor make sure that your MAAS nodes can accommodate it.

Import an SSH keypair¶

An SSH keypair needs to be imported into the cloud in order to access your instances.

Generate one first if you do not yet have one. This command creates a passphraseless keypair (remove the -N option to avoid that):

ssh-keygen -q -N '' -f ~/tutorial/id_mykey

To import a keypair:

openstack keypair create --public-key ~/tutorial/id_mykey.pub mykey

Configure security groups¶

To access instances over SSH create a rule for each existing security group:

for i in $(openstack security group list | awk '/default/{ print $2 }'); do
   openstack security group rule create $i --protocol tcp --remote-ip 0.0.0.0/0 --dst-port 22;
done

Proceed to the Verify the cloud page.

Configure OpenStack