Update
I am keeping this post for reference, but it is now out-of-date and should not be used. Use the Kilo-based instructions instead.
PHASE 1 – Create DevStack + 2 novas
Create a default devstack and create two nova instances that will serve as web servers for our loadbalancer.
Create a Ubuntu 14.04 VM with at least 8GB RAM. I used a standard.large instance in the HP Public Cloud. Set up a non-root user (Some people recommend ‘stack’ but using ‘ubuntu’ works just fine). Associate a floating IP with the instance so you can access it from the outside world.
IMPORTANT: By default, the HP Public cloud uses 10.0.0.0/24 as your default network. Unfortunately, that is also the network that your devstack instance will use for its internal cloud. This results in an IP routing mess. If you are using the HP Public Cloud to host your devstack, create a new 10.0.1.0/24 network, connect it to your router, and attach your devstack instance to that network.
On your new instance, update software, install git and any other developer tools you will need:
sudo apt-get update sudo apt-get -y upgrade sudo apt-get -y dist-upgrade sudo apt-get -y install git emacs
Clone the devstack repository and cd into the devstack directory:
git clone https://github.com/openstack-dev/devstack.git -b stable/juno cd devstack
Create a ‘localrc’ file containing:
# To enable DVR, uncomment the following three lines: #Q_PLUGIN=ml2 #Q_ML2_TENANT_NETWORK_TYPE=vxlan #Q_DVR_MODE=dvr_snat # ===== BEGIN localrc ===== # # Depending on network filewalls and proxy settings, you may not be # able to use the git protocol, in which case, override GIT_BASE to # use http/https. In the HP public cloud you will not need to do # this, but you may need to do so in environments requiring http # proxy. # GIT_BASE=http://git.openstack.org # End Al's notes # Originally from http://www.sebastien-han.fr/blog/2013/08/08/devstack-in-1-minute/ # Misc DATABASE_PASSWORD=password ADMIN_PASSWORD=password SERVICE_PASSWORD=password SERVICE_TOKEN=password RABBIT_PASSWORD=password # Enable Logging LOGFILE=/opt/stack/logs/stack.sh.log VERBOSE=True LOG_COLOR=True SCREEN_LOGDIR=/opt/stack/logs # Pre-requisite ENABLED_SERVICES=rabbit,mysql,key # Horizon (always use the trunk) ENABLED_SERVICES+=,horizon #HORIZON_REPO=https://github.com/openstack/horizon #HORIZON_BRANCH=master # as of 3-Feb-2015 master horizon is incompatible with stable/juno # Nova ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-cond,n-sch IMAGE_URLS+=",https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img" # Glance ENABLED_SERVICES+=,g-api,g-reg # Neutron ENABLED_SERVICES+=,q-svc,q-agt,q-dhcp,q-l3,q-meta,neutron,q-lbaas # Cinder ENABLED_SERVICES+=,cinder,c-api,c-vol,c-sch # Tempest ENABLED_SERVICES+=,tempest # ===== END localrc =====
run stack.sh:
./stack.sh
Set up keystone authentication data and verify we can do a simple noop command. ‘nova list’ should produce an empty list, and ‘neutron net-list’ should produce a list of two networks.
. ./openrc
nova list neutron net-list
If you get an error, stop here and investigate. If nova and/or neutron don’t work here, you won’t make progress until you get it fixed. Running unstack.sh followed by stack.sh might clear things up, and will take less time than the first time you ran it.
Create two nova instances that we can use as test http servers:
#create nova instances on private network
nova boot --image $(nova image-list | awk '/ cirros-0.3.0-x86_64-disk / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node1
nova boot --image $(nova image-list | awk '/ cirros-0.3.0-x86_64-disk / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node2
Create Security group rules to allow network access to your instances.
#add secgroup rule to allow ssh etc.. nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 nova secgroup-add-rule default tcp 80 80 0.0.0.0/0
Set up a simple web server on each of these instances.
ssh into each instance (username ‘cirros’, password ‘cubswin:)’) and run
MYIP=$(ifconfig eth0|grep 'inet addr'|awk -F: '{print $2}'| awk '{print $1}')
while true; do echo -e "HTTP/1.0 200 OK\r\n\r\nWelcome to $MYIP" | sudo nc -l -p 80 ; done
from your devstack verify that the instances respond to “GET /” requests:
ubuntu@hp-devstack-1:~$ curl http://10.0.0.5/ Welcome to 10.0.0.5 ubuntu@hp-devstack-1:~$ curl http://10.0.0.6/ Welcome to 10.0.0.6
PHASE 2 – Install LBaaS V2 + set up a LB
Install the V2 Synchronous Haproxy Driver and migrate the database:
cd /opt/stack/neutron # # The follow command is currently not necessary. If the neutron-db-manage command at the end of this section fails, it may be necessary to downgrade # the database again, but to a different revision. # # neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin/ml2/ml2_conf.ini downgrade 1f71e54a85e7 # workaround HEAD/V2 sync problem # Get code from https://review.openstack.org/#/c/123491/ git fetch https://review.openstack.org/openstack/neutron refs/changes/91/123491/7 && git checkout FETCH_HEAD neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
The second neutron-db-manage command should say something like:
INFO [alembic.migration] Context impl MySQLImpl. INFO [alembic.migration] Will assume non-transactional DDL. INFO [alembic.migration] Running upgrade 1f71e54a85e7 -> b30ae52b12b, lbaas version 2 api
Edit the neutron config file /etc/neutron/neutron.conf:
Find the line beginning with “service_plugins” and change
"neutron.services.loadbalancer.plugin.LoadBalancerPlugin"
to
"neutron.services.loadbalancer.plugin.LoadBalancerPluginv2"
In the “[service_providers]” section, comment out the LOADBALANCER line:
#service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver:default
and add a new line:
service_provider=LOADBALANCERV2:Haproxy:neutron.services.loadbalancer.drivers.haproxy.synchronous_namespace_driver.HaproxyNSDriver:default
Reinstall and restart the neutron service. Either:
use “screen -r” to find the “q-svc” screen (ctrl-A 7 on my system), then hit ctrl-C to kill neutron, then recall the prior command with “up arrow” and re-run it.
…OR…
run the following commands:
if [ `ps aux | grep neutron-server | wc -l` -gt 1 ]; then
kill -9 `ps aux | grep '[n]eutron-server' -m1 | awk '{print $2}'`
fi
sudo pip install --build=/tmp/pip-build.bE71P -e /opt/stack/neutron
/usr/local/bin/neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
Install the neutron CLI client
cd /opt/stack git clone https://github.com/openstack/python-neutronclient.git cd python-neutronclient git fetch https://review.openstack.org/openstack/python-neutronclient refs/changes/75/111475/5 && git checkout FETCH_HEAD sudo python setup.py install
Verify that you have access to the V2 LBaaS Commands:
neutron help| grep lbaas
you should see:
lbaas-healthmonitor-create Create a healthmonitor. lbaas-healthmonitor-delete Delete a given healthmonitor. lbaas-healthmonitor-list List healthmonitors that belong to a given tenant. lbaas-healthmonitor-show Show information of a given healthmonitor. lbaas-healthmonitor-update Update a given healthmonitor. lbaas-listener-create Create a listener. lbaas-listener-delete Delete a given listener. lbaas-listener-list List listeners that belong to a given tenant. lbaas-listener-show Show information of a given listener. lbaas-listener-update Update a given listener. lbaas-loadbalancer-create Create a loadbalancer. lbaas-loadbalancer-delete Delete a given loadbalancer. lbaas-loadbalancer-list List loadbalancers that belong to a given tenant. lbaas-loadbalancer-show Show information of a given loadbalancer. lbaas-loadbalancer-update Update a given loadbalancer. lbaas-member-create Create a member. lbaas-member-delete Delete a given member. lbaas-member-list List members that belong to a given tenant. lbaas-member-show Show information of a given member. lbaas-member-update Update a given member. lbaas-pool-create Create a pool. lbaas-pool-delete Delete a given pool. lbaas-pool-list List pools that belong to a given tenant. lbaas-pool-show Show information of a given pool. lbaas-pool-update Update a given pool.
The V1 LBaaS commands begin with “lb_”, so if you don’t see commands starting with “lbaas_” you did not successfully get the V2 API or CLI installed. Re-examine what you did in steps 6-10, but you should probably start fresh from the beginning.
Set up your loadbalancer
# Create Entities Using CLI/client
neutron lbaas-pool-create --lb-algorithm ROUND_ROBIN --protocol HTTP pool1
# Create LBaaS Members. Replace 10.0.0.5 and 10.0.0.6 with the IP
# addresses of your client instances created above.
neutron lbaas-member-create --subnet-id $(neutron subnet-list | awk '/ private-subnet / {print $2}') --address 10.0.0.2 --protocol-port 80 $(neutron lbaas-pool-list | awk '/ pool1 / {print $2}')
neutron lbaas-member-create --subnet-id $(neutron subnet-list | awk '/ private-subnet / {print $2}') --address 10.0.0.4 --protocol-port 80 $(neutron lbaas-pool-list | awk '/ pool1 / {print $2}')
neutron lbaas-loadbalancer-create lb1 $(neutron subnet-list | awk '/ private-subnet / {print $2}')
neutron lbaas-listener-create --loadbalancer-id $(neutron lbaas-loadbalancer-list | awk '/ lb1 / {print $2}') --protocol HTTP --protocol-port 80 --default-pool-id $(neutron lbaas-pool-list | awk '/ pool1 / {print $2}')
Test your loadbalancer:
ubuntu@hp-devstack-1:~$ curl http://10.0.0.8 Welcome to 10.0.0.5 ubuntu@hp-devstack-1:~$ curl http://10.0.0.8 Welcome to 10.0.0.6 ubuntu@hp-devstack-1:~$ curl http://10.0.0.8 Welcome to 10.0.0.5 ubuntu@hp-devstack-1:~$ curl http://10.0.0.8 Welcome to 10.0.0.6
Notice that the response alternates between the two web server instances! Enjoy.
Acknowledgements:
This information is primarily a combination and enhancement of
https://wiki.openstack.org/wiki/Neutron/LBaaS/DeployWithDevstack
https://docs.google.com/document/d/1FSatjyOCCVJOpiMmb63IhqEg4cpG5g4YxlR-mXXLFaI/edit?pli=1
Chapter 60 