OpenStack Xena : Pre-Requirements2021/11/22

This is the example of Cloud Computiong by OpenStack Xena.

Install some services that some components of OpenStack needs for system requirements on here.
This example is based on the environment like follows.

        eth0|10.0.0.30 
+-----------+-----------+
|    [ Control Node ]   |
|                       |
|  MariaDB    RabbitMQ  |
|  Memcached            |
+-----------------------+

[1]	Install NTP Server to adjusts the date, refer to here.
[2]	Install MariaDB Server, refer to here.
[3]	Add the Repository of Openstack Xena and also Upgrade CentOS Stream System. Especially, it needs to upgrade some Python3 packages from Openstack repository.

[root@dlp ~]#

dnf -y install centos-release-openstack-xena

[root@dlp ~]#

sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/CentOS-OpenStack-xena.repo

[root@dlp ~]#

dnf --enablerepo=centos-openstack-xena -y upgrade

[4]	Install RabbitMQ, Memcached.

# enable PowerTools

[root@dlp ~]#

dnf --enablerepo=powertools -y install rabbitmq-server memcached

[root@dlp ~]#

vi /etc/my.cnf.d/mariadb-server.cnf

# add into [mysqld] section

[mysqld]
.....
.....
# default value 151 is not enough on Openstack environment
max_connections=500

[root@dlp ~]#

vi /etc/sysconfig/memcached

# line 5 : change (listen all)

OPTIONS="-l

0.0.0.0,::

[root@dlp ~]#

systemctl restart mariadb rabbitmq-server memcached

[root@dlp ~]#

systemctl enable mariadb rabbitmq-server memcached

# add openstack user
# set any password you like for [password]

[root@dlp ~]#

rabbitmqctl add_user openstack password

Creating user "openstack"
[root@dlp ~]#

rabbitmqctl set_permissions openstack ".*" ".*" ".*"

Setting permissions for user "openstack" in vhost "/"

[5]	If SELinux is enabled, change policy.

[root@dlp ~]#

vi rabbitmqctl.te

# create new

module rabbitmqctl 1.0;

require {
        type rabbitmq_t;
        type rabbitmq_var_log_t;
        type rabbitmq_var_lib_t;
        type etc_t;
        type init_t;
        class file write;
        class file getattr;
}

#============= rabbitmq_t ==============
allow rabbitmq_t etc_t:file write;

#============= init_t ==================
allow init_t rabbitmq_var_lib_t:file getattr;
allow init_t rabbitmq_var_log_t:file getattr;

[root@dlp ~]#

checkmodule -m -M -o rabbitmqctl.mod rabbitmqctl.te

[root@dlp ~]#

semodule_package --outfile rabbitmqctl.pp --module rabbitmqctl.mod

[root@dlp ~]#

semodule -i rabbitmqctl.pp

[6]	If Firewalld is running, allow ports for services.

[root@dlp ~]#

firewall-cmd --add-service={mysql,memcache}

success
[root@dlp ~]#

firewall-cmd --add-port=5672/tcp

success
[root@dlp ~]#

firewall-cmd --runtime-to-permanent

success

Matched Content