If you are getting started with magnum it is recommended you follow the Developer Quick-Start to get up and running with magnum. This guide covers a more in-depth process to setup magnum with devstack.
Magnum depends on nova, glance, heat, barbican, and neutron to create and schedule virtual machines to simulate bare-metal. Full bare-metal support is still under active development.
This session has only been tested on Ubuntu 14.04 (Trusty) and Fedora 20/21. We recommend users to select one of them if it is possible.
Clone devstack:
cd ~
git clone https://git.openstack.org/openstack-dev/devstack
Configure devstack with the minimal settings required to enable heat and neutron:
cd devstack
cat > local.conf << END
[[local|localrc]]
# Modify to your environment
FIXED_RANGE=10.0.0.0/24
FLOATING_RANGE=192.168.1.224/27
PUBLIC_NETWORK_GATEWAY=192.168.1.225
PUBLIC_INTERFACE=em1
PHYSICAL_NETWORK=public
OVS_PHYSICAL_BRIDGE=br-ex
ENABLE_TENANT_VLANS=True
TENANT_VLAN_RANGE=1000:1999
# Credentials
ADMIN_PASSWORD=password
DATABASE_PASSWORD=password
RABBIT_PASSWORD=password
SERVICE_PASSWORD=password
SERVICE_TOKEN=password
enable_service rabbit
# Ensure we are using neutron networking rather than nova networking
disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-dhcp
enable_service q-l3
enable_service q-meta
# Note: Default template uses LBaaS.
enable_service q-lbaas
enable_service neutron
# Enable heat services
enable_service h-eng
enable_service h-api
enable_service h-api-cfn
enable_service h-api-cw
# Enable barbican services
enable_plugin barbican https://git.openstack.org/openstack/barbican
VOLUME_BACKING_FILE_SIZE=20G
END
NOTE: Update PUBLIC_INTERFACE and other parameters as appropriate for your system.
More devstack configuration information can be found at http://docs.openstack.org/developer/devstack/configuration.html
More neutron configuration information can be found at http://docs.openstack.org/developer/devstack/guides/neutron.html
Optionally, you can enable ceilometer in devstack. If ceilometer is enabled, magnum will periodically send metrics to ceilometer. If you need this feature, add the following line to your local.conf file:
enable_plugin ceilometer git://git.openstack.org/openstack/ceilometer
Create a local.sh to automatically make necessary networking changes during the devstack deployment process. This will allow bays spawned by magnum to access the internet through PUBLIC_INTERFACE:
cat > local.sh << 'END_LOCAL_SH'
#!/bin/sh
ROUTE_TO_INTERNET=$(ip route get 8.8.8.8)
OBOUND_DEV=$(echo ${ROUTE_TO_INTERNET#*dev} | awk '{print $1}')
sudo iptables -t nat -A POSTROUTING -o $OBOUND_DEV -j MASQUERADE
END_LOCAL_SH
chmod 755 local.sh
Run devstack:
./stack.sh
NOTE: If using the m-1 tag or tarball, please use the documentation shipped with the milestone as the current master instructions are slightly incompatible.
Prepare your session to be able to use the various openstack clients including magnum, neutron, and glance. Create a new shell, and source the devstack openrc script:
source ~/devstack/openrc admin admin
Magnum has been tested with the Fedora Atomic micro-OS and CoreOS. Magnum will likely work with other micro-OS platforms, but each requires individual support in the heat template.
Store the Fedora Atomic micro-OS in glance. (The steps for updating Fedora Atomic images are a bit detailed. Fortunately one of the core developers has made Atomic images available at https://fedorapeople.org/groups/magnum):
cd ~
wget https://fedorapeople.org/groups/magnum/fedora-21-atomic-5.qcow2
glance image-create --name fedora-21-atomic-5 \
--visibility public \
--disk-format qcow2 \
--os-distro fedora-atomic \
--container-format bare < fedora-21-atomic-5.qcow2
Create a domain and domain admin for trust:
TRUSTEE_DOMAIN_ID=$(
openstack domain create magnum \
--description "Owns users and projects created by magnum" \
-f value -c id
)
TRUSTEE_DOMAIN_ADMIN_ID=$(
openstack user create trustee_domain_admin \
--password "password" \
--domain= ${TRUSTEE_DOMAIN_ID} \
--or-show \
-f value -c id
)
openstack --os-identity-api-version 3 role add \
--user $TRUSTEE_DOMAIN_ADMIN_ID --domain $TRUSTEE_DOMAIN_ID \
admin
Create a keypair for use with the baymodel:
test -f ~/.ssh/id_rsa.pub || ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
nova keypair-add --pub-key ~/.ssh/id_rsa.pub testkey
Create a database in MySQL for magnum:
mysql -h 127.0.0.1 -u root -ppassword mysql <<EOF
CREATE DATABASE IF NOT EXISTS magnum DEFAULT CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON magnum.* TO
'root'@'%' IDENTIFIED BY 'password'
EOF
Clone and install magnum:
cd ~
git clone https://git.openstack.org/openstack/magnum
cd magnum
sudo pip install -e .
Configure magnum:
# create the magnum conf directory
sudo mkdir -p /etc/magnum
# generate sample config file and modify it as necessary
tox -egenconfig
sudo cp etc/magnum/magnum.conf.sample /etc/magnum/magnum.conf
# copy policy.json
sudo cp etc/magnum/policy.json /etc/magnum/policy.json
# enable debugging output
sudo sed -i "s/#debug\s*=.*/debug=true/" /etc/magnum/magnum.conf
# set RabbitMQ userid
sudo sed -i "s/#rabbit_userid\s*=.*/rabbit_userid=stackrabbit/" \
/etc/magnum/magnum.conf
# set RabbitMQ password
sudo sed -i "s/#rabbit_password\s*=.*/rabbit_password=password/" \
/etc/magnum/magnum.conf
# set SQLAlchemy connection string to connect to MySQL
sudo sed -i "s/#connection\s*=.*/connection=mysql:\/\/root:password@localhost\/magnum/" \
/etc/magnum/magnum.conf
# set Keystone account username
sudo sed -i "s/#admin_user\s*=.*/admin_user=admin/" \
/etc/magnum/magnum.conf
# set Keystone account password
sudo sed -i "s/#admin_password\s*=.*/admin_password=password/" \
/etc/magnum/magnum.conf
# set admin Identity API endpoint
sudo sed -i "s/#identity_uri\s*=.*/identity_uri=http:\/\/127.0.0.1:35357/" \
/etc/magnum/magnum.conf
# set public Identity API endpoint
sudo sed -i "s/#auth_uri\s*=.*/auth_uri=http:\/\/127.0.0.1:5000\/v2.0/" \
/etc/magnum/magnum.conf
# set trustee domain id
sudo sed -i "s/#trustee_domain_id\s*=.*/trustee_domain_id=${TRUSTEE_DOMAIN_ID}/" \
/etc/magnum/magnum.conf
# set trustee domain admin id
sudo sed -i "s/#trustee_domain_admin_id\s*=.*/trustee_domain_admin_id=${TRUSTEE_DOMAIN_ADMIN_ID}/" \
/etc/magnum/magnum.conf
# set trustee domain admin password
sudo sed -i "s/#trustee_domain_admin_password\s*=.*/trustee_domain_admin_password=password/" \
/etc/magnum/magnum.conf
# set correct region name to clients
sudo sed -i "s/#region_name\s*=.*/region_name=RegionOne/" \
/etc/magnum/magnum.conf
# set oslo messaging notifications driver (if using ceilometer)
sudo sed -i "s/#driver\s*=.*/driver=messaging/" \
/etc/magnum/magnum.conf
Clone and install the magnum client:
cd ~
git clone https://git.openstack.org/openstack/python-magnumclient
cd python-magnumclient
sudo pip install -e .
Configure the database for use with magnum. Please note that DB migration does not work for SQLite backend. The SQLite database does not have any support for the ALTER statement needed by relational schema based migration tools. Hence DB Migration will not work for SQLite backend:
magnum-db-manage upgrade
Configure the keystone endpoint:
openstack service create --name=magnum \
--description="Magnum Container Service" \
container
openstack endpoint create --region=RegionOne \
--publicurl=http://127.0.0.1:9511/v1 \
--internalurl=http://127.0.0.1:9511/v1 \
--adminurl=http://127.0.0.1:9511/v1 \
magnum
Start the API service in a new screen:
magnum-api
Start the conductor service in a new screen:
magnum-conductor
Magnum should now be up and running!
Further details on utilizing magnum and deploying containers can be found in the guide Developer Quick-Start.