Openstack Nova in Maverick

Ubuntu Maverick was released yesterday. Big congrats to the Ubuntu team for another release well out the door.

As you may know, both Openstack storage (Swift) and compute (Nova) are available in the Ubuntu repositories. We haven’t made a proper release of Nova yet, so that’s a development snapshot, but it’s in reasonably good shape. Swift, on the other hand, should be in very good shape and be production ready. I’ve worked mostly on Nova, so that’s what I’ll focus on.

So, to get to play with Nova in Maverick on a single machine, here are the instructions:

sudo apt-get install rabbitmq-server redis-server
sudo apt-get install nova-api nova-objectstore nova-compute \
                nova-scheduler nova-network euca2ools unzip

rabbitmq-server and redis-server are not stated as dependencies of Nova in the packages, because they don’t need to live on the same host. In fact, as soon as you add the next compute node (or API node or whatever), you’ll want to use a remote rabbitmq server and a remote database, too. But, for our small experiment here, we need a rabbitmq server and a redis server (it’s very likely that the final release of Nova will not require Redis, but for now, we need it).

A quick explanation of the different components:

RabbitMQ
is a messaging system the implements AMQP.  Basically, it’s a server that passes messages around between the other components that make up Nova.
nova-api
is the API server (I was schocked to learn this, too!) . It implements a subset of the Amazon EC2. We’re working on adding the rest, but it takes time. It also implements a subset of the Rackspace API.
nova-objectstore
stores objects. It implements the S3 API. It’s quite crude. If you’re serious about storing objects, Swift is what you want. Really.
nova-compute
the component that runs virtual machines.
nova-network
the network worker. Depending on configuration, it may just assign IP’s or it could work as the gateway for a bunch of NAT’ed VM’s.
nova-scheduler
the scheduler (another schocker). When a user wants to run a virtual machine, they send a request to the API server. The API server asks the network worker for an IP and then passes off handling to the scheduler. The scheduler decides which host gets to run the VM.

Once it’s done installing (which should be a breeze), you can create an admin user (I name mine “soren” for obvious reasons):

sudo nova-manage user admin soren

and create a project (also named soren) with the above user as the project admin:

sudo nova-manage project create soren soren

Now, you’ll want to get a hold of your credentials:

sudo nova-manage project zipfile soren soren

This yields a nova.zip in the current working directory. Unzip it..

unzip nova.zip

and source the rc file:

. novarc

And now you’re ready to go!

Let’s just repeat all that in one go, shall we?

sudo apt-get install rabbitmq-server redis-server
sudo apt-get install nova-api nova-objectstore nova-compute \
                nova-scheduler nova-network euca2ools unzip
sudo nova-manage user admin soren
sudo nova-manage project create soren soren
sudo nova-manage project zipfile soren soren
unzip nova.zip
. novarc

That’s pretty much it. Now your cloud is up and running, you’ve created an admin user and retrieved the corresponding credentials and put them in your environment.
This is not much fun without any VM’s to run, so you need to add some images. We have some small images we use for testing that you can download here:

wget http://c2477062.cdn.cloudfiles.rackspacecloud.com/images.tgz

Extract that file:

tar xvzf images.tgz

This gives you a directory tree like this:

images
|-- aki-lucid
|   |-- image
|   `-- info.json
|-- ami-tiny
|   |-- image
|   `-- info.json
`-- ari-lucid
    |-- image
    `-- info.json

As a shortcut, you could just extract this directly in /var/lib/nova and change the permisssions appropriately, but to get the full experience, we’ll use euca-* to get these images uploaded.

euca-bundle-image -i images/aki-lucid/image -p kernel --kernel true
euca-bundle-image -i images/ari-lucid/image -p ramdisk --ramdisk true
euca-upload-bundle -m /tmp/kernel.manifest.xml -b mybucket
euca-upload-bundle -m /tmp/ramdisk.manifest.xml -b mybucket
out=$(euca-register mybucket/kernel.manifest.xml)
[ $? -eq 0 ] && kernel=$(echo $out | awk -- '{ print $2 }') || echo $out

out=$(euca-register mybucket/ramdisk.manifest.xml)
[ $? -eq 0 ] && ramdisk=$(echo $out | awk -- '{ print $2 }') || echo $out

euca-bundle-image -i images/ami-tiny/image -p machine  --kernel $kernel --ramdisk $ramdisk
euca-upload-bundle -m /tmp/machine.manifest.xml -b mybucket
out=$(euca-register mybucket/machine.manifest.xml)
[ $? -eq 0 ] && machine=$(echo $out | awk -- '{ print $2 }') || echo $out
echo kernel: $kernel, ramdisk: $ramdisk, machine: $machine

Alright, so we have images!

Now, we just need a keypair:

euca-add-keypair mykey > mykey.priv
chmod 600 mykey.priv

Let’s run a VM!

euca-run-instances $machine --kernel $kernel --ramdisk $ramdisk -k mykey

This should respond with some info about the VM, among other things, the IP.

In my case, it was 10.0.0.5:

ssh -i mykey.priv root@10.0.0.5

YAY!

I’ll leave it to someone else to provide similar instructions for Swift

23 thoughts on “Openstack Nova in Maverick

  1. Pingback: Tweets that mention Openstack Nova in Maverick | Linux2Go -- Topsy.com

  2. Pingback: links for 2010-10-11 | andy.edmonds.be

  3. someone

    Bummer, none of this stuff is in Debian, so my boss won’t let me use it :(

    How about uploading to Debian instead?

  4. Pierce Wetter

    How does Nova compare to UEC? Can they coexist on the same machine? Can I take a UEC installation and switch it to Nova?

  5. Mark

    Maybe I missed something but on my fresh 10.10 server install I needed to go into /var/lib/nova/CA and run ./genrootca.sh before the “nova-manage project zipfile” command would work.

  6. Mark

    Soren, should this happen on first run because I just realised that nova-objectstore and nova-api did not start after they were installed. Should they?

  7. Soren Post author

    Pierce, I moved your comment from the /about-me/ page to this post, since I felt that makes more sense.

    To answer your question, I don’t believe they can co-exist out of the box. For instance, Nova’s API server and Eucalyptus’ cloud controller want to list on the same port. If you change this port for one of them, that might work. I haven’t tested it.

    I’ve put up a feature comparison page on the Openstack wiki. I’m going to try to keep it up-to-date as we progress:

    http://wiki.openstack.org/Nova/EucalyptusFeatureComparison

  8. Soren Post author

    Mark, yes, it should happen on the API server’s first run.

    If either of them fail to start on install, I’d appreciate a bug report with as much information as possible, too. Thanks!

  9. Mark

    Soren, I have added #660428 for the nova-objectstore not starting but I can’t see any problems with api. Would there be any log info/hints for api other than /var/log/nova/nova-api.log?

  10. Soren Post author

    Mark, you can enable more verbose debugging, but if you’re looking for info on what happened earlier, /var/log/nova/nova-api.log is all you get.

  11. Pingback: OpenStack Weekly Newsletter (Oct 8 – 15) — The OpenStack Blog

  12. Girish L C

    Hi,

    Now out of below command
    sudo apt-get install rabbitmq-server redis-server
    sudo apt-get install nova-api nova-objectstore nova-compute \
    nova-scheduler nova-network euca2ools unzip
    sudo nova-manage user admin soren
    sudo nova-manage project create soren soren
    sudo nova-manage project zipfile soren soren
    unzip nova.zip
    . novarc
    5th one is failing, I’m looking into this.
    Actually when we were running above command in Ubuntu we had previous version instead of Maverick version, then we upgraded the OS to Maverick, we are guessing may be because of old configuration file below command is failing, I’ll try for some more time if that does not works out we will re-install Ubuntu Maverick and planning to try.

    If anybody have any other idea please let me know.

    intel@localhost:~$ sudo nova-manage project zipfile girish girish
    /usr/lib/pymodules/python2.6/nova/db/sqlalchemy/api.py:42: DeprecationWarning: Use of empty request context is deprecated
    DeprecationWarning)
    Generating RSA private key, 1024 bit long modulus
    …………………………….++++++
    ……………………………..++++++
    e is 65537 (0x10001)
    Using configuration from ./openssl.cnf
    error loading the config file ‘./openssl.cnf’
    7006:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen(‘./openssl.cnf’,’rb’)
    7006:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
    7006:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:
    Traceback (most recent call last):
    File “/usr/bin/nova-manage”, line 457, in
    main()
    File “/usr/bin/nova-manage”, line 449, in main
    fn(*argv)
    File “/usr/bin/nova-manage”, line 338, in zipfile
    zip_file = self.manager.get_credentials(user_id, project_id)
    File “/usr/lib/pymodules/python2.6/nova/auth/manager.py”, line 647, in get_credentials
    private_key, signed_cert = self._generate_x509_cert(user.id, pid)
    File “/usr/lib/pymodules/python2.6/nova/auth/manager.py”, line 706, in _generate_x509_cert
    signed_cert = crypto.sign_csr(csr, pid)
    File “/usr/lib/pymodules/python2.6/nova/crypto.py”, line 121, in sign_csr
    return _sign_csr(csr_text, FLAGS.ca_path)
    File “/usr/lib/pymodules/python2.6/nova/crypto.py”, line 140, in _sign_csr
    utils.runthis(“Signing cert: %s”, “openssl ca -batch -out %s/outbound.crt -config ./openssl.cnf -infiles %s/inbound.csr” % (tmpfolder, tmpfolder))
    File “/usr/lib/pymodules/python2.6/nova/utils.py”, line 125, in runthis
    cmd=cmd)
    nova.exception.ProcessExecutionError: Unexpected error while running command.
    Command: openssl ca -batch -out /tmp/tmpE9S_dW/outbound.crt -config ./openssl.cnf -infiles /tmp/tmpE9S_dW/inbound.csr
    Exit code: 1
    Stdout: None
    Stderr: None

    Thanks,
    Girish.L.C

  13. Girish L C

    sudo /etc/init.d/nova-api start
    sudo /etc/init.d/nova-objectstore start

    After installation need to start above two appln, then restart and I changed the user admin name then it worked fine :)

    -Thanks
    Girish.L.C

  14. Girish L C

    This command is failing, anyone can help me to solve this issue please…

    euca-upload-bundle -m /tmp/kernel.manifest.xml -b mybucket

    $ euca-upload-bundle -m /tmp/kernel.manifest.xml -b mybucket
    Checking bucket: mybucket
    Warning: failed to parse error message from AWS: :7:2: mismatched tag
    S3ResponseError: 400 Bad Request

    Request Error

    Request Error (invalid_request)

    Your request could not be processed. Request could not be handled

    This could be caused by a misconfiguration, or possibly a malformed request.

    For assistance, contact your network support team.

  15. Girish L C

    Hi, I got the solution for the above mentioned error

    $ euca-upload-bundle -m /tmp/kernel.manifest.xml -b mybucket

    Here is the solution:

    mkdir ~/.euca
    cd ~/.euca
    unzip name-of-the-key-zip.zip
    chmod 0700 ~/.euca
    chmod 0600 ~/.euca/*

    wget http://s3.amazonaws.com/ec2-downloads/ec2-api-tools-1.3-30349.zip
    unzip ec2-api-tools-1.3-30349.zip

    export EC2_HOME=/path/to/installed/ec2-commandline-tools
    export PATH=$PATH:$EC2_HOME/bin
    source ~/.euca/eucarc

    Refering the link:
    http://open.eucalyptus.com/book/export/html/1369

    Thanks,
    Girish.L.C

  16. Girish L C

    :~$ euca-add-keypair test1 > test1.pem
    ~$ cat test1.pem
    KEYPAIR test1 43:09:de:8d:ce:f4:2d:d3:14:72:70:62:ea:1f:d7:b3:41:ba:73:7c
    —–BEGIN RSA PRIVATE KEY—–
    MIIEpAIBAAKCAQEA3Q/PCUgUQW6XZBimP6j1mBIWP+NNviP4c9WEA/EV6wo/2Luz
    O65ctany58495CiDBOYqQLf0JRSSlEBMA5m1GlQSH48hi/ExNmuv5eruTCB+FALF
    rW7KWpqAnaOvcISOqBQynvaTakSdL34h7OoLtoIz1gFrQo5zUzPgMq9bcYEqqCL+
    YceYNdzV1W3AogxWNZ0Z25mbReuBYR32RGnjMFm7SHqTuSpMewHKP+OqG1hSO5Pq
    dpliVwlEA6LF1eNvk9NJArOe8LyxFrF+RT+Kj6x+jy/1GCe+EsbO9KbLDEsthXuj
    /b3e5QFWn33AlCrzhzWw08fyxYxmMue+1lNnWwIDAQABAoIBABhNlaBamUd8Rg6O
    GzDifWWjj2ikr7ZYtAbgEWxxg8xcSxqjwBeumqiqL3dGmE1OGuFeAIUu9BtjgJ3l
    17WJn3xug7OOg8yjzppCCouHYX1jERlYGK1xgbOmSr+J8E65dAmMdug9CYXkVzeS
    cV5feLwu4k4Dx+wARzN9f4dy+eWnblqjY4r8cQuE3YJDmpSEuvvhxJXqfhao2n4X
    5S/Jxa/gAP54BnAIw3YLSrIP8+K4Rj3xGJRdBKA3MlN0NhuAmeuAJVg1h1e75vkI
    OdPxEJutf3ftmulWB6/cdlg0tHj/+rQpVBV0dj/YIWhHznDlSxJQeUTypqZgGNEy
    C2iHErkCgYEA9GNYxJ6MGw/izTmfgpK3l33p1FV7NRJjLQZ4XZPLlCDD7XB9ZVNY
    L+g9lN95K69gx8mnop+6XXirizZvvKTbGGdQw5t2w8t5nmvNF6SbHWA4dcjEhmsw
    T1N5wUCz8X8d2Xw0gjfA3EFCNyTRpvXCJVwnEL6BqXUG1wkMjHdw9Y8CgYEA55C6
    g7l/WguUl4t1Gdl9n4kFgkr+GftubA4ZfPyxBEfpoEa88dnbgnuS1G+QjJw2U0ID
    7Ph2T1VCPL15wgiJqG3rfB36QGY0KQ3o4fwaQ024yAXN28sHGdUTfHbnoitYMGTN
    5FAKvFlCpju0NgS/bkjG8FUXQf6GgwBliFXFg3UCgYEA68+0xrwJis9QVCBG5tI1
    LotDhiwZX4NniPmWSQ0kQcE/7Ks/g/bgwBFC4pSjseBe7UiKZaPkSu7177VOKeOU
    uT5vst8ewRxkNNXmJusg9T50HErmPqHNEq4EbNHHD75Nih6L+B5eDOk3QEhZt9Wp
    SS1bUI/SQzX1rKZBooRZzccCgYEA4Qg8uRXjNNZcKIlV2zEIa6j0uZG3LfixbkCl
    dFj8jXR1DVSw+TcFouAD6H4iswJ7qJ1Ww0sRbjckj3JyiKVTYWKwnYVkVID934es
    8S/VNeKp13gMfbPnyqrOrP3ATFBi+2R60Y0XYcI8it8qWfRzM/F1osiOOYvnnBce
    lEcGEqECgYAuxOMPqr0Yf6gW10p9CzdphufyqI573++/QQ1BmeLJZF05Ts5HmSpa
    MP/jmSw8GGGCDod7zayT8oWj6bc4+yRZUiADihB8knpugthjSksYGw8RkBDZcn2l
    OQeuiotNlrq3taKwkc0De/JKg2MEoII0xSrCa2PHnFfXNuUOty5nXQ==
    —–END RSA PRIVATE KEY—–

    ~$ :q
    :q: command not found
    ~$ euca-run-instances -k test1 -t m1.tiny ami-tiny
    ImageVerify: Failed to find disk image: ami-tiny
    ~$

    Any idea, about this error???

    -Girish.L.C

  17. Girish.L.C

    Hi,
    While registering images getting below error, anybody have fix for this issue?

    $ kernel=$(euca-register mybucket/vmlinuz-2.6.32-23-server.manifest.xml | awk ‘{print $2}’)
    $ euca-register mybucket/vmlinuz-2.6.32-23-server.manifest.xml
    Image: Only administrators can register kernel images.
    $ sudo euca-register mybucket/vmlinuz-2.6.32-23-server.manifest.xml
    [sudo] password for user:
    EC2_ACCESS_KEY environment variable must be set.
    Connection failed

  18. Jeff

    Hi, soren, I have installed OpenStack following your instructions in Maverick . However, when I try to create the user, it just failed. The error information is :

    Traceback (most recent call last):
    File “/usr/bin/nova-manage”, line 457, in
    main()
    File “/usr/bin/nova-manage”, line 436, in main
    command_object = fn()
    File “/usr/bin/nova-manage”, line 236, in __init__
    self.manager = manager.AuthManager()
    File “/usr/lib/pymodules/python2.6/nova/auth/manager.py”, line 214, in __init_ _
    self.network_manager = utils.import_object(FLAGS.network_manager)
    File “/usr/lib/pymodules/python2.6/nova/utils.py”, line 54, in import_object
    __import__(import_str)
    File “/usr/lib/pymodules/python2.6/nova/network/manager.py”, line 55, in
    flags.DEFINE_string(‘vpn_ip’, utils.get_my_ip(),
    File “/usr/lib/pymodules/python2.6/nova/utils.py”, line 157, in get_my_ip
    csock.connect((‘www.google.com’, 80))
    File “/usr/lib/pymodules/python2.6/eventlet/greenio.py”, line 161, in connect
    while not socket_connect(fd, address):
    File “/usr/lib/pymodules/python2.6/eventlet/greenio.py”, line 35, in socket_co nnect
    raise socket.error(err, errno.errorcode[err])
    socket.error: [Errno 110] ETIMEDOUT

    Any hints ?

  19. Soren Post author

    You seem to be using an extremely old version of Nova. Which PPA did you install this from?

  20. Vipul A M

    Hi, there.

    Is running instances resource intensive.
    I got 3Gb of Ram, Core-2 Duo. 3.14

    My instance on running

    euca-run-instances $machine --kernel $kernel --ramdisk $ramdisk -k mykey

    seems to be pending forever.

    retried the same, after killing instances, still dint work out…

  21. zhalin

    hi
    when i run nove image-list, it return this error:
    ERROR (connection error): httpconnectionpool (host=’cntroller’ , port=8774) : Max retries exceeded with url: /v2/199f8db8f3b148f39036d99ae14ba519/images/detail (caused by : [Errno 110] connection timed out)
    it is force
    please help me to solve my error

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>