CentOS Stream 8
Sponsored Link

OpenStack Yoga : Pre-Requirements2022/05/31

 
This is the example of Cloud Computiong by OpenStack Yoga.
Install some services that some components of OpenStack needs for system requirements on here.
This example is based on the environment like follows.
        eth0|10.0.0.30 
+-----------+-----------+
|   [ dlp.srv.world ]   |
|     (Control Node)    |
|                       |
|  MariaDB    RabbitMQ  |
|  Memcached            |
+-----------------------+

[1]
[2]
[3] Add the Repository of Openstack Yoga and also Upgrade CentOS Stream System.
Especially, it needs to upgrade some Python3 packages from Openstack repository.
[root@dlp ~]#
dnf -y install centos-release-openstack-yoga

[root@dlp ~]#
sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/CentOS-OpenStack-yoga.repo

[root@dlp ~]#
dnf --enablerepo=centos-openstack-yoga -y upgrade

[4] Install RabbitMQ, Memcached, Nginx.
# enable PowerTools

[root@dlp ~]#
dnf --enablerepo=powertools -y install rabbitmq-server memcached nginx-mod-stream
[root@dlp ~]#
vi /etc/my.cnf.d/mariadb-server.cnf
# add into [mysqld] section

[mysqld]
.....
.....
# default value 151 is not enough on Openstack environment
max_connections=500

[root@dlp ~]#
vi /etc/sysconfig/memcached
# line 5 : change

OPTIONS="-l
0.0.0.0,::
"
[root@dlp ~]#
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.org

[root@dlp ~]#
vi /etc/nginx/nginx.conf
# create new

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
    worker_connections 1024;
}
http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;
    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;
    include /etc/nginx/conf.d/*.conf;
}

[root@dlp ~]#
systemctl restart mariadb rabbitmq-server memcached nginx

[root@dlp ~]#
systemctl enable mariadb rabbitmq-server memcached nginx

# add openstack user
# set any password you like for [password]

[root@dlp ~]#
rabbitmqctl add_user openstack password

Creating user "openstack"
[root@dlp ~]#
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

Setting permissions for user "openstack" in vhost "/"
[5] If SELinux is enabled, change policy.
[root@dlp ~]#
vi rabbitmqctl.te
# create new

module rabbitmqctl 1.0;

require {
        type rabbitmq_t;
        type rabbitmq_var_log_t;
        type rabbitmq_var_lib_t;
        type etc_t;
        type init_t;
        type mysqld_port_t;
        type httpd_t;
        class tcp_socket name_bind;
        class file write;
        class file getattr;
}

#============= rabbitmq_t ==============
allow rabbitmq_t etc_t:file write;

#============= init_t ==================
allow init_t rabbitmq_var_lib_t:file getattr;
allow init_t rabbitmq_var_log_t:file getattr;

#============= httpd_t ==============
allow httpd_t mysqld_port_t:tcp_socket name_bind;

[root@dlp ~]#
checkmodule -m -M -o rabbitmqctl.mod rabbitmqctl.te

[root@dlp ~]#
semodule_package --outfile rabbitmqctl.pp --module rabbitmqctl.mod

[root@dlp ~]#
semodule -i rabbitmqctl.pp

[6] If Firewalld is running, allow ports for services.
[root@dlp ~]#
firewall-cmd --add-service={mysql,memcache}

success
[root@dlp ~]#
firewall-cmd --add-port=5672/tcp

success
[root@dlp ~]#
firewall-cmd --runtime-to-permanent

success
Matched Content