OpenStack: Upload Glance Image Via the Command Line

openstack

It seems that every once and a while I run into issues uploading an image into Glance while using the WebUI. The “Create Image” function will just flat out fail without any helpful error messages.

As a work around to the failure listed above, I suggest using the simple example shown below to upload an image. Note that all commands are being run from the Controller Node.

First source your keystone credentials.

[root@rhel7 ~]# source keystonerc_admin

Then run the command below and wait for the output. If your’s looks anything like mine, then you will know that the image uploaded without issue.

NOTE: The commands below have two dashes before each option…. its hard to see this in the output.

[root@rhel7 ~(keystone_admin)]# glance image-create –name Cirros –disk-format qcow2 –container-format bare –is-public True –copy-from http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img

+——————+————————————–+
| Property | Value |
+——————+————————————–+
| checksum | None |
| container_format | bare |
| created_at | 2015-03-29T04:50:38 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | dd5937ef-c30c-465b-ba45-3f76a59164cd |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | Cirros |
| owner | 1d84fe28da3f4e0a830c52929d85c917 |
| protected | False |
| size | 13200896 |
| status | queued |
| updated_at | 2015-03-29T04:50:38 |
| virtual_size | None |
+——————+————————————–+

Feel free to verify this in the WebUI, just make sure that you refresh the page before you think you have been lulled into a false sense of accomplishment.

Alternatively, you can also upload an image directly from local disk. In my particular case I am uploading directly from a locally mounted NFS mount.

root@rhel7 storage(keystone_admin)]# glance image-create –name RHEL7-Guest –disk-format qcow2 –container-format bare –is-public True –file /storage/NAS/storage/rhel-guest-image-7.0-20140930.0.x86_64.qcow2

+——————+————————————–+
| Property | Value |
+——————+————————————–+
| checksum | 4fcc9b2b8db610187a6e7eac02608ab6 |
| container_format | bare |
| created_at | 2015-03-29T05:07:46 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 5f6222b2-8b37-45e6-96db-c9fee8cb84b4 |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | RHEL7-Guest |
| owner | 1d84fe28da3f4e0a830c52929d85c917 |
| protected | False |
| size | 435639808 |
| status | active |
| updated_at | 2015-03-29T05:08:21 |
| virtual_size | None |
+——————+————————————–+

RHEL7: Registering a System with the Red Hat Network Using Subscription Manager

howto-draw-octopuses-tutorials_html_101880e

Note that I am about to give you the simpletons version of registering a system. Expect nothing fancy below. In  this post I will do my best to keep it brief.

If you need to register newly build RHEL 7 system using Subscription Manger rather than the ‘rhn_register’ command (which is pretty much deprecated) you will need to run the command as shown below. Including the option  “–auto-attach is pretty much the simplest method to register with RHN, as you  do not need to keep track of any of your subscription names.

[root@rhel7 ~]#  subscription-manager register –username <username> –password <password> –auto-attach

Once auto-attached you can log into rhn.redhat.com, and use the WebUI to pick and choose any additional subscriptions that you want to attach.

Once you have attached as many subscriptions as your heart desires (or you are licensed for) ,you can then run the following command to see each and every yum repository that you have access to, even if they are disabled.

[root@rhel7 ~]# yum repolist all

Depending on the number of repos that you have access to, so you might want to narrow the list down a bit, as shown below.

[root@rhel7 ~]# yum repolist all | grep -i openstack-6

rhel-7-server-openstack-6.0-debug-rpms/7Server/x86_64                           disabled
rhel-7-server-openstack-6.0-installer-debug-rpms/7Server/x86_64             disabled
rhel-7-server-openstack-6.0-installer-rpms/7Server/x86_64                        disabled
rhel-7-server-openstack-6.0-installer-source-rpms/7Server/x86_64            disabled
rhel-7-server-openstack-6.0-rpms/7Server/x86_64                                      disabled
rhel-7-server-openstack-6.0-source-rpms/7Server/x86_64                          disabled

Now you can enable the repos that you need with the command below. Note that the enable option accepts wildcards, but also note the discrepancy in the repo names in the command output above, and in the command below. If you are not passing a wildcard option on the enable command, then you will need to modify the repo names before you can run your command with any bit of success.

[root@rhel7 ~]# subscription-manager repos –enable rhel-7-server-openstack-6.0*
Repository ‘rhel-7-server-openstack-6.0-rpms’ is enabled for this system.
Repository ‘rhel-7-server-openstack-6.0-source-rpms’ is enabled for this system.
Repository ‘rhel-7-server-openstack-6.0-debug-rpms’ is enabled for this system.
Repository ‘rhel-7-server-openstack-6.0-installer-debug-rpms’ is enabled for this system.
Repository ‘rhel-7-server-openstack-6.0-installer-source-rpms’ is enabled for this system.
Repository ‘rhel-7-server-openstack-6.0-installer-rpms’ is enabled for this system.

RHEL7 – How to Set Your Hostname in Redhat Enterprise Linux 7

name-badge

Setting a server’s hostname used to be as simple as running the ‘hostname’ command and adding a “HOSTNAME” entry in /etc/sysconfig/network. However things have changed quite a bit in RHEL7. Apparently, systemd now controls setting a server’s hostname. The ‘hostname‘ command no longer works to set your hostname, however the command is still available just to confuse you.

Now in RHEL 7 you use the command ‘hostnamectl‘. Below is an example of how it works.

Here I have logged into my a RHEL 7.1 VM. You can see that the system appears to have the hostname of node1.

[root@node1 ~]# hostname
node1

However upon further inspection, I find that this is not the case. Rather, the server has a static hostname of localhost.localdomain.

[root@node1 ~]# hostnamectl
Static hostname: localhost.localdomain
Transient hostname: node1
Icon name: computer-vm
Chassis: vm
Machine ID: 4c26a2a3101947bfa2ec7d9c16824ca4
Boot ID: f58707942bd1458da48680025b6f1a53
Virtualization: vmware
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.1:GA:server
Kernel: Linux 3.10.0-229.el7.x86_64
Architecture: x86_64

So lets set the hostname permanently using ‘hostnamectl’.

[root@node1 ~]# hostnamectl set-hostname node1.packy.lab.localdomain

As you can see the hostname shows correct in the output of the ‘hostname’ command

[root@node1 ~]# hostname
node1.packy.lab.localdomain

… and in the output from ‘hostnamectl’

[root@node1 ~]# hostnamectl
Static hostname: node1.packy.lab.localdomain
Icon name: computer-vm
Chassis: vm
Machine ID: 4c26a2a3101947bfa2ec7d9c16824ca4
Boot ID: f58707942bd1458da48680025b6f1a53
Virtualization: vmware
Operating System: Employee SKU
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.1:GA:server
Kernel: Linux 3.10.0-229.el7.x86_64
Architecture: x86_64

OpenStack Packstack – How to configure an External Facing Bridged Interface

openstack

Specifically these directions are applicable to my experience with the OpenStack Packstack Installer, specifically when installing RHEL OpenStack 6 on RHEL 7. Plus, to get more specific (if that’s even possible — why yes it is), you will only need to follow the following steps on your Controller Node.

Note that I am installing OpenStack on two VMs in my HomeLab for testing purposes. Once machine will serve as a ‘All-In-One”  Controller/Compute/Network/Storage node and the other machine will serve as a Compute Node.

Basically what I am doing here is configuring networking in such a way to allow inbound access from my “public
lab network. Without this I would not be able to SSH to the Floating IP addresses that are assigned to my instances.

Note that my public interface is ens192 and has an ip address of 10.1.3.10. Here I copy ifcfg-ens192 to ifcfg-br-ex., which will be my external bridge. Note: br-ex is short for bridge external, however br-int is not short for bridge internal, rather it is short for integration bridge….not that we are talking about br-int, but I figured it was worth a mention.

# cp ifcfg-ens192 ifcfg-br-ex

I then modify the file as shown below. The device br-ex will effectively take the reins on hosting our external facing ip address. By moving ens192 to br-ex we are allowing Openvswitch to ‘hang’ additional ip addresses on this interface. “DEVICETYPE=ovs” tells the networking service that this device uses Openvswitch. “TYPE=OVSBridge” lets the networking service that this device will act as a bridge

DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR=10.1.3.10
NETMASK=255.255.255.0
GATEWAY=10.1.3.1
ONBOOT=yes

We also need to create a new ifcfg-ens192 file. Follow the template below. “TYPE=OVSPort” tells your networking service that this device is a port on an OVS bridge, while “OVS_BRIDGE” tells networking the name of the bridge where we need to attach.

DEVICE=ens192
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex

Now you should be able to restart networking. Make sure that you have console access before you attempt the restart, just in case you fat-fingered something.

If you are unable to ping your floating ip addresses from the public network, you have screwed something up.

Fedora21 – Quick and Dirty with Firewalld

firewall

Hey, are you new to Firewalld like most of us?

Unless you have been using Firewalld in the last few releases of Fedora, as some out there have, then you probably could probably use a few pointers to get you started on your way to configuring your Linux firewalls the “new-fangled fancy way”. This is especially the case if you plan on moving to RHEL7 anytime soon — as Firewalld is the default there. So put on your big boy (or girl) pants and say goodbye to your old friend IPTABLES.

According to this page. Firewalld is…

“The dynamic firewall daemon firewalld provides a dynamically managed firewall with support for network zones to assign a level of trust to a network and its associated connections and interfaces. It has support for IPv4 and IPv6 firewall settings. It supports Ethernet bridges and has a separation of runtime and permanent configuration options. It also has an interface for services or applications to add firewall rules directly”

Wow, how fancy. So how do we use it? Well let’s take a stab at enabling HTTP access to our Fedora21 workstation.

First thing first, lets figure out what our default done is on our workstation.

$ sudo firewall-cmd –get-default-zone
FedoraWorkstation

Ok, thats a bit strange, in RHEL you should expect PUBLIC to be your default zone.  Now that we know what zone we need to mess with let’s make sure that its applied to the proper interfaces.

$ sudo firewall-cmd –get-active-zone
FedoraWorkstation
interfaces: enp4s0 enp5s4 macvtap0 tun0 virbr0

The first two interfaces above are our physical interfaces, so we are good here. Now lets apply the rule, and make sure its permanent.

$ sudo firewall-cmd –permanent –zone=FedoraWorkstation –add-service http
success

Now lets check our rules. Note HTTP is missing.

$ sudo firewall-cmd –list-services
dhcpv6-client mdns samba-client ssh

Since we have only applied this new rule to our permanent config and not to our running config, we need to restart firewalld to see the updated rule.

 $ sudo firewall-cmd –reload

Now your can view the updated rules…

$ sudo firewall-cmd –list-services
dhcpv6-client http mdns samba-client ssh

Installing Red Hat Enterprise Linux OpenStack with Foreman

openstack
If you are looking to know a bit more about Red Hat’s offering in the OpenStack space, this is a good video to start with. The video also takes you through the “Evolution Of OpenStack Deployment Tools” which is helpful for those of us who are just getting our feet wet with OpenStack.

For additional information on RHEL OpenStack 6 (Juno), this link below has plenty of helpful information.

Bropages – Like Manpages but More Friendly

41KUBzxwK4L._SX300_I stumbled into this fun little tool the other day when I was introduced to it by a friend.  Bropages is a bit like man pages, but without all the hemming and hawing and information that you might not need when you are just trying to remember the proper syntax of a command.  Bropages just shows you an annotated example of how to run a command.

Before you can get started with Bropages, you need to install it. Note that I am running these commands on my Fedora21 Workstation. Your mileage may vary depending on your distro.

First you will need to install rubygems if its not already installed.

#yum -y install rubygems

Then install bropages — its a ruby gem.

#gem install bropages

Now lets take bropages out for a spin by running bro against the which command

# bro which
2 entries for which — submit your own example with “bro add which”

# locates executable
which bro

bro thanks to upvote (2)
bro …no to downvote (0)

………………………………………………………………………………………………………………………………

# Shows all install locations of an executable (in this case ruby)
which -a ruby

bro thanks 2 to upvote (2)
bro …no 2 to downvote (0)

Neat. As you can see above we have two examples of how to run the which command. Now lets try it against the chage command.

[root@fedora21 ~] $ bro chage
The chage command isn’t in our database.

* Typing bro add will let you add chage to our database!

* There’s nothing to lose by typing bro add, it will just launch an editor with instructions.

* Need help? Visit http://bropages.org/help

So bro don’t know chage, as its not in the bro database… let’s add it.

#bro add chage

We are prompted to add our short entry with a brief description

#~ Bro entry for command ‘chage’
#~ Provide a useful example for how to use ‘chage’
#~ Comments starting with #~ are removed
#~
#~ Example for command ‘man':
#~ # Opens up the manual page for the command ‘ls’
#~ man ls
# Configure a user’s password not to expire
chage -m 0 -M 99999 -I -1 -E -1 username

There, now we have created and submitted our entry.