Changes

From Amahi Wiki
Jump to: navigation, search
{{NeedsUpdate}}
{{WorkInProgress}}
'''Last Update:''' May 22, 2022
=Objective=
This is a project to update and modernize the infrastructure that keeps the Amahi web sites and services running.
=Goals=
We have multiple goals:
* run some of Operate internal build machines in a reliable, efficient way, so that we have consistent and updated builds/releases* have consistent Consistent and recent backups making things recoverable* run Execute some testing of Amahi apps more easily and efficiently* test Test new features in an isolated manner...
=Known Issues=* Controller node is memory intensive* Image resizing does not work* Volumes resizing does not work* Suspending instance with volume attached does not work after reboot =Pending Actions=* <s>Set up floating IP address range</s>* Create automated VM backup routine* <s>Create Fedora 19 32- and 64-bit minimal install images</s>* Create Amahi 7 Express CD image =HardwareConfiguration='''Dell Rack Server(F1DH):'''
* Dual Xeon E5450 3.0 GHz Processors
* 32GB PC2-5300 RAM (8x4)* Two Gigabit Network InterfacesInterface
* KVM Network Interface
* RAID Controller
<br>'''Server #1 (CURRENT):'''* OpenStack release Yoga* Operating System: CentOS 8 Stream* 32GB PC2-5300 RAM (8x4)* Four Quick Swap Drive Bays** 1 - 1 TB 1TB** 2 - 750GB (OS and Backup)** 3 - EMPTY** 4 - EMPTY<br>'''Server #2 (BACKUP):'''* OpenStack release Wallaby* Operating System: CentOS 8 Stream* 24GB PC2- 120GB SSD 5300 RAM (4x2/8x2)* Quick Swap Drive Bays** 1 - 850GB (VMsLVM)** 2 - EMPTY** 3 - Empty120GB SSD (Backup)** 4 - EmptyEMPTY
=SoftwareSetup=* The following guidance is based on the latest release of OpenStack (Yoga):<ul><li> Download [https://www.centos.org/download/ CentOS 8 Stream] minmal image and install following [https://linuxhint.com/install_centos8_netboot_iso/ Installing CentOS 8 using NetBoot ISO Image] tutorial (use LVM, but remove ''/home'' partition and redistribute space to ''/''). </li><li> [https://linuxconfig.org/rhel-8-configure-static-ip-address Set Static IP Address] and [https://techjourney.net/how-to-set-change-hostname-fqdn-fully-qualified-domain-name-in-rhel-centos-7 x86_64 / configure Fully Qualified Domain Name], then reboot</li><li> Follow step 0 - 3 of the [https://www.rdoproject.org/install/packstack/ RDO Packstack Quickstart] for the OpenStack installation (ensure step 0 prerequisites are completed first).</li><li> At step 4, follow the [https://www.rdoproject.org/networking/neutron-with-existing-external-network/ Neutron with existing network guidance]:</li><ul><li> Use command: <code>packstack --allinone --provision-demo=n --cinder-volumes-size=100G --keystone-admin-passwd={set password} --os-neutron-ml2-mechanism-drivers=openvswitch --os-neutron-ml2-tenant-network-types=vxlan --os-neutron-ml2-type-drivers=vxlan,flat,vlan --os-neutron-l2-agent=openvswitch --os-neutron-ovs-bridge-mappings=extnet:br-ex --os-neutron-ovs-bridge-interfaces=br-ex:eth0 --nova-libvirt-virt-type=kvm</code> (Minimalreplace {set password} and ''eth0'' with appropriate values)</li><li> Skip down to ''Now, create the external network with Neutron.'' and follow guidance.</li><li> Next move to ''Then create a router and set its gateway using the external network...'' and follow remaining guidance.</li>* OpenStack Juno Release</ul><li> Set up the floating IP addresses to the external network.</li><li> Create flavors named ''amahi.small'' of 10GB and ''amahi.medium'' of 15GB.<li> Add the following rules to ''default'' Security Group (Ingress, IPv4, Remote IP 0.0.0.0):<ul><li> ICMP / Any</li><li> TCP / 22</li><li> TCP / 80</li><li> TCP / 3000</li><li> TCP / 443 (<i>Optional</i>)</li></ul><li> Add users and private keys for SSH login</li><li> Disable SSH password and root login</li><li> Add users to web UI access</li><li> Ensure OS updates applied and reboot</li><li> Create a single instance with floating IP</li><li> Verify all is working as expected.</li></ul>
=Setup=* Download and install [http://isoredirect.centos.org/centos/7/isos/x86_64/ CentOS 7 x86_64 minimal] image following [https://www.howtoforge.com/tutorial/centos-7.1-server/ CentOS 7.1 Server] tutorial.* Configure FQDN (<codeb>/etc/hostsNOTE:</codeb> and <code>/etc/hostname</code>)* Manually configure networking (set static IP address)* Add users and private keys A terminal script has been developed to automate the installation steps above for SSH loginOpenStack after CentOS is installed.* Disable SSH password and root login* Enable EPEL Repo:<code>yum install epel-release</code>:or:<code>rpm -Uvh <nowiki>http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm</nowiki></code>* Perform OS update=Naming Convention=The following is recommended for standardization:<code>yum -y update</code>* Install OpenStack following [httpsInstances://openstack.redhat.com/Quickstart RDO Quickstart] instructions (run <code>packstack --allinone</code> as '''rootos-function''')* Configure network bridging (refer to [https://openstacki.redhate.com/Neutron_with_existing_external_network RDO Reference])** Set <code>CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE=n</code> in ''packstackf24-answers-20141028-205455.txtbot'', ''** Executed <code>packstack f24--answer-file=packstack-answers-20141028-205455.txt</code> (as repo'', 'root'f24-dev'', etc)** Created Images: '''/etc/sysconfig/networkos-scripts/ifcfg-br-extype'''** Revised (i.e. ''/etc/sysconfig/network-scripts/ifcfgf24-enp9s0f0cd''** Appended lines to , ''/etc/neutron/plugin.inif24-dvd'', etc)** Restarted the network service ** Removed router and subnet (Snapshot: '''ALLos-function-ss#''' instances must be terminated to remove subnet)** Recreated subnet with IP address allocation range (set floating IP addresses)** Recreated router to match gateway* Configure DNS to access internet** Edit <code>/etc/neutron/dhcp_agenti.ini</code> and uncomment the line below:<pre># Comma-separated list of DNS servers which will be used by dnsmasq# as forwarderse.# dnsmasq_dns_servers = </pre>: and add <code>8.8.8.8,8.8.4.4</code> after equal (=), then reboot as I could not determine what services to restart.* Extend cinder''f24-volumes past 20GB to allow for creating additional volumes to attach to instances.** Followed the [https://udaraliyanage.wordpress.com/2014/05/23/openstackrepo-increase-volume-capacity OpenStack Increase Volume Capacity] tutorial (substitute any name for ss1'', ''cinderf24-volumesbot-ss2'', etc)** After <code>losetup Volumes: '''instance-f /var/lib/cinder/cinder-volumes</code> in vol'''/etc/rc(i.e.local'' file**# Added <code>&& losetup f24-f /mnt/backup/stackrepo-volumes</code>**# When extending vol'', ''cindermirrormgr-volumesvol'', add <code>&& losetup -f</code> and location of new LVM file to sequence.**# Do <code>pvs -v</code> to verify, then reboot and recheck.**# This change is required to ensure the LVM remains intact on reboot.** Created 50Gb additional space for volumes (''/mnt/backup/stackdlmaster-volumesvol'', etc).** Total volume space available is now 70GB.
=Build Images=
This will outline how to build OpenStack images using [https://www.proxmox.com/en/ Proxmox VE] (alternate method in development).
* Log into Proxmox VE web UI
* Create a VM or clone an existing one(<code><i>type</i>=qemu64</code>)*# * If creating a VM, install the OS*# * If using a clone, start the VM
* Open a console window for the VM
*# * Log in and as <code>root </code> do the following*#** <code>dd if=/dev/zero of=/mytempfile bs=1M</code> (zero out any unused space)*#** <code>rm -f /mytempfile</code>*# * Shutdown VM*# * Log into Proxmox VE via SSH and execute the following from command line*#** Navigate to <code>/var/lib/vz/imagesdev/###pve</code> (number of VM)*#* <code>mv original_image.qcow2 original_image.qcow2_backup</code> (rename original image)*#* <code>qemu-img convert -O qcow2 original_image.qcow2_backup original_imagenew_image.qcow2</code>*#** Copy new <code>new_image.qcow2</code> image to a safe location for uploading into OpenStack*#* Remove <code>.backup</code> file*#* Delete the VM from Proxmox VE web UI* Use WINScp WinSCP or similar program to copy the <code>new_image.qcow2</code> image to client machine
* Upload into OpenStack via the web UI
'''REFReference:''' [httphttps://wwwgazelle.jamescoyleihe.net/how-tobook/323-reclaim-disk-space-from-a-sparse-image-file-qcow2-vmdk Reclaim disk space from .qcow2 or .vmdk imageexport/html/917 Transfer Proxmox VM]
=Create Instance=
This is a nice straight forward straightforward tutorial on [https://communitywww.hpcloudtecmint.com/article/creatingcreate-deploy-and-launch-yourvirtual-firstmachines-instancein-0 Creating openstack/ how to deploy and launch an instance(VM)].
Also refer to [https://docs.openstack.org/mitaka/user-guide/cli_nova_launch_instance_using_ISO_image.html launch instance from ISO] for an alternate method. =NotesBackup='''Last Backup completed:'''* the floating IPs situation may not work on nonInstances -externally routed IPs. this may be why they set up a 179. "public" network by detafult in the RDO setup. i deleted that network ''04 Jul 2021''* the external network needs to be "flagged" as external. this cannot be done with the UI, but i am told the juno release has a feature where attribute editing. so that the external attribute can be set to Yes. once that is done, MAYBE the system allows floating IPs in that network even if the IP range is not externally routableVolumes - ''04 Jul 2021''  '''NOTES:'''* basically understand what it takes Back up scripts have been created to get an image createdsynchronize instances, seasonedvolumes, and how we need to maintain these over long periods. i think the main workhorse is qcow2 tools.* these images are like "snapshots" in some way, but a snapshot is frozen and cannot be tweaked.* long term we want to make images like this for testing, e.g. and amahi 7 image that is bootable and it's plain instal. another example is a fully up to date amahi 7 image, etcsecondary drive on demand.* so they are alive Minimal of monthly back ups be done in that these images are frozen in time, but one takes a copy and can then evolve it into a new version case of the imagecatastrophic failure.* Refer to See [https://raymiigithub.orgcom/sNexenture/articles/Fix_inconsistent_Openstack_volumes_and_instances_from_Cinder_and_Nova_via_the_database.html Fix inconsistent openstack-instances-backups OpenStack volumes and instances from Cinder and Nova Instance Backups] to automate via the database] for correcting instances in error terminal script ('''NOTE:''' Use extreme caution as this could corrupt the databasesome modification is needed).) <u>ALWAYS</u> back up the database before making any changes!
=Tips=
==Command Line==
[https://docs.openstack.org/python-openstackclient/ussuri/ OpenStack Command Line Guide]
==Network Issues==
If the DNS server is changed or networking appears inoperable, check the following to ensure the DNS is correct:
* ''/etc/sysconfig/network-scripts/ifcfg-br-ex''
* ''/etc/resolve.conf''
Next restart neutron network services:
<precode>:service neutron-server restart<br />:service neutron-dhcp-agent restart<br />:service neutron-l3-agent restart<br />:service neutron-metadata-agent restart<br />:service neutron-openvswitch-agent restart</precode>
==Volume Issues==
When a volume becomes detached and/or shows in error, the state can be reset:
:<code>:source keystonerc_admin</code>:<code>cinder reset-state ''volume_id''</code>
or use web UI.
Also refer to [https://bugs.amahi.org/issues/2051 Amahi Bug #2051].
 
==Instance Issues==
When an instance '''Status''' reflects an ''error'' state, reset it by:
<code>
:source keystonerc_admin
:nova reset-state --active INSTANCE_ID
</code>
 
'''NOTE:''' Should the '''Power State''' reflect ''no state'' or blank, it can be corrected by doing the above step, then starting the instance.
==Update/Reboot/Shutdown Process==
Follow guidelines below to prevent corruption:
* Shutdown/Disconnect
** Stop all instances via SSH** Detach volumes from instances (this may not be needed)** Verify all volumes detached and instances stopped** Perform Update/Reboot/Shutdown<br>* Once system rebootedStarted/Rebooted:** Reattach volumes to instances (this may not be needed)
** Start all needed instances
** Verify all instances are operational
* As root user, execute <code>source keystonerc_admin</code>
* Use the following to reserve the IP address:
neutron <code>:openstack portcreate --create internal network private --fixed-ip subnet-idsubnet_id=internal_subnetprivate_subnet,ip_address=x.x.x.xstatic-ip-1</code>
* Create the instance and boot via command-line vs the web UI:
nova boot <code>:openstack server create --image NAME_OF_IMAGE IMAGE_NAME --flavor amahi.small --nic port-id=ID_FOR NETWORK_FROM_ABOVE_COMMAND_RESULTS VM_NAMENETWORK_ID_FROM_ABOVE_COMMAND INSTANCE_NAME</code>
:'''NOTE:''' If image name has spaces, enclose it in double quotes.
Ref: [https://ask.openstack.org/en/question/30690/add-multiple-specific-ips-to-instance/ Add Multiple Specific IPs to Instance]
==Change Instance Flavor==As ''root'' user:<code>:source keystonerc_admin</code>See [https://docs.openstack.org/newton/user-guide/cli-change-the-size-of-your-server Change the size of your server] for command line guidance. ==Fedora Cloud Base Images==See [https://wwwalt.rdoprojectfedoraproject.org/Running_an_instance#Step_5:_Launch_the_instance Launch cloud/ Fedora Cloud Base Images] for guidance. == Migration ===== Images ===See [https://raymii.org/s/tutorials/Openstack_Glance_Image_Download.html OpenStack Glance Image Download Tutorial] for how to transfer imagesfrom one server to another. === Snapshots ===See [https://community.cisco.com/t5/cloud-blogs/how-to-snapshot-an-openstack-nova-instance-boot-it-download/ba-p/3661228 Snapshot an OpenStack instance, boot it, and download] for guidancehow to transfer snapshots from one instance to another.
==Miscellaneous= Volumes ===Refer to See [httpshttp://bugsblog.amahioddbit.orgcom/2015/09/issues29/2050 Amahi Bug #2050migrating-cinder-volumes-between-openstack-environments/ Migrating cinder volumes between OpenStack environments] for some OpenStack Commandhow to transfer volumes from one instance to another. ==Fix Broken Web UI==Add the following line to ''/etc/httpd/conf.d/15-Line syntaxhorizon_vhost.conf'': WSGIApplicationGroup %{GLOBAL}Then restart the web server Ref: [https://ask.openstack.org/en/question/91352/openstack-mitaka-can-not-access-dashboard/ OpenStack cannot access Dashboard] =Known Issues=Cannot use multiple SSH keys via Dashboard ([https://bugs.launchpad.net/nova/+bug/1499751 OpenStack Bug #1499751])<br>
12,424

edits