Tuesday, February 11, 2014

MySQL Credentials for root & nova in Two Node Neutron GRE +OVS Havana Cluster on Fedora 20

As of 02/10/2014  following actions have to be undertaken to build Two Node Neutron GRE +OVS Cluster


Here dwf01 is Controller (192.168.1.147)
          hvn01 is Compute  (192.168.1.157)

[root@dfw01 ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 13
Server version: 5.5.34-MariaDB MariaDB Server

Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> SELECT User, Host, Password FROM mysql.user;
+----------+-------------------+-------------------------------------------+
| User     | Host              | Password                                  |
+----------+-------------------+-------------------------------------------+
| root     | localhost         | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
| root     | dfw01.localdomain | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
| root     | 127.0.0.1         | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
| root     | ::1               | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
|          | localhost         |                                           |
|          | dfw01.localdomain |                                           |
| keystone | localhost         | *936E8F7AB2E21B47F6C9A7E5D9FE14DBA2255E5A |
| keystone | %                 | *936E8F7AB2E21B47F6C9A7E5D9FE14DBA2255E5A |
| glance   | localhost         | *CC67CAF178CB9A07D756302E0BBFA3B0165DFD49 |
| glance   | %                 | *CC67CAF178CB9A07D756302E0BBFA3B0165DFD49 |
| cinder   | localhost         | *028F8298C041368BA08A280AA8D1EF895CB68D5C |
| cinder   | %                 | *028F8298C041368BA08A280AA8D1EF895CB68D5C |
| neutron  | localhost         | *4DF421833991170108648F1103CD74FCB66BBE9E |
| neutron  | %                 | *03A31004769F9E4F94ECEEA61AA28D9649084839 |
| nova     | localhost         | *0BE3B501084D35F4C66DD3AC4569EAE5EA738212 |
| nova     | %                 | *0BE3B501084D35F4C66DD3AC4569EAE5EA738212 |
| nova     | dfw01.localdomain | *0BE3B501084D35F4C66DD3AC4569EAE5EA738212 |
+----------+-------------------+-------------------------------------------+

17  rows in set (0.00 sec)

Actually,  first step after server came up was :-

[root@dfw01 ~]# mysql -u root
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 5.5.34-MariaDB MariaDB Server

Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> SELECT User, Host, Password FROM mysql.user;
+------+-------------------+----------+
| User | Host              | Password |
+------+-------------------+----------+
| root | localhost         |          |
| root | dfw01.localdomain |          |
| root | 127.0.0.1         |          |
| root | ::1               |          |
|      | localhost         |          |
|      | dfw01.localdomain |          |
+------+-------------------+----------+
6 rows in set (0.00 sec)

MariaDB [(none)]> UPDATE mysql.user SET Password = PASSWORD('abcd0101')
    -> WHERE User = 'root';
Query OK, 4 rows affected (0.00 sec)
Rows matched: 4  Changed: 4  Warnings: 0

MariaDB [(none)]> SELECT User, Host, Password FROM mysql.user;
+------+-------------------+-------------------------------------------+
| User | Host              | Password                                  |
+------+-------------------+-------------------------------------------+
| root | localhost         | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
| root | dfw01.localdomain | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
| root | 127.0.0.1         | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
| root | ::1               | *E0DC09146F1310B49A34199B04274A9EED6F9EC7 |
|      | localhost         |                                           |
|      | dfw01.localdomain |                                           |
+------+-------------------+-------------------------------------------+
6 rows in set (0.00 sec)




 Last row was inserted and updated as required

On controller 


[root@dfw01 nova]# cat nova.conf | grep -v  ^# | grep -v  ^$
[DEFAULT]
logdir = /var/log/nova
state_path = /var/lib/nova
lock_path = /var/lib/nova/tmp
volumes_dir = /etc/nova/volumes
dhcpbridge = /usr/bin/nova-dhcpbridge
dhcpbridge_flagfile = /etc/nova/nova.conf
force_dhcp_release = True
injected_network_template = /usr/share/nova/interfaces.template
libvirt_nonblocking = True
libvirt_inject_partition = -1
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
iscsi_helper = tgtadm
sql_connection = mysql://nova:nova@dfw01.localdomain/nova
compute_driver = libvirt.LibvirtDriver
libvirt_type=qemu
rpc_backend = nova.openstack.common.rpc.impl_qpid
rootwrap_config = /etc/nova/rootwrap.conf
auth_strategy = keystone
firewall_driver=nova.virt.firewall.NoopFirewallDriver
volume_api_class = nova.volume.cinder.API
enabled_apis = ec2,osapi_compute,metadata
my_ip=192.168.1.147
qpid_hostname=192.168.1.147
qpid_port=5672
glance_host=192.168.1.147
network_api_class = nova.network.neutronv2.api.API
neutron_admin_username = neutron
neutron_admin_password = fedora
neutron_admin_auth_url = http://192.168.1.147:35357/v2.0/
neutron_auth_strategy = keystone
neutron_admin_tenant_name = services
neutron_url = http://192.168.1.147:9696/
security_group_api = neutron
metadata_host = 192.168.1.147
metadata_listen = 0.0.0.0
metadata_listen_port = 8700
service_neutron_metadata_proxy = True
neutron_metadata_proxy_shared_secret = fedora
[keystone_authtoken]
admin_tenant_name = services
admin_user = nova
admin_password = fedora
auth_host = 192.168.1.147
auth_port = 35357
auth_protocol = http
signing_dirname = /tmp/keystone-signing-nova

 
[root@dfw01 neutron]# cat plugin.ini | grep -v  ^# | grep -v  ^$
[ovs]
tenant_network_type = gre
tunnel_id_ranges = 1:1000
enable_tunneling = True
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = 192.168.1.147
[agent]
[securitygroup]
[DATABASE]
sql_connection = mysql://root:xxxxxxx@dfw01.localdomain/ovs_neutron
[SECURITYGROUP]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[root@dfw01 neutron]# cat l3_agent.ini | grep -v  ^# | grep -v  ^$
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
handle_internal_only_routers = TRUE
ovs_use_veth = True
use_namespaces = True
metadata_ip = 192.168.1.147
metadata_port = 8700


On compute  running openstack-nova-compute & neutron-openswitch-agent services.

[root@hvn01 nova]# cat nova.conf | grep -v  ^# | grep -v  ^$
[DEFAULT]
logdir = /var/log/nova
state_path = /var/lib/nova
lock_path = /var/lib/nova/tmp
volumes_dir = /etc/nova/volumes
dhcpbridge = /usr/bin/nova-dhcpbridge
dhcpbridge_flagfile = /etc/nova/nova.conf
force_dhcp_release = True
injected_network_template = /usr/share/nova/interfaces.template
libvirt_nonblocking = True
libvirt_inject_partition = -1
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
iscsi_helper = tgtadm
sql_connection = mysql://nova:nova@dfw01.localdomain/nova
compute_driver = libvirt.LibvirtDriver
libvirt_type=qemu
rpc_backend = nova.openstack.common.rpc.impl_qpid
rootwrap_config = /etc/nova/rootwrap.conf
auth_strategy = keystone
firewall_driver=nova.virt.firewall.NoopFirewallDriver
volume_api_class = nova.volume.cinder.API
enabled_apis = ec2,osapi_compute,metadata
my_ip=192.168.1.157
qpid_hostname=192.168.1.147
qpid_port=5672
glance_host=192.168.1.147
network_api_class = nova.network.neutronv2.api.API
neutron_admin_username = neutron
neutron_admin_password = fedora
neutron_admin_auth_url = http://192.168.1.147:35357/v2.0/
neutron_auth_strategy = keystone
neutron_admin_tenant_name = services
neutron_url = http://192.168.1.147:9696/
security_group_api = neutron
metadata_host = 192.168.1.147
metadata_listen = 0.0.0.0
metadata_listen_port = 8700
service_neutron_metadata_proxy = True
neutron_metadata_proxy_shared_secret = fedora
[keystone_authtoken]
admin_tenant_name = services
admin_user = nova
admin_password = fedora
auth_host = 192.168.1.147
auth_port = 35357
auth_protocol = http
signing_dirname = /tmp/keystone-signing-nova


[root@hvn01 neutron]# cat plugin.ini | grep -v  ^# | grep -v  ^$
[ovs]
tenant_network_type = gre
tunnel_id_ranges = 1:1000
enable_tunneling = True
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = 192.168.1.157
[agent]
[securitygroup]
[DATABASE]
sql_connection = mysql://root:xxxxxxxxx@dfw01.localdomain/ovs_neutron
[SECURITYGROUP]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver


REFERENCES

 1. http://kashyapc.fedorapeople.org/virt/openstack/neutron-configs-GRE-OVS-two-node.txt

 2.  https://dev.mysql.com/doc/refman/5.1/en/default-privileges.html

 3.  http://textuploader.com/1hin