Deploying and installing SUSE Cloud is a multi-step process, starting by deploying a basic SUSE Linux Enterprise Server installation and the SUSE Cloud add-on product to the Administration Server. Now the product and update repositories need to be set up and the SUSE Cloud network needs to be configured. Next the Administration Server setup will be finished. Once the Administration Server is ready, you can start deploying and configuring the OpenStack nodes. The complete node deployment is done automatically via Crowbar and Chef from the Administration Server. All you need to do is to PXE boot the nodes and to deploy the OpenStack services to them.
Procedure 3.1. High Level Overview of the SUSE Cloud Installation
Install SUSE Linux Enterprise Server 11 SP2 on the Administration Server with the Add-On products Subscription Management Tool (optional) and SUSE Cloud. See below.
Once the Administration Server is set up, PXE boot all nodes onto which the OpenStack components should be deployed and allocate them in the Crowbar Web interface to start the automatic SUSE Linux Enterprise Server installation. See Chapter 4, Installing the OpenStack Nodes.
Configure and deploy the OpenStack services via the Crowbar Web interface or command line tools. See Chapter 5, Deploying the OpenStack Services.
When all OpenStack services are up and running, SUSE Cloud is ready. The cloud admin can now upload images to enable users to start deploying instances. See User Guide for Administrators (↑User Guide for Administrators).
In this chapter you will learn how to install and set up the Administration Server from bare metal. As a result, the Administration Server will be ready to deploy OpenStack nodes and services. It will run on SUSE Linux Enterprise Server 11 SP2 and will include the add-on products SUSE Cloud and SMT (optional). Installing the Administration Server involves the following basic steps:
Start the installation by booting from the SUSE Linux Enterprise Server 11 SP2 installation medium.
![]() | Differences from the Default Installation Process |
---|---|
For an overview of a default SUSE Linux Enterprise Server installation, refer to the SUSE Linux Enterprise Server Installation Quick Start. Detailed installation instructions are available in the SUSE Linux Enterprise Server Deployment Guide. Both documents are available at http://www.suse.com/documentation/sles11/. The following sections will only cover the differences from the default installation process. |
Installing the Add-On products SUSE Cloud and SMT (optional) during the SUSE Linux Enterprise Server installation is recommended. Make sure to be able to access the installation media (DVD or ISO image). Alternatively, install the add-on products after the SUSE Linux Enterprise Server installation.
If you have access to remote update repositories for SUSE Linux Enterprise Server and SUSE Cloud from the cloud's admin network, you may want to skip the SMT Add-On product installation. Please refer to Section 2.2, “Product and Update Repositories” for details.
On the Section 3.1.7, “Basic Network Configuration”. Add SUSE Cloud and SMT (optional) as add-on products and proceed with the installation. Consult the SUSE Linux Enterprise Server Deployment Guide at http://www.suse.com/documentation/sles11/book_sle_deployment/data/sec_i_yast2_inst_mode.html for detailed instructions.
screen, click . Proceed with to the Add-On product installation dialog. If you have direct access to the installation media (for example, via DVD or USB stick), skip the network installation dialog. Otherwise configure the network as described in
Currently, Crowbar requires /opt
to be writable.
Apart from that, SUSE Cloud has no special requirements in regards of
partitioning. However, it is recommended to create a separate partition
or volume for /srv
. /srv will host all update and
product repositories for SUSE Linux Enterprise Server and SUSE Cloud. A size of at least 25 GB is
required. Help on using the partitioning tool is available at http://www.suse.com/documentation/sles11/book_sle_deployment/data/sec_yast2_i_y2_part_expert.html.
Installing a minimal base system is sufficient to set up the Administration Server. The following patterns are the minimum requirement:
(optional)
(only needed when installing SMT)
Although you can also register your products at any time after the installation, it is recommended to register SUSE Linux Enterprise Server and SUSE Cloud now, because it will give you immediate access to the update channels. If you have installed the SMT Add-On product, you must register your SUSE Linux Enterprise Server version at the Novell Customer Center now, otherwise you will not be able to configure the SMT server. You have received registration keys with the SUSE Cloud Administration Server subscription. See http://www.suse.com/documentation/sles11/book_sle_deployment/data/sec_i_yast2_conf.html for details on the Novell Customer Center registration.
![]() | SUSE Login Required |
---|---|
In order to register a product, you need to have a SUSE/Novell login. If you do not have such a login, create it at http://www.suse.com/login. |
A successful product registration will add update repositories for SUSE Linux Enterprise Server and all add-on products. After having successfully registered you will be asked to perform an online update, which will update the system and the add-on products. It is strongly recommended to perform the update at this point in time. If you choose to skip the update now, you must perform it later, before running the Cloud installation script.
In case you have installed SMT you need to provide a certification authority (CA). If you already have a CA certificate in your organization, import it. Otherwise generate all certificates in the Administration Server itself by accepting the YaST proposal. See http://www.suse.com/documentation/sles11/book_security/data/cha_security_yast_ca.html for more information.
If SMT is not installed, click on the
link and choose to not set up a CA.
Only the first interface (eth0
)
on the Administration Server needs to be configured during the installation. Other
interfaces will be automatically configured by the cloud installation
script.
eth0
needs to be given a fixed
IP address from the admin network—when sticking with the default
network addresses this would be 192.168.124.10
. The address you need to
enter for the depends on whether you
have provided an external gateway for the admin network (use the address
of that gateway) or not (use xxx.xxx.xxx
.1,
e.g. 192.168.124.1
). Using a
custom IP address or more than one network interfaces requires to adjust
the Crowbar configuration in a later step as described in Section 3.1.9, “Crowbar Setup”.
If you allow to access the admin network from another network (via gateway or bastion network), you can also add one or more name servers. The Administration Server's name server will automatically be configured by the cloud installation script to forward requests for non-local records to those server(s).
You also need to assign a hostname and a full qualified domain name
(FQDN) such as admin.cloud.example.com
to
eth0
.
Last, the firewall need to be disabled for all interfaces.
![]() | Administration Server Domain Name and Hostname |
---|---|
Setting up the SUSE Cloud will also install a DNS server for all nodes in
the cloud. The domainname you specify for the Administration Server will be used for
the DNS zone. It is recommended to use a sub-domain such as
The hostname and the FQDN need to be resolvable with hostname
191.168.124.10 admin.cloud.example.com admin It is not possible to change the Administration Server hostname or the FQDN once the cloud installation script has been run. |
Skip this step if you have not installed the SMT add-on product. In case you have installed it, you will be asked to configure it. Configuring the SMT server requires you to have your mirroring credentials and your registration e-mail address at hand. To access them, log in to the Novell Customer Center at http://www.novell.com/center/. Get the mirror credentials by selecting + in the left navigation. Obtain your registration e-mail address from + .
Enter this data at the
into the fields , , and . Accept the pre-filled defaults for the other input fields. Make sure to the credentials.In step two of the SMT configuration you need to enter a database password and specify an e-mail address for getting reports. Refer to http://www.suse.com/documentation/smt11/ for the complete SMT for SUSE Linux Enterprise 11 Guide.
This YaST module allows you to basically configure all networks within the cloud and set the network mode for all networks. Furthermore you can also change the username and password for the Crowbar Web interface with which you can manage the OpenStack nodes.
Start YaST and choose
+ to start the YaST Crowbar module. The tab lets you change the username and password for the Crowbar Web interface.On the Section 2.1.2, “Network Modes” for details on SUSE Cloud and network modes. In-depth information about the (also known as bonding modes) is available at https://www.kernel.org/doc/Documentation/networking/bonding.txt in section 2, Bonding Driver Options, under mode.
tab you can choose between , , and mode. When choosing , you also need to set the . SeeIf you do not want to use the default IP addresses and the default address allocation, change these settings on the Section 2.1, “Network” for details on the cloud network. You can also change the Bridge and VLAN allocation on the tab. Only change them if you really know what you require, sticking with the defaults is recommended.
tab. SeeIf you want to separate the admin and the BMC network, you must change the settings for the networks
and . The is used to used to generate a VLAN tagged interface on the Administration Server that can access the network. The needs to be in the same ranges as , and has to have enabled.Table 3.1. Separate BMC Network Example Configuration
bmc | bmc_vlan | |
---|---|---|
Subnet |
| |
Netmask |
| |
Router |
| |
Broadcast |
| |
Host Range |
|
|
VLAN | yes | |
VLAN ID | 100 | |
Bridge | no |
![]() | No Network Changes after Having Run the Cloud Installation Script |
---|---|
As of SUSE Cloud 1.0 it is not possible to change the network setup after having run the cloud installation script. Allowing such changes is planned for future releases of SUSE Cloud. |
![]() | Setting up a Bastion Network |
---|---|
As of SUSE Cloud 1.0 it is not possible to set up a bastion network with YaST Crowbar. It needs to be configured manually—see Section 3.2.3, “Setting Up a Bastion Network”. |
Other, more flexible network mode setups can be configured by manually editing the Crowbar network configuration files. See the documentation on the Crowbar wiki (https://github.com/dellcloudedge/crowbar/wiki) for more information. SUSE can assist you in creating a custom setup within the scope of a Level 3 support contract.
After the installation has finished, you need to set up product and update repositories and, optionally, configure the bastion network. Once the Administration Server host is fully configured, start the cloud installation script.
Skip this step if you have not installed the SMT add-on product. In
case you have installed it, the SMT server was set up to be able to
communicate with the Novell Customer Center during the installation. In this step we will
add and mirror the update repositories for SUSE Linux Enterprise Server and for
SUSE Cloud. They will serve as the update source for the OpenStack
nodes. Run the following commands as user root
:
for REPO in SLES11-SP{2-Core,2-Updates,1-Updates,1-Pool} SUSE-Cloud-1.0-{Pool,Updates}; do smt repos $REPO sle-11-x86_64 -e done smt mirror -L /var/log/smt/smt-mirror.log
The smt mirror command will download approximately
14 GB of patches. This process may last up to several hours. A log
file is written to /var/log/smt/smt-mirror.log
.
In order to deploy the OpenStack nodes and to provide update repositories
for them, product and update repositories for SUSE Linux Enterprise Server and SUSE Cloud
must be locally available at /srv/tftpboot
. The
source of the repositories can either be an SMT server installed on the
Administration Server or your company's network. Please refer to Section 2.2, “Product and Update Repositories” for details. The following table lists all
repositories, their file system location on the SMT server, and the
location at which they need to be made available on the Administration Server:
Repository Names and Locations¶
SMT dir:
/srv/www/htdocs/repo/$RCE/SLES11-SP1-Pool/slee-11-x86_64
Local dir:
/srv/tftpboot/repos/SLES11-SP1-Pool
SMT dir:
/srv/www/htdocs/repo/$RCE/SLES11-SP1-Updates/slee-11-x86_64
Local dir:
/srv/tftpboot/repos/SLES11-SP1-Updates
SMT dir:
/srv/www/htdocs/repo/$RCE/SLES11-SP2-Core/slee-11-x86_64
Local dir:
/srv/tftpboot/repos/SLES11-SP2-Core
SMT dir:
/srv/www/htdocs/repo/$RCE/SLES11-SP2-Updates/slee-11-x86_64
Local dir:
/srv/tftpboot/repos/SLES11-SP2-Updates
SMT dir:
/srv/www/htdocs/repo/$RCE/SUSE-Cloud-1.0-Pool/slee-11-x86_64
Local dir:
/srv/tftpboot/repos/SUSE-Cloud-1.0-Pool
SMT dir:
/srv/www/htdocs/repo/$RCE/SUSE-Cloud-1.0-Updates/slee-11-x86_64
Local dir:
/srv/tftpboot/repos/SUSE-Cloud-1.0-Updates
SMT dir: n/a
Local dir:
/srv/tftpboot/suse-11.2
The update repositories for SUSE Linux Enterprise Server and SUSE Cloud not only need to be available locally on the Administration Server, they also need to be kept in sync with the official update repositories provided by Novell Customer Center. It is highly recommended to install an SMT server either on the Administration Server or within your company network. An SMT server automatically synchronizes the repositories with the Novell Customer Center. There are several possibilities to make the repositories locally available on the Administration Server.
Link the repositories mirrored by SMT to
/srv/tftpboot
:
for REPO in SLES11-SP{2-Core,2-Updates,1-Updates,1-Pool} SUSE-Cloud-1.0-{Pool,Updates}; do ln -s /srv/www/htdocs/repo/\$RCE/$REPO/sle-11-x86_64 /srv/tftpboot/repos/$REPO done
If the SMT server is installed on a remote host that can be accessed
from the Administration Server you can either mount the update repositories, for
example via NFS
, or regularly
rsync them.
To NFS
-mount the repositories from a remote host,
either use the YaST module or edit
/etc/fstab
. The local mount point should be
/srv/tftpboot/repos/
.
<REPOSITORY_NAME>
To rsync the repositories from a remote host, create a daily cron job running the following command on the Administration Server. This command will pull the files from a host named SMT.example.com:
for REPO in SLES11-SP{2-Core,2-Updates,1-Updates,1-Pool} SUSE-Cloud-1.0-{Pool,Updates}; do rsync -avPz SMT.example.com:/srv/www/htdocs/repo/\\\$RCE/$REPO/sle-11-x86_64/ \ /srv/tftpboot/repos/$REPO/ done
Alternatively you may set up the cron job on the remote host and
push the file to the Administration Server (which has the IP
address 192.168.124.10
in the following example):
for REPO in SLES11-SP{2-Core,2-Updates,1-Updates,1-Pool} SUSE-Cloud-1.0-{Pool,Updates}; do
rsync -avPz /srv/www/htdocs/repo/\\\$RCE/$REPO/sle-11-x86_64/ \
192.168.124.10
:/srv/tftpboot/repos/$REPO/ \
done
![]() | Mind the Trailing Slash |
---|---|
The rsync command must be used with trailing slashes in the directory names as shown above. Otherwise rsync would copy the repositories into the wrong directory. |
If your admin network is isolated from other networks, you need to
manually sync the update repositories from removable media. To do so
you can either use rsync (see above for an example)
or cp -axu
.
The files in the product repositories for SUSE Linux Enterprise Server and SUSE Cloud do not
change, therefore they do not need to be synced with a remote source. It
is sufficient to copy the data once, either from a remote host or
directly from the installation media. Alternatively you may mount the
product repository from a remote server via
NFS
. Please note that the data
must be directly available from the local
directories listed in Repository Names and Locations. It is not
possible to use links.
If copying, it is recommended to use rsync. If the installation data is located on a removable device, make sure to mount it first (for example, after inserting the DVD in the Administration Server and waiting for the device to become ready):
mkdir -p /srv/tftpboot/suse-11.2/install/ mount /dev/dvd /mnt rsync -avP /mnt/ /srv/tftpboot/suse-11.2/install/ umount /mnt
If the installation data is provided by a remote machine, log in to that
machine and push the data to the Administration Server (which has the IP address
192.168.124.10
in the
following example):
rsync -avPz /data/sles11sp2/ 192.168.124.10
:/srv/tftpboot/suse-11.2/install/
Also make the contents of the SUSE Cloud product repository available
at /srv/tftpboot/repos/Cloud/
using one of the
techniques described in the previous step.
Now that the product and update repositories for SUSE Linux Enterprise Server and SUSE Cloud are available locally, the OpenStack nodes can be installed and updated from these sources. However, it also makes sense to use these repositories as resources to install and update packages on the Administration Server as well. Therefore you need to replace the existing remote repositories that have been added automatically during the product registration by the local ones. You can either use zypper or the YaST module
to do so.One way to do so, would be to disable all existing remote services and repositories and to add the local repositories afterwards:
zypper ms -dR --remote zypper mr -dR --remote for REPO in SLES11-SP{2-Core,2-Updates,1-Updates,1-Pool} SUSE-Cloud-1.0-{Pool,Updates}; do zypper ar -f /srv/tftpboot/repos/$REPO $REPO done zypper ar /srv/tftpboot/repos/Cloud "SUSE-Cloud-1.0" zypper ar /srv/tftpboot/suse-11.2/install/ "SLES 11 SP2"
![]() | Remote Repositories and Services Need to be Disabled |
---|---|
The cloud installation script will refresh all active repositories and services. In case repositories cannot be refreshed, the script will fail. Even if you have a permanent Internet connection on the Administration Server, it may temporarily not be available during the run of the cloud installation script, since this script also reconfigures the network.
Therefore all remote repositories and services need to be disabled prior
to running the cloud installation script. This is archived by running
the zypper |
As outlined in Section 2.1, “Network”, one way to access the admin network from a defined external network is via a Bastion network and a second network card (as opposed to providing an external gateway).
To set up the Bastion network, you need to have a static IP address for
the Administration Server from the external network. You need to adjust the network
template file
/opt/dell/chef/data_bags/crowbar/bc-template-network.json
. The
example configuration used below assumes that the external network from
which to access the admin network has the following addresses. You need
to adjust them according to your needs.
Subnet: 10.10.1.0
|
Netmask: 255.255.0.0
|
Broadcast: 10.10.1.255
|
Gateway: 10.10.1.1
|
Static Administration Server address: 10.10.1.125
|
Adjust
/opt/dell/chef/data_bags/crowbar/bc-template-network.json
according to the following patch (it only directly matches if you have not
changed the default network configuration). Once the bastion network
configuration has been added to
bc-template-network.json
, it can be adjusted using
the YaST Crowbar module.
--- /opt/dell/chef/data_bags/crowbar/bc-template-network.json +++ /opt/dell/chef/data_bags/crowbar/bc-template-network.json @@ -86,6 +86,11 @@ "1g1" ] }, + "bastion1" : { + "if_list" : [ + "1g2" + ] + }, "intf1" : { "if_list" : [ "1g1" @@ -209,6 +214,23 @@ "subnet" : "192.168.122.128", "use_vlan" : true }, + "bastion" : { + "add_bridge" : false, + "vlan" : 50, + "router" : "10.10.1.1", + "ranges" : { + "admin" : { + "start" : "10.10.1.125", + "end" : "10.10.1.125" + } + }, + "broadcast" : "10.10.1.255", + "netmask" : "255.255.255.0", + "use_vlan" : false, + "conduit" : "bastion1", + "subnet" : "10.10.1.0", + "router_pref" : 5 + }, "public" : { "add_bridge" : false, "vlan" : 300,
Before running the cloud installation script to finish the configuration of the Administration Server make sure to double-check the following items.
Final Check Points
Make sure the network configuration is correct. Run Section 3.1.9, “Crowbar Setup” for further instructions.
+ to review/change the config. See
Make sure hostname -f
returns a full
qualified hostname. See Section 3.1.7, “Basic Network Configuration” for further instructions.
Make sure all update and product repositories are available locally. See Section 3.2.2, “Setting Up Local Repositories” for further instructions.
Make sure the operating system and SUSE Cloud are up-to-date and have the latest patches installed. Run zypper patch to install them.
Now everything is in place to finally configure the Administration Server. This is
done by running the script
/opt/dell/bin/install-chef-suse.sh
. This command
will install and configure Chef, and use it to complete the
installation of Crowbar and all required Barclamps. It will take several
minutes to complete.
screen /opt/dell/bin/install-chef-suse.sh
![]() | Use a Terminal Multiplexer to run the Cloud Installation Script |
---|---|
Run the installation script During the run of this script the network will be reconfigured. This may result in interrupting the script when being run from a network connection (like SSH). Using screen will continue running the script in a session to which you can reconnect via screen -r if you lose the connection. |
install-chef-suse.sh will produce a lot of output that
gets written to a log file located at
/var/log/chef/install.log
. Check this log file in
case something goes wrong. You can run
install-chef-suse.sh multiple times as long as you
have not started to deploy the OpenStack services.
If the script has successfully finished, you will see a message telling you how to log in to the Crowbar Web interface.
![]() | No Network Changes After Having Run the Cloud Installation Script |
---|---|
Once you have run the cloud installation script, you cannot change the network setup anymore. If doing so, you would have to completely set up the Administration Server again. |
In case you have configured a Bastion Network, you need to activate its network interface by running the following commands:
/opt/dell/bin/crowbar network -U crowbar -P crowbar allocate_ip \ default $(hostname -f) bastion admin chef-client
This command needs to be executed directly on the admin server, so you either need direct access to the machine or a serial console.
Prior to running the cloud installation script, all required update repositories have been made available locally and all remote repositories and services have been disabled (see Section 3.2.2.3, “Software Repository Sources”). In case you still need remote repositories that have been disabled (e.g. SLE11-SMT-SP2-Pool and SLE11-SMT-SP2-Updates if you have installed SMT), you may re-enable them now using YaST or zypper.