Single-node quickstart

This tutorial shows how to install OpenStack (based on project Sunbeam) in the simplest way possible. It will deploy an OpenStack 2023.1 (Antelope) cloud.

The cloud will only allow access to its VMs from the local host. To enable access from any host on your network, follow the Single-node guided tutorial instead.

Requirements

You will need a single machine whose requirements are:

• physical or virtual machine running Ubuntu 22.04 LTS
• a multi-core amd64 processor ideally with 4+ cores
• a minimum of 16 GiB of free memory
• 50 GiB of SSD storage available on the root disk

Deploy the cloud

Install the openstack snap

Begin by installing the openstack snap:

sudo snap install openstack --channel 2024.1/edge

Prepare the machine

Sunbeam can generate a script to ensure that the machine has all of the required dependencies installed and is configured correctly for use in OpenStack - you can review this script using:

sunbeam prepare-node-script

or the script can be directly executed in this way:

sunbeam prepare-node-script | bash -x && newgrp snap_daemon

The script will ensure some software requirements are satisfied on the host. In particular, it will:

• install openssh-server if it is not found
• configure passwordless sudo for all commands for the current user (NOPASSWD:ALL)

Bootstrap the cloud

Deploy the OpenStack cloud using the cluster bootstrap command and accept software defaults:

sunbeam cluster bootstrap --accept-defaults

Configure the cloud and obtain credentials

Now configure the deployed cloud using the configure command:

sunbeam configure --accept-defaults --openrc demo-openrc

The --openrc option specifies a regular user (non-admin) cloud init file (demo-openrc here).

Launch a VM

Verify the cloud by launching a VM called ‘test’ based on the ‘ubuntu’ image (Ubuntu 22.04 LTS). The launch command is used:

sunbeam launch ubuntu --name test

Sample output:

Launching an OpenStack instance ...
Access instance with `ssh -i /home/ubuntu/.config/openstack/sunbeam ubuntu@10.20.20.200`

Connect to the VM over SSH using the provided command.

Related how-tos

Now that OpenStack is set up, be sure to check out the following how-to guides:

• Accessing the OpenStack dashboard
• Using the OpenStack CLI

This direction could be confusing especially for people new to OpenStack. The SSH command actually fails because it takes some time until the VM actually gets ready and the SSH service is ready to accept the connection on top of OpenStack.

$ ssh -i /home/ubuntu/snap/openstack/223/sunbeam ubuntu@10.20.20.53                                                                                                          
(no response)
^C


$ ssh -v -i /home/ubuntu/snap/openstack/223/sunbeam ubuntu@10.20.20.53
OpenSSH_8.9p1 Ubuntu-3ubuntu0.1, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 10.20.20.53 [10.20.20.53] port 22.
debug1: connect to address 10.20.20.53 port 22: Connection refused
ssh: connect to host 10.20.20.53 port 22: Connection refused

Thank you Nobuto. I added a sentence.

@pmatulis I think this tutorial needs a warning so that in this mode, OpenStack gets deployed without working Cinder, so even though it shows up in the GUI, it’s not usable. I’d make an explicit warning that instances should be launched in a “Create New Volume = No” mode with a link to the multi-node mode setup for those looking for block storage support.

The fix for this will soon be backported to 2023.1/stable.

I think this tutorial could benefit from including VM launch steps with multipass.

When using multipass launch --name microstack --cpus 4 --memory 16G --disk 50G, the installation would complain about lack of memory, 17G works fine.

Also, when running sunbeam cluster bootstrap --accept-defaults, the default fqdn is the name of the multipass instance, in this case microstack. This isn’t valid and hence it errors: Error: Host FQDN and Hypervisor hostname perceived by libvirt are different, check hostname -fand/etc/hosts file.

This can be mitigated by renaming the host name in /etc/hosts file to something like microstack.local.

@charlie4284 thanks for the feedback.

Even though I agree that having multipass in between is useful for trying MicroStack and this is why it’s referenced at the home page of microstack.run, I’m not sure this is something we should recommend in the official product documentation that is intended to serve people looking for using MicroStack in real production environments.

On the other hands, I can’t imagine anyone using the quickstart guide for the production installation, so we could potentially include it there with a note that the whole quickstart guide is not intended to serve real production use cases.

Thoughs @billy-olsen, @jamespage, @pmatulis ?

@tkurek thanks for the reply!

I see - the reason I’ve given this feedback was because somewhere in the older versions of the tutorial, I can’t quite seem to find the reference to it anymore , I remembered seeing multipass being as a part of the tutorial (from my vague memory, it included multipass launch ... command lines).

Also, if the tutorial won’t start from the initializing a testing VM step, I think it might be beneficial to add that this tutorial will make changes to the environment and hence running it in a separate environment is recommended. What do you think?

To be specific about my use-case, I’m using it to test github-runner-operator charm w/ OpenStack, which requires additional setup w/ firewalls & routing. Hence, it is likely that I would write an internal post on how to setup Microstack using Multipass but just wanted to know if the source documentation would be updated as to not have duplicate information .

A tutorial, by definition, should have one way of doing things so my stance is that Multipass should not be included. It sounds like your proposal would fit better into a tutorial on this present Discourse instance but in this category (and tag) instead:

https://discourse.ubuntu.com/tags/c/tutorials/34/openstack

Thank you for the information about the “Error: Host FQDN and Hypervisor hostname perceived by libvirt are different”. You saved me many hours of work.

Hello. Can you be more precise by what changes you are referring to?

There’s an issue raised against multipass for this and the dns resolution. There are discrepancies with what the hostname -f output and how the libvirt code resolves hostnames within the openstack-hypervisor snap.

There’s a few things we should probably do to fix this including:

1. Update the docs to indicate that on a multipass instance the full hostname should be added to the /etc/hosts file.
2. Potentially update the prepare node script to detect when running in a multipass instance and make the modifications clearer.
3. Update the error message to be more helpful by indicating what the values are and providing a bit more detail on how to rectify this.

Hello,
I’ve installed a single-node microstack 2023.2/stable with all 3 roles on same server (18gb RAM VM and SSD disk). The issue is that I still see (when I run juju stats -m openstack) that the app ‘cinder-ceph’ is installing agent:

mstack@microstack1:~$ juju status
Model      Controller          Cloud/Region                Version  SLA          Timestamp
openstack  sunbeam-controller  sunbeam-microk8s/localhost  3.2.4    unsupported  10:16:26Z

App                       Version                  Status   Scale  Charm                     Channel        Rev  Address         Exposed  Message
certificate-authority                              active       1  self-signed-certificates  latest/beta    109  10.152.183.171  no
cinder                                             active       1  cinder-k8s                2023.2/stable   52  10.152.183.200  no
cinder-ceph                                        waiting      1  cinder-ceph-k8s           2023.2/stable   45  10.152.183.105  no       installing agent
cinder-ceph-mysql-router  8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.80   no
( .... )

and the cinder-ceph/0 workload is in ‘blocked’ status:

Unit                         Workload  Agent  Address       Ports  Message
certificate-authority/0*     active    idle   10.1.169.205
cinder-ceph-mysql-router/0*  active    idle   10.1.169.226
cinder-ceph/0*               blocked   idle   10.1.169.203         (ceph) integration missing
cinder-mysql-router/0*       active    idle   10.1.169.230
( ... )

I have 3 osds for Ceph that actually have been taken by ceph during the installation:

Disks configured in MicroCeph:
+-----+-------------+-------------------------------------------------------------+
| OSD |  LOCATION   |                            PATH                             |
+-----+-------------+-------------------------------------------------------------+
| 1   | microstack1 | /dev/disk/by-id/scsi-SATA_VBOX_HARDDISK_VBb4f868a7-6c5a6100 |
+-----+-------------+-------------------------------------------------------------+
| 2   | microstack1 | /dev/disk/by-id/scsi-SATA_VBOX_HARDDISK_VB5e5214ee-7f3af10f |
+-----+-------------+-------------------------------------------------------------+
| 3   | microstack1 | /dev/disk/by-id/scsi-SATA_VBOX_HARDDISK_VBb59f9baa-3592ee5b |
+-----+-------------+-------------------------------------------------------------+

I’m not sure what else I’m missing to finalize the cinder-ceph installation. Everything else (apps and units) are in status active (green).
Btw, I installed microstack by running
sunbeam generate-preseed > openstack-preseed.yaml
then editing the last part and adding the disks meant for ceph storage:

microceph_config:
  microstack1:
    # Disks to attach to MicroCeph
    osd_devices:
      - /dev/sdc
      - /dev/sdd
      - /dev/sde

and then I ran:
sunbeam cluster bootstrap --role control --role compute --role storage -p openstack-preseed.yaml
which completed without errors. Still, app cinder-ceph is waiting for something, and I don’t really understand what it’s waiting for.
Any hints or ideas on what is still missing for cinder-ceph to complete its agent install? What ‘integration missing’ is it referring to?
Thanks a lot

Can you pastebin the output to

juju status -m openstack --relations

Model      Controller          Cloud/Region                Version  SLA          Timestamp
openstack  sunbeam-controller  sunbeam-microk8s/localhost  3.2.4    unsupported  10:12:09Z

App                       Version                  Status   Scale  Charm                     Channel        Rev  Address         Exposed  Message
certificate-authority                              active       1  self-signed-certificates  latest/beta    109  10.152.183.171  no
cinder                                             active       1  cinder-k8s                2023.2/stable   52  10.152.183.200  no
cinder-ceph                                        waiting      1  cinder-ceph-k8s           2023.2/stable   45  10.152.183.105  no       installing agent
cinder-ceph-mysql-router  8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.80   no
cinder-mysql-router       8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.208  no
glance                                             active       1  glance-k8s                2023.2/stable   66  10.152.183.81   no
glance-mysql-router       8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.121  no
horizon                                            active       1  horizon-k8s               2023.2/stable   62  10.152.183.124  no       http://10.20.21.12/openstack-horizon
horizon-mysql-router      8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.64   no
keystone                                           active       1  keystone-k8s              2023.2/stable  148  10.152.183.139  no
keystone-mysql-router     8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.129  no
mysql                     8.0.35-0ubuntu0.22.04.1  active       1  mysql-k8s                 8.0/stable     127  10.152.183.32   no
neutron                                            active       1  neutron-k8s               2023.2/stable   58  10.152.183.144  no
neutron-mysql-router      8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.47   no
nova                                               active       1  nova-k8s                  2023.2/stable   55  10.152.183.152  no
nova-api-mysql-router     8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.63   no
nova-cell-mysql-router    8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.103  no
nova-mysql-router         8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.27   no
ovn-central                                        active       1  ovn-central-k8s           23.09/stable    62  10.152.183.100  no
ovn-relay                                          active       1  ovn-relay-k8s             23.09/stable    50  10.20.21.10     no
placement                                          active       1  placement-k8s             2023.2/stable   47  10.152.183.174  no
placement-mysql-router    8.0.35-0ubuntu0.22.04.1  active       1  mysql-router-k8s          8.0/stable      96  10.152.183.252  no
rabbitmq                  3.12.1                   active       1  rabbitmq-k8s              3.12/stable     33  10.20.21.13     no
traefik                   2.10.4                   active       1  traefik-k8s               1.0/candidate  164  10.20.21.11     no
traefik-public            2.10.4                   active       1  traefik-k8s               1.0/candidate  164  10.20.21.12     no

Unit                         Workload  Agent  Address       Ports  Message
certificate-authority/0*     active    idle   10.1.169.218
cinder-ceph-mysql-router/0*  active    idle   10.1.169.239
cinder-ceph/0*               blocked   idle   10.1.169.236         (ceph) integration missing
cinder-mysql-router/0*       active    idle   10.1.169.209
cinder/0*                    active    idle   10.1.169.205
glance-mysql-router/0*       active    idle   10.1.169.198
glance/0*                    active    idle   10.1.169.193
horizon-mysql-router/0*      active    idle   10.1.169.221
horizon/0*                   active    idle   10.1.169.229
keystone-mysql-router/0*     active    idle   10.1.169.214
keystone/0*                  active    idle   10.1.169.251
mysql/0*                     active    idle   10.1.169.201         Primary
neutron-mysql-router/0*      active    idle   10.1.169.204
neutron/0*                   active    idle   10.1.169.210
nova-api-mysql-router/0*     active    idle   10.1.169.202
nova-cell-mysql-router/0*    active    idle   10.1.169.197
nova-mysql-router/0*         active    idle   10.1.169.199
nova/0*                      active    idle   10.1.169.225
ovn-central/0*               active    idle   10.1.169.253
ovn-relay/0*                 active    idle   10.1.169.226
placement-mysql-router/0*    active    idle   10.1.169.207
placement/0*                 active    idle   10.1.169.232
rabbitmq/0*                  active    idle   10.1.169.208
traefik-public/0*            active    idle   10.1.169.195
traefik/0*                   active    idle   10.1.169.203

Offer                  Application            Charm                     Rev  Connected  Endpoint              Interface             Role
certificate-authority  certificate-authority  self-signed-certificates  109  1/1        certificates          tls-certificates      provider
cinder-ceph            cinder-ceph            cinder-ceph-k8s           45   1/1        ceph-access           cinder-ceph-key       provider
keystone               keystone               keystone-k8s              148  1/1        identity-credentials  keystone-credentials  provider
ovn-relay              ovn-relay              ovn-relay-k8s             50   1/1        ovsdb-cms-relay       ovsdb-cms             provider
rabbitmq               rabbitmq               rabbitmq-k8s              33   1/1        amqp                  rabbitmq              provider

Integration provider                         Requirer                                     Interface             Type     Message
certificate-authority:certificates           neutron:certificates                         tls-certificates      regular
certificate-authority:certificates           ovn-central:certificates                     tls-certificates      regular
certificate-authority:certificates           ovn-relay:certificates                       tls-certificates      regular
cinder-ceph-mysql-router:database            cinder-ceph:database                         mysql_client          regular
cinder-ceph-mysql-router:mysql-router-peers  cinder-ceph-mysql-router:mysql-router-peers  mysql_router_peers    peer
cinder-ceph-mysql-router:upgrade-version-a   cinder-ceph-mysql-router:upgrade-version-a   upgrade               peer
cinder-ceph:peers                            cinder-ceph:peers                            cinder-peer           peer
cinder-ceph:storage-backend                  cinder:storage-backend                       cinder-backend        regular
cinder-mysql-router:database                 cinder:database                              mysql_client          regular
cinder-mysql-router:mysql-router-peers       cinder-mysql-router:mysql-router-peers       mysql_router_peers    peer
cinder-mysql-router:upgrade-version-a        cinder-mysql-router:upgrade-version-a        upgrade               peer
cinder:peers                                 cinder:peers                                 cinder-peer           peer
glance-mysql-router:database                 glance:database                              mysql_client          regular
glance-mysql-router:mysql-router-peers       glance-mysql-router:mysql-router-peers       mysql_router_peers    peer
glance-mysql-router:upgrade-version-a        glance-mysql-router:upgrade-version-a        upgrade               peer
glance:peers                                 glance:peers                                 glance-peer           peer
horizon-mysql-router:database                horizon:database                             mysql_client          regular
horizon-mysql-router:mysql-router-peers      horizon-mysql-router:mysql-router-peers      mysql_router_peers    peer
horizon-mysql-router:upgrade-version-a       horizon-mysql-router:upgrade-version-a       upgrade               peer
horizon:peers                                horizon:peers                                horizon-peer          peer
keystone-mysql-router:database               keystone:database                            mysql_client          regular
keystone-mysql-router:mysql-router-peers     keystone-mysql-router:mysql-router-peers     mysql_router_peers    peer
keystone-mysql-router:upgrade-version-a      keystone-mysql-router:upgrade-version-a      upgrade               peer
keystone:identity-credentials                horizon:identity-credentials                 keystone-credentials  regular
keystone:identity-service                    cinder:identity-service                      keystone              regular
keystone:identity-service                    glance:identity-service                      keystone              regular
keystone:identity-service                    neutron:identity-service                     keystone              regular
keystone:identity-service                    nova:identity-service                        keystone              regular
keystone:identity-service                    placement:identity-service                   keystone              regular
keystone:peers                               keystone:peers                               keystone-peer         peer
mysql:database                               cinder-ceph-mysql-router:backend-database    mysql_client          regular
mysql:database                               cinder-mysql-router:backend-database         mysql_client          regular
mysql:database                               glance-mysql-router:backend-database         mysql_client          regular
mysql:database                               horizon-mysql-router:backend-database        mysql_client          regular
mysql:database                               keystone-mysql-router:backend-database       mysql_client          regular
mysql:database                               neutron-mysql-router:backend-database        mysql_client          regular
mysql:database                               nova-api-mysql-router:backend-database       mysql_client          regular
mysql:database                               nova-cell-mysql-router:backend-database      mysql_client          regular
mysql:database                               nova-mysql-router:backend-database           mysql_client          regular
mysql:database                               placement-mysql-router:backend-database      mysql_client          regular
mysql:database-peers                         mysql:database-peers                         mysql_peers           peer
mysql:restart                                mysql:restart                                rolling_op            peer
mysql:upgrade                                mysql:upgrade                                upgrade               peer
neutron-mysql-router:database                neutron:database                             mysql_client          regular
neutron-mysql-router:mysql-router-peers      neutron-mysql-router:mysql-router-peers      mysql_router_peers    peer
neutron-mysql-router:upgrade-version-a       neutron-mysql-router:upgrade-version-a       upgrade               peer
neutron:peers                                neutron:peers                                neutron-peer          peer
nova-api-mysql-router:database               nova:api-database                            mysql_client          regular
nova-api-mysql-router:mysql-router-peers     nova-api-mysql-router:mysql-router-peers     mysql_router_peers    peer
nova-api-mysql-router:upgrade-version-a      nova-api-mysql-router:upgrade-version-a      upgrade               peer
nova-cell-mysql-router:database              nova:cell-database                           mysql_client          regular
nova-cell-mysql-router:mysql-router-peers    nova-cell-mysql-router:mysql-router-peers    mysql_router_peers    peer
nova-cell-mysql-router:upgrade-version-a     nova-cell-mysql-router:upgrade-version-a     upgrade               peer
nova-mysql-router:database                   nova:database                                mysql_client          regular
nova-mysql-router:mysql-router-peers         nova-mysql-router:mysql-router-peers         mysql_router_peers    peer
nova-mysql-router:upgrade-version-a          nova-mysql-router:upgrade-version-a          upgrade               peer
nova:peers                                   nova:peers                                   nova-peer             peer
ovn-central:ovsdb-cms                        neutron:ovsdb-cms                            ovsdb-cms             regular
ovn-central:ovsdb-cms                        ovn-relay:ovsdb-cms                          ovsdb-cms             regular
ovn-central:peers                            ovn-central:peers                            ovn-central-peer      peer
ovn-relay:peers                              ovn-relay:peers                              ovn-relay-peer        peer
placement-mysql-router:database              placement:database                           mysql_client          regular
placement-mysql-router:mysql-router-peers    placement-mysql-router:mysql-router-peers    mysql_router_peers    peer
placement-mysql-router:upgrade-version-a     placement-mysql-router:upgrade-version-a     upgrade               peer
placement:peers                              placement:peers                              placement-peer        peer
placement:placement                          nova:placement                               placement             regular
rabbitmq:amqp                                cinder-ceph:amqp                             rabbitmq              regular
rabbitmq:amqp                                cinder:amqp                                  rabbitmq              regular
rabbitmq:amqp                                glance:amqp                                  rabbitmq              regular
rabbitmq:amqp                                keystone:amqp                                rabbitmq              regular
rabbitmq:amqp                                neutron:amqp                                 rabbitmq              regular
rabbitmq:amqp                                nova:amqp                                    rabbitmq              regular
rabbitmq:peers                               rabbitmq:peers                               rabbitmq-peer         peer
traefik-public:ingress                       cinder:ingress-public                        ingress               regular
traefik-public:ingress                       glance:ingress-public                        ingress               regular
traefik-public:ingress                       horizon:ingress-public                       ingress               regular
traefik-public:ingress                       keystone:ingress-public                      ingress               regular
traefik-public:ingress                       neutron:ingress-public                       ingress               regular
traefik-public:ingress                       nova:ingress-public                          ingress               regular
traefik-public:ingress                       placement:ingress-public                     ingress               regular
traefik-public:peers                         traefik-public:peers                         traefik_peers         peer
traefik:ingress                              cinder:ingress-internal                      ingress               regular
traefik:ingress                              glance:ingress-internal                      ingress               regular
traefik:ingress                              horizon:ingress-internal                     ingress               regular
traefik:ingress                              keystone:ingress-internal                    ingress               regular
traefik:ingress                              neutron:ingress-internal                     ingress               regular
traefik:ingress                              nova:ingress-internal                        ingress               regular
traefik:ingress                              placement:ingress-internal                   ingress               regular
traefik:peers                                traefik:peers                                traefik_peers         peer