Prompt
======
I'd like to install a new openstack cluster solely using apt packages on Ubuntu 22.4.

Use default webserver, loading the Horizon management dashboard at https://rec1.re-cloud.io. 
Give a configuration for the webserver.

In the cluster, the public facing gateway node is 88.99.145.186, which also functions as a router 
between the Internet and the cluster.
In addition add a second machine/node at 148.251.195.98.

I'd like to spin off a number of virtual machines in the 192.168.100.0/24 subnet.
I shall then want to create storage volumes using Horizon UI, and attach them to the VMs.

To install a new OpenStack cluster using APT packages on Ubuntu 22.04 and configure it to serve Horizon at https://rec1.re-cloud.io, here's a step-by-step guide that includes setting up the gateway node, adding a second node, and preparing the cluster to manage virtual machines and storage through Horizon.

Overview of the Steps:

1. Set Up the Gateway Node (88.99.145.186):

   • Install OpenStack services, configure the gateway, and set up networking.
   • Install Horizon on the gateway node and configure it to serve on https://rec1.re-cloud.io.

2. Add the Second Compute Node (148.251.195.98):

   • Install and configure the necessary OpenStack components (Nova compute, Neutron agent, etc.) on the second node.

3. Set Up Networking:

   • Configure the external (public) network and the internal (private) network (192.168.100.0/24).

4. Spin Up Virtual Machines and Manage Storage with Horizon:

   • Use Horizon UI to create VMs, networks, and volumes.

Step 1: Install OpenStack on the Gateway Node (88.99.145.186)

1.1. Add OpenStack Repository

First, add the OpenStack repository and update the package lists:

sudo add-apt-repository cloud-archive:antelope
sudo apt update && sudo apt upgrade -y

1.2. Install OpenStack Packages on the Gateway

Next, install the basic OpenStack services on the gateway node, which will act as the controller and networking node:

sudo apt install keystone glance nova-api nova-conductor nova-scheduler nova-placement-api neutron-server neutron-dhcp-agent neutron-l3-agent neutron-metadata-agent neutron-linuxbridge-agent horizon cinder-api cinder-scheduler

1.3. Configure Keystone (Identity Service)

Configure the keystone service for identity management:

1. Edit /etc/keystone/keystone.conf:

   sudo nano /etc/keystone/keystone.conf
   

   Ensure the [database] and [token] sections are set correctly.

2. Initialize the Keystone Database:

   sudo keystone-manage db_sync
   

3. Bootstrap Keystone:

   sudo keystone-manage bootstrap --bootstrap-password ADMIN_PASSWORD \
       --bootstrap-admin-url http://88.99.145.186:5000/v3/ \
       --bootstrap-internal-url http://88.99.145.186:5000/v3/ \
       --bootstrap-public-url http://88.99.145.186:5000/v3/ \
       --bootstrap-region-id RegionOne
   

4. Configure the Apache web server:

   sudo systemctl restart apache2
   

5. Create OpenStack RC File (admin-openrc.sh):

   export OS_PROJECT_DOMAIN_NAME=Default
   export OS_USER_DOMAIN_NAME=Default
   export OS_PROJECT_NAME=admin
   export OS_USERNAME=admin
   export OS_PASSWORD=ADMIN_PASSWORD
   export OS_AUTH_URL=http://88.99.145.186:5000/v3
   export OS_IDENTITY_API_VERSION=3
   export OS_IMAGE_API_VERSION=2
   

1.4. Configure Glance (Image Service)

1. Edit /etc/glance/glance-api.conf to configure the database and Keystone authentication.
2. Sync Glance database:

   sudo glance-manage db_sync
   

1.5. Configure Nova (Compute Service)

Configure the nova.conf to interact with Keystone and set up the database.

1. Edit /etc/nova/nova.conf:

   • Configure database, RabbitMQ, and Keystone settings.
   • Configure networking settings.

2. Sync Nova databases:

   sudo nova-manage api_db sync
   sudo nova-manage cell_v2 map_cell0
   sudo nova-manage cell_v2 create_cell --name cell1
   sudo nova-manage db sync
   

1.6. Configure Neutron (Networking)

1. Edit /etc/neutron/neutron.conf:

   • Set up database, RabbitMQ, and Keystone authentication.

2. Configure the Linux bridge agent:

   • Edit /etc/neutron/plugins/ml2/linuxbridge_agent.ini to use VXLAN tunneling.
   • Configure security groups, L3 agent, and DHCP agent.

3. Sync Neutron database:

   sudo neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
   

1.7. Set Up Cinder (Block Storage)

1. Edit /etc/cinder/cinder.conf to configure database, RabbitMQ, and Keystone.
2. Sync the database:

   sudo cinder-manage db sync
   

Step 2: Install and Configure the Second Compute Node (148.251.195.98)

2.1. Install Nova Compute and Neutron Linux Bridge

On the second compute node, install the necessary services:

sudo apt install nova-compute neutron-linuxbridge-agent

2.2. Configure Nova on the Compute Node

1. Edit /etc/nova/nova.conf:

   • Set the correct database and Keystone settings.
   • Configure the networking and RabbitMQ settings to point to the gateway node.

2. Restart Nova services:

   sudo systemctl restart nova-compute
   

2.3. Configure Neutron on the Compute Node

1. Edit /etc/neutron/neutron.conf:

   • Set up database, Keystone, and RabbitMQ information.

2. Edit /etc/neutron/plugins/ml2/linuxbridge_agent.ini to configure VXLAN and bridge mappings.

3. Restart Neutron services:

   sudo systemctl restart neutron-linuxbridge-agent
   

Step 3: Configure Networking

3.1. Set Up the External Network

Create an external network (public network) on the gateway node:

openstack network create --share --external --provider-network-type flat --provider-physical-network public public-network

Create a subnet for the external network:

openstack subnet create --network public-network --allocation-pool start=88.99.145.190,end=88.99.145.200 --dns-nameserver 8.8.8.8 --gateway 88.99.145.186 --subnet-range 88.99.145.0/24 public-subnet

3.2. Set Up the Private Network (192.168.100.0/24)

Create the internal network:

openstack network create private-network

Create a subnet for the private network:

openstack subnet create --network private-network --subnet-range 192.168.100.0/24 --dns-nameserver 8.8.8.8 private-subnet

3.3. Set Up a Router

Create a router to route between the private and public networks:

openstack router create my-router
openstack router set --external-gateway public-network my-router
openstack router add subnet my-router private-subnet

Step 4: Set Up Horizon and Web Server (nginx)

4.1. Install Nginx and Certbot for SSL

1. Install nginx:

   sudo apt install nginx
   

2. Install Certbot for SSL:

   sudo apt install certbot python3-certbot-nginx
   

3. Configure Nginx for Horizon: Edit /etc/nginx/sites-available/openstack-horizon:

   server {
       listen 80;
       server_name rec1.re-cloud.io;
       return 301 https://$server_name$request_uri;
   }
   
   server {
       listen 443 ssl;
       server_name rec1.re-cloud.io;
   
       ssl_certificate /etc/letsencrypt/live/rec1.re-cloud.io/fullchain.pem;
       ssl_certificate_key /etc/letsencrypt/live/rec1.re-cloud.io/privkey.pem;
   
       location / {
           include uwsgi_params;
           uwsgi_pass unix:/run/uwsgi/app/horizon/socket;
       }
   
       location /static {
           alias /var/lib/openstack-dashboard/static;
       }
   }
   

4. Enable SSL with Certbot:

   sudo certbot --nginx -d rec1.re-cloud.io
   

5. Restart nginx:

   sudo systemctl restart nginx
   

Step 5: Spin Up VMs and Manage Storage in Horizon

Now, you can access Horizon at https://rec1.re-cloud.io, log in using the admin credentials, and:

1. Create Virtual Machines: Navigate to Project > Compute > Instances to launch new VMs.
2. Attach Storage: Use Project > Volumes > Volumes to create and attach storage to VMs.

You should now have a working OpenStack cluster with a public gateway and second compute node, accessible via the Horizon web UI. Let me know if you need further

assistance!