Install RDO OpenStack Havana-2 on Fedora 19 and avoid the pitfalls

If you'd like to try out OpenStack Havana on Fedora 19, there's a few pitfalls that need to be avoided. Let me be your navigator and show you a way around them. But first, let me warn you of a few things:

• Below, I might sometimes expect you are familiar with Linux, Fedora and OpenStack.
• Havana is not yet finished, stable or even released. Havana-2 is only just a milestone and development will continue for two whole months so expect things to be broken. Please do report bugs upstream.
• RDO and the Packstack tool are not supported products, except for a community forum and mailing list. Red Hat offers a commercial offering called RHOS if you need professional support.

Fedora 19 Host Preparation

1. Install Fedora 19 on your host. Yes, it can be done in a VM (with or without nested virtualization) if you wish so. Without nested virtualization, guests will obviously run very slow when run within a VM, though.
   Personally, I do Minimal Installs but you're probably also fine if you go with an Infrastructure Server installation with the Virtualization Add-On. The setup routine will install the missing parts either way. Obviously if you want to save some space, starting with a Minimal Install will help to keep the total installation size smaller.
2. Make sure the latest updates are installed. yum -y update
3. Some parts might run into some trouble eventually, if your hostname is set to localhost. So if that's the case for you, change it to something different. You should be good by giving your loopback address another hostname but you can also add the name to your routable IP. sed 's/localhost/openstack/' -i /etc/hostname sed 's/^127.0.0.1.*$/& openstack openstack.localdomain/' -i /etc/hosts
4. Fedora 19 does have some SELinux issues around Havana-2, most particularly with Swift. Since you're only doing this for testing purposes you shall exceptionally be allowed to set SELinux into permissive mode. Never do this in production, you're seriously tampering with your system's security.
   Bugs: rhbz#995779 and rhbz#995780 sed 's/^\(SELINUX=\).*$/\1permissive/' -i /etc/selinux/config
5. The new firewall daemon is not (yet?) compatible with OpenStack so we better switch back to plain old iptables.
   Bugs: rhbz#981652 causing rhbz#981583 yum -y install iptables-services systemctl disable firewalld systemctl enable iptables
6. To make all of the above changes effective (including a possible kernel upgrade), go ahead and
   reboot

Install OpenStack Havana-2 from RDO

1. Activate the RDO Havana-2 yum repository. yum -y install http://repos.fedorapeople.org/repos/openstack/openstack-havana/fedora-19/rdo-release-havana-2.noarch.rpm
2. Install Packstack, a simple tool to install OpenStack on Fedora or RHEL and derivatives. Using Python scripting and some Puppet-foo, it can turn answers, command-line switches or an answer file into a fully installed and configured OpenStack setup to make your life easier. yum -y install openstack-packstack
3. Unfortunately, one dependency will be missing from the installation, so we better install it up front.
   Bug: rhbz#995751 yum -y install fprintd-pam
4. That's what you're here for. Now, we'll install a very simple OpenStack setup and it could hardly be any easier. You will be asked for your root password once, so Packstack can connect to the host over SSH and deploy a SSH key for future use. Packstack connects several times to all hosts it sets up in order to install and configure everything. In our case that's just a connection to localhost and SSH would not be required, but there's no separate routine for that use case. This will take a while as it will download and install a number of packages. Important: don't ever reboot after this step before you've performed the next one as well (I mention all the necessary reboots anyway).
   packstack --allinone --os-neutron-install=n Note, if your installation should fail and you want to try again, there should be an answer file in either the folder you executed the above command in or in /root. Now, in this case, you must issue the following command instead of the one above or things might go very wrong (since passwords for services, databases, etc. are randomly generated at each run but saved in the answer file). packstack --anwer-file packstack-answers-<date-time>.txt
5. Due to a recent regression in LVM in Fedora 19, physical volumes on a loopback device won't be available after a reboot anymore. Packstack set up such a file for Cinder so we better change the boot script to first look for physical volumes using the cache before activating logical volumes.
   Bug: rhbz#997897 sed 's/vgchange/pvscan --cache \&\& &/' -i /etc/rc.d/rc.local
6. Last but not least, Django, which is used by the Horizon web dashboard, introduced a security feature which is not set up properly yet so we've got to do that manually. We'll allow all hosts in this example but you could just insert your local hostname instead of the * in the command below.
   Bug: rhbz#988316 sed 's/^TEMPLATE_DEBUG.*$/&\n\nALLOWED_HOSTS = [\"*\"]/' -i /etc/openstack-dashboard/local_settings
7. Restart Apache for the last config change to take effect. systemctl restart httpd

That's it. If all went well (and it should, I tested it a couple of times and so did others) you now have a running OpenStack installation. Simply point your web browser at your installation and you should find a login page. The login details can be found in /root/keystonerc_admin (os_username and os_password). Sourcing that very file, you'll also be able to use the API tools.

Should you require community support or dive in deeper, RDO lives at http://openstack.redhat.com/