WIP
Before create container
- Update
/etc/subuidtoroot:100000:665536. - Update
/etc/subgidtoroot:100000:665536.
Before start container
Go Options -> Edit Features -> Check Nesting -> Check FUSE
Start LXC container
Start LXC container and add non-root user for below step.
Install required packages.
sudo apt update
sudo apt install apparmor apparmor-profiles apparmor-util
sudo apt install fuse squashfuse
sudo apt install snapd snap-confineAfter snapd installation, let’s try to install OpenStack: sudo snap install openstack --channel 2023.1 .
If you failed to run snap command, retry same command will be fix the problem.
unprivileged
-
Update content of
/etc/subuidand/etc/subgidfromroot:100000:65536toroot:100000:665536. -
Create unprivileged container
-
Go Options -> Edit Features -> Check Nesting -> Check FUSE
Append below to /etc/pve/lxc/[id].conf .
lxc.idmap = u 0 100000 665536
lxc.idmap = g 0 100000 665536
lxc.apparmor.profile: unconfined
lxc.mount.auto: proc:rw sys:rw cgroup:rw
lxc.cgroup.devices.allow: a
lxc.cap.drop:Start LXC container and add non-root user for below step.
Install packages.
sudo apt update
sudo apt install snapdDisable apparmor.
sudo systemctl disable apparmor.service
sudo systemctl disable snapd.apparmor.serviceInstall OpenStack
sudo snap install openstack --channel 2023.1If you failed to run above command, retry same command may fix the problem.
Run sunbeam prepare script.
sunbeam prepare-node-script | bash -x && newgrp snap_daemonSetup cluster
sunbeam cluster bootstrap --role control --role computeIf you stuck, check .ssh/authorized_keys permission. (If there are write permission other than owner, ssh requires your password and the command stuck.)
privileged
Ref: https://ubuntu.com/openstack/install
- Create privileged container
Append below to /etc/pve/lxc/[id].conf .
features: fuse=1,nesting=1
lxc.apparmor.profile: unconfined
lxc.mount.auto: proc:rw sys:rw cgroup:rw
lxc.cgroup.devices.allow: a
lxc.cap.drop:Ref: https://zenn.dev/honahuku/articles/setup-k8s-cluster-using-proxmox-containers Ref: https://github.com/canonical/microk8s/blob/master/tests/lxc/microk8s.profile
Start LXC container and add non-root user for below step.
Disable apparmor.
sudo aa-teardownInstall packages.
sudo apt update
sudo apt install snapdInstall OpenStack
sudo snap install openstack --channel 2023.1Run sunbeam prepare script.
sunbeam prepare-node-script | bash -x && newgrp snap_daemonSetup cluster
sunbeam cluster bootstrap --role control --role computeIf you stuck, check .ssh/authorized_keys permission. (If there are write permission other than owner, ssh requires your password and the command stuck.)
OpenStack official install guide
OpenStack official install guide
apt install software-properties-common
add-apt-repository cloud-archive:caracaSetup controller node
install NTP server
apt install chronyInstall SQL database
Refer: SQL install guide.
apt install mariadb-server python3-pymysql/etc/mysql/mariadb.conf.d/99-openstack.cnf
[mysqld]
bind-address = [your-ip-address]
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8systemctl restart mysql
mysql_secure_installationSetup message queue
apt install rabbitmq-server
rabbitmqctl add_user openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*"Setup Memcached
apt install memcached python3-memcache/etc/memcached.conf
-l [your-ip-address]systemctl restart memcachedSetup etcd
apt install etcdsystemctl restart etcdSetup OpenStack
Setup keystone
apt install keystone
keystone-manage db_sync keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone/etc/openstack-dashboard/local_settings.py
COMPRESS_OFFLINE = False
OPENSTACK_KEYSTONE_URL = "http://%s:5000/identity/v3" % OPENSTACK_HOST
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.PyMemcacheCache',
'LOCATION': '10.29.83.150:11211',
}
}