Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Mark Baker
on 15 August 2016


Follow the instructions in this article to spend around an hour over your lunch time to get an entire Ubuntu OpenStack cloud up and running in containers on a single machine. The resulting cloud will launch container based workloads.

News about containers with OpenStack is everywhere right now. Be it OpenStack running on containers, running containers in OpenStack, orchestrating containers across multiple clouds including OpenStack or setting up networking for containers within OpenStack, there is much a buzz. Some of it many OpenStack distributions have been making extensive use of containers to run OpenStack services for well over 12 months. Canonical is no exception and was one of the first distributions to deploy OpenStack services in containers. It is now really easy to setup a real (i.e not DevStack) cloud on a single machine that is 100% container based.

Pre-requisites

Desktop, laptop, server or VM with 16B RAM and 50Gb disk space available, running Ubuntu 16.04

Note we recommend using the Ubuntu Desktop edition for testing as it will allow you to access Horizon from a browser without the need to setup external networking or dealing with ssh tunnels and port forwarding.

Instructions

First, make sure 16.04 is up to date:

$ sudo apt update
$ sudo apt upgrade

This should bring everything up to date.

Now install zfs and lxd:

$ sudo apt install zfs lxd

and reboot

$ sudo reboot

Next, setup lxd to use zfs:

$ sudo lxd init

This will ask a number of questions, recommended answers are in bold:

Name of the storage backend to use (dir or zfs): zfs
Create a new ZFS pool (yes/no)? yes
Name of the new ZFS pool: OpenStack
Would you like to use an existing block device (yes/no)? no
Size in GB of the new loop device (1GB minimum): 50
Would you like LXD to be available over the network (yes/no)? no
Do you want to configure the LXD bridge (yes/no)? yes

This will launch a ncurses interface to setup LXD networking

Hit return to accept the defaults until you see

Given we just want to this up on our own, internal environment we can skip IPV6 for now so select No and then hit return. This will drop you back out to the bash prompt.

Now we need to get lxd running and the network bridge loaded:

$ lxc finger
$ lxc list

This will give some output along the lines of:

Generating a client certificate. This may take a minute...
If this is your first time using LXD, you should also run: sudo lxd init
To start your first container, try: lxc launch ubuntu:16.04

+------+-------+------+------+------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------+-------+------+------+------+-----------+

Next, add a repository to grab the latest conjure-up packages:

$ sudo apt-add-repository ppa:conjure-up/next

Likewise for Juju:

$ sudo apt-add-repository ppa:juju/devel

Update our repos once more:

$ sudo apt update

Install the conjure-up package:

$ sudo apt install conjure-up

This will install quite a few things including juju and may take a few minutes, when it finishes you can get going installing OpenStack with:

$ conjure-up openstack

This will launch ncurses interface to setup OpenStack


Select localhost as the target as we want to set it all up locally and then select ‘OpenStack with Nova-LXD’

As the install requires Ceph you will now be asked a question about the number of Ceph Units you want to run.

Select the option [ Deploy all 14 Remaining Applications with Bundle Defaults ]

On the final screen hit ‘Continue’ and you should be installing. Depending on your hardware this could take anywhere between 30 and 60 mins. Now is a great time to eat your lunch whilst watching the progress.

Once the services are deployed, you will be asked a number of questions:

  • Import glance images – yes
  • Import SSH keypairs – recommended if you have an ssh key.
  • Configure OpenStack networking – required if you wish to be able to access the running guest instances from the outside world.
  • Configure Horizon – yes

Do not hit “View Summary” just yet – you need to wait until each of the hour glasses next to the questions turns green. Only once you have 5 green lights should you hit [View Summary] as below:

Once complete you will be presented with a url and username/password combination to login to Horzion. We need to ensure that Horizon is accessible form the outside world:


$ juju expose openstack-dashboard

Then

$ juju status openstack-dashboard

Make sure that the service is exposed and copy its ip address

launch a browser and give it a go using the ip http://<ip_address>/horizon

 

Default username = admin

Default password = openstack

If you want to see all the containers running on your machine run:

$ lxc list

this should give you output along the lines of:

Each line represents a container running an OpenStack service. If you want to access any of the containers to poke around you can run:

$ lxc exec <service name as given in the first column> bash

for example:

$ lxc exec juju-9cb02c-9 bash

In the next installment we’ll show you how to deploy workloads into your newly running cloud. In the mean time have fun!

Related posts


Canonical
5 September 2023

도커(Docker) 컨테이너 보안: 우분투 프로(Ubuntu Pro)로 FIPS 지원 컨테이너 이해하기

FIPS Security

오늘날 급변하는 디지털 환경에서 강력한 도커 컨테이너 보안 조치의 중요성은 아무리 강조해도 지나치지 않습니다. 컨테이너화된 계층도 규정 준수 표준의 적용을 받기 때문에 보안 문제 및 규정 준수 요구 사항이 발생합니다. 도커 컨테이너 보안 조치는 경량의 어플라이언스 유형 컨테이너(각 캡슐화 코드 및 해당 종속성)를 위협 및 취약성으로부터 보호하는 것을 수반합니다. 민감한 개인 데이터를 처리하는 데 의존하는 ...


Valentin Viennot
2 June 2023

Docker container security: demystifying FIPS-enabled containers with Ubuntu Pro

container Article

In today’s rapidly changing digital environment, the significance of robust Docker container security measures cannot be overstated. Even the containerised layer is subject to compliance standards, which raise security concerns and compliance requirements. ...


Felipe Vanni
20 November 2024

Join Canonical in London at Dell Technologies Forum

AI Storage

Canonical is excited to be partnering with Dell Technologies at the upcoming Dell Technologies Forum – London, taking place on 26th November. This prestigious event brings together industry leaders and technology enthusiasts to explore the latest advancements and solutions shaping the digital landscape. Register to Dell Technologies Forum ...