Installing OpenStack on Multi-node in CentOS 7, Red Hat or Fedora Linux

This guide will walk you through the steps to install openstack on three different nodes in CentOS 7. As we have already covered single node installation in Red Hat, CentOS and Fedora linux in my previous article you might be interested in reading.

Controller Node:

IP Address :
OS         :CentOS 7

Following OpenStack Components will installed on controller node :
  1. Keystone
  2. Glance
  3. swift
  4. Cinder
  5. Horizon
  6. Neutron
  7. Nova novncproxy
  8. Novnc
  9. Nova api
  10. Nova Scheduler
  11. Nova-conductor

Compute Node:

IP Address :
OS :CentOS 7

    Following OpenStack Components will installed on compute node :
    1. Nova Compute
    2. Neutron – Openvswitch Agent

    Network Node:

    IP Address :
    OS :CentOS 7
    DNS :

      Following OpenStack Components will installed on network node :
      1. Neutron Server
      2. Neturon DHCP agent
      3. Neutron- Openswitch agent
      4. Neutron L3 agent

      STEP1 - Updating All Three Nodes.

      Execute the following command on all three nodes to update all installed packages.
      # yum -y update ; reboot

      STEP2 - Updating  /etc/hosts File

      Set the hostname on all the three nodes by executing the following command, if it is not set.
      # hostnamectl set-hostname controller
      # hostnamectl set-hostname compute
      # hostnamectl set-hostname network
      Update the /etc/hosts file as shown below, if you don’t have your local DNS configured. controller    compute    network

      STEP3 - Disabling SELinux and Network Manager on All Three Nodes

      Execute the following command to disable SELinux on all three nodes one by one
      # setenforce 0
      Modify ‘SELINUX=disabled’ in the file ‘/etc/sysconfig/selinux‘ to disable it permanently
      Execute the following commands to disable Network Manager on all three nodes one by one
      # systemctl stop NetworkManager
      # systemctl disable NetworkManager
      # reboot

      STEP4 - Configuring Passwordless Authentication from Controller node to Compute and Network Node.

      Execute the Following commands from Controller node only.
      [root@controller ~]# ssh-keygen
      [root@controller ~]# ssh-copy-id -i /root/.ssh/ root@
      [root@controller ~]# ssh-copy-id -i /root/.ssh/ root@
      Lets verify passwordless settings by accessing compute and network node from controller node and it should not ask for password:
      [root@controller ~]# ssh compute 
      Last login: Sun Apr 3 00:03:44 2016 from
      [root@compute ~]# hostname
      [root@compute ~]#
      [root@controller ~]# ssh network
      Last login: Sun Apr 3 00:04:20 2016 from
      [root@network ~]# hostname
      [root@network ~]#

      STEP5 - Enable RDO Repository and installing packstack

      Execute the following command to enable RDO repository and install packstack on controller node only.
      [root@controller ~]# yum install -y
      [root@controller ~]# yum install -y openstack-packstack

      STEP6 - Generate and Customize Answer File

      Execute the following command to generate answer file.
      [root@controller ~]# packstack --gen-answer-file=/root/answer.txt
      [root@controller ~]#
      Edit the answer file and provide the ip address of controller, compute and network node. Also provide the passwords of different services and disable the components like Demo version and Ceilometer as shown below.
      [root@controller ~]# vi /root/answer.txt
      Note : If you don't have NTP server in your environment then you can leave NTP parameter as it is, but it is recommended practice to use ntp server for time synchronization and you understand its importance.

      STEP7 - Installing OpenStack

      Now start the openstack installation by executing the packstack command on Controller node.
      [root@controller ~]# packstack --answer-file=/root/answer.txt
      Once the installation is successfully completed, you'll get the following information

      During the installation, a new interface ‘br-ex‘ has been created in the network node. You can see it by executing the ifconfig -a command as shown below. 

      Now Add network interface (enp0s3 or eth0 or may be any other name on your node ) to the Open vSwitch ‘br-ex’ bridge as a port and assign the ip address of ‘ enp0s3’ to ‘ br-ex’ as shown below
      [root@network ~]# cd /etc/sysconfig/network-scripts/
      [root@network network-scripts]# cp ifcfg-enp0s3 ifcfg-br-ex
      [root@network network-scripts]# vi ifcfg-enp0s3
      [root@network network-scripts]# vi ifcfg-br-ex
      Restart the Network service by executing the following command.
      [root@network network-scripts]# systemctl restart network
      [root@network network-scripts]#
      Now verify your network settings on network node by executing the ifconfig command

      STEP8 - Accessing Openstack Web-interface Dashboard.

      Open up your favorite browser and access the following url and login with use ‘admin’ and password that you specified in the answer.txt file

      Yes.....your openstack has been successfully installed

      Note : In case you are getting ‘Error: Unable to retrieve volume limit information’ in the dashboard, this can be fixed by adding the following in the cinder.conf file on the controller node.
      [root@controller ~]# vi /etc/cinder/cinder.conf
      auth_uri = http://:5000
      auth_url = http://:35357
      auth_plugin = password
      project_domain_id = default 
      user_domain_id = default 
      project_name = services 
      username = cinder 
      password =  {Search CONFIG_CINDER_KS_PW in answer file}
      Restart the Cinder Service.
      [root@controller ~]# systemctl restart  openstack-cinder-api.service
      [root@controller ~]# systemctl restart  openstack-cinder-backup.service
      [root@controller ~]# systemctl restart  openstack-cinder-scheduler.service
      [root@controller ~]# systemctl restart  openstack-cinder-volume.service
      Since we are now able to login in the OpenStack dashboard, so it is safe to say that installation part is successfully completed. Now we need to launch an instance, and for that we will perform the following steps.
      • Create Project and Users
      • Assign Users to the Project.
      • Create image and flavors
      • Define Internal and external network
      • Create Router
      • Create Security Rules for Virtual Machine or instance.

      STEP9 - Create a Project and add a member to the Project

      Login to the dashboard using Admin credentials and navigate to Identity Tab > Projects and Click on Create Project.

      Click on “Create Project”
      To create Users , Go to Identify Tab > Users > Click on ‘Create User’
      Provide the information according to your environment.

      Create a flavor and image :

      To create a flavor login in dashboard using admin credentials , navigate to Admin Tab > Flavors > Click on create Flavor.

      Specify the Flavor Name (fedora.small) , VCPU , Root Disk , Ephemeral Disk & Swap disk.

      To Create Image , Go to Admin Tab > Images > Click on Create Image.
      Specify the Image Name , Description, Image Soure ( in my case i am using Image File as i have already downloaded the Fedora 23 Cloud Image ) , Format QCOW2

      Create Network and Router for Project Innovation.

      To create Network and router for Innovation project sign out of admin user and login with the new user you have created in dashboard.
      Go to the Network Tab > Click on Networks > then Click on Create Network
      Specify the Network Name as Internal

      Click on Next..
      Specify the Subnet name (sub-internal) and Network Address (

      Click on Next.

      VMs will be getting internal ip from DHCP Server because we enabled DHCP option for internal network.
      Now Create External Network . Click on “Create Network” again , Specify Network Name as “external

      Click on Next.
      Specify subnet Name as “sub-external” and Network Address as “

      Click on Next
      Uncheck  “Enable DHCP” option and Specify the ip address pool for external network.

      Click on Create.
      Now time to create a Router.
      Go To Network Tab > Routers > Click on ‘+ Create Router’

      Now Mark External network as “External” , this task can be completed only from admin user , so logout from the normal user and login as admin.
      Go to Admin Tab > Networks > Click on Edit Network for “External”

      Click on Save Changes
      Now Logout from admin user and login as normal user your have created earlier
      Go to Network Tab > Routers > for Router1 click on “Set Gateway”

      Click on “Set Gateway” , this will add a interface on router and will assign the first ip of external subnet (
      Add internal interface to router as well , Click on the “router1″ and select on “interfaces” and then click on “Add interface”

      Click on Add interface.
      Network Part is completed. Now we can view Network Topology from “Network Topology” Tab

      Now Create a key pair that will be used for accessing the VM and define the Security firewall rules.
      For creating a key pair
      Navigate to ‘Access & Security’  Tab > Click on Key Pairs > then click on ‘Create Key Pair

      It will create a Key pair with name “myssh-keys.pem
      Add a new Security Group with name ‘fedora-rules’ from Access & Security Tab. Allow 22 and ICMP from Internet ( ).

      Once the Security Group ‘fedora-rules’ created , click on Manage Rules and allow 22 & ICMP ping.

      Click on Add , Similarly add a rule for ICMP.

      STEP10 - Launching an instance.

      Navigate to Compute Tab > Click on Instances > then click on ‘Launch Instance’

      Specify the Instance Name , Flavor that we created in above steps and ‘Boot from image’ from Instance Boot Source option and Select Image Name ‘fedora-image’.
      Click on ‘Access & Security’ and Select the Security Group ‘fedora-rules’ & Key Pair ”myssh-keys

      Now Select Networking and add ‘Internal’ Network and the Click on Launch 

      Once the VM is launched , Associate a floating ip so that we can access the VM.

      Click on ‘Associate Floating IP

      Click on Allocate IP.

      Click on Associate

      Now try to access the VM with floating IP ( using keys.

      As you can see above that we are able to access the VM using keys. Our task of launching a VM from Dashboard is Completed Now.
      I hope this guide was helpful to install openstack on multi-node in your environment.


      1. Hi there,

        Thanks for the post. During installation I found the following issue. Since you set "CONFIG_HORIZON_SSL=y" you need to generate following set of certs and keys:


        Keys and certs can be generated with following command:
        openssl req -x509 -sha256 -newkey rsa:2048 -keyout /etc/pki/tls/private/selfkey.key -out /etc/pki/tls/certs/selfcert.crt -days 365 -nodes

      2. i will use docker but it impossible. the driver failed

      3. how to enable docker in this enviroment?

      4. how to enable docker on this enviroment?

      5. Fantastic tutorial. Doubt, were the nodes installed on a hardware direct or were they installed on virtual machines?

        1. Virtual environment for lab testing...

      6. I followed the steps...but instance is not rechable over external network.

      7. Thanks for sharing, good article.


      Powered by Blogger.