FedoraRHEL Based

How To Install OpenStack on Fedora 42

r00t

Install OpenStack on Fedora 42

OpenStack represents one of the most powerful open-source cloud computing platforms available today, providing organizations with the infrastructure needed to build and manage private clouds efficiently. This comprehensive guide walks you through the complete process of installing OpenStack on Fedora 42, covering everything from initial system preparation to post-installation optimization.

Fedora 42 offers an excellent foundation for OpenStack deployment due to its cutting-edge technology stack, robust kernel features, and seamless integration with the Red Hat ecosystem. Whether you’re a system administrator looking to implement private cloud infrastructure or a cloud engineer exploring OpenStack’s capabilities, this tutorial provides detailed, step-by-step instructions for successful deployment.

The installation process covers both PackStack and DevStack methods, allowing you to choose the approach that best fits your specific requirements and use case scenarios. By the end of this guide, you’ll have a fully functional OpenStack environment ready for development, testing, or production workloads.

Prerequisites and System Requirements

Hardware Requirements

Setting up OpenStack on Fedora 42 demands adequate hardware resources to ensure optimal performance. Minimum RAM requirements start at 8GB, though 16GB or more is strongly recommended for production environments where multiple virtual machines will run simultaneously.

Your system must include a modern CPU with virtualization extensions enabled, specifically Intel VT-x or AMD-V support. These hardware virtualization features are essential for running virtual machines efficiently within your OpenStack cloud environment.

Storage requirements vary based on your intended use case, but allocate at least 50GB of available disk space for the base installation. Production deployments typically require several hundred gigabytes or more, depending on the number of instances and storage volumes you plan to create.

Network interface configuration plays a crucial role in OpenStack functionality. Ensure your system has at least one network interface with stable connectivity, though multiple interfaces provide better network segregation and performance isolation.

Software Prerequisites

Begin with a fresh Fedora 42 installation to avoid potential conflicts with existing software packages or configurations. Update your system completely before proceeding with OpenStack installation to ensure compatibility with the latest kernel versions and security patches.

Essential package dependencies include Python 3.x environment with pip package manager, development tools, and various system libraries required by OpenStack components. The installation process handles most dependencies automatically, but manual intervention may be necessary for specific configurations.

Repository access to both official Fedora repositories and specialized OpenStack repositories is mandatory. Verify your system can reach these repositories and download packages without network restrictions or proxy issues.

Database server requirements include MySQL or MariaDB installation with proper configuration for OpenStack service integration. The database serves as the central storage mechanism for OpenStack metadata, user information, and service configurations.

Network Configuration

Static IP address configuration provides the most reliable foundation for OpenStack deployment. Dynamic IP addresses can cause service disruptions and complicate troubleshooting efforts, particularly in multi-node deployments where services need consistent endpoint addresses.

Configure your firewall to allow the necessary ports for OpenStack services communication. Key ports include 5000 for Keystone identity service, 8774 for Nova compute service, 9696 for Neutron networking service, and 80/443 for the dashboard interface.

DNS resolution setup ensures proper hostname resolution throughout your OpenStack environment. Configure your system to resolve its own hostname correctly, as many OpenStack services rely on proper DNS functionality for service discovery and communication.

SELinux considerations require careful attention, as OpenStack services need specific permissions to function correctly. While you can disable SELinux for initial testing, production deployments should use properly configured SELinux policies to maintain security.

User Permissions and Security

Root access or sudo privileges are essential throughout the installation and configuration process. OpenStack installation scripts require elevated permissions to install packages, modify system configurations, and start services.

Create dedicated service accounts for OpenStack components to follow security best practices and limit potential security exposure. These accounts should have minimal privileges necessary for their specific functions.

SSH key pair generation facilitates secure access between OpenStack nodes and simplifies automated deployment processes. Generate strong SSH keys and distribute them appropriately across your infrastructure.

Database access permissions must be configured correctly for OpenStack services to store and retrieve information. Create specific database users with appropriate privileges for each OpenStack service component.

System Preparation

System Updates and Package Management

Execute a complete system update using Fedora’s DNF package manager to ensure your system has the latest security patches and software versions. Run the following commands to update your system thoroughly:

sudo dnf update -y
sudo dnf upgrade -y
sudo reboot

After rebooting, verify your kernel version and ensure all critical system components are functioning correctly. Check system logs for any errors or warnings that might indicate hardware or software issues requiring attention before proceeding.

Package cache cleanup optimizes storage space and ensures clean package installations throughout the OpenStack deployment process. Remove unnecessary package files and clear cached data to prevent potential conflicts.

System service status verification helps identify any issues with essential services that OpenStack depends on, including networking, logging, and time synchronization services.

Repository Configuration

RDO (Red Hat Distribution of OpenStack) repository provides tested and verified OpenStack packages specifically designed for Red Hat-based distributions like Fedora. Add the RDO repository using the following command:

sudo dnf install -y centos-release-openstack-zed
sudo dnf update -y

Enable additional repositories as needed, including EPEL (Extra Packages for Enterprise Linux) if your configuration requires packages not available in standard Fedora repositories.

Repository priority configuration ensures packages are installed from the correct sources and prevents version conflicts between different repositories. Configure repository priorities to favor OpenStack-specific repositories over general-purpose ones.

GPG key verification provides an additional security layer by confirming package authenticity and integrity during installation. Import and verify all required GPG keys before proceeding with package installations.

Essential Package Installation

Install virtualization packages and dependencies required for OpenStack’s compute services. These packages enable your system to create and manage virtual machines effectively:

sudo dnf groupinstall -y "Virtualization Host"
sudo dnf install -y python3-pip python3-devel
sudo systemctl enable --now libvirtd

Python OpenStack client installation provides command-line tools for managing your OpenStack environment after installation. Install the unified OpenStack client along with service-specific clients:

pip3 install --user python-openstackclient
pip3 install --user python-novaclient python-neutronclient python-glanceclient

Database server setup requires careful attention to configuration details that affect OpenStack performance and reliability. Install and configure MariaDB with appropriate settings:

sudo dnf install -y mariadb mariadb-server python3-PyMySQL
sudo systemctl enable --now mariadb
sudo mysql_secure_installation

Message queue service installation enables communication between OpenStack services. RabbitMQ serves as the default message broker for most OpenStack deployments:

sudo dnf install -y rabbitmq-server
sudo systemctl enable --now rabbitmq-server

Installation Methods Overview

Choosing the Right Installation Method

OpenStack installation on Fedora 42 can be accomplished through several different approaches, each with distinct advantages and use case scenarios. PackStack offers an automated, all-in-one installation approach ideal for proof-of-concept deployments and testing environments where simplicity and speed are prioritized over customization flexibility.

DevStack provides a development-focused installation method with greater flexibility and customization options. This approach suits developers and engineers who need fine-grained control over service configuration and want to test cutting-edge OpenStack features.

Manual installation involves deploying each OpenStack component individually, providing maximum control but requiring extensive knowledge of service interdependencies and configuration requirements. This method is typically reserved for complex production deployments with specific architectural requirements.

Installation Method Comparison

Method Complexity Customization Use Case Installation Time
PackStack Low Limited Testing/PoC 30-60 minutes
DevStack Medium High Development 45-90 minutes
Manual High Maximum Production Several hours

Selection criteria depend on your specific requirements, available expertise, and intended use case. Consider factors such as deployment timeline, customization needs, maintenance requirements, and team skill levels when choosing your installation method.

PackStack Installation Method

Understanding PackStack Architecture

PackStack leverages Puppet configuration management to automate OpenStack service deployment and configuration. This Red Hat-developed tool significantly reduces installation complexity while maintaining reasonable configuration flexibility for most deployment scenarios.

The all-in-one deployment model installs all OpenStack services on a single node, making it perfect for development environments, training scenarios, and proof-of-concept demonstrations where resource efficiency and simplicity outweigh scalability concerns.

Multi-node deployment capabilities allow PackStack to distribute services across multiple servers, providing better performance and fault tolerance for larger environments while maintaining automated configuration management benefits.

PackStack Installation Process

Install the PackStack package and its dependencies using DNF package manager:

sudo dnf install -y openstack-packstack

Generate answer files for customization by running PackStack with the generate-answer-file option:

packstack --gen-answer-file=packstack-answers.txt

This creates a comprehensive configuration file containing all available options with default values. Review and modify this file to match your specific requirements before proceeding with installation.

Answer file customization allows you to specify network interfaces, disable unnecessary services, configure authentication methods, and set custom passwords for various OpenStack components.

Key configuration parameters include:

  • Network interface specifications for management and public networks
  • Service enablement options for components like Swift object storage or Heat orchestration
  • Database configuration and authentication settings
  • Compute hypervisor selection and configuration options

Running PackStack Installation

Execute the PackStack installation using your customized answer file:

sudo packstack --answer-file=packstack-answers.txt

Monitor installation progress through console output and log files located in /var/tmp/packstack/. The installation process typically takes 30-60 minutes depending on system performance and selected services.

Common installation phases include:

  1. Prerequisite checking and package installation
  2. Database setup and service account creation
  3. Keystone identity service configuration and initialization
  4. Core service deployment including Nova, Neutron, and Glance
  5. Dashboard installation and web interface configuration
  6. Post-installation validation and service startup verification

Handle installation interruptions gracefully by reviewing log files for error details and rerunning PackStack with the same answer file after resolving any identified issues.

PackStack Troubleshooting

Common installation failures often relate to network connectivity issues, insufficient system resources, or repository access problems. Check system logs and PackStack-specific log files for detailed error information.

Service startup problems frequently occur due to configuration conflicts or missing dependencies. Verify all required services are running and properly configured:

sudo systemctl status openstack-nova-api
sudo systemctl status openstack-neutron-server
sudo systemctl status openstack-keystone

Database connection errors typically indicate authentication problems or service binding issues. Verify database service status and connection parameters in OpenStack configuration files.

Network service binding problems may require firewall rule adjustments or SELinux policy modifications to allow services to bind to their designated ports properly.

DevStack Installation Method

DevStack Architecture and Benefits

DevStack provides a Git-based installation approach that pulls the latest OpenStack code directly from upstream repositories, making it ideal for development environments and testing cutting-edge features before they appear in stable releases.

The flexible configuration system allows extensive customization through local.conf files, enabling developers to enable specific services, configure custom storage backends, and integrate third-party plugins seamlessly.

Development environment optimization includes features like automatic code reloading, comprehensive logging, and debugging tools that streamline the development and testing workflow for OpenStack contributors and plugin developers.

DevStack Prerequisites and Setup

Clone the DevStack repository from the official OpenStack development infrastructure:

git clone https://opendev.org/openstack/devstack
cd devstack

Create a dedicated user account for DevStack operations to follow security best practices and avoid running development tools with root privileges:

sudo useradd -s /bin/bash -d /opt/stack -m stack
sudo chmod +x /opt/stack
echo "stack ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/stack

Directory structure preparation involves setting up workspace directories and ensuring proper permissions for DevStack operation under the stack user account.

DevStack Configuration

Create a local.conf file in the DevStack directory with your specific configuration requirements:

cat > local.conf << EOF
[[local|localrc]]
ADMIN_PASSWORD=secretpassword
DATABASE_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD

# Enable specific services
enable_service s-proxy s-object s-container s-account
enable_service heat h-api h-api-cfn h-api-cw h-eng
enable_service neutron q-svc q-agt q-dhcp q-l3 q-meta

# Network configuration
HOST_IP=192.168.1.100
FLOATING_RANGE=192.168.1.224/27
FIXED_RANGE=10.11.12.0/24
FIXED_NETWORK_SIZE=256
FLAT_INTERFACE=eth0
EOF

Essential configuration parameters include administrative passwords, network interface specifications, service enablement flags, and storage backend configurations.

Plugin configuration allows integration of additional OpenStack projects and third-party extensions through DevStack’s plugin architecture, enabling testing of experimental features and custom developments.

DevStack Installation Execution

Run the stack.sh script to begin the DevStack installation process:

sudo su - stack
cd devstack
./stack.sh

Monitor installation progress through detailed console output that shows each installation phase, including package downloads, service configurations, and startup procedures.

The installation process automatically handles:

  • Dependency resolution and package installation
  • Database schema creation and data initialization
  • Service configuration file generation and customization
  • Network setup including virtual interfaces and routing
  • Image upload and service registration

Installation typically completes within 45-90 minutes, depending on network speed and system performance characteristics.

DevStack Service Management

Service lifecycle management in DevStack utilizes custom scripts for starting, stopping, and restarting OpenStack services during development and testing cycles.

Use the unstack.sh script to cleanly shut down all OpenStack services:

./unstack.sh

Restacking procedures allow you to update configurations and restart services without complete reinstallation:

./stack.sh

Log file locations follow standard patterns, with service-specific logs available in /opt/stack/logs/ directory for troubleshooting and debugging purposes.

Post-Installation Configuration

Initial System Verification

Verify all OpenStack services are running correctly using systemctl commands:

sudo systemctl status openstack-nova-api
sudo systemctl status openstack-nova-scheduler  
sudo systemctl status openstack-nova-conductor
sudo systemctl status openstack-neutron-server
sudo systemctl status openstack-keystone
sudo systemctl status openstack-glance-api

Port binding verification ensures services are listening on their designated ports and accepting connections properly:

sudo netstat -tlnp | grep -E "(5000|8774|9696|9292)"

Database connectivity testing verifies OpenStack services can communicate with the database backend successfully:

mysql -u root -p -e "SHOW DATABASES;" | grep -E "(keystone|nova|neutron|glance)"

Message queue functionality confirmation ensures proper inter-service communication:

sudo rabbitmqctl list_queues

OpenStack Dashboard Access

Access the Horizon dashboard through your web browser using the system’s IP address or hostname:

http://your-server-ip/dashboard

Default administrative credentials are typically:

  • Username: admin
  • Password: (specified during installation)
  • Domain: Default

Dashboard functionality testing involves logging in, navigating through different sections, and verifying that all service panels load correctly without errors.

User interface customization options allow you to modify the dashboard appearance, enable additional panels, and configure organization-specific branding elements.

Identity Service Configuration

Keystone service management forms the foundation of OpenStack authentication and authorization. Create additional domains, projects, and users as needed for your environment:

openstack domain create example-domain
openstack project create --domain example-domain example-project
openstack user create --domain example-domain --password secretpass example-user

Role assignments define user permissions within specific projects and domains:

openstack role add --project example-project --user example-user member

Service catalog configuration ensures all OpenStack services are properly registered and discoverable:

openstack service list
openstack endpoint list

Token authentication policies control session management and security parameters for API access and dashboard sessions.

Image Service Setup

Glance image management requires uploading base operating system images for virtual machine deployment. Download and upload a test image:

wget http://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
openstack image create "Cirros 0.5.2" \
  --file cirros-0.5.2-x86_64-disk.img \
  --disk-format qcow2 \
  --container-format bare \
  --public

Image format support includes various disk formats like QCOW2, RAW, VMDK, and VHD, with automatic format detection and conversion capabilities for most common formats.

Image sharing policies control visibility and access permissions, allowing images to be shared across projects or kept private to specific tenants.

Storage backend configuration determines where images are stored, with options including local filesystem, object storage, and network-attached storage systems.

Security Configuration

Authentication and Authorization Hardening

Keystone security hardening involves implementing strong password policies, configuring account lockout mechanisms, and enabling audit logging for authentication events:

# Configure password policies in keystone.conf
[security_compliance]
lockout_failure_attempts = 5
lockout_duration = 300
password_expires_days = 90

Multi-factor authentication implementation adds an extra security layer for administrative access and sensitive operations, integrating with external authentication providers like LDAP or Active Directory.

Role-based access control (RBAC) configuration ensures users have appropriate permissions based on their responsibilities and organizational roles, following the principle of least privilege.

API endpoint security involves implementing rate limiting, request throttling, and API key management to prevent abuse and ensure service availability.

Network Security Implementation

Firewall configuration protects OpenStack services from unauthorized access while allowing legitimate traffic between components and external users:

# Configure firewall rules for OpenStack services
sudo firewall-cmd --permanent --add-port=5000/tcp  # Keystone
sudo firewall-cmd --permanent --add-port=8774/tcp  # Nova
sudo firewall-cmd --permanent --add-port=9696/tcp  # Neutron
sudo firewall-cmd --permanent --add-port=9292/tcp  # Glance
sudo firewall-cmd --reload

Security group management establishes default policies for virtual machine network access, typically starting with restrictive rules and selectively allowing required traffic.

Network isolation separates different types of traffic using VLANs, VXLANs, or other network segmentation technologies to prevent unauthorized access between tenants and services.

VPN and encrypted communication setup ensures data protection during transmission between OpenStack components and external clients.

Database and Storage Security

Database security measures include access control configuration, connection encryption, and regular backup procedures with proper access protection:

# Secure database configuration
sudo mysql -u root -p -e "
CREATE USER 'backup'@'localhost' IDENTIFIED BY 'securepassword';
GRANT SELECT, LOCK TABLES ON *.* TO 'backup'@'localhost';
FLUSH PRIVILEGES;"

Encryption at rest protects stored data from unauthorized access in case of physical media compromise or theft.

Audit logging configuration tracks database access patterns and changes for compliance and security monitoring purposes.

Regular security updates and patch management ensure known vulnerabilities are addressed promptly to maintain system security posture.

Testing and Verification Procedures

Comprehensive Service Health Checks

Execute thorough service status verification using OpenStack client commands to ensure all components are functioning correctly:

openstack service list --long
openstack compute service list
openstack network agent list
openstack volume service list

API endpoint testing validates that services respond correctly to requests and return expected data formats:

curl -i http://localhost:5000/v3/auth/tokens \
  -H "Content-Type: application/json" \
  -d '{"auth":{"identity":{"methods":["password"],"password":{"user":{"name":"admin","domain":{"id":"default"},"password":"adminpass"},"scope":{"project":{"name":"admin","domain":{"id":"default"}}}}}}}'

Database connectivity verification ensures OpenStack services can access their respective database schemas:

openstack-status

Message queue functionality testing confirms proper inter-service communication through RabbitMQ message broker.

Functional Testing Implementation

Instance creation workflow testing validates the complete virtual machine deployment process from image selection through network assignment:

# Create a test instance
openstack server create --flavor m1.tiny --image "Cirros 0.5.2" \
  --key-name my-key --network private test-instance

# Monitor instance status
openstack server show test-instance

Network connectivity testing verifies virtual machines can communicate with external networks and receive floating IP addresses for public access.

Volume creation and attachment testing ensures block storage services function correctly:

# Create a test volume
openstack volume create --size 1 test-volume

# Attach volume to instance
openstack server add volume test-instance test-volume

Load balancer functionality validation tests network services and traffic distribution capabilities.

Performance Baseline Establishment

Resource utilization monitoring establishes baseline metrics for CPU, memory, storage, and network performance under normal operating conditions:

# Monitor system resources
top
iostat -x 1
iftop

API response time measurement identifies potential performance bottlenecks and establishes service level benchmarks for future comparison.

Storage I/O performance testing evaluates disk performance characteristics under various load conditions to ensure adequate performance for production workloads.

Network throughput and latency assessment validates network infrastructure capabilities and identifies potential connectivity issues.

Congratulations! You have successfully installed OpenStack. Thanks for using this tutorial for installing OpenStack on Fedora 42 Linux system. For additional help or useful information, we recommend you check the official OpenStack website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button