IT/Openstack

[Openstack - Train] Centos에 설치하기(7) - Horizon (Dashboard)

louky 2019. 11. 6. 20:07
반응형

 

Controller  Node에 설치를 한다. 

 

1) PKG 설치 

[root@controller ~]# yum install -y openstack-dashboard

2) config 를 수정한다. 

2-1) config 수정전 원본을 백업한다. 

[root@controller ~]# cp -rpRf  /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings.orig

2-2) config를 수정한다. 

 

2-2-1) /etc/openstack-dashboard/local_settings"

- 아래 필드 부분은 필히 있는지 확인하고 없을 경우 추가 한다. 

[root@controller ~]# vi /etc/openstack-dashboard/local_settings

~(생략)
WEBROOT = '/dashboard/'

~(생략)

#ALLOWED_HOSTS = ['horizon.example.com', 'localhost']
ALLOWED_HOSTS = ['*']

~(생략)

SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
    'default': {
         #'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
         'LOCATION': '39.117.41.121:11211',
    }
}
~(생략)

#OPENSTACK_HOST = "127.0.0.1"
OPENSTACK_HOST = "CONTROLLER_MGMT_IP_ADDR"
#OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

~(생략)
#OPENSTACK_NEUTRON_NETWORK = {
#    'enable_auto_allocated_network': False,
#    'enable_distributed_router': False,
#    'enable_fip_topology_check': True,
#    'enable_ha_router': False,
#    'enable_ipv6': True,
#    # TODO(amotoki): Drop OPENSTACK_NEUTRON_NETWORK completely from here.
#    # enable_quotas has the different default value here.
#    'enable_quotas': True,
#    'enable_rbac_policy': True,
#    'enable_router': True,
#
#    'default_dns_nameservers': [],
#    'supported_provider_types': ['*'],
#    'segmentation_id_range': {},
#    'extra_provider_types': {},
#    'supported_vnic_types': ['*'],
#    'physical_networks': [],
#
#}
OPENSTACK_NEUTRON_NETWORK = {
    'enable_auto_allocated_network': False,
    'enable_ipv6': True,
    'enable_rbac_policy': True,
    'enable_router': True,
    'enable_quotas': True,
    'enable_distributed_router': True,
    'enable_ha_router': True,
    'enable_lb': True,
    'enable_firewall': True,
    'enable_vpn': True,
    'enable_fip_topology_check': True,

    'default_dns_nameservers': [],
    'supported_provider_types': ['*'],
    'segmentation_id_range': {},
    'extra_provider_types': {},
    'supported_vnic_types': ['*'],
    'physical_networks': [],

}

~(생략)

#TIME_ZONE = "UTC"
TIME_ZONE = "Asia/Seoul"

~(생략)

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {
    "data-processing": 1.1,
    "identity": 3,
    "image": 2,
    "volume": 3,
    "compute": 2,
}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

OPENSTACK_KEYSTONE_BACKEND = {
    'name': 'native',
    'can_edit_user': True,
    'can_edit_group': True,
    'can_edit_project': True,
    'can_edit_domain': True,
    'can_edit_role': True,
}

OPENSTACK_HYPERVISOR_FEATURES = {
    'can_set_mount_point': False,
    'can_set_password': False,
    'requires_keypair': False,
    'enable_quotas': True
}

OPENSTACK_CINDER_FEATURES = {
    'enable_backup': False,
}

주석 포함  "/etc/openstack-dashboard/local_settings" 전체 내용은 아래를 확인한다. 

더보기

[root@controller ~]# cat  /etc/openstack-dashboard/local_settings
# -*- coding: utf-8 -*-

# ----------------------------------------------------------------------
# NOTE: The default values of the settings are defined in
# openstack_dashboard/defaults.py. Prevously most available settings
# were listed in this example file, but it is no longer true.
# For available settings, see openstack_dashboard/defaults.py and
# the horizon setting reference found at
https://docs.openstack.org/horizon/latest/configuration/settings.html.
#
# Django related settings and HORIZON_CONFIG still exist here.
# Keep in my mind that they will be revisit in upcoming releases.
# ----------------------------------------------------------------------

import os

from django.utils.translation import ugettext_lazy as _


from openstack_dashboard.settings import HORIZON_CONFIG

DEBUG = False

# This setting controls whether or not compression is enabled. Disabling
# compression makes Horizon considerably slower, but makes it much easier
# to debug JS and CSS changes
#COMPRESS_ENABLED = not DEBUG

# This setting controls whether compression happens on the fly, or offline
# with `python manage.py compress`
# See https://django-compressor.readthedocs.io/en/latest/usage/#offline-compression
# for more information
#COMPRESS_OFFLINE = not DEBUG

WEBROOT = '/dashboard/'

# If horizon is running in production (DEBUG is False), set this
# with the list of host/domain names that the application can serve.
# For more information see:
https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
#ALLOWED_HOSTS = ['horizon.example.com', 'localhost']
ALLOWED_HOSTS = ['*']

# Set SSL proxy settings:
# Pass this header from the proxy after terminating the SSL,
# and don't forget to strip it from the client's request.
# For more information see:
https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header
#SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

# If Horizon is being served through SSL, then uncomment the following two
# settings to better secure the cookies from security exploits
#CSRF_COOKIE_SECURE = True
#SESSION_COOKIE_SECURE = True

# If provided, a "Report Bug" link will be displayed in the site header
# which links to the value of this setting (ideally a URL containing
# information on how to report issues).
#HORIZON_CONFIG["bug_url"] = "http://bug-report.example.com"

# Show backdrop element outside the modal, do not close the modal
# after clicking on backdrop.
#HORIZON_CONFIG["modal_backdrop"] = "static"

# Specify a regular expression to validate user passwords.
#HORIZON_CONFIG["password_validator"] = {
#    "regex": '.*',
#    "help_text": _("Your password does not meet the requirements."),
#}

# Turn off browser autocompletion for forms including the login form and
# the database creation workflow if so desired.
#HORIZON_CONFIG["password_autocomplete"] = "off"

# Setting this to True will disable the reveal button for password fields,
# including on the login form.
#HORIZON_CONFIG["disable_password_reveal"] = False

LOCAL_PATH = '/tmp'

# Set custom secret key:
# You can either set it to a specific value or you can let horizon generate a
# default secret key that is unique on this machine, e.i. regardless of the
# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However,
# there may be situations where you would want to set this explicitly, e.g.
# when multiple dashboard instances are distributed on different machines
# (usually behind a load-balancer). Either you have to make sure that a session
# gets all requests routed to the same dashboard instance or you set the same
# SECRET_KEY for all of them.
SECRET_KEY='3ce251960b27b6b82837'

# We recommend you use memcached for development; otherwise after every reload
# of the django development server, you will have to login again. To use
# memcached set CACHES to something like below.
# For more information, see
https://docs.djangoproject.com/en/1.11/topics/http/sessions/.
#CACHES = {
#    'default': {
#        'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
#        'LOCATION': '127.0.0.1:11211',
#    },
#}

# If you use ``tox -e runserver`` for developments,then configure
# SESSION_ENGINE to django.contrib.sessions.backends.signed_cookies
# as shown below:
#SESSION_ENGINE = 'django.contrib.sessions.backends.signed_cookies'
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
    'default': {
         #'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
         'LOCATION': 'CONTROLLER_MGMT_IP_ADDR:11211',
    }
}


# Send email to the console by default
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# Or send them to /dev/null
#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend'

# Configure these for your outgoing email host
#EMAIL_HOST = 'smtp.my-company.com'
#EMAIL_PORT = 25
#EMAIL_HOST_USER = 'djangomail'
#EMAIL_HOST_PASSWORD = 'top-secret!'

#OPENSTACK_HOST = "127.0.0.1"
#OPENSTACK_HOST = "controller"
OPENSTACK_HOST = "CONTROLLER_MGMT_IP_ADDR"
#OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

# The OPENSTACK_NEUTRON_NETWORK settings can be used to enable optional
# services provided by neutron. Options currently available are load
# balancer service, security groups, quotas, VPN service.
#
#OPENSTACK_NEUTRON_NETWORK = {
#    'enable_auto_allocated_network': False,
#    'enable_distributed_router': False,
#    'enable_fip_topology_check': True,
#    'enable_ha_router': False,
#    'enable_ipv6': True,
#    # TODO(amotoki): Drop OPENSTACK_NEUTRON_NETWORK completely from here.
#    # enable_quotas has the different default value here.
#    'enable_quotas': True,
#    'enable_rbac_policy': True,
#    'enable_router': True,
#
#    'default_dns_nameservers': [],
#    'supported_provider_types': ['*'],
#    'segmentation_id_range': {},
#    'extra_provider_types': {},
#    'supported_vnic_types': ['*'],
#    'physical_networks': [],
#
#}
OPENSTACK_NEUTRON_NETWORK = {
    'enable_auto_allocated_network': False,
    'enable_ipv6': True,
    'enable_rbac_policy': True,
    'enable_router': True,
    'enable_quotas': True,
    'enable_distributed_router': True,
    'enable_ha_router': True,
    'enable_lb': True,
    'enable_firewall': True,
    'enable_vpn': True,
    'enable_fip_topology_check': True,

    'default_dns_nameservers': [],
    'supported_provider_types': ['*'],
    'segmentation_id_range': {},
    'extra_provider_types': {},
    'supported_vnic_types': ['*'],
    'physical_networks': [],

}

# The timezone of the server. This should correspond with the timezone
# of your entire OpenStack installation, and hopefully be in UTC.
#TIME_ZONE = "UTC"
TIME_ZONE = "Asia/Seoul"

# Change this patch to the appropriate list of tuples containing
# a key, label and static directory containing two files:
_variables.scss and _styles.scss
#AVAILABLE_THEMES = [
#    ('default', 'Default', 'themes/default'),
#    ('material', 'Material', 'themes/material'),
#    ('example', 'Example', 'themes/example'),
#]

LOGGING = {
    'version': 1,
    # When set to True this will disable all logging except
    # for loggers specified in this configuration dictionary. Note that
    # if nothing is specified here and disable_existing_loggers is True,
    # django.db.backends will still log unless it is disabled explicitly.
    'disable_existing_loggers': False,
    # If apache2 mod_wsgi is used to deploy OpenStack dashboard
    # timestamp is output by mod_wsgi. If WSGI framework you use does not
    # output timestamp for logging, add %(asctime)s in the following
    # format definitions.
    'formatters': {
        'console': {
            'format': '%(levelname)s %(name)s %(message)s'
        },
        'operation': {
            # The format of "%(message)s" is defined by
            # OPERATION_LOG_OPTIONS['format']
            'format': '%(message)s'
        },
    },
    'handlers': {
        'null': {
            'level': 'DEBUG',
            'class': 'logging.NullHandler',
        },
        'console': {
            # Set the level to "DEBUG" for verbose output logging.
            'level': 'DEBUG' if DEBUG else 'INFO',
            'class': 'logging.StreamHandler',
            'formatter': 'console',
        },
        'operation': {
            'level': 'INFO',
            'class': 'logging.StreamHandler',
            'formatter': 'operation',
        },
    },
    'loggers': {
        'horizon': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'horizon.operation_log': {
            'handlers': ['operation'],
            'level': 'INFO',
            'propagate': False,
        },
        'openstack_dashboard': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'novaclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'cinderclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'keystoneauth': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'keystoneclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'glanceclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'neutronclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'swiftclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'oslo_policy': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'openstack_auth': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'django': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        # Logging from django.db.backends is VERY verbose, send to null
        # by default.
        'django.db.backends': {
            'handlers': ['null'],
            'propagate': False,
        },
        'requests': {
            'handlers': ['null'],
            'propagate': False,
        },
        'urllib3': {
            'handlers': ['null'],
            'propagate': False,
        },
        'chardet.charsetprober': {
            'handlers': ['null'],
            'propagate': False,
        },
        'iso8601': {
            'handlers': ['null'],
            'propagate': False,
        },
        'scss': {
            'handlers': ['null'],
            'propagate': False,
        },
    },
}

# 'direction' should not be specified for all_tcp/udp/icmp.
# It is specified in the form.
SECURITY_GROUP_RULES = {
    'all_tcp': {
        'name': _('All TCP'),
        'ip_protocol': 'tcp',
        'from_port': '1',
        'to_port': '65535',
    },
    'all_udp': {
        'name': _('All UDP'),
        'ip_protocol': 'udp',
        'from_port': '1',
        'to_port': '65535',
    },
    'all_icmp': {
        'name': _('All ICMP'),
        'ip_protocol': 'icmp',
        'from_port': '-1',
        'to_port': '-1',
    },
    'ssh': {
        'name': 'SSH',
        'ip_protocol': 'tcp',
        'from_port': '22',
        'to_port': '22',
    },
    'smtp': {
        'name': 'SMTP',
        'ip_protocol': 'tcp',
        'from_port': '25',
        'to_port': '25',
    },
    'dns': {
        'name': 'DNS',
        'ip_protocol': 'tcp',
        'from_port': '53',
        'to_port': '53',
    },
    'http': {
        'name': 'HTTP',
        'ip_protocol': 'tcp',
        'from_port': '80',
        'to_port': '80',
    },
    'pop3': {
        'name': 'POP3',
        'ip_protocol': 'tcp',
        'from_port': '110',
        'to_port': '110',
    },
    'imap': {
        'name': 'IMAP',
        'ip_protocol': 'tcp',
        'from_port': '143',
        'to_port': '143',
    },
    'ldap': {
        'name': 'LDAP',
        'ip_protocol': 'tcp',
        'from_port': '389',
        'to_port': '389',
    },
    'https': {
        'name': 'HTTPS',
        'ip_protocol': 'tcp',
        'from_port': '443',
        'to_port': '443',
    },
    'smtps': {
        'name': 'SMTPS',
        'ip_protocol': 'tcp',
        'from_port': '465',
        'to_port': '465',
    },
    'imaps': {
        'name': 'IMAPS',
        'ip_protocol': 'tcp',
        'from_port': '993',
        'to_port': '993',
    },
    'pop3s': {
        'name': 'POP3S',
        'ip_protocol': 'tcp',
        'from_port': '995',
        'to_port': '995',
    },
    'ms_sql': {
        'name': 'MS SQL',
        'ip_protocol': 'tcp',
        'from_port': '1433',
        'to_port': '1433',
    },
    'mysql': {
        'name': 'MYSQL',
        'ip_protocol': 'tcp',
        'from_port': '3306',
        'to_port': '3306',
    },
    'rdp': {
        'name': 'RDP',
        'ip_protocol': 'tcp',
        'from_port': '3389',
        'to_port': '3389',
    },
}

# Help URL can be made available for the client. To provide a help URL, edit the
# following attribute to the URL of your choice.
#HORIZON_CONFIG["help_url"] = "http://openstack.mycompany.org"
#
#
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {
    "data-processing": 1.1,
    "identity": 3,
    "image": 2,
    "volume": 3,
    "compute": 2,
}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

OPENSTACK_KEYSTONE_BACKEND = {
    'name': 'native',
    'can_edit_user': True,
    'can_edit_group': True,
    'can_edit_project': True,
    'can_edit_domain': True,
    'can_edit_role': True,
}

OPENSTACK_HYPERVISOR_FEATURES = {
    'can_set_mount_point': False,
    'can_set_password': False,
    'requires_keypair': False,
    'enable_quotas': True
}

OPENSTACK_CINDER_FEATURES = {
    'enable_backup': False,
}

 

2-2-2) /etc/httpd/conf.d/openstack-dashboard.conf 확인

"/etc/httpd/conf.d/openstack-dashboard.conf" 파일내 "WSGIApplicationGroup %{GLOBAL}"가 포함되어 있는지 확인한다. 

없을 경우 추가 한다. 

[root@controller ~]# vi /etc/httpd/conf.d/openstack-dashboard.conf

WSGIDaemonProcess dashboard
WSGIProcessGroup dashboard
WSGISocketPrefix run/wsgi
WSGIApplicationGroup %{GLOBAL}   ### 이부분이 있는지 필히 확인!!!

WSGIScriptAlias /dashboard /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi
Alias /dashboard/static /usr/share/openstack-dashboard/static

<Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi>
  Options All
  AllowOverride All
  Require all granted
</Directory>

<Directory /usr/share/openstack-dashboard/static>
  Options All
  AllowOverride All
  Require all granted
</Directory>

3) Daemon재시작 

[root@controller ~]# systemctl restart httpd.service memcached.service
[root@controller ~]# systemctl status httpd.service memcached.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/httpd.service.d
           └─openstack-dashboard.conf
   Active: active (running) since 수 2019-11-06 19:48:34 KST; 19min ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 4525 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
  Process: 4564 ExecStartPre=/usr/bin/python2 /usr/share/openstack-dashboard/manage.py compress --force -v0 (code=exited, status=0/SUCCESS)
  Process: 4540 ExecStartPre=/usr/bin/python2 /usr/share/openstack-dashboard/manage.py collectstatic --noinput --clear -v0 (code=exited, status=0/SUCCESS)
 Main PID: 4652 (httpd)
   Status: "Total requests: 67; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service
           ├─4652 /usr/sbin/httpd -DFOREGROUND
           ├─4653 /usr/sbin/httpd -DFOREGROUND
           ├─4654 /usr/sbin/httpd -DFOREGROUND
           ├─4655 /usr/sbin/httpd -DFOREGROUND
           ├─4656 /usr/sbin/httpd -DFOREGROUND
           ├─4657 (wsgi:keystone- -DFOREGROUND
           ├─4658 (wsgi:keystone- -DFOREGROUND
           ├─4659 (wsgi:keystone- -DFOREGROUND
           ├─4660 (wsgi:keystone- -DFOREGROUND
           ├─4661 (wsgi:keystone- -DFOREGROUND
           ├─4662 /usr/sbin/httpd -DFOREGROUND
           ├─4664 /usr/sbin/httpd -DFOREGROUND
           ├─4666 /usr/sbin/httpd -DFOREGROUND
           ├─4732 /usr/sbin/httpd -DFOREGROUND
           ├─4736 /usr/sbin/httpd -DFOREGROUND
           ├─4739 /usr/sbin/httpd -DFOREGROUND
           ├─4876 /usr/sbin/httpd -DFOREGROUND
           ├─4877 /usr/sbin/httpd -DFOREGROUND
           ├─4889 /usr/sbin/httpd -DFOREGROUND
           └─4891 /usr/sbin/httpd -DFOREGROUND

11월 06 19:47:56 controller systemd[1]: Starting The Apache HTTP Server...
11월 06 19:48:34 controller python2[4564]: Compressing... done
11월 06 19:48:34 controller python2[4564]: Compressed 7 block(s) from 4 template(s) for 2 context(s).
11월 06 19:48:34 controller systemd[1]: Started The Apache HTTP Server.

● memcached.service - memcached daemon
   Loaded: loaded (/usr/lib/systemd/system/memcached.service; enabled; vendor preset: disabled)
   Active: active (running) since 수 2019-11-06 19:07:05 KST; 1h 1min ago
 Main PID: 411 (memcached)
   CGroup: /system.slice/memcached.service
           └─411 /usr/bin/memcached -p 11211 -u memcached -m 64 -c 1024 -l 127.0.0.1,::1,controller

11월 06 19:07:05 controller systemd[1]: Started memcached daemon.

 

확인

 

Dashbord에 접속하여 확인한다. 

  •  URL => http://CONTROLLER_IP_ADDR/dashboard 

만약 dashboard에 접속시 "The requested URL /auth/login/ was not found on this server."와 같은 에러가 발생할 경우 아래 링크를 참조 한다. 

 

Openstack dashboard Error



2019/11/06 - [IT/Openstack] - [Openstack - Train] Error "The requested URL /auth/login/ was not found on this server."

 

반응형