Prepare Rocky Server
This article describes how prepare a Rocky physical server to be added as a host to Platform9 Managed OpenStack (PMO) cloud.
For a description of PMO networking concepts, refer to the Networking Concepts. Refer to System Requirements for Linux-KVM for systems requirements and supported Rocky Operating System versions.
Supported Operating System Version
Platform9 Managed OpenStack supports Rocky 9.1 (64-bit).
Step 1 - Install Rocky Operating System and install some pre-requisite packages
Make sure that your server is configured appropriately with access to storage and physical networking. Download and install Rocky on your physical server. You can download Rocky distributions from here: https://rockylinux.org/download/
We recommend installing the minimal Rocky operating system. Platform9 agents are prepared to pull in any required package dependencies and get them installed on your server to prepare it to be part of OpenStack. This includes any libvirt/KVM package dependencies.
It’s usually a good practice to get your system up to date with regard to the latest patches and updates.
sudo dnf install -y tarsudo dnf install -y yum wget vim net-tools python3-libselinux sshpass nfs-utilssudo dnf install initscripts.x86_64 initscripts-service.noarch python3-dnf-plugin-versionlock -ysudo dnf upgrade --exclude=centos-release* --exclude=redhat-release* --exclude=kernel* --exclude=rocky-release* --exclude=rocky-repos* -ysudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -yStep 2 - Ensure Virtualization is Enabled
Ensure that virtualization is enabled for your server by checking your server’s BIOS settings. If disabled, enable virtualization for the server to be able to act as a hypervisor within Platform9 Managed OpenStack.
Step 3 - Ensure the System Clock is Synchronized
sudo dnf install -y chronysudo systemctl enable chronyd.servicesudo systemctl start chronyd.serviceThe following image (Figure 1) represents three hypervisors connected in a Managed OpenStack Neutron network.
There are no separate network nodes in a Distributed Virtual Routing (DVR) network.
Step 4 - Set SELinux to permissive and update crypto policies to legacy mode
This is required for Open vSwitch (OVS) to be able to manage networking.
Run the following commands to set SELinux to permissive and to change crypto policy to legacy on rocky hosts to allow key type ssh-rsa and reboot.
sudo sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/selinux/configsudo setenforce 0sudo update-crypto-policies --set LEGACYsudo rebootStep 5 - Add the Openvswitch YUM Repo
Run the following command to install the Openvswitch YUM repository.
sudo dnf install -y centos-release-openstack-yoga.noarchFor Platform9 releases upto and including 4.4:
Step 6 - Install Openvswitch and openstack-network-scripts packages
Run the following command to install Openvswitch and then remove the repos to prevent an upgrade later.
sudo dnf install -y openvswitch2.17.x86_64 openstack-network-scripts-openvswitch2.17.x86_64sudo dnf versionlock add openvswitch2.17Step 7 - Disable Firewalld and NetworkManager
This is required for KVM and OVS to be able to create iptables rules directly without firewalld getting in the way.
Run the following commands to disable firewalld and NetworkManager.
sudo systemctl disable firewalldsudo systemctl stop firewalldsudo systemctl disable NetworkManagersudo systemctl stop NetworkManagerStep 8 - Enable Network and Openvswitch
Run the following command to enable network.
sudo systemctl enable networksudo systemctl enable openvswitchsudo systemctl start openvswitchStep 9 - Load the modules needed for Neutron
Run the following commands to load the modules needed for Neutron as root.
modprobe bridgemodprobe 8021qmodprobe bondingmodprobe tunmodprobe br_netfilterecho bridge > /etc/modules-load.d/pf9.confecho 8021q >> /etc/modules-load.d/pf9.confecho bonding >> /etc/modules-load.d/pf9.confecho tun >> /etc/modules-load.d/pf9.confecho br_netfilter >> /etc/modules-load.d/pf9.confStep 10 - Add sysctl options
Run the following commands to add sysctl options as root.
echo net.ipv4.conf.all.rp_filter=0 >> /etc/sysctl.confecho net.ipv4.conf.default.rp_filter=0 >> /etc/sysctl.confecho net.bridge.bridge-nf-call-iptables=1 >> /etc/sysctl.confecho net.ipv4.ip_forward=1 >> /etc/sysctl.confecho net.ipv4.tcp_mtu_probing=2 >> /etc/sysctl.confsysctl -pStep 11 - Install QEMU KVM EV
Run the following commands to install QEMU KVM EV
sudo dnf install qemu-kvm -yStep 12 - Install Router Advertisement Daemon
Run the following command to install radvd
sudo dnf -y install radvdStep 13 - Configure host networking
Please refer Prepare CentOS Server for setting up host networking.
At this point your Rocky server is ready to be added as a hypervisor to Platform9 Managed OpenStack (PMO).