Step-by-Step Guide to Launching an OpenStack Instance and Setting Up the Dashboard

Sharing is the best way to learn, using output to force input — CloudMan

1. Create a Virtual Network

Before launching an instance, you must create the required virtual network infrastructure. For a provider network, the instance uses a provider (external) network that connects to the physical network via layer‑2 bridging/switching and includes a DHCP server that provides IP addresses.

The admin or another privileged user must create this network because it connects directly to the physical infrastructure.

Load environment variables: . admin-openrc Create the network:

openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider

The --share option allows all projects to use the virtual network, and --external defines it as external. Use --internal for an internal network.

Create a subnet on the network:

openstack subnet create --network provider \
    --allocation-pool start=173.168.16.20,end=173.168.16.252 \
    --dns-nameserver 114.114.114.114 --gateway 173.168.16.254 \
    --subnet-range 173.168.16.0/24

List networks to verify:

openstack network list

2. Create an m1.nano Flavor

The smallest default flavor consumes 512 MB of RAM per instance. For environments with compute nodes under 4 GB, the m1.nano flavor uses only 64 MB. Use the CirrOS image for testing.

openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano

Verify the flavor:

openstack flavor list

3. Create a Key Pair

Most cloud images support public‑key authentication instead of password authentication. Load the demo environment variables: . demo-openrc Generate a key pair: ssh-keygen -q -N "" Add the public key to OpenStack (or use an existing key):

openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey

Verify the key pair:

openstack keypair list

4. Add Security Group Rules

The default security group applies to all instances and denies remote access by default. For a Linux image like CirrOS, allow at least ICMP (ping) and SSH.

Add ICMP rule: openstack security group rule create --proto icmp default Add SSH rule:

openstack security group rule create --proto tcp --dst-port 22 default

5. Launch an Instance

Load demo environment variables again: . demo-openrc List available flavors, images, networks, and security groups:

openstack flavor list

openstack image list

openstack network list

openstack security group list

Create the instance:

openstack server create --flavor m1.nano --image cirros \
    --nic net-id=38d21b44-63ca-4514-bde6-7e3f7b7fabfd \
    --security-group default \
    --key-name mykey provider-instance

Check the instance status:

openstack server list

6. Access the Instance via Virtual Console

Obtain the VNC URL:

openstack console url show provider-instance

Verify connectivity to the provider physical network gateway and to the external Internet (e.g., ping openstack.org).

Remote login to the VM (username: cirros, password: cubswin):

ssh [email protected]

OpenStack Dashboard (Horizon) Installation

This section explains how to install and configure the Horizon dashboard on the controller node. The only core service required is the Identity service; other services such as Image, Compute, and Network can be integrated as needed.

Prerequisite: Apache HTTP server and Memcached must already be installed, configured, and running for the Identity service.

1. Install the package

yum install openstack-dashboard

2. Edit the configuration file

Modify /etc/openstack-dashboard/local_settings:

OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*', 'localhost']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
        'LOCATION': 'controller:11211',
    }
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_NEUTRON_NETWORK = {
    'enable_router': False,
    'enable_quotas': False,
    'enable_ipv6': False,
    'enable_distributed_router': False,
    'enable_ha_router': False,
    'enable_lb': False,
    'enable_firewall': False,
    'enable_vpn': False,
    'enable_fip_topology_check': False,
}
TIME_ZONE = "Asia/Shanghai"

Note: When adding new configuration options, comment out any existing duplicate entries to avoid HTTP service restart errors.

3. Complete installation

Restart the web server and session storage service:

systemctl restart httpd.service memcached.service

4. Verify the dashboard

Access the dashboard at http://173.168.16.224/dashboard. If you encounter a "Script timed out before returning headers" error, edit /etc/httpd/conf.d/openstack-dashboard.conf and add the line WSGIApplicationGroup %{GLOBAL} under WSGISocketPrefix run/wsgi, then restart Apache.

If login fails with "Unable to create a new session key" errors, change SESSION_ENGINE from django.contrib.sessions.backends.cache to django.contrib.sessions.backends.file in local_settings and restart Apache.

Login with the default domain "Default" using the admin credentials (or the demo user).

The OpenStack Horizon dashboard is now fully operational.

Reference links: OpenStack Horizon Installation Guide , OpenStack Launch Instance Guide