OpenStack from IBM in hours at no charge

Share this post:

Update:  Please note that the Hong Kong offer for $500 off is now $250. Offering $500 off the first month are both London (see: and Toronto (see: 

To take advantage of the $500 offer mentioned below, monthly servers must be used in place of hourly servers.  When provisioning, select the same configurations while specifying monthly pricing and add the offer code at checkout and the discount will be reflected on the order. Remember to schedule the cancellation of the server before the end of the month to avoid being charged for the following month.

In my previous blog post, “OpenStack in a day for under $20,” I showed an inexpensive way to get started with the Ubuntu version of OpenStack on infrastructure from SoftLayer, an IBM company.  In the meantime, IBM Cloud Manager with OpenStack, an easy-to-deploy cloud management software, has been made available for a 90-day download trial, and SoftLayer opened their new Hong Kong data center with an offer for $500 off in the first month!  With that, I thought it would be good to revisit this offering and lay out a faster, simpler way to get started with OpenStack using IBM Cloud Manager with OpenStack on SoftLayer at no charge.

IBM Cloud Manager with OpenStack comes with a number of features that differentiate it from the package-based installation demonstrated in “OpenStack in a day for under $20:”

• Integrated Chef-based deployer
IBM DB2 database software support
Platform Resource Scheduler (PRS) for advanced placement
• Enhanced self-service portal that adds billing, approvals and resource expiration, among other features

You will read the documentation first to determine the resources to provision, then use SoftLayer to provision those resources, install IBM Cloud Manager with OpenStack and the latest fix pack, deploy OpenStack and finally test out the installation.

To figure out the resources you need, check out the IBM Cloud Manager with OpenStack V4.1.0 documentation on the IBM Knowledge Center.  In the table of contents, expand Planning, expand Prerequisites and finally select Hardware prerequisites.

Based on those hardware specifications, here is what I provisioned at SoftLayer:

Deployment server: hourly virtual server with 4 CPUs, 4 gigabytes (GB) RAM, 25 GB disk and 1 Gigabit Ethernet (GbE) networking running Red Hat Enterprise Linux 6 minimal install (64-bit) with hostname “cmwo-deployment.softlayer.local”

OpenStack controller: hourly virtual server with 4 CPUs, 16 GB RAM, 100 GB disk and 1 GbE networking running Red Hat Enterprise Linux 6 minimal install (64-bit) with hostname “cmwo-controller.softlayer.local”

Compute node: hourly bare metal server with 2 cores, 8 GB RAM, 500 GB disk and 1 GbE networking running CentOS 6.x minimal install (64-bit) with hostname “cmwo-compute-1.softlayer.local” (Red Hat is not available on hourly bare metal)

Both the deployment server and the controller are created as virtual servers, because they are easier to work with and scale in the future (adding CPU and RAM to a virtual server is only a few clicks away). Don’t fear virtualizing the controller. According to the OpenStack Operations Guide, the controller can be “happily virtualized.”  A single compute node can be used for now, scaling to more compute nodes after the installation is validated.

To provision the hardware at SoftLayer, click on Virtual Servers under Products & Services from the homepage.  Using the configuration tool, select the cores, RAM and storage required for your deployment server.  Click on the pricing to add it to your cart, choosing hourly or monthly as appropriate.

Once in your cart, a number of additional options will be shown.  Minimally, you must select the data center (Hong Kong for the $500 deal) and OS (Red Hat Enterprise Linux 6 – Minimal Install – 64 bit).  I recommend upgrading to 1 Gbps Public and Private Network Uplinks.  When finished, scroll to the bottom and select “Add to Order.”  On the checkout screen, select “Virtual Servers” under Products & Services and repeat these steps for the controller.  Repeat for the compute node, initiating by selecting “Bare Metal Servers” under Products & Services from the Checkout screen (enter the desired number of compute nodes as the quantity and select CentOS 6.x – Minimal Install (64 bit) as the operating system).

OpenStack in hours for free

After all three servers have been added to the cart, enter the hostname and domain for each server, apply the promotional code “500HK” and enter the contact and billing information.  Finally, read and agree to the Master Service Agreement and submit the order.

After submitting the order, it will only take minutes for the deployment and controller servers to be provisioned.  The compute nodes will typically take two to four hours.

When the virtual servers finish provisioning, head to “IBM Cloud Manager with OpenStack Trials” and click on “Download Trial.”  Follow the steps to register for the trial.  To speed it up, download it directly to the deployment server by selecting “Download using http” on the Downloads screen. Copy the URL pointed to by the “IBM Cloud Manager with OpenStack for x86, v4.1.” Download to the clipboard using Secure Shell (SSH) to connect to the deployment server, create a directory “cmwo,” change into it and then run “wget <url>” to download the file onto the server.

After the file downloads, use that same SSH session to prepare for and install IBM Cloud Manager with OpenStack:

[root@cmwo-deployment cmwo]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
[root@cmwo-deployment cmwo]# iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
[root@cmwo-deployment cmwo]# iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
[root@cmwo-deployment cmwo]# iptables -A INPUT -p udp --sport 123 -j ACCEPT
[root@cmwo-deployment cmwo]# chkconfig iptables on
[root@cmwo-deployment cmwo]# service iptables start
[root@cmwo-deployment cmwo]# yum -y install ntp
[root@cmwo-deployment cmwo]# chkconfig ntpd on
[root@cmwo-deployment cmwo]# service ntpd start
[root@cmwo-deployment cmwo]# tar -xf Cloud_Manager_4_1_Linux_x86.tar.gz
[root@cmwo-deployment cmwo]# ./install/x86-64/linux/cmwo410_xlinux_install.bin

Next, we need to install the latest fix pack from IBM Support: Fix Central.  Enter “Cloud Manager with OpenStack” in the Product selector, select “4.1.0” as the Installed Version, “Linux 64-bit, x86_64” as the Platform, then click “Continue.”  Select the “” fix pack and click on “Continue.”  If prompted, select the “Download using your browser (HTTPS)” option, enable “Include prerequisites and co-requisite fixes” and then click on “Continue.”  As before, copy the URL for the “cmwo_fixpack_4.1.0.1.tar.gz” file, create a directory “fp01” under “cmwo,” change into it, and then run “wget <url>” to download the fixes.

When the fix pack is downloaded, install it using:

[root@cmwo-deployment fp01]# tar -xf cmwo_fixpack_4.1.0.1.tar.gz
[root@cmwo-deployment fp01]# ./

When the fix pack installation is done, set up the Yum repository:

[root@cmwo-deployment yum-repo]# mkdir -p /opt/ibm/cmwo/yum-repo/operatingsystem/redhat6.5/x86_64
[root@cmwo-deployment yum-repo]# cd /opt/ibm/cmwo/yum-repo/operatingsystem/redhat6.5/x86_64
[root@cmwo-deployment x86_64]# ln -s /etc/yum.repos.d/

Next, we need to prepare for our deployment:

[root@cmwo-deployment x86_64]# cd
[root@cmwo-deployment ~]# mkdir cmwo-from-blog
[root@cmwo-deployment ~]# cd cmwo-from-blog

Upload the attached cmwo-from-blog-env.txt, cmwo-from-blog-topo.txt, and cmwo-compute.txt.

Now, open “cmwo-from-blog-env.txt” in your favorite text editor and make the following changes:

"”: <public IP of controller>
"”: <public IP of controller>

Next, open “cmwo-from-blog-topo.txt” in your favorite text editor and update the password for the controller node, duplicate the compute node section for each compute node provisioned, and finally update those passwords.

To continue from this point, all of your servers need to be provisioned. After verifying they have been provisioned through the SoftLayer portal, SSH into each server and modify “/etc/hosts” so that all servers in the environment are listed with FQDN, shortname and private IP address. Example file: localhost.localdomain localhost cmwo-deployment.softlayer.local cmwo-deployment cmwo-controller.softlayer.local cmwo-controller cmwo-compute-1.softlayer.local cmwo-compute-1

Now, back on the deployment node, let’s execute the deployment:

[root@cmwo-deployment cmwo-from-blog]# knife environment from file cmwo-from-blog-env.txt
[root@cmwo-deployment cmwo-from-blog]# knife os manage deploy topology cmwo-from-blog-topo.txt

With the deployment done, it is time to focus on the next task—setting up networking. To make our OpenStack-provisioned VMs publicly accessible, we first need to provision a “Portable Public Subnet.” Log into the SoftLayer portal and browse to Networks, IP Management, and Subnets. Click “Order IP Addresses” towards the top right. Select “Portable Public” from the drop down. Choose at least eight Portable Public IP Addresses. Click “Continue.” Select the VLAN from the list of servers that were provisioned. Click “Continue.” Fill in the justification form and click “Place Order.”

After ordering, browse to Network, IP Management, and Subnets in the portal. Change the dropdown showing “Primary Subnets” to “Portable Subnets.” Click on the displayed Subnet entry. Keep this window open or note the values to reference later.

OpenStack and SoftLayer

During the install, the external bridge was created on the controller node, causing external connectivity to break. To access the system we need to come in the private interface by SSH to “cmwo-controller” from the deployment node. Once logged in, run the following commands to fix networking and set up the system for Neutron. Note that the “ip addr” commands must be updated to use the public IP of your controller node and the “neutron subnet-create” command updated to represent your allocated Public Portable Subnet.

[root@cmwo-controller ~]# sed -i 's,net.ipv4.ip_forward = 0,net.ipv4.ip_forward = 1,g' /etc/sysctl.conf
[root@cmwo-controller ~]# sysctl –p
[root@cmwo-controller ~]# ip addr del dev eth1
[root@cmwo-controller ~]# ip addr add dev br-ex
[root@cmwo-controller ~]# route add default gw br-ex
[root@cmwo-controller ~]# . openrc
[root@cmwo-controller ~]# neutron net-create ext-net --shared --router:external=True
[root@cmwo-controller ~]# neutron subnet-create ext-net --name ext-subnet --allocation-pool start=,end= --disable-dhcp --gateway

IBM Cloud Manager with OpenStack is now up and running and Neutron has been configured with the external networks necessary for public access. Before the installation can be verified, a few resources need to be created. From the cmwo-controller, execute the following commands.

First, upload a Glance image:

[root@cmwo-controller ~]# glance image-create --name="cirros-0.3.2-x86_64" --disk-format=qcow2 --container-format=bare --is-public=true --copy-from

Next, create a tenant network and attach it to our external network:

[root@cmwo-controller ~]# neutron net-create admin-test-net
[root@cmwo-controller ~]# neutron subnet-create admin-test-net --name admin-test-subnet --gateway
[root@cmwo-controller ~]# neutron router-create admin-test-router
[root@cmwo-controller ~]# neutron router-interface-add admin-test-router admin-test-subnet
[root@cmwo-controller ~]# neutron router-gateway-set admin-test-router ext-net

Create a security group that allows us to SSH in:

[root@cmo-controller ~]# nova secgroup-create Allow-SSH-Only "Allow SSH Only"
[root@cmo-controller ~]# nova secgroup-add-rule Allow-SSH-Only TCP 22 22

Finally, because “use_namespaces” is disabled in Neutron, the L3 router needs explicit configuration for the admin-test-router created above. Be sure to replace the ID in the “sed” command with the ID returned from the router-show command.

[root@cmo-controller ~]# neutron router-show admin-test-router -F id
[root@cmo-controller ~]# sed -i 's,change_me,4110da27-dfa0-44a9-b5df-5d53ac270628,g' /etc/neutron/l3_agent.ini
[root@cmo-controller ~]# service neutron-l3-agent restart

One caveat of having namespaces turned off is that an L3 router instance is required for each tenant router created. If additional tenant routers are required, another L3 instance must be created and tied to the newly created router. For additional details, see this post on the OpenStack mailing list.

You are now ready to verify the install.  Browse to the public IP address of the cmwo-controller server and log into the OpenStack Horizon Dashboard with “admin” username and “openstack1” password.  Once there, expand Project, Compute, and then click Instances.  From there, click Launch Instance and launch two VMs connected to the admin-test-net network, booting from the cirros-0.3.2-x86_64 image and secured by the Allow-SSH-Only security group.  Once booted, assign a Floating IP to a guest.  SSH into the assigned floating IP and authenticate with user “cirros” and password “cubswin:)” and ping the IP address of the second machine.  Additionally, the newly provisioned VMs can be accessed by clicking on the Console tab on the Instance Details screen.

Post-deployment, be sure to change the passwords and other secrets as outlined in the Changing passwords and secrets section of the product documentation.

Look for future blog posts where I will walk you through scaling the cluster, configuring and using the Platform Resource Scheduler (PRS) for advanced placement, as well as the enhanced self-service portal that adds billing, approvals and resource expiration, among other features.  In the meantime, connect with me on Twitter @mjfork to let me know your experience.

Director and Distinguished Engineer, IBM Cloud Infrastructure

More stories

Why we added new map tools to Netcool

I had the opportunity to visit a number of telecommunications clients using IBM Netcool over the last year. We frequently discussed the benefits of have a geographically mapped view of topology. Not just because it was nice “eye candy” in the Network Operations Center (NOC), but because it gives an important geographically-based view of network […]

Continue reading

How to streamline continuous delivery through better auditing

IT managers, does this sound familiar? Just when everything is running smoothly, you encounter the release management process in place for upgrading business applications in the production environment. You get an error notification in one of the workflows running the release management process. It can be especially frustrating when the error is coming from the […]

Continue reading

Want to see the latest from WebSphere Liberty? Join our webcast

We just released the latest release of WebSphere Liberty, It includes many new enhancements to its security, database management and overall performance. Interested in what’s new? Join our webcast on January 11, 2017. Why? Read on. I used to take time to reflect on the year behind me as the calendar year closed out, […]

Continue reading