Categoria: Senza categoria

Pubblicato il

Failed to download metadata for repo โ€˜AppStreamโ€™ [CentOS]

In caso avessi questo errore, รจ dovuto alla EOL di Centos.. si risolve con questi comandi:

[root@autocontroller ~]# cd /etc/yum.repos.d/
[root@autocontroller ~]# sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
[root@autocontroller ~]# sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*

fonte: https://techglimpse.com/failed-metadata-repo-appstream-centos-8/

Pubblicato il

Installare Openstack su Rocky Linux

OpenStackย is an open source solution that enables companies to deploy resources within a shortest time possible similar to commercially available cloud environments. The development of this solution is under Openstack foundation. Openstack is able to control large pools of compute, networking, and storage resources, all managed through APIs or a dashboard.

If youโ€™re interested in building Infrastructure as a Service (IaaS) platforms โ€“ both private and public cloud, OpenStack is a solution you should consider. It comes with a dashboard (Horizon) that gives administrators control of the systems while empowering end users and tenants to provision resources through a web interface. Command line interface and REST API is also available for management and resources provisioning.

Packstack is command line tool that uses Puppet modules to deploy various parts of OpenStack on multiple pre-installed servers over SSH automatically. It only supports deployment of OpenStack on RHEL based systems, i.e CentOS, Red Hat Enterprise Linux (RHEL), Rocky Linux, AlmaLinux, e.t.c.

For this setup weโ€™re using a server with the following hardware specifications.

CPU: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz (12 Cores)

Memory: 128GB RAM

Disk: 2 x 1TB SSD

Network: 1Gbit

IPV4 Adresses: 1 x IPV4 + /27 Subnet (30 IPs)

Itโ€™s your responsibility to perform OS installation on the server prior to OpenStack installation on the system.


STEP 1: UPDATE SYSTEM AND SET HOSTNAME

ย 

Itโ€™s a recommendation that correct hostname is set on the server.

sudo hostnamectl set-hostname openstack-node.example.com

ย 

Ensure local name resolution is working on your server. Also consider adding an A record if you have a working DNS server in your infrastructure. If no DNS server the settings can be mapped in hosts file.

$ sudo vi /etc/hosts

192.168.10.11 openstack-node.example.com

Disable SELinux:

sudo setenforce 0

sudo sed -i ‘s/^SELINUX=.*/SELINUX=permissive/g’ /etc/selinux/config

ย 

If youโ€™re performing the installation on Rocky Linux 8 / AlmaLinux 8, perform these extra steps:

# Disable Firewalld

sudo systemctl disable firewalld

sudo systemctl stop firewalld

# Install network-scripts package

sudo dnf install network-scripts -y

# Disable NetworkManager

sudo systemctl disable NetworkManager

sudo systemctl stop NetworkManager

# Start Network Service

sudo systemctl enable network

sudo systemctl start network

ย 

Update your OS packages with below command:

sudo dnf update -y

ย 

A reboot is a good option after a successful upgrade.

sudo reboot


STEP 2: CONFIGURE OPENSTACK YOGA YUM REPOSITORY

ย 

As of the time this article is updated, the latest OpenStack release is Yoga. If you need more details on this OpenStack release refer to its official documentation.

sudo dnf -y install https://repos.fedorapeople.org/repos/openstack/openstack-yoga/rdo-release-yoga-1.el8.noarch.rpm

ย 

Confirm the repository has been added and usable on the system.

$ sudo dnf repolist

repo idย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  repo name

advanced-virtualizationย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  CentOS-8 – Advanced Virtualization

appstreamย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย  Rocky Linux 8 – AppStream

baseosย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย  Rocky Linux 8 – BaseOS

centos-nfv-openvswitchย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย  CentOS-8 – NFV OpenvSwitch

centos-rabbitmq-38ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย  CentOS-8 – RabbitMQ 38

ceph-pacificย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  CentOS-8 – Ceph Pacific

extrasย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  Rocky Linux 8 – Extras

openstack-yogaย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย OpenStack Yoga Repository

ย 

Letโ€™s update all packages on the system to the latest releases on the repos.

sudo dnf update -y


STEP 3: INSTALL PACKSTACK PACKAGE / GENERATE ANSWERS FILE

 

Enable PowerTools / CRB repositories:

sudo dnf config-manager –enable powertools

Install packstack which is provided by openstack-packstack package.

sudo dnf install -y openstack-packstack

Confirm successful installation by querying for the version.

$ packstack –version

packstack 20.0.0

Command options:

$ packstack –help

If you need customized installation of OpenStack on Rocky Linux 9 / Rocky Linux 8 then generate answers file which defines variables that modifies installation of OpenStack services.

sudo packstack –os-neutron-ml2-tenant-network-types=vxlan \

  –os-neutron-l2-agent=openvswitch \

  –os-neutron-ml2-type-drivers=vxlan,flat \

  –os-neutron-ml2-mechanism-drivers=openvswitch \

  –keystone-admin-passwd=StrongAdminPassword \

  –nova-libvirt-virt-type=kvm \

  –provision-demo=n \

  –cinder-volumes-create=n \

  –os-heat-install=y \

  –os-swift-install=n \

  –os-horizon-install=y \

  –gen-answer-file /root/answers.txt

 Install OpenStack – DevStack into Ubuntu VM

Set the Keystone / admin user password –keystone-admin-passwd. If you donโ€™t have extra storage for Cinder you can use loop device for volume group by cinder-volumes-create=y but performance will not be good. Above are the standard settings but you can pass as many options as it suites your desired deployment.

You can modify the answers file generated to add more options.

sudo vi /root/answers.txt


STEP 4: INSTALL OPENSTACK WITH PACKSTACK

ย 

The easiest way is to deploy using default parameters and settings, this will configure the host as Controller and Compute.

ย 

#Disable the demo provisioning

sudo packstack –allinone –provision-demo=n

# With Demo

sudo packstack โ€“allinone

ย 

If youโ€™re using the contents in the answers file initiate deployment of OpenStack with the commands below:

sudo packstack –answer-file /root/answers.txt

Sample installation output extracted from out deployment:

Welcome to the Packstack setup utility

The installation log file is available at: /var/tmp/packstack/20220905-230443-accvjfxd/openstack-setup.log

Installing:

Clean Upย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  [ DONE ]

Discovering ip protocol versionย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Setting up ssh keysย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  [ DONE ]

Preparing serversย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]

Pre installing Puppet and discovering hosts’ detailsย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing pre-install entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Setting up CACERTย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]

Preparing AMQP entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing MariaDB entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Fixing Keystone LDAP config parameters to be undef if emptyย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]

Preparing Keystone entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Glance entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Checking if the Cinder server has a cinder-volumes vgย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]

Preparing Cinder entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Nova API entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Creating ssh keys for Nova migrationย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Gathering ssh host keys for Nova migrationย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Nova Compute entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Nova Scheduler entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Nova VNC Proxy entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing OpenStack Network-related Nova entriesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]

Preparing Nova Common entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Neutron API entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Neutron L3 entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Neutron L2 Agent entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Neutron DHCP Agent entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Neutron Metering Agent entriesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]

Checking if NetworkManager is enabled and runningย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  [ DONE ]

Preparing OpenStack Client entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Horizon entriesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]

Preparing Swift builder entries ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Swift proxy entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Swift storage entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Gnocchi entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Redis entriesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Preparing Ceilometer entriesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  [ DONE ]

Preparing Aodh entriesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  [ DONE ]

Preparing Puppet manifestsย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Copying Puppet modules and manifestsย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Applying 192.168.200.5_controller.pp

192.168.200.5_controller.pp:ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Applying 192.168.200.5_network.pp

192.168.200.5_network.pp:ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Applying 192.168.200.5_compute.pp

192.168.200.5_compute.pp:ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Applying 192.168.200.5_controller_post.pp

192.168.200.5_controller_post.pp:ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  [ DONE ]

Applying Puppet manifestsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  [ DONE ]

Finalizingย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย [ DONE ]


STEP 5: ACCESS OPENSTACK FROM CLI / HORIZON DASHBOARD

ย 

After a successful installation OpenStack can be administered using openstack CLI tool or from Web Dashboard. Take note of access details printed on the screen.

Additional information:

ย * Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks

ย * A new answerfile was created in: /root/packstack-answers-20220906-132920.txt

ย * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.

ย * File /root/keystonerc_admin has been created on OpenStack client host 192.168.200.5. To use the command line tools you need to source the file.

ย * To access the OpenStack Dashboard browse to http://192.168.200.5/dashboard .

Please, find your login credentials stored in the keystonerc_admin in your home directory.

ย * Because of the kernel update the host 192.168.200.5 requires reboot.

ย * The installation log file is available at: /var/tmp/packstack/20220906-132920-0dgh5hr3/openstack-setup.log

ย * The generated manifests are available at: /var/tmp/packstack/20220906-132920-0dgh5hr3/manifests

Source keystonerc_admin file:

sudo -i

source ~/keystonerc_admin

List OpenStack services using commands shared below:

$ openstack service list

+———————————-+———–+————–+

| IDย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Nameย ย ย ย ย  ย ย ย ย ย ย ย ย ย  | Typeย ย ย ย ย ย ย ย 

+———————————-+———–+————–+

| 30b78dc06b9f4aa0ad5239e656d33f46 ย ย ย ย ย ย ย ย ย ย ย ย  | cinderv3ย  ย ย ย ย ย ย ย ย  | volumev3ย ย ย ย 

| 324eeb0f88e2474786f00ff5d5d64819 ย ย ย ย ย ย ย ย ย ย ย ย ย  | aodhย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย  | alarmingย ย ย ย 

| 39c6ce97e8994234b6e42a9f34e8001eย ย ย ย ย ย ย ย ย ย ย ย ย ย  | neutronย ย  ย ย ย ย ย ย ย ย  | networkย ย ย ย ย 

| 3ec7e0dc135c41cc81651f5bee276a03 ย ย ย ย ย ย ย ย ย ย ย ย  | keystoneย  ย ย ย ย ย ย ย  | identityย ย ย ย 

| 7da8184e096a440b810602d4cc5e964b ย ย ย ย ย ย ย ย ย ย  | glanceย ย ย  ย ย ย ย ย ย ย ย ย ย  | imageย ย ย ย ย ย ย 

| 907720359882414c90cbdce33d2dcac8 ย ย ย ย ย ย ย ย ย ย ย  | gnocchiย ย  ย ย ย ย ย ย ย ย ย  | metricย ย ย ย ย ย 

| 9b99c9f02cc345ce8d71635a5519113f ย ย ย ย ย ย ย ย ย ย ย ย ย  | placement ย ย ย ย ย  | placementย ย ย 

| c8f1c94982a64146897307dd8e3c8af8 ย ย ย ย ย ย ย ย ย ย ย ย ย  | swiftย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย  | object-store

| f856abaa681746f0b5bab1c0a8ec7365 ย ย ย ย ย ย ย ย ย ย ย ย ย  | novaย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย  | computeย ย ย ย ย 

+———————————-+———–+————–+

ย 

To access Horizon Dashboard use the URL: http://ServerIPAddress/dashboard. Login with admin as User Name and Keystone Admin Password in cat ~/keystonerc_admin


STEP 6: CONFIGURE NEUTRON NETWORKING

ย 

Check your primary interface on the server:

$ ip ad

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

ย ย  ย link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

ย ย ย  inet 127.0.0.1/8 scope host lo

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

ย ย ย  inet6 ::1/128 scope host

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000

ย ย ย  link/ether f2:37:74:a4:77:ae brd ff:ff:ff:ff:ff:ff

ย ย ย  inet 192.168.200.5/24 brd 192.168.200.255 scope global ens18

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

ย ย ย  inet6 fe80::f037:74ff:fea4:77ae/64 scope link

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000

ย ย ย  link/ether 26:65:55:60:5b:aa brd ff:ff:ff:ff:ff:ff

4: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000

ย ย ย  link/ether 96:12:ae:de:e9:40 brd ff:ff:ff:ff:ff:ff

ย ย ย  inet6 fe80::9412:aeff:fede:e940/64 scope link

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000

ย ย ย  link/ether b2:bd:04:aa:2a:ae brd ff:ff:ff:ff:ff:ff

ย 

Migrate your primary interface network configurations to a bridge. These are the updated network configurations on my server.

$ sudoย  vi /etc/sysconfig/network-scripts/ifcfg-ens18

DEVICE=ens18

ONBOOT=yes

TYPE=OVSPort

DEVICETYPE=ovs

OVS_BRIDGE=br-ex

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-br-ex

DEVICE=br-ex

BOOTPROTO=none

ONBOOT=yes

TYPE=OVSBridge

DEVICETYPE=ovs

USERCTL=yes

PEERDNS=yes

IPV6INIT=no

IPADDR=192.168.200.5

NETMASK=255.255.255.0

GATEWAY=192.168.200.1

DNS1=192.168.200.1

ย 

Once the configurations for the network are updated, create OVS bridge and add the interface.

sudo ovs-vsctl add-port br-ex ens18

ย 

Reboot after making the changes to confirm the settings are corrent:

sudo reboot

ย 

Since NetworkManager service was disabled it cannot be used to manage network configurations. To restart network service using network.service.

sudo systemctl restart network.service

ย 

Confirm IP address information.

$ ip ad

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

ย ย ย  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

ย ย ย  inet 127.0.0.1/8 scope host lo

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

ย ย ย  inet6 ::1/128 scope host

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000

ย ย ย  link/ether f2:37:74:a4:77:ae brd ff:ff:ff:ff:ff:ff

ย ย ย  inet6 fe80::f037:74ff:fea4:77ae/64 scope link

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000

ย ย ย  link/ether 02:ab:a7:4f:0a:9d brd ff:ff:ff:ff:ff:ff

4: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000

ย ย ย  link/ether b2:bd:04:aa:2a:ae brd ff:ff:ff:ff:ff:ff

5: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000

ย ย ย  link/ether 02:86:4d:4d:c0:40 brd ff:ff:ff:ff:ff:ff

ย ย ย  inet 192.168.200.5/24 brd 192.168.200.255 scope global br-ex

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

ย ย ย  inet6 fe80::86:4dff:fe4d:c040/64 scope link

ย ย ย ย ย ย  valid_lft forever preferred_lft forever

ย 

ย 

Create private network on OpenStack.

$ openstack network create private

+—————————+————————————–+

| Fieldย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Valueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+—————————+————————————–+

| admin_state_upย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | UPย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| availability_zone_hintsย ย  ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| availability_zonesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| created_atย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:03:11Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| descriptionย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_domainย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 6b311b90-3ee3-4ad8-a746-853d3952fabe

| ipv4_address_scopeย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย 

| ipv6_address_scopeย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| is_defaultย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Falseย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| is_vlan_transparentย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| mtuย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 1442ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| nameย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | privateย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| port_security_enabledย  ย  ย  ย  ย  ย  ย  ย  ย | Trueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| project_idย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 8b20c86cf35943af8a17cb1805ea52d1ย ย ย ย 

| provider:network_typeย  ย  ย  ย  ย  ย  ย  ย  | geneveย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| provider:physical_networkย  ย  ย  ย  ย | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| provider:segmentation_idย  ย  ย  ย  ย  ย | 11ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| qos_policy_idย ย ย ย ย ย ย ย ย ย ย  ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| revision_numberย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 1ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| router:externalย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Internalย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| segmentsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| sharedย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Falseย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| statusย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | ACTIVEย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| subnetsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| tagsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| updated_atย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:03:11Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+—————————+————————————–+

ย 

ย 

Create a subnet for the private network:

$ openstack subnet create –network private –allocation-pool \

ย ย ย  start=172.20.20.50,end=172.20.20.200 \

ย ย ย  –dns-nameserver 8.8.8.8 –dns-nameserver 8.8.4.4 \

ย ย ย  –subnet-range 172.20.20.0/24 private_subnet

ย 

+———————-+————————————–+

| Fieldย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Valueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+———————-+————————————–+

| allocation_poolsย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 172.20.20.50-172.20.20.200ย ย ย ย ย ย ย ย ย ย 

| cidrย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 172.20.20.0/24ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| created_atย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:04:27Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| descriptionย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_nameserversย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 8.8.4.4, 8.8.8.8ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_publish_fixed_ipย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| enable_dhcp ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Trueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| gateway_ipย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 172.20.20.1ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| host_routesย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | b5983809-f905-4419-b995-91ec3e22b401

| ip_versionย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 4ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| ipv6_address_modeย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| ipv6_ra_modeย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| nameย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | private_subnetย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| network_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 6b311b90-3ee3-4ad8-a746-853d3952fabe

| project_idย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 8b20c86cf35943af8a17cb1805ea52d1ย ย ย ย 

| revision_numberย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 0ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| segment_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| service_typesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| subnetpool_idย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| tagsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| updated_atย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:04:27Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+———————-+————————————–+

ย 

Create public network:

$ openstack network create –provider-network-type flat \

ย  –provider-physical-network extnet \

ย  –external public

ย 

+—————————+————————————–+

| Fieldย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Valueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+—————————+————————————–+

| admin_state_upย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | UPย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| availability_zone_hintsย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| availability_zonesย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| created_atย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:05:27Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| descriptionย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_domainย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 81ef07c8-9925-46e4-a1b8-25d860ef32bc

| ipv4_address_scopeย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| ipv6_address_scopeย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| is_defaultย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Falseย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| is_vlan_transparentย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| mtuย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 1500ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| nameย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | publicย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| port_security_enabledย ย ย ย  ย ย ย ย ย ย ย ย  | Trueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| project_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 8b20c86cf35943af8a17cb1805ea52d1ย ย ย ย 

| provider:network_typeย ย ย ย  ย ย ย ย ย ย ย  | flatย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| provider:physical_network ย ย ย ย  | extnetย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| provider:segmentation_idย  ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| qos_policy_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| revision_numberย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย  | 1ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| router:externalย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Externalย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย 

| segmentsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| sharedย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Falseย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| statusย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | ACTIVEย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| subnetsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  |ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| tagsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| updated_atย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:05:27Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+—————————+————————————–+

ย 

Define subnet for the public network. It could be an actual public IP network.

$ openstack subnet create –network public –allocation-pool \

ย  start=192.168.200.10,end=192.168.200.200 –no-dhcp \

ย  –subnet-range 192.168.200.0/24 public_subnet

+———————-+————————————–+

| Fieldย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Valueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+———————-+————————————–+

| allocation_poolsย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 192.168.200.10-192.168.200.200ย ย ย ย ย ย 

| cidrย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 192.168.200.0/24ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| created_atย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:07:51Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| descriptionย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_nameserversย ย ย ย  ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_publish_fixed_ipย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| enable_dhcpย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Falseย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| gateway_ipย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 192.168.200.1ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| host_routesย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 7ee4595b-50cf-4074-9fa8-339376c4a71a

| ip_versionย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 4ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| ipv6_address_modeย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| ipv6_ra_modeย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| nameย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | public_subnetย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| network_idย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 81ef07c8-9925-46e4-a1b8-25d860ef32bc

| project_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 8b20c86cf35943af8a17cb1805ea52d1ย ย ย ย 

| revision_numberย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 0ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| segment_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| service_typesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| subnetpool_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| tagsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| updated_atย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 2022-09-06T12:07:51Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+———————-+————————————–+

ย 

Create a router that will connect public and private subnets.

$ openstack router create private_router

+————————-+————————————–+

| Fieldย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Valueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+————————-+————————————–+

| admin_state_upย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | UPย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| availability_zone_hintsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| availability_zonesย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| created_atย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 2022-09-06T12:08:21Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| descriptionย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| external_gateway_infoย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | nullย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| flavor_idย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | dfc365da-ab4e-484a-91bb-c2727627d448

| nameย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | private_routerย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| project_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 8b20c86cf35943af8a17cb1805ea52d1ย ย ย ย 

| revision_numberย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 0ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| routesย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| statusย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | ACTIVEย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| tagsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| updated_atย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 2022-09-06T12:08:21Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+————————-+————————————–+

ย 

Set external gateway as public network on the router.

openstack router set –external-gateway public private_router

ย 

Link private network to the router.

openstack router add subnet private_router private_subnet

ย 

Check to ensure network connectivity is working.

$ openstack router list

+————————————–+—————-+——–+——-+———————————-+

| IDย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Nameย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Statusย  ย  ย  ย  ย  ย  ย  | Stateย  ย  ย  ย  ย  ย  ย  ย  ย  ย 

+————————————–+—————-+——–+——-+———————————-+

|dfc365da-ab4e-484a-91bb-c2727627d448 | private_router | ACTIVE | UPย ย ย  | 8b20c86cf35943af8a17cb1805ea52d1

+————————————–+—————-+——–+——-+———————————-+

$ openstack router show private_router | grep external_gateway_info

| external_gateway_infoย ย  | {“network_id”: “81ef07c8-9925-46e4-a1b8-25d860ef32bc”, “external_fixed_ips”: [{“subnet_id”: “7ee4595b-50cf-4074-9fa8-339376c4a71a”, “ip_address”: “192.168.200.169”}], “enable_snat”: true} |

$ ping -c 2 192.168.200.169

PING 192.168.200.169 (192.168.200.169) 56(84) bytes of data.

64 bytes from 192.168.200.169: icmp_seq=1 ttl=254 time=0.260 ms

64 bytes from 192.168.200.169: icmp_seq=2 ttl=254 time=0.302 ms

— 192.168.200.169 ping statistics —

2 packets transmitted, 2 received, 0% packet loss, time 1004ms

rtt min/avg/max/mdev = 0.260/0.281/0.302/0.021 ms


STEP 7: SPIN A TEST INSTANCE

ย 

Our OpenStack Cloud platform should be ready for use. Weโ€™ll download Cirros cloud image.

mkdir ~/images && cd ~/images

sudo yum -y install curl wget

VERSION=$(curl -s http://download.cirros-cloud.net/version/released)

wget http://download.cirros-cloud.net/$VERSION/cirros-$VERSION-x86_64-disk.img

ย 

Upload Cirros image to Glance store.

openstack image create –disk-format qcow2 \

ย  –container-format bare –public \

ย  –file ./cirros-$VERSION-x86_64-disk.img “Cirros”

ย 

Confirm image uploaded

$ openstack image list

+————————————–+——–+——–+

| IDย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Nameย ย  ย ย ย ย ย ย ย ย ย ย ย ย  | Status

+————————————–+——–+——–+

| 98d260ec-1ccc-46d6-bfb7-f52ca478dd0e ย ย ย ย ย ย ย  | Cirros ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | active

+————————————–+——–+——–+

ย 

Create Security Group for all access.

openstack security group create permit_all –description “Allow all ports”

openstack security group rule create –protocol TCP –dst-port 1:65535 –remote-ip 0.0.0.0/0 permit_all

openstack security group rule create –protocol ICMP –remote-ip 0.0.0.0/0 permit_all

Create another security group for limited access โ€“ standard access ports ICMP, 22, 80, 443

openstack security group create limited_access –description “Allow base ports”

openstack security group rule create –protocol ICMP –remote-ip 0.0.0.0/0 limited_access

openstack security group rule create –protocol TCP –dst-port 22 –remote-ip 0.0.0.0/0 limited_access

openstack security group rule create –protocol TCP –dst-port 80 –remote-ip 0.0.0.0/0 limited_access

openstack security group rule create –protocol TCP –dst-port 443 –remote-ip 0.0.0.0/0 limited_access

ย 

List all security groups:

openstack security group list

Confirming. rules in the security group.

openstack security group show permit_all

openstack security group show limited_access

ย 

Create Private Key

$ ssh-keygen # if you don’t have ssh keys already

Add key to Openstack:

$ openstack keypair create –public-key ~/.ssh/id_rsa.pub admin

+————-+————————————————-+

| Fieldย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Valueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+————-+————————————————-+

| created_atย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| fingerprint ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 63:c9:01:ae:57:89:f8:ff:4b:e9:0e:68:7d:49:be:eb

| idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | adminย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| is_deletedย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย 

| nameย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | adminย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| typeย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | sshย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| user_idย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 720b4dce6c2946c9bc71ae3c3032e256ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+————-+————————————————-+

ย 

Confirm keypair is available on OpenStack:

$ openstack keypair list

+——-+————————————————-+

| Nameย  ย ย ย ย ย ย ย ย ย ย ย ย ย  | Fingerprintย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+——-+————————————————-+

| admin ย ย ย ย ย ย ย ย ย ย ย ย ย  | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f

+——-+————————————————-+

ย 

Listing available networks:

$ openstack network list

+————————————–+———+————————————–+

| IDย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Nameย ย ย  ย ย ย ย ย ย ย ย ย ย ย  | Subnetsย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+————————————–+———+————————————–+

| 6b311b90-3ee3-4ad8-a746-853d3952fabe ย ย ย ย  | private ย ย ย ย ย ย ย ย ย ย ย ย  | b5983809-f905-4419-b995-91ec3e22b401

| 81ef07c8-9925-46e4-a1b8-25d860ef32bc ย ย ย ย ย ย  | publicย  ย  ย  ย  ย  ย  ย  ย | 7ee4595b-50cf-4074-9fa8-339376c4a71a

+————————————–+———+————————————–+

ย 

Check available instance flavors:

$ openstack flavor list

+—-+———–+——-+——+———–+——-+———–+

| ID | Nameย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย  RAM ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Disk ย ย  | Ephemeral ย ย ย ย ย  | VCPUs ย ย ย ย ย ย ย ย ย ย ย ย ย  | Is Public

+—-+———–+——-+——+———–+——-+———–+

| 1ย  | m1.tinyย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย  512 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย  1 ย ย ย ย  | 0ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 1 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Trueย ย ย ย ย 

| 2ย  | m1.smallย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย  2048ย  ย  ย  ย  ย  ย  ย  ย  |ย ย  20ย ย ย ย  | 0ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 1 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Trueย ย ย ย ย 

| 3ย  | m1.medium ย ย ย ย ย ย ย ย ย ย  |ย  4096 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย  40ย ย ย ย  | 0ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 2 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Trueย ย ย ย ย 

| 4ย  | m1.largeย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย  8192 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย  80ย ย ย ย  | 0ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 4 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Trueย ย ย ย ย 

| 5ย  | m1.xlarge ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 16384 ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย  160ย ย ย  | 0ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 8 ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Trueย ย ย ย ย 

+—-+———–+——-+——+———–+——-+———–+

ย 

Letโ€™s create an instance on the private network

openstack server create \

ย  –flavor m1.tiny \

ย  –image “Cirros” \

ย  –network private \

ย  –key-name admin \

ย  –security-group permit_all \

ย  mycirros

ย 

Check if the instance is created successfully.

$ openstack server list

+————————————–+———-+——–+———————-+——–+———+

| IDย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Nameย ย ย ย  ย ย ย ย ย ย ย ย ย ย  | Status ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Networksย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย 

+————————————–+———-+——–+———————-+——–+———+

| a261586f-bfff-46fa-9eb8-6f002e548429ย  ย  ย  ย  ย  ย  ย  | mycirrosย  ย  ย  ย  ย  ย  ย | ACTIVEย  ย  ย  ย  ย  | private=172.20.20.67ย 

+————————————–+———-+——–+———————-+——–+———+

ย 

To associate a floating IP from the public subnet use the guide below:

Assign a Floating IP Address to an Instance in OpenStack

For simplicity weโ€™ll include commands here:

$ openstack floating ip create –project admin –subnet public_subnet public

+———————+————————————–+

| Fieldย ย ย ย ย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Valueย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+———————+————————————–+

| created_atย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:30:29Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| descriptionย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_domainย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| dns_nameย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย |ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| fixed_ip_addressย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| floating_ip_address ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 192.168.200.110ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| floating_network_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 81ef07c8-9925-46e4-a1b8-25d860ef32bc

| idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | 8f7b287c-b3a0-4fa3-b496-1940f3d86466

| nameย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 192.168.200.110ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| port_detailsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| port_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| project_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 8b20c86cf35943af8a17cb1805ea52d1ย ย ย ย 

| qos_policy_idย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| revision_numberย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย | 0ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| router_idย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | Noneย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| statusย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | DOWNย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| subnet_idย ย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 7ee4595b-50cf-4074-9fa8-339376c4a71a

| tagsย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | []ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

| updated_atย ย ย ย ย ย ย ย ย  ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย  | 2022-09-06T12:30:29Zย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 

+———————+————————————–+

$ openstack server add floating ip mycirros 192.168.200.110

$ openstack server list

+————————————–+———-+——–+—————————————+——–+———+

| IDย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  | Nameย  ย  ย  | Statusย  ย  ย  ย | Networksย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย  ย ย 

+————————————–+———-+——–+—————————————+——–+———+

| a261586f-bfff-46fa-9eb8-6f002e548429ย  | mycirrosย  ย  | ACTIVEย  ย  | private=172.20.20.67, 192.168.200.110

+————————————–+———-+——–+—————————————+——–+———+

#Ping Server

$ ping -c 2ย  192.168.200.110

PING 192.168.200.110 (192.168.200.110) 56(84) bytes of data.

64 bytes from 192.168.200.110: icmp_seq=1 ttl=63 time=0.926 ms

64 bytes from 192.168.200.110: icmp_seq=2 ttl=63 time=0.883 ms

— 192.168.200.110 ping statistics —

2 packets transmitted, 2 received, 0% packet loss, time 1065ms

rtt min/avg/max/mdev = 0.883/0.904/0.926/0.036 ms

ย 

Once floating IP is assigned you can ssh to the instance with private key.

$ ssh cirros@192.168.200.110

The authenticity of host ‘192.168.200.110 (192.168.200.110)’ can’t be established.

ECDSA key fingerprint is SHA256:EDeKOm4TYWzqtH/2AJrIY1ss7OsM+KZ6/JHg/1fr2ec.

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

Warning: Permanently added ‘192.168.200.110’ (ECDSA) to the list of known hosts.

$ cat /etc/os-release

NAME=Buildroot

VERSION=2019.02.1-00002-g77a944c-dirty

ID=buildroot

VERSION_ID=2019.02.1

PRETTY_NAME=”Buildroot 2019.02.1″

$ ping computingforgeeks.com -c 2

PING computingforgeeks.com (104.26.5.192): 56 data bytes

64 bytes from 104.26.5.192: seq=0 ttl=56 time=22.220 ms

64 bytes from 104.26.5.192: seq=1 ttl=56 time=22.190 ms

— computingforgeeks.com ping statistics —

2 packets transmitted, 2 packets received, 0% packet loss

round-trip min/avg/max = 22.190/22.205/22.220 ms

Source: https://computingforgeeks.com/install-openstack-on-rocky-almalinux/

Pubblicato il

Windows orario indietro di un’ora dopo aver lanciato linux

Il motivo รจ che le Ubuntu e derivate impostano il RTC in UTC.

Per risolvere basta digitare:

timedatectl set-local-rtc 1 --adjust-system-clock

se lanciate timedatectl vedrete un messaggio di warning e il modo di ritornare alle impostazioni originali:

           Local time: dom 2023-02-19 10:14:02 CET
       Universal time: dom 2023-02-19 09:14:02 UTC
             RTC time: dom 2023-02-19 09:14:02
            Time zone: Europe/Rome (CET, +0100)

System clock synchronized: yes
NTP service: active
RTC in local TZ: yes

Warning: The system is configured to read the RTC time in the local time zone.
This mode cannot be fully supported. It will create various problems
with time zone changes and daylight saving time adjustments. The RTC
time is never updated, it relies on external facilities to maintain it.
If at all possible, use RTC in UTC by calling
‘timedatectl set-local-rtc 0’.

Pubblicato il

QNAP – “Caricamento in corso” per sempre…

Diciamo innanzitutto che se non hai abilitato SSH questo metodo non si puo’ attuare. Se invece lo avessi abilitato come admin ti fa entrare e a questo punto basta dare questi comandi:

/etc/init.d/thttpd.sh stop

mv /etc/config/.qos_config /etc/config/.qos_config.old

/etc/init.d/thttpd.sh start

Eventualmente dai diverse volte lo stop.. a volte non sempre riesce a fermare il processo alla prima.. ho notato che se lo fai come dice qnap ovvero con il processo attivo a volte non riesce a fare il ‘mv’…

Pubblicato il

Qnap – Snapshots

E’ una caratteristica che ormai รจ stata resa disponibile su tutti i modelli di NAS Qnap. Effettivamente, visto il proliferare di virus che crittografano i dati rendendoli di fatto irrecuperabili se non dietro compenso economico, tra l’altro, solitamente in bitcoin, l’uso delle snapshot รจ diventato comune. Il termine snapshot รจ autoespicativo, ma alcune caratteristiche magari non sono cosรฌ evidenti. In buona sostanza uno snapshot รจ una fotografia di un DataVol (cosรฌ vengono chiamati i volumi nei NAS Qnap) oppure di una cartella (Snapshots folder) – di questa particolare caratteristica ne parlo piรน avanti che ‘congela’ di fatto i dati in quel momento. Questa fotografia รจ realmente immutabile, non รจ possibile modificarla in quanto รจ un DataVol montato in sola lettura. Mi spiego con un esempio, anche se potrebbe essere ostico per chi non ha conoscenze del sistema operativo linux (eh giร  anche Qnap ha customizzato un linux come tanti altri…)

Qui sotto vedi i mountpoint della mai Qnap: puoi notare che Datavol1 (cachedev1) e DataVol2(cachedev2) sono montati in ‘read/write’  mentre le 7 snapshots (che qui le vedi come vg1-snap1000(0-7) sono montate in ‘read-only’ e come sai non c’รจ proprio il modo di scrivere su un volume montato in ‘read-only’ a meno di non smontarlo e rimontarlo in ‘read/write’.


Altra caratteristica interessante รจ lo spazio usato dalle snapshots. Qui vedi la mia Qnap che ha un pool di archiviazione di 5.44 TB e due DataVol: uno di sistema, dove vengono immagazinate le applicazioni e altri dati caratteristici del sistema operativo di Qnap e alcune cartelle per me importanti e dopo un secondo DataVol dove immagazzino dati che posso anche permettermi di perdere. Come puoi vedere sul DataVol1 ci sono 7 snapshot mentre sul DataVol2 non ho snapshot. Se leggi nel riquadro a destra noterai che, malgrado ho 7 snapshot sul DataVol1 e che il DataVol1 รจ pieno quasi all’80%, le 7 snapshots ‘pesano’ solamente 150GB. Le snapshot contengono solo i dati modificati oppure cancellati: sino a che tu scrivi nuovi dati sul tuo volume questi non vengono salvati sulle snapshot e il motivo รจ che… sono giร  sul tuo volume e non c’รจ bisogno di scriverle sullo snapshot. 


Oltre a questo puoi configurare, nel momento che crei una share (cartella condivisa), configurarla come una ‘Snapshot folder’, anche se onestamente non vedo questa grande ultitร , questa caratteristica potrebbe essere fruibile se hai in mente che spesso farai dei restore di snapshot. Con questo modo dovrebbero essere piรน veloci. In realtร  il modo di funzionamento รจ che quando crei una Snapshot Folder il sistema crea un Datavol dedicato a questo folder in ‘thin mode’ in modo da ottimizzare lo spazio che sottrae al Pool principale. Onestamente, mi ripeto, se sei abituato a creare DataVol in ‘thin mode’ non vedo questa grande utilitร . Forse Qnap voleva fare qualcosa per il suo sistema operativo QTS somigliante al QuTS Hero basato su ZFS? Anche sui forum si leggono perplessitร  per questa caratteristica.

Pubblicato il

QNAP TES-1886u – Come passare a QTS da QES

Per passare a QTS bisogna spegnere la macchina, rimuovere tutti i dischi e riaccenderla. La macchina al riavvio avra’ lo stesso IP che aveva in precedenza. Da li c’e’ un pulsantino per passare in QTS. Ovviamente tutti i dati sui dischi verrrano persi.

Pubblicato il

Linux Chrony – Problema ora non corretta

A volte รจ meglio modificare la configurazione di default puntando i domain controller del dominio, specialmente se si rilevano delle differenze tra l’ora di linux e l’ora del dominio. Questo si evidenzia controllando CHRONY con questo comando:

[root@pinolalavatrice ~]# chronyc tracking
Reference ID : 00000000 ()
Stratum : 0
Ref time (UTC) : Thu Jan 01 00:00:00 1970
System time : 0.000000000 seconds slow of NTP time
Last offset : +0.000000000 seconds
RMS offset : 0.000000000 seconds
Frequency : 19.406 ppm slow
Residual freq : +0.000 ppm
Skew : 0.000 ppm
Root delay : 1.000000000 seconds
Root dispersion : 1.000000000 seconds
Update interval : 0.0 seconds
Leap status : Not synchronised

Si possono modificare i server di riferimento editando il file /etc/chronyd.conf e modificare il parametro server.. i miei domain controller sono 192.168.12.31/32 e metti il rem sui vecchi server:

Ora se fai ripartire CHRONYD con il comando ‘service chronyd restart’ e ripeti il comando precedente dovresti vedere un output come questo:

[root@pinolalavatrice ~]# chronyc tracking
Reference ID : C0A80C1F (192.168.12.31)
Stratum : 4
Ref time (UTC) : Thu Dec 01 09:27:23 2022
System time : 0.000006584 seconds fast of NTP time
Last offset : +0.000018689 seconds
RMS offset : 0.000018689 seconds
Frequency : 19.406 ppm slow
Residual freq : +7.332 ppm
Skew : 0.035 ppm
Root delay : 0.011093942 seconds
Root dispersion : 0.026704570 seconds
Update interval : 2.0 seconds
Leap status : Normal

Fonte: https://www.thegeekdiary.com/centos-rhel-7-configuring-ntp-using-chrony/