OpenStack Packstack – How to configure an External Facing Bridged Interface

openstack

Specifically these directions are applicable to my experience with the OpenStack Packstack Installer, specifically when installing RHEL OpenStack 6 on RHEL 7. Plus, to get more specific (if that’s even possible — why yes it is), you will only need to follow the following steps on your Controller Node.

Note that I am installing OpenStack on two VMs in my HomeLab for testing purposes. Once machine will serve as a ‘All-In-One”  Controller/Compute/Network/Storage node and the other machine will serve as a Compute Node.

Basically what I am doing here is configuring networking in such a way to allow inbound access from my “public
lab network. Without this I would not be able to SSH to the Floating IP addresses that are assigned to my instances.

Note that my public interface is ens192 and has an ip address of 10.1.3.10. Here I copy ifcfg-ens192 to ifcfg-br-ex., which will be my external bridge. Note: br-ex is short for bridge external, however br-int is not short for bridge internal, rather it is short for integration bridge….not that we are talking about br-int, but I figured it was worth a mention.

# cp ifcfg-ens192 ifcfg-br-ex

I then modify the file as shown below. The device br-ex will effectively take the reins on hosting our external facing ip address. By moving ens192 to br-ex we are allowing Openvswitch to ‘hang’ additional ip addresses on this interface. “DEVICETYPE=ovs” tells the networking service that this device uses Openvswitch. “TYPE=OVSBridge” lets the networking service that this device will act as a bridge

DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR=10.1.3.10
NETMASK=255.255.255.0
GATEWAY=10.1.3.1
ONBOOT=yes

We also need to create a new ifcfg-ens192 file. Follow the template below. “TYPE=OVSPort” tells your networking service that this device is a port on an OVS bridge, while “OVS_BRIDGE” tells networking the name of the bridge where we need to attach.

DEVICE=ens192
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex

Now you should be able to restart networking. Make sure that you have console access before you attempt the restart, just in case you fat-fingered something.

If you are unable to ping your floating ip addresses from the public network, you have screwed something up.

Advertisements

Install and Configure SNMP on the Asus RT-AC66U Router

ASUS_RT-AC66U_newsOk first off let me start by saying that this is probably the coolest piece of home computing hardware that I have ever laid my hands on. Yes the setup was easy, and yes the thing is rock solid, and yes wireless range is awesome. But for approx $200 USD you really should not expect anything less.  I’m not going to go into its specs or features, as I’ll leave that to the professionals. Read up on it here.

Anyway out of the box it supported telnet, but I wanted ssh, so I dropped the default firmware and went with Asuswrt-Merlin. It was at this point I started to explore the Busybox OS and decided I wanted to monitor the device via my HomeLab Zenoss install.

However, much to my chagrin net-snmp was not installed out of the box.

So how do you install it you ask? Would you believe via a package manager?

First, you need to find the package name

#ipkg list | grep snmp

Then install the snmp package

#ipkg install net-snmp

Then configure it to start at boot time.

#app_set_enabled.sh net-snmp yes

In order to configure it, you are going to have to search for the snmp.conf

#find / -name snmpd.conf

I found two files and one of them clearly states that you should not edit it directly. The other one does not so this is the one that I modified to include my custom rocommunity. See below.

rocommunity  lab

Now I just need to figure out how to allow port 161 udp/tcp on my local LAN segment and I am in business. However, I will probably tackle that tomorrow.

 

Additional Info (2016)

Note, you can restart snmp as shown below.

Stopping:

admin@RT-AC66U:/tmp/home/root# app_stop.sh net-snmp
killall: dm2_transmission-daemon: no process killed
killall: asus_lighttpd: no process killed
killall: dm2_snarfmaster: no process killed
killall: dm2_nzbget: no process killed
killall: dm2_amuled: no process killed
iptables: No chain/target/match by that name
iptables: Bad rule (does a matching rule exist in that chain?)

Starting:

admin@RT-AC66U:/tmp/home/root# app_set_enabled.sh net-snmp yes
The field(Enabled) was set “yes” already.
Restarting the package…

 

2016 Update – Configuring SNMP via the WebUI

Figured that I would add an update to this post as it seems that there are plenty of folks who are looking to setup SNMP on their Asus routers. Note that SNMP can now be configured directly from the WebUI.

In the left pane, click on “Advanced Setting”. Then click on the “SNMP” tab. See example below. Note that the webui does not seem to pick up your configuration if you have configured it via the cli. I have not tested to see if the WebUI overwrites the CLI configuration or if it creates another configuration file.

asus-4.png

Additional Resources

Fatmin: How to Add a Static Route on the Asus RT-AC66U

Fatmin: Install and Configure SNMP on the Asus RT-AC66U