Develop Reference

what changes packstack answer file need when we move from ovs to ovs-dpdk

I am not able to find anything related to packstack answer file. Lets says in normal ovs , eno2 and eno3 were mapped to physnet1 but now I am using above ports with below conf:
ovs-vsctl add-br br0 -- set bridge br0 datapath_type=netdev
ovs-vsctl add-port br0 eno2 -- set Interface eno2 type=dpdk options:dpdk-devargs=0000:02:00.1
ovs-vsctl add-port br0 eno3 -- set Interface eno3 type=dpdk options:dpdk-devargs=0000:02:00.2
How to do I proceed ahead with answer file ?
Can I keep it same and same way configure network on physnet1 ?
BTW, I have installed and enabled ovs-dpdk on compute m/c but havent done any change in controller, do I need any change there also ?
My controller node is showing compute node status as down after compute node upgrade/conf to ovs-dpdk. Though it is able to ping it. I restarted rabbitmq-server also but that didn't help.
If no change in controller, then How Can I associate above created bridge to Vm instance as those cmd ie openstack server add port needs to be executed in controller. Looks like I am missing on reading fully on ovs-dpdk usage.

Openstack - Add multiple IPs to one port

Currently I have setup an instance with one interface and a vip with keepalived. Communication to the primary interface is working but not to the vip. I have tried adding an additional port with the ip address but with no luck. Below is what I have tried and the error. (192.168.1.50 - is the vip)
openstack port create --network l_network --fixed-ip subnet=10990c09-5893-4r68-ecre-307ed7740ey6,ip-address=192.168.1.50 --mac-address=fb:17:3d:a6:08:37 port1
Unable to complete operation for network
f6601b8f-dhb2-4567-t399-124fb5hd8895. The mac address
fb:17:3d:a6:08:37 is in use.

I managed to get it working by creating an additional port and then linking it to the Openstack Instance
Create the port for VIP
neutron port-create --fixed-ip subnet_id=<subnet_id>,ip_address=192.168.1.50 --no-security-groups --name "vip" <id_of_net>
to find id of subnet and network id:
neutron net-list
link the port to the instances:
neutron port-update <port_id_of_current_instance> --allowed-address-pairs type=dict list=true ip_address=192.168.1.50
to find the port_ids:
neutron port-list

Hotspot using hostapd and wpa_supplicant

I need to create a hotspot setup using hostapd for EAP-SIM,EAP-AKA and EAP-AKA' and test it with wpa_supplicant.
Currently I am able to use hostapd for WPA-PSK authentication, hostapd2.4 is used for this setup.I have modified the hostapd.conf for supporting hotspot but when I try to connect , the network will be always in scanning state and won't connect. The necessary parameters for HS20 in wpa_supplicant is also enabled.
The following are the supplicant parameters,
build configuration:
CONFIG_INTERWORKING=y
CONFIG_HS20=y
wpa_supplicant configuration:
Enable Interworking
interworking=1
Enable Hotspot 2.0
hs20=1
auto_interworking=1
Also have specified a credentials block which takes necessary parameters for authentication with hostapd.
Using wpa_supplicantv2.5.I also have a dhcp server running for assigning IP address and also a milenage db running for EAP-SIM,EAP-AKA and EAP-AKA' authentication.
Can anyone suggest what are the necessary basic setup for enabling hotspot in hostapd?

Step 1 :
iw list Check AP is listed
Step 2 :
sudo vim hostapd.conf
-------------------------- interface=wlan0 driver=nl80211 ssid=ath9k_SSID #SSID hw_mode=g channel=1 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wpa=3 wpa_passphrase=12345678
#password wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP CCMP rsn_pairwise=CCMP
#comment last 4 lines for Open
Step 3 :
sudo vim /etc/dhcp/dhcpd.conf
-------------------------- default-lease-time 600; max-lease-time 7200; subnet 192.168.1.0 netmask 255.255.255.0 { range
192.168.1.170 192.168.1.200; option routers 192.168.1.254; option domain-name-servers 192.168.1.1, 192.168.1.2; option domain-name "mydomain.example"; }
Step 4 :
sudo vim /etc/network/interfaces
-------------------------- auto wlan0 iface wlan0 inet static address 192.168.1.250 netmask 255.255.255.0
Step 5 :
sudo /etc/init.d/isc-dhcp-server stop sudo service network-manager stop sudo killall wpa_supplicant ps -N | grep -i hostapd # make sure there are no hostapd/wpa_supplicant processes are running
Step 6 :
Remove ethernet cable sudo ifconfig wlan0 192.168.1.169 netmask
255.255.255.0 sudo /etc/init.d/isc-dhcp-server restart => to set IP for STA sudo ./hostapd ./hostapd.conf -dddt Step 7: Connect from another device. Should be able to see the IP assigned.

Routing in OpenStack

I want to configure routing and NAT via Neutron in OpenStack, How do I get started with it?
I have created a network with two internal networks (and instances on them as well). Now I want to know the commands for configuring routing protocols and NAT. I checked OpenStack documentation but could not find anything handy.
Can someone please help me or give me an idea on how to get started with it?

Well, this will a long answer to your question. For start, I assume you understand what is external / internal network with respect to Openstack Neutron and have a working setup ( having br-ex / external bridge as well )
So first part for SNATing
First thing for simplicity, follow these steps in admin tenant / admin user using Dashboard
1- Create one internal network
2- Create a router
3- Add a VM / instance to internal network
4- Add subnet gateway interface on router
5- Now as an Admin, create external network.
External network can be created by administrator only.
6- Now add this external network as the router gateway interface
So now you have one VM in an internal network. Subnet gateway interface on router and router gateway interface from external network
Thats it from openstack point of view
Here is he list of commands to do the same from CLI
$ source keystone_admin
Here keystone_admin is my RC file
Run the following commands to enable ping and ssh on VM as well from external network directly without keypair
$ nova --no-cache secgroup-add-rule default icmp -1 -1 0.0.0.0/0
$ nova --no-cache secgroup-add-rule default tcp 22 22 0.0.0.0/0
$ neutron net-create external_network --shared --router:external=True
$ neutron subnet-create external_network --name external_subnet --allocation-pool start=192.168.122.2,end=192.168.122.20 --disable-dhcp --gateway 192.168.122.1 192.168.122.0/24
$ neutron net-create internal_network
$ neutron subnet-create internal_network --name internal_subnet --allocation-pool start=10.10.1.2,end=10.10.1.20 --disable-dhcp --gateway 10.10.1.1 10.10.1.0/24
$ neutron net-list
$ neutron subnet-list
$ neutron router-create router
$ neutron router-interface-add router internal_subnet
$ neutron router-list
$ neutron router-interface-add router internal_subnet
$ neutron router-gateway-set router external_network
Launch a VM from the Horizon ( its a long command from CLI )
Here I have assumed that the external network is 192.168.122.0/24 and internal network is 10.10.1.0/24
So now you have a ready setup from Openstack Point of view for SNAT. Now we need to add a physical interface (ethx) to the BR-EX to test it.
So all you need to do is add the physical interface on the bridge and modify the "ifcfg" files
The following are the steps for RHEL 6.5- ( For others you'll have to look up on the net- search for something like add a physical interface to an OVS Bridge in Ubuntu, etc.. )
$ cd /etc/sysconfig/network-scripts/
in this directory create these two file if not already present else modify the existing-
$ vi ifcfg-br-ex
DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR= e.g. 192.168.122.153
NETMASK= e.g. 255.255.255.0 for our case- 192.168.122.0/24 for external network
GATEWAY= e.g. 192.168.122.1
ONBOOT=yes
$ vi ifcfg-ethx
DEVICE=ethx
TYPE=OVSPort
DEVICETYPE=ovs
ONBOOT=no
NM_CONTROLLED=yes
BOOTPROTO=static
OVS_BRIDGE=br-ex
now run
$ service network restart
Just to be sure that the setup is up and running
$ ifup br-ex
$ ifup eth2
Also on doing
$ ovs-ofctl show br-ex
it should display "ethx" in the output
So now you have a working SNAT setup. you can try the following in the VM / instance from the console in Dashboard-
$ ping 8.8.8.8
Now for DNAT-
run the following commands
$ neutron floatingip-create external_network
This creates a floating IP and displays the "id" ( floatingip_id )
$ neutron port-list
From this list, fetch the "id" of the VM ( port_id_of_instance )
$ neutron floatingip-associate
And BAM now you have DNAT ready.
To test the DNAT, try doing something like
$ ping
from the external network machine
I have tried to keep it direct but ofcourse this demands some sort of understanding of Openstack Neutron and Linux!! :p :)
You can refer to- https://openstack.redhat.com/Networking_in_too_much_detail

enabled services in devstack

I installed devstack and it seems working fine.
But when focusing on the dashboard precisely in the project tab I don't have neither the "Manage Network" Section nor the "Object Store" Section.
I noticed this after comparing with the trystack sandbox.
Is that normal?

The list of enabled services in devstack is configured using the localrc file. The neutron network service and the Swift storage service are off by default.
The following modifications should enable both:
disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-dhcp
enable_service q-l3
enable_service q-meta
enable_service neutron
enable_service swift

Devstack docs say put the following in local.conf:
enable_service s-proxy s-object s-container s-account

The list of enabled services in devstack is configured in local.conf file.
When you need to enable object storage (swift) with Devstack, you need to put below lines into your local.conf file:
# Enable swift services
enable_service s-proxy
enable_service s-object
enable_service s-container
enable_service s-account
# Enable tempurls and set credentials
SWIFT_HASH=your_hash ("abc123" for example :D)
SWIFT_TEMPURL_KEY=your_key ("abc123" for example :D)
SWIFT_ENABLE_TEMPURLS=True