The 7 Things I Know About Cyber Security After 25 Years | April 2024
Triangle OpenStack meetup 09 2013
1. DEPLOYING RDO ON
RED HAT ENTERPRISE LINUX
Please login and start the 2 RDO VMs
User/Password: RDO/openstack
Applications -> System Tools -> Virt Manager
2. DEPLOYING RDO ON
RED HAT ENTERPRISE LINUX
Dan Radez
Sr. Software Engineer, Red Hat
dradez@redhat.com
irc: radez
3. What is OpenStack?
● Cloud/Virtualization Platform
● Designed for standard hardware
● OpenSource
18. Dashboard: Web Interface
● web-based interface for managing OpenStack services
● modular design for interfacing with other projects
● includes interface for all core components
24. Keystone: Identity Management
● centralized identity service
● central catalog of services
Multiple forms of authentication
● User name and password
● Token-based systems
● Amazon Web Services style logins
32. Glance: Image Management
● registry for virtual machine images
● images used as templates for new servers
Add an image
[root@control ~]# glance image-create --name cirros
--is-public 1 --disk-format qcow2 --container-format bare
--file /mnt/cirros-0.3.0-x86_64-disk.img
id: d3d1f38e-3f2c-4f45-91e1-cb4535f62d10
[root@control ~]# glance image-list
33. Glance: Image Management
Image Building
● Oz
● appliance-creator
● Native glance builder in the works
● Manually (launch installer, import before first boot)
Build Notes:
● Include cloudinit for post boot configuration
36. Quantum: Networking
● networking as a service
● built in modular architecture
Features
● Single or Multiple host deployment
● virtual network, subnet, and port abstractions
● Plugin architecture supports many network technologies
38. Nova: Instance Management
● manages virtual machines on nodes
● provides virtual servers on demand
Design Features
● Designed to scale horizontally
● Designed for standard hardware
39. Nova: Instance Management
Boot an instance
[root@control ~]# nova flavor-list
[root@control ~]# nova keypair-add --pub-key .ssh/id_rsa.pub mykey
[root@control ~]# nova keypair-list
mykey | 84:6e:28:d3:75:17:ab:25:4d:f3:0d:61:93:55:ee:e2
[root@control ~]# nova image-list
[root@control ~]# nova boot --flavor 1 --key_name mykey
--image cirros my_instance
[root@control ~]# nova list
40. Nova: Instance Management
Communicate with the instance
[root@control ~]# ping 192.168.122.3
PING 192.168.122.3 (192.168.122.3) 56(84) bytes of data.
64 bytes from 192.168.122.3: icmp_seq=2 ttl=63 time=0.668 ms
[root@control ~]# ssh cirros@192.168.122.3
The authenticity of host '192.168.122.3 (192.168.122.3)' can't be
established.
RSA key fingerprint is 38:49:f2:67:80:11:31:84:1f:b1:79:df:5f:e4:e5:f7.
Are you sure you want to continue connecting (yes/no)? Yes
Warning: Permanently added '192.168.122.3' (RSA) to the list of known
hosts.
$
43. Cinder: Block Storage
● manages persistent block storage volumes
● snapshots can be taken
Create and attach a volume
[root@control ~]# cinder create 1
id: 4d6cbb1f-5873-4357-99c7-8ae0502e6de5
[root@control ~]# nova volume-attach my_instance
4d6cbb1f-5873-4357-99c7-8ae0502e6de5 auto
44. Cinder: Block Storage
Mount a volume
[root@control ~]# ssh -i .ssh/id_rsa root@192.168.122.3
my_instance$ sudo -i
my_instance# mkfs.ext4 /dev/vdb
my_instance# mkdir -p /mnt/volume
my_instance# mount /dev/vdb /mnt/volume
my_instance# touch /mnt/volume/test.txt
my_instance# umount /mnt/volume
[root@control ~]# nova volume-detach my_instance
4d6cbb1f-5873-4357-99c7-8ae0502e6de5
48. Swift: Object Storage
● allows users to store and retrieve files
● distributed architecture to allow for horizontal scaling
● provides redundancy as failure-proofing
● data replication is managed by software
49. Swift: Object Storage
Upload an object
[root@control ~]# swift stat
[root@control ~]# swift list
[root@control ~]# swift upload test packstack-answers.txt
[root@control ~]# swift list
[root@control ~]# swift list test
[root@control ~]# swift upload test /etc/motd
[root@control ~]# swift list test
Name, title, role 5 years, Raleigh HQ. - Mysterious - complex - make simple lecture/exercise questions any time Lots content take notes
Name, title, role 5 years, Raleigh HQ. - Mysterious - complex - make simple lecture/exercise questions any time Lots content take notes
- attend earlier? - know - used, using
PackStack is suitable for deploying both single node proof of concept installations and more complex multi-node installations
Existing admin and member roles
Important: The image must be sealed Static Ips MAC references Hostname SSH host keys SSL Certificates Kerb Keytabs RHN System ID One method: firstboot + reconfigSys
built in a modular architecture to allow advanced network services (open and closed source) plug into Openstack tenant networks.
built in a modular architecture to allow advanced network services (open and closed source) plug into Openstack tenant networks.
data replication is managed by software, allowing greater scalability and redundancy than dedicated hardware.
data replication is managed by software, allowing greater scalability and redundancy than dedicated hardware.
Action/Remember: Now you have installed and configured OpenStack. Use these directions to do it again.