Join for this interactive lab session: Platform9 will host the next 0-60 with OpenStack: A Hands-On Lab on Nov 12th and 14th.

This hands-on lab is designed for VMware administrators who are considering KVM / OpenStack as an alternative hypervisor, but are either new to OpenStack or are concerned about the complexity of operating OpenStack. Engineers from Platform9 and iShift - many of whom worked at VMware or have extensive experience using VMware - will be running these labs. Our goal is to have 1 engineer for ~3 participants, to ensure we can provide a high level of interactivity and guidance during the sessions.

Platform9 will provide the hardware for the lab. However, please ensure that your networks allow outbound SSH connectivity.

There is no cost to participate in the lab.

Session prerequisites:

• One or more VMware administrators who are looking to get hands-on experience with KVM and OpenStack
• Must be able to participate in both lab sessions—2.5 hours each day over 2 days.

Day 1 Schedule - Tuesday, 12 November, 2024 at 9 AM PT (2.5 hours)

• 30 mins: Configuring physical server OS, networking
• 30 mins: Deploying OpenStack control plane via Platform9, bringing servers under management
• 30 mins: Configuring server roles and networking in OpenStack
• 30 mins: Deploying your first VM on KVM
• 30 mins: Migration considerations/demo (iShift)

Day 2 Schedule - Thursday, 14 November, 2024 at 9 AM PT (2.5 hours)

• 30 mins: VM live migration, HA, and workload rebalancing
• 30 mins: Configuring block storage, storage classes, and backup options
• 30 mins: Enabling self-service and multi-tenancy (VDC equivalent)
• 30 mins: Deploying Kubernetes
• 30 mins: SDN advanced features and capabilities

Hi folks

I was wondering about the best openstack design

For controllers 3 is the best option as mentioned on the docs

But for compute and storage is it better to separate or combine

Also what about the minimum specs i need for every node type

Hi folks i have 8 physical nodes Can we talk about the best openstack design and why

What are the current stable builds for both openstack and kolla-ansible that we would put into gloabals.yml?

I have tried stable/2024.1 but I am getting unreliable results and it seems to hang at weird spots. Sometimes its at creating nova users, sometimes at 'waiting for nova-compute to register'.

Hi all, I have some virtual machines in an all-in-one Proxmox box, how do I migrate them to Openstack?Thanks in advance!

Hi Folks !

Could you please help me to connect glance backend as cinder in kolla-ansible ? Currently i have integrated cinder with my netapp storage and glance backend is file. i want to store the glance image to cinder.

I dont have the ceph too.

Noob qn.

```

$ openstack server show 519285c1-XXXXX -c properties -f value

{'hostname': 'server8c1.xxxzdn.com', 'admin_pass': 'XXXXXX', 'sshKeys': '', 'backups': 'disabled', 'access_key': 'XXXXX'}

```

Currently, I use "awk" on above output to grab hostname value ( 'server8c1.xxxzdn.com' )

Is there any direct options for 'openstack server show' command - to output only hostname ( 'server8c1.xxxzdn.com' ) ?

Hi everyone,

I’m running OpenStack 2023.2 installed with Kolla-Ansible and I am encountering a strange issue with VNC keyboard input on one of my custom Rocky Linux instances.

Issue:

When I create an instance, the libvirt XML for the input devices looks fine without a USB keyboard:

<input type='tablet' bus='usb'>
    <address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>

However, after I stop and start the instance, the libvirt XML changes, adding a USB keyboard:

<input type='tablet' bus='usb'>
    <address type='usb' bus='0' port='1'/>
</input>
<input type='keyboard' bus='usb'>
    <address type='usb' bus='0' port='2'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>

With both USB and PS/2 keyboards in the XML, the keyboard stops working in the VNC console.

I tested using SPICE, and it works fine without issues, even after a stop/start, and no USB keyboard is added.

Findings:

I noticed that after a stop/start, libvirt recreates the instance’s XML, adding the USB keyboard. I suspect this causes the VNC keyboard issue.

My Questions:

1. How can I prevent libvirt from adding the USB keyboard after stop/start?
2. I found that adding pointer_model = ps2mouse to nova.conf (under the [DEFAULT] section) solves the VNC keyboard issue for Linux instances, but it introduces lag/less fluidity for Windows instances. Any idea how to use PS/2 for Linux without breaking Windows performance?
3. I also tried updating the image metadata via CLI (hw_pointer_model=ps2), but the instance creation failed. The Horizon dashboard only provides usbtablet as an option for hw_pointer_model. Is this a bug? Do I need to enable another parameter to allow ps2?
4. Any Metadata change on instance or flavor for PS/2 I’ve tried does not work. I did not find any documentation to allow it. Is there something I’m missing to enable PS/2 for my instances?

Any help would be greatly appreciated! Thanks a lot.

Hi folks

I wanna build some services on openstack that are not available yet so i need a guide on how i can link it to the openstack ecosystem

https://preview.redd.it/lvsr9qznojwd1.png?width=762&format=png&auto=webp&s=9cd9fd4cfac594ece2d7efb2917bfb6df421a659

Hello everybody, I managed to deploy an openstack on another openstack by using two vms, one controller and one compute. Now i can instantiate vms on top of the compute but I cannot reach them.
The problem is that the "physical" network in the openstack vm environment is 10.0.1.0/24, so the same as the virtual network managed by openvswitch on which the vm controller and compute controller reside on the real openstack. I used as the neutron_external_interface the hyper_ext. Do you have any ideas on how to deal with it? I know that is a strange question and strange deploy but i wanted to try if it was possible.

I have a simple OpenStack setup 4 nodes (controller, 2 compute, 1 storage) implemented via Kolla-Ansible. When creating a container with zun I get an error on volume creation. mkfs reports the volume is already in use by the system. I've tested with 3 different container images by creating the container instance without the volume (succeeds) and with the volume (fails). I know that cinder is working correctly as I can create Volumes and attach them to VMs with no issues.

I can trace to error to zun/common/mount.py

Anyone seen this before? Where would you start troubleshooting?

Does anybody use it ?

How to configure default backend per project using CLI ?

By API its

POST /v1/secret-stores/{secret_store_id}/preferred

https://docs.openstack.org/barbican/latest/api/reference/store_backends.html

Hello, im a beginner at openstack currently learn it. So i got task i needed to install openstack helm on 2 nodes. How do i do that, i visited docs and cant understand can someone help me :)).

Recently I have installed devstack in my server and created a vm instance. I have added ssh security group and I have also managed to connect public network to private (net1 - default) through router. Then I have added private network to the vm instance while creating. Through generated key pair, when I tried to ssh from outside through internet, I got connection timed out error. Could someone please help me .

I've got two virtual object storage nodes, each with 3x2TB virtual disks, acting as a basic object storage platform. If I want to grow my object storage capacity, how would I go about doing that? I could obviously just expand each virtual disks at the hypervisor level, but what then? Is there anything I need to do to notify Swift that each disk now has more space available? Thanks!

Hello Community ,

Im Currently deploying Openstack Caracal (2024.1) using Openstack-Ansible and i have a question , What is Bond0.40 used for ??

UPDATED: Resolved with the help of user u/Simple_Connection_41**. This thread has more detail:** https://www.reddit.com/r/openstack/comments/1ba46lz/how_to_actually_use_the_swift_s3_api/

Basically I updated ansible/roles/swift/templates/proxy-server.conf.j2 on my deployment node to add a /v3 to this block:

auth_uri = {{ keystone_internal_url }}

and added:

insecure = True

as well. Looks like the /v3 is already added on newer versions of Kolla Ansible, I'm using 2023.1.

I've got Swift installed and can create containers, etc. in the UI. I deployed using Kolla Ansible and enabled the S3 API, but can't seem to connect to it no matter what I do.

I use

openstack ec2 credentials create

and generate an access key/secret key, then use s3cmd to try and query the bucket list, but I always get vague error messages, including:

"The request signature we calculated does not match the signature you provided. Check your key and signing method."

"WARNING: Retrying failed request: /?delimiter=%2F (Remote end closed connection without response)"

"ERROR: Test failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1007)"

And so on. Anyone actually get this to work? Thanks!

Hello everybody!

I've been struggling this past weeks trying to get OpenStack to work. All the playbooks run successfully, and everything seems to work, but when I try to create an image from the utility container I get this error:

Image creation failed: SSL exception connecting to https://172.29.236.21:9292/v2/images/44661cb3-664e-417c-82eb-a557c080d661/file: HTTPSConnectionPool(host='172.29.236.21', port=9292): Max retries exceeded with url: /v2/images/44661cb3-664e-417c-82eb-a557c080d661/file (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:2426)')))

This is what I've changed in my user_variables:

openstack_service_publicuri_proto: https
openstack_service_adminuri_proto: https
openstack_service_internaluri_proto: https
openstack_service_accept_both_protocols: True

I'm using an internal IPv4 for both external and internal vips, as I don't plan to allow access without a VPN, but I would like to still have https enabled.

What am I missing? Maybe it's just not posible to use https with an IPv4 even tough horizon does work?

I've also tried enabling https for backends, but I keep getting https errors with the repo_server, so I just gave up.

Any advice is appreciated! Thank you!

Hi everyone,

I'm running OpenStack 2023.2 and frequently use the VNC console to access instances. However, I've noticed that the VNC console disconnects quickly after a period of inactivity.

Does anyone know how to prevent this disconnection from happening? Are there any settings I can adjust in OpenStack to keep the VNC console active?

Thanks in advance for your help!

I am looking for someone to help deploying openstack haproxy active active for a data Center. Anyone interested in taking this project?

Hi folks I have 6 nodes 1 controller 2 compute 3 storage And i created 5 vlans and all ports are tagged inside them So i have total 6 networks The network i have the local one and 5 other networks i wanna configure them for openstack and ceph and i need your help and i wish someone help me to do that with Ansible

As a service provider, we have been using VMware Cloud Director to host our customers for years. Like many, we are considering alternatives since Broadcom's price hike. Is there any reason not to use OpenStack as a replacement?

Hey everyone, I am working on setting up Openstack's octavia on an existing cluster that I had setup using kolla-ansible as per procedures mentioned on https://docs.openstack.org/kolla-ansible/2024.1/reference/networking/octavia.html

Installation was smooth and I can see all the docker containers for Octavia are up and healthy.

ee1c599ecc8a                 "dumb-init --single-…"   6 days ago   Up 6 days (healthy)             octavia_worker
b62dd603cf59           "dumb-init --single-…"   6 days ago   Up 6 days (healthy)             octavia_housekeeping
372f0b1f6467         "dumb-init --single-…"   6 days ago   Up 6 days (healthy)             octavia_health_manager
2cb27fc51609                    "dumb-init --single-…"   6 days ago   Up 6 days (healthy)             octavia_apiquay.io/openstack.kolla/octavia-worker:2024.1-ubuntu-jammyquay.io/openstack.kolla/octavia-housekeeping:2024.1-ubuntu-jammyquay.io/openstack.kolla/octavia-health-manager:2024.1-ubuntu-jammyquay.io/openstack.kolla/octavia-api:2024.1-ubuntu-jammy

Since I opted for option #1 mentioned here, I assumed that kolla-ansible should take care of creation of amphora flavor, etc. I also created the amphora image and uploaded it to glance. Now there are a few problems that I see:

1. When I doopenstack loadbalancer flavor list, it returns blank. BUT, I can fetch list of flavors using admin-rc.sh with openstack flavor list --all|grep amphora command, I can see amphora flavor as show below:

   openstack flavor list --all|grep amphora | 4c528f46-047a-4f11-a3dc-2b7ac129566b | amphora | 1024 | 5 | 0 | 1 | False |

2. This debug step didn't make much sense to me as I don't see any instance where I can log.

3. When I create loadbalancer from horizon, it never comes up. Probably, issue #1 s the cause but I don't see any errors in any of the octavia docker containers.

Appreciate any help on this!

EDIT 1: Little bit of success today. Tried a few things listed below:

1. Added `service` project to amphora flavor that's visible on horizon.
2. Attempted creating load balancer again from `admin` project using demo-net(created by init-runonce script that we run after kolla-ansible deploy finishes). LB stuck in "pending create" state. BUT, when I went to `service` project -> instances, I can see amphora instance provisioned and in running state(checked from console). Still, LB creation stuck at "pending create"

debugging further.

Hello everybody,
recently i was working and testing some VMs residing on the internal network of my deployment and i found some difficulties using commands. In specific i wanted to use the controller to launch multiple openstack cli commands to configure and create a VM on the internal network. I want to build the machine such that it automaticaly attaches and mounts a volume, but without a direct connection to it i cannot use ssh. How can I deal with it?

Myself on a try to gain understanding of OpenStack role in IT. For this a number of materials checked in web. Found among others a comparison made by Canonical at following location. https://ubuntu.com/openstack/what-is-openstack

How about comparing OpenStack with cloud technologies, e.g. AWS by Amazon, or one created by Google, others? Is Canonical right to draw comparison as they do it? Is my expectation right to draw a comparison to AWS?

https://docs.openstack.org/barbican/latest/install/barbican-backend.html

View Poll

I have a self-signed SSL certificate (.crt and .key) that I want to use with my OpenStack deployment. I'm currently using Kolla Ansible for deployment with the Bobcat version of OpenStack. Can anyone help me integrate the certificate into my setup?

EDIT: SOLVED, here's the block I was able to use in the end:

#cloud-config
users:
  - name: itadmin
    groups: sudo
    sudo: ['ALL=(ALL) NOPASSWD:ALL']
    shell: /bin/bash
    lock_passwd: false
    ssh-authorized-keys: []  # Ensure no SSH keys are required

ssh_pwauth: true  # Enable password authentication

runcmd:
  - echo "itadmin:MyStrongPassword123!" | sudo chpasswd  # Set password using chpasswd
  - sudo sed -i 's/^#PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
  - sudo sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
  - sudo systemctl restart sshd

I've tried every example on the internet, but nothing has worked. I want to be able to take a cloud ready Linux image (testing with Ubuntu) and put a block in the cloud-config field that will enable/set a password for a user that can be used to console login.

Yes, I know, I can just create a SSH key and provide it during creation and then login using that. But, I want to be able to do a no-network username/password login. Yes, I know I can crack the image and change things around, then reseal the image and upload it. I don't want to do that either, I shouldn't have to modify every image I upload to do something as simple as setting a username/password.

Does anyone have a cloud-config block they've been able to successfully do this with?

Hello,

As the title suggests, I am looking for people who would be willing to share feedbacks on their experience doing gitops-style deployment (flux, argo, etc...) with openstack-helm.

I work for an openstack-based cloud provider, and we're looking into deploying our regions this way, but the documentation and overall literature on the matter (or openstack-helm alone for that matter) looks very scarce.

Documentation past a basic getting-started guide is basically null, so if you are using this way of deployment for their clusters, I would love to hear your feedbacks on it !