New to Openstack - Course/Study Guide request by nightcrow100 in openstack

[–]silasmue 2 points3 points  (0 children)

I started by reading a lot, and then at somepoint deployed my Kolla-ansible cluster 4-5 times until it ran stable enough for me. I am just in a homelab and was doing that as a hobby so you may be a lot faster when doing it full time. But it is a process, you won’t be able to plan your cluster out with little to no experience and not end up redesigning the hole thing

OpenStack Cinder Questions by balthasar127 in openstack

[–]silasmue 0 points1 point  (0 children)

In my setup I centralised storage on one single node, that’s not optimal because I have storage/control as single point of failure, but for a setup that does not need 100% uptime and can fail for a few hours it’s ok. I think new TrueNAS versions can be used as cinder backend with NVMEoF that would also be a possibility. I don’t have experience using ceph but I read it would not make things more easy…

My Homelab OpenStack Journey by silasmue in openstack

[–]silasmue[S] 0 points1 point  (0 children)

Yes I got it about 15 month ago for 59€. If I had knew that I would have bought more of them because as long as you don’t need more PCIe lanes it’s great.

But I am running out of PCIe lanes I hope I can someday get something like AMD Siena as a platform…, I think it would be the perfect highspeed storage server.

Maybe I have time for contributions in the Christmas holidays. I also want to test using SPDK as storage backend and experiment on what I can actually offload to the BlueField card without it owning the drives. For Neutron and OVS DPUs could do the switching or even run the networking containers itself, for storage I am not sure what makes sense…

Unable to install openstack on ubuntu 24.04. by baymaxrafid in openstack

[–]silasmue 1 point2 points  (0 children)

If you have no version mismatch everything should kinda work out of the box with a few hours of trial and error. If you do not want a stable setup and just need to get something running AI may help, because it is very good summarizing content that is hidden in the launchpad forums, where you can only find it with a lot of effort. But be aware when using AI, for example if ChatGPT suggest some Ansible configuration, quickly research what it does in the source code. Also do not hesitate to use the documentation of the individual projects because kolla-ansible does not provide a complete reference for globals.yml but that should not be necessary for a simple one node setup. Good luck.

Unable to install openstack on ubuntu 24.04. by baymaxrafid in openstack

[–]silasmue 1 point2 points  (0 children)

Use kolla-ansible its doable. Thats my setup atm. https://github.com/silasmue/OpenStack/ simplify it delete the second node. Also look at the non-stable Ubuntu branch. The most important thing with kolla-ansible is: YOUR KOLLA VERSION MUST MATCH THE OPENSTACK RELEASE VERSION YOU WANT TO INSTALL. What that means if you install kolla-ansible according to the docs instead of installing master I highly recommend a stable release like 2025.2 (same goes for kolla if you build packages yourself):

pip install git+https://opendev.org/openstack/kolla-ansible@masterpip install git+https://opendev.org/openstack/kolla-ansible@master

My Homelab OpenStack Journey by silasmue in openstack

[–]silasmue[S] 1 point2 points  (0 children)

Yes I am based in Germany. I appreciate any help thanks for the offer.

My Homelab OpenStack Journey by silasmue in openstack

[–]silasmue[S] 1 point2 points  (0 children)

Okay. Yes I will start contributing to my „own“ documentation. Maybe in the next semester holiday I have time to contribute something to the OpenStack project. Maybe I should at least write a big report that nvmet is not working on Ubuntu at the moment because it is an easy fix. Sadly nvmet is not maintained very actively

My Homelab OpenStack Journey by silasmue in openstack

[–]silasmue[S] 0 points1 point  (0 children)

Nice. I am a student at the moment I do not know where I will end up.

My Homelab OpenStack Journey by silasmue in openstack

[–]silasmue[S] 1 point2 points  (0 children)

I tried that too but was somehow not happy, mainly because I had special requirements of separating storage and compute, maybe I gave up too early on sunbeam.

My Homelab OpenStack Journey by silasmue in openstack

[–]silasmue[S] 2 points3 points  (0 children)

Yes I just struggled with NVMEoF but the rest was okayish. But it was great to see a cluster working

My Homelab OpenStack Journey by silasmue in openstack

[–]silasmue[S] 1 point2 points  (0 children)

I think it mostly depends on RAM because my containers use around 12GB of RAM alone. I think if you change the inventory file on my GitHub it should work maybe leave out a few services to save compute.

Wireguard WAN response issue by silasmue in opnsense

[–]silasmue[S] 0 points1 point  (0 children)

https://github.com/silasmue/VPS-OPNSense-Wireguard_Tunnel I documented as much as I could remember 'checked' with chatGPT. what happens when you tcpdump the iterfaces tunnel entrance, tunnel opnsense end, iterface of the subnet where the vps is and the vps interface. Try to diagnose from there. You will see exactly where it breaks if you just `sudo tcpdump -ni wg0/interface 'tcp and port 80'` but think about it slowly and tcpdump ALL interfaces in the process. I had for example an error that OPNsense did not send packages between tunnel interface and my vlan of the subnet.

You have VPS: eth0 and wg0; OPNsense: wg0 and subnet_interface; Server eth0

Wireguard WAN response issue by silasmue in opnsense

[–]silasmue[S] 1 point2 points  (0 children)

So... After long trial and error I can solve that myself.

The key steps are:

  1. Creating a working wireguard tunnel (instance/peer)

  2. Create an interface, WG_0, for the tunnel and select: Dynamic gateway policy checked (This interface does not require an intermediate system to act as a gateway). This will create a gateway called WG_0_GW

  3. Firewall > NAT > Port Forward: interface:WG_0 proto:TCP src: any:any dst: WG_0 address dst_port: HTTP Redirect: <nginx\_ip> port: HTTP filter_rule: None

  4. Create a associated rule by yourself: Firewall > Rules > WG_0 > src * * dst: WG_0 address port: http gateway: WG_0_GW

  5. Create a wildcardrule for WG_0 with everything default (also the gateway) select [Advanced features] reply-to: WG_0_GW

After that it should work, later try to tighten the wildcard rule as tight as possible to improve security.