openstack_rhosp16.2_nvidia_.../1) Openstack Network and Ac...

# Access to university Openstack

```
edit local ~/.ssh/config and include the following entries

###### university
        Host university-jump
        HostName 144.173.114.20
        ProxyJump nemesis
        IdentityFile  ~/.ssh/id_rsa
        Port 22
        User root

        Host university-proxmox
        Hostname 10.121.4.5
        Proxyjump university-jump
        #PreferredAuthentications password
        IdentityFile  ~/.ssh/id_rsa
        Port 22
        User root

        Host university-proxmox-dashboard
        Hostname 10.121.4.5
        Proxyjump university-jump
        #PreferredAuthentications password
        IdentityFile  ~/.ssh/id_rsa
        Port 22
        User root
        DynamicForward 8888

        Host university-undercloud
        Hostname 10.121.4.25
        Proxyjump university-jump
        IdentityFile  ~/.ssh/id_rsa
        Port 22
        User stack
        ServerAliveInterval 100
        ServerAliveCountMax 2

        Host university-ceph1
        Hostname 10.121.4.7
        Proxyjump university-jump
        IdentityFile  ~/.ssh/id_rsa
        Port 22
        User root

        Host university-ceph2
        Hostname 10.121.4.8
        Proxyjump university-jump
        IdentityFile  ~/.ssh/id_rsa
        Port 22
        User root

        Host university-ceph3
        Hostname 10.121.4.9
        Proxyjump university-jump
        IdentityFile  ~/.ssh/id_rsa
        Port 22
        User root
```

# Logins

## Switches

| IP/Login | Password | Type | Notes |
| --- | --- | --- | --- |
| cumulus@10.122.0.250 | Password0 | 100G switch | 2x CLAG bond between 100G switches, 2x Peerlink CLAG across 100G switches to university Juniper core switches |
| cumulus@10.122.0.251 | Password0 | 100G switch | 2x CLAG bond between 100G switches, 2x Peerlink CLAG across 100G switches to university Juniper core switches |
| cumulus@10.122.0.252 | Password0 | 1G switch | 2x SFP+ 10G LAG bond between management switches, 1G ethernet uplink from each 100G switch for access |
| cumulus@10.122.0.253 | Password0 | 1G switch | 2x SFP+ 10G LAG bond between management switches |

## Node OOB (IPMI / XClarity web)

| IP  | Login | Password |
| --- | --- | --- |
| 10.122.1.5(proxmox) 10.122.1.10-12(controller) 10.122.1.20-21(networker) 10.122.1.30-77(compute) 10.122.1.90-92(ceph) | USERID | Password0 |

## Node Operating System

| IP  | Login | Password |
| --- | --- | --- |
| 10.121.4.5 (proxmox hypervisor) | root | Password0 |
| 10.121.4.25 (undercloud VM) | stack OR root | Password0 |
| 10.122.0.30-32(controller) 10.122.0.40-41(networker) 10.122.0.50-103(compute) | root OR heat-admin | Password0 |

## Dashboards

| Dashboard | IP / URL | Login | Password | Notes |
| --- | --- | --- | --- | --- |
| Proxmox | https://10.121.4.5:8006/ | root | Password0 |     |
| Ceph | https://10.122.10.7:8443/ | admin | Password0 | 10.122.10.7,8,9 will redirect to live dashboard |
| Ceph Grafana | https://10.121.4.7:3000/ |     |     | many useful dashboards for capacity and throughput |
| Ceph Alertmanager | http://10.121.4.7:9093/ |     |     | check ceph alerts |
| Ceph Prometheus | http://10.121.4.7:9095/ |     |     | check if promethus is monitoring ceph |
| Openstack Horizon | https://stack.university.ac.uk/dashboard | admin | Password0 | domain: default (for AD login the domain is 'ldap')<br>floating ip 10.121.4.14<br>find password on undercloud `grep OS_PASSWORD ~/overcloudrc \\\\\| awk -F "=" '{print $2}'` |

# Networking

![university_Network.drawio.png](university_Network.drawio.png)

## Openstack control networks

- These networks reside on the primary 1G ethernet adapter.
- The IPMI network is usually only used by the undercloud, however to facilitate IPMI fencing for Instance-HA the Openstack controller nodes will have a logical interface

| Network | VLAN | IP Range |     |
| --- | --- | --- | --- |
| ControlPlane | 1 Native | 10.122.0.0/24 |     |
| IPMI | 2   | 10.122.1.0/24 |     |

## Openstack service networks

- The logical networks reside upon an OVS bridge across an LACP bond on the 2x Mellanox 25G ethernet adapters in each node.
- The 2x Mellanox 25G ethernet adapters are cabled to 100G switch1 and 100G switch2 respectively, the switch handles the LACP bond as one logical entity across switches with a CLAG.

| Network | VLAN | IP Range |     |
| --- | --- | --- | --- |
| Storage Mgmt | 14  | 10.122.12.0/24 |     |
| Storage | 13  | 10.122.10.0/24 |     |
| InternalApi | 12  | 10.122.6.0/24 |     |
| Tenant | 11  | 10.122.8.0/24 |     |
| External | 1214 | 10.121.4.0/24 Gateway 10.121.4.1 |     |

## Ceph service networks

Use Openstack "Storage Mgmt" for the Ceph public network.

| Network | VLAN | IP Range |     |
| --- | --- | --- | --- |
| Cluster Network | 15  | 10.122.14.0/24 |     |
| Public Network (Openstack Storage) | 13  | 10.122.10.0/24 |     |
| Management (Openstack Storage Mgmt) | 14  | 10.122.12.0/24 |     |
initial commit 2022-10-26 16:58:48 +00:00			`# Access to university Openstack`

			```
			`edit local ~/.ssh/config and include the following entries`

			`###### university`
			`Host university-jump`
			`HostName 144.173.114.20`
			`ProxyJump nemesis`
			`IdentityFile ~/.ssh/id_rsa`
			`Port 22`
			`User root`

			`Host university-proxmox`
			`Hostname 10.121.4.5`
			`Proxyjump university-jump`
			`#PreferredAuthentications password`
			`IdentityFile ~/.ssh/id_rsa`
			`Port 22`
			`User root`

			`Host university-proxmox-dashboard`
			`Hostname 10.121.4.5`
			`Proxyjump university-jump`
			`#PreferredAuthentications password`
			`IdentityFile ~/.ssh/id_rsa`
			`Port 22`
			`User root`
			`DynamicForward 8888`

			`Host university-undercloud`
			`Hostname 10.121.4.25`
			`Proxyjump university-jump`
			`IdentityFile ~/.ssh/id_rsa`
			`Port 22`
			`User stack`
			`ServerAliveInterval 100`
			`ServerAliveCountMax 2`

			`Host university-ceph1`
			`Hostname 10.121.4.7`
			`Proxyjump university-jump`
			`IdentityFile ~/.ssh/id_rsa`
			`Port 22`
			`User root`

			`Host university-ceph2`
			`Hostname 10.121.4.8`
			`Proxyjump university-jump`
			`IdentityFile ~/.ssh/id_rsa`
			`Port 22`
			`User root`

			`Host university-ceph3`
			`Hostname 10.121.4.9`
			`Proxyjump university-jump`
			`IdentityFile ~/.ssh/id_rsa`
			`Port 22`
			`User root`
			```

			`# Logins`

			`## Switches`

			`\| IP/Login \| Password \| Type \| Notes \|`
			`\| --- \| --- \| --- \| --- \|`
			`\| cumulus@10.122.0.250 \| Password0 \| 100G switch \| 2x CLAG bond between 100G switches, 2x Peerlink CLAG across 100G switches to university Juniper core switches \|`
			`\| cumulus@10.122.0.251 \| Password0 \| 100G switch \| 2x CLAG bond between 100G switches, 2x Peerlink CLAG across 100G switches to university Juniper core switches \|`
			`\| cumulus@10.122.0.252 \| Password0 \| 1G switch \| 2x SFP+ 10G LAG bond between management switches, 1G ethernet uplink from each 100G switch for access \|`
			`\| cumulus@10.122.0.253 \| Password0 \| 1G switch \| 2x SFP+ 10G LAG bond between management switches \|`

			`## Node OOB (IPMI / XClarity web)`

			`\| IP \| Login \| Password \|`
			`\| --- \| --- \| --- \|`
			`\| 10.122.1.5(proxmox) 10.122.1.10-12(controller) 10.122.1.20-21(networker) 10.122.1.30-77(compute) 10.122.1.90-92(ceph) \| USERID \| Password0 \|`

			`## Node Operating System`

			`\| IP \| Login \| Password \|`
			`\| --- \| --- \| --- \|`
			`\| 10.121.4.5 (proxmox hypervisor) \| root \| Password0 \|`
			`\| 10.121.4.25 (undercloud VM) \| stack OR root \| Password0 \|`
			`\| 10.122.0.30-32(controller) 10.122.0.40-41(networker) 10.122.0.50-103(compute) \| root OR heat-admin \| Password0 \|`

			`## Dashboards`

			`\| Dashboard \| IP / URL \| Login \| Password \| Notes \|`
			`\| --- \| --- \| --- \| --- \| --- \|`
			`\| Proxmox \| https://10.121.4.5:8006/ \| root \| Password0 \| \|`
			`\| Ceph \| https://10.122.10.7:8443/ \| admin \| Password0 \| 10.122.10.7,8,9 will redirect to live dashboard \|`
			`\| Ceph Grafana \| https://10.121.4.7:3000/ \| \| \| many useful dashboards for capacity and throughput \|`
			`\| Ceph Alertmanager \| http://10.121.4.7:9093/ \| \| \| check ceph alerts \|`
			`\| Ceph Prometheus \| http://10.121.4.7:9095/ \| \| \| check if promethus is monitoring ceph \|`
			\| Openstack Horizon \| https://stack.university.ac.uk/dashboard \| admin \| Password0 \| domain: default (for AD login the domain is 'ldap')<br>floating ip 10.121.4.14<br>find password on undercloud `grep OS_PASSWORD ~/overcloudrc \\\\\\| awk -F "=" '{print $2}'` \|

			`# Networking`

			`![university_Network.drawio.png](university_Network.drawio.png)`

			`## Openstack control networks`

			`- These networks reside on the primary 1G ethernet adapter.`
			`- The IPMI network is usually only used by the undercloud, however to facilitate IPMI fencing for Instance-HA the Openstack controller nodes will have a logical interface`

			`\| Network \| VLAN \| IP Range \| \|`
			`\| --- \| --- \| --- \| --- \|`
			`\| ControlPlane \| 1 Native \| 10.122.0.0/24 \| \|`
			`\| IPMI \| 2 \| 10.122.1.0/24 \| \|`

			`## Openstack service networks`

			`- The logical networks reside upon an OVS bridge across an LACP bond on the 2x Mellanox 25G ethernet adapters in each node.`
			`- The 2x Mellanox 25G ethernet adapters are cabled to 100G switch1 and 100G switch2 respectively, the switch handles the LACP bond as one logical entity across switches with a CLAG.`

			`\| Network \| VLAN \| IP Range \| \|`
			`\| --- \| --- \| --- \| --- \|`
			`\| Storage Mgmt \| 14 \| 10.122.12.0/24 \| \|`
			`\| Storage \| 13 \| 10.122.10.0/24 \| \|`
			`\| InternalApi \| 12 \| 10.122.6.0/24 \| \|`
			`\| Tenant \| 11 \| 10.122.8.0/24 \| \|`
			`\| External \| 1214 \| 10.121.4.0/24 Gateway 10.121.4.1 \| \|`

			`## Ceph service networks`

			`Use Openstack "Storage Mgmt" for the Ceph public network.`

			`\| Network \| VLAN \| IP Range \| \|`
			`\| --- \| --- \| --- \| --- \|`
			`\| Cluster Network \| 15 \| 10.122.14.0/24 \| \|`
			`\| Public Network (Openstack Storage) \| 13 \| 10.122.10.0/24 \| \|`
			`\| Management (Openstack Storage Mgmt) \| 14 \| 10.122.12.0/24 \| \|`