This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Octavia is the new(ish) loadbalancer for OpenStack. I recently set up the "simplest possible but not simpler" | |
| octavia with a little help from my friends at sSackOverflow and other places. | |
| I had a few hiccups along the way. In particular, I was confused about the openstack documentation | |
| (it has some obsolete stuff in it). You will find a sample of this file in the git octavia distribution on github. | |
| You will need to customize it. Here's my octavia configuration (maybe it can help others): | |
| [DEFAULT] | |
| host=controller01 | |
| auth_strategy = keystone |
ranganathanm
/ access_lbnet_from_qrouter.py
Created
December 7, 2018 19:39
Controller script to set up routing into an octavia router network
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from keystoneauth1 import identity | |
| from keystoneauth1 import session | |
| from neutronclient.v2_0 import client | |
| from argparse import ArgumentParser | |
| import os | |
| import sys | |
| import pdb | |
| from ovs_vsctl import VSCtl | |
| import subprocess | |
| import ovs_vsctl.parser as ovs_vsctl_parser |
ranganathanm
/ find-internal-tag-for-network.py
Created
December 11, 2018 04:22
Determine the internal vlan tag that openstack uses on br-int for a given provider network id
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from keystoneauth1 import identity | |
| from keystoneauth1 import session | |
| from neutronclient.v2_0 import client | |
| from ovs_vsctl import VSCtl | |
| from argparse import ArgumentParser | |
| import ovs_vsctl.parser as ovs_vsctl_parser | |
| import pdb | |
| import os | |
| """ | |
| If you want to find the internal vlan tag that openstack assigns for a given provider segmentation ID |
ranganathanm
/ gist:d85ccc49a4c4c0bb2e10d2f7b5af7fb2
Created
September 14, 2019 22:19
KISS Certificate Generation for EAP-TLS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rm -f *.crl *.p7s *.crt *.key *.csr | |
| # generate CACRT | |
| openssl req -nodes -new -x509 -sha256 -newkey rsa:4096 -keyout ca.key -out ca.crt -outform PEM -days 3560 -subj "/C=US/ST=Maryland/L=Gaithersburg/O=NIST/OU=ITL/CN=cacert" | |
| # generate client key and cert | |
| openssl genrsa -out client.key 2048 | |
| openssl req -new -key client.key -outform PEM -out client.csr -subj "/C=US/ST=Maryland/L=Gaithersburg/O=NIST/OU=ITL/CN=client" | |
| openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -outform PEM -CAcreateserial -out client.crt |
ranganathanm
/ gist:f093a5ae36cbf379cdc011b2151b0479
Created
September 14, 2019 22:23
EAP-TLS on mininet-wifi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| 'This example shows how to work with authentication' | |
| from mininet.log import setLogLevel, info | |
| from mn_wifi.cli import CLI_wifi | |
| from mn_wifi.net import Mininet_wifi | |
| import time | |
| import os | |
| import os.path |