{"id":1765,"date":"2021-11-14T22:30:36","date_gmt":"2021-11-14T21:30:36","guid":{"rendered":"https:\/\/www.spacesecurity.info\/install-kypo-cyber-range-platform-on-openstack\/"},"modified":"2021-11-30T17:33:29","modified_gmt":"2021-11-30T16:33:29","slug":"install-kypo-cyber-range-platform-on-openstack","status":"publish","type":"post","link":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/","title":{"rendered":"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud"},"content":{"rendered":"

KYPO is a Cyber Range Platform (KYPO CRP) developed by Masaryk University since 2013. KYPO CRP is entirely based on state-of-the-art approaches such as containers, infrastructures as code, microservices, and open-source software, including cloud provider technology – OpenStack. (source<\/a>).<\/p>\n

KYPO CRP is now part of CONCORDIA consortium<\/a>. CONCORDIA H2020 is a dedicated consortium of over 52 partners from academia, industry and public bodies. The main objective of the project is to lead the integration of Europe\u2019s excellent cybersecurity competencies into the network of expertise to build the European secure, resilient and trusted ecosystem for the Digital Sovereignty of Europe.<\/p>\n

The CONCORDIA project released KYPO CRP as open source in 2020<\/a>. The release of an open-source cyber range is part of CONCORDIA strategy to build the European Trusted, Secure and Resilient Ecosystem for Digital Sovereignty of Europe.<\/p>\n

KYPO Cyber Range Platform is the European Commission\u2019s Innovation Radar Prize Winner <\/a> in the \u2018Disruptive Tech\u2019 category.<\/span><\/p>\n

In this article, I describe how to install KYPO Cyber Range Platform (CRP) on Openstack and Ubuntu Server running on the AWS cloud.\u00a0I installed OpenStack on Ubuntu with DevStack.<\/p>\n

What is a Cyber Range ?<\/h2>\n

Cyber Range is a platform for cyber security research and education \u2013 it is a simulated
\nrepresentation of an organization’s network, system, tools, and applications connected
\nin an isolated environment.<\/p>\n

Cyber Range (a sort of modelized network or a digital twin of a real network) allows Adversary Emulation, a type of ethical hacking engagement where the Red Team emulates how an adversary operates, leveraging the same tactics, techniques, and procedures (TTPs), against a target organization.<\/p>\n

The goal of these engagements is to improve education but also technology and to do some cyber security research.<\/p>\n

Adversary emulations are performed using a structured approach following industry methodologies and frameworks (such as MITRE ATT&CK) and leverage Cyber Threat Intelligence to emulate a malicious actor that has the opportunity, intent, and capability to attack the target organization.<\/p>\n

What is DevStack ?<\/h2>\n

DevStack is a modular set of scripts that can be run to deploy a basic OpenStack cloud for use as a demo or test environment. The scripts can be run on a single node that is baremetal or a virtual machine. It can also be configured to deploy to multiple nodes. DevStack deployment takes care of tedious tasks like configuring the database and message queueing system, making it possible for developers to quickly and easily deploy an OpenStack cloud.<\/p>\n

By default, the core services for OpenStack are installed but users can configure additional services to be deployed. All services are installed from source. DevStack will pull the services from git master unless configured to clone from a stable branch (i.e. stable\/pike).<\/p>\n

Devstack installed keystone, glance, nova, placement, cinder, neutron, and horizon. But DevStack doesn’t install heat, the orchestration service of Openstack which is required by KYPO CRP. So you have to configure DevStack to enable heat.<\/p>\n

Unbun Server Installation on AWS Cloud<\/h2>\n

This is Ubuntu Server 20.04.3 LTS (HVM) with 4vCPU, 16 Go RAM and 55 Gb SSD Disk.<\/p>\n

root# lsb_release -a\r\nNo LSB modules are available.\r\nDistributor ID: Ubuntu\r\nDescription: Ubuntu 20.04.3 LTS\r\nRelease: 20.04\r\nCodename: focal<\/pre>\n
DevStack installation<\/h2>\n
I followed this official tutorial<\/a> but also this article<\/a>. So let’s go step by step.<\/p>\n
ubuntu$ sudo apt update\r\nFetched 20.6 MB in 4s (5862 kB\/s)\r\nReading package lists... Done\r\nBuilding dependency tree\r\nReading state information... Done\r\n31 packages can be upgraded. Run 'apt list --upgradable' to see them.<\/pre>\n
ubuntu$ sudo apt -y upgrade\r\nFound linux image: \/boot\/vmlinuz-5.11.0-1021-aws\r\nFound initrd image: \/boot\/microcode.cpio \/boot\/initrd.img-5.11.0-1021-aws\r\nFound linux image: \/boot\/vmlinuz-5.11.0-1020-aws\r\nFound initrd image: \/boot\/microcode.cpio \/boot\/initrd.img-5.11.0-1020-aws\r\nFound Ubuntu 20.04.3 LTS (20.04) on \/dev\/xvda1\r\nDone<\/pre>\n
ubuntu$ sudo apt -y dist-upgrade\r\nReading package lists... Done\r\nBuilding dependency tree\r\nReading state information... Done\r\nCalculating upgrade... Done\r\n0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.<\/pre>\n
ubuntu$ sudo reboot<\/pre>\n
ubuntu$ sudo useradd -s \/bin\/bash -d \/opt\/stack -m stack<\/pre>\n
ubuntu$ echo \"stack ALL=(ALL) NOPASSWD: ALL\" | sudo tee \/etc\/sudoers.d\/stack<\/pre>\n
ubuntu$ sudo su \u2013 stack<\/pre>\n
stack$ sudo su \u2013<\/pre>\n
root$ su \u2013 stack<\/pre>\n
stack$ sudo apt -y install git\r\nReading package lists... Done\r\nBuilding dependency tree\r\nReading state information... Done\r\ngit is already the newest version (1:2.25.1-1ubuntu3.2).\r\ngit set to manually installed.\r\n0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.<\/pre>\n
stack$ git clone https:\/\/git.openstack.org\/openstack-dev\/devstack\r\nCloning into 'devstack'...\r\nwarning: redirecting to https:\/\/opendev.org\/openstack\/devstack\/\r\nremote: Enumerating objects: 27621, done.\r\nremote: Counting objects: 100% (27621\/27621), done.\r\nremote: Compressing objects: 100% (9258\/9258), done.\r\nremote: Total 47887 (delta 26959), reused 18363 (delta 18363), pack-reused 20266\r\nReceiving objects: 100% (47887\/47887), 10.19 MiB | 4.03 MiB\/s, done.\r\nResolving deltas: 100% (33650\/33650), done.<\/pre>\n
stack$ cd devstack<\/pre>\n
stack$ vi local.conf<\/pre>\n
Add:<\/p>\n
[[local|localrc]]\r\n\r\n# Password for KeyStone, Database, RabbitMQ and Service\r\nADMIN_PASSWORD=StrongAdminSecret\r\nDATABASE_PASSWORD=$ADMIN_PASSWORD\r\nRABBIT_PASSWORD=$ADMIN_PASSWORD\r\nSERVICE_PASSWORD=$ADMIN_PASSWORD<\/pre>\n
Heat is configured by default on devstack for Icehouse and Juno releases. But as mentioned at the beginning, newer versions of OpenStack require enabling heat services in devstack local.conf. I followed this tutorial<\/a>.<\/p>\n
Add the following to [[local|localrc]] section of local.conf:<\/p>\n
[[local|localrc]]\r\n\r\n#Enable heat services\r\nenable_service h-eng h-api h-api-cfn h-api-cw<\/pre>\n
Since Newton release, heat is available as a devstack plugin. To enable the plugin add the following to the [[local|localrc]] section of local.conf:<\/p>\n
[[local|localrc]]\r\n\r\n#Enable heat plugin\r\nenable_plugin heat https:\/\/opendev.org\/openstack\/heat<\/pre>\n
I tried to add a stable branches by specifying the branch name to enable_plugin, but it doesn’t work for me so I didn’t add the following line.<\/p>\n
enable_plugin heat https:\/\/opendev.org\/openstack\/heat stable\/newton<\/pre>\n
It would also be useful to automatically download and register a VM image that heat can launch. To do that add the following to [[local|localrc]] section of local.conf:<\/p>\n
IMAGE_URL_SITE=\"https:\/\/download.fedoraproject.org\"\r\nIMAGE_URL_PATH=\"\/pub\/fedora\/linux\/releases\/33\/Cloud\/x86_64\/images\/\"\r\nIMAGE_URL_FILE=\"Fedora-Cloud-Base-33-1.2.x86_64.qcow2\"\r\nIMAGE_URLS+=\",\"$IMAGE_URL_SITE$IMAGE_URL_PATH$IMAGE_URL_FILE<\/pre>\n
Disable the Ubuntu Firewall<\/p>\n
stack$ sudo ufw disable<\/pre>\n
I then started the installation of Openstack.<\/p>\n
stack$ .\/stack.sh<\/pre>\n
This will take a 15 \u2013 20 minutes, largely depending on the speed of the internet connection. At the end of the installation process, you should see output like this:<\/p>\n
=========================\r\nDevStack Component Timing\r\n(times are in seconds)\r\n=========================\r\nwait_for_service      16\r\npip_install          232\r\napt-get              264\r\nrun_process           27\r\ndbsync                15\r\ngit_timed            286\r\napt-get-update         1\r\ntest_with_retry        5\r\nasync_wait            72\r\nosc                  305\r\n-------------------------\r\nUnaccounted time     155\r\n=========================\r\nTotal runtime        1378\r\n\r\n=================\r\nAsync summary\r\n=================\r\nTime spent in the background minus waits: 367 sec\r\nElapsed time: 1378 sec\r\nTime if we did everything serially: 1745 sec\r\nSpeedup:  1.26633\r\n\r\nThis is your host IP address: xxx.xxx.xxx.xxx\r\nThis is your host IPv6 address: ::1\r\nHorizon is now available at http:\/\/xxx.xxx.xxx.xxx\/dashboard\r\nKeystone is serving at http:\/\/xxx.xxx.xxx.xxx\/identity\/\r\nThe default users are: admin and demo\r\nThe password: xxxxxxx\r\n\r\nServices are running under systemd unit files.\r\nFor more information see:\r\nhttps:\/\/docs.openstack.org\/devstack\/latest\/systemd.html\r\n\r\nDevStack Version: yoga\r\nChange: f9a896c6e6afcf52e9a50613285940c26e353ba3 Rehome functions to enable Neutron's QoS service 2021-11-13 19:52:06 +0000\r\nOS Version: Ubuntu 20.04 focal\r\n\r\n2021-11-15 20:47:52.095 | stack.sh completed in 1378 seconds.<\/pre>\n
Copy the Horizon URL shown on the installation output and paste it into your web browser:<\/p>\n
http:\/\/192.168.10.100\/dashboard<\/pre>\n
Use the default users admin and configured password to login.<\/p>\n
I have access to the Horizon web interface dashboard to manage vms, networks, volumes, and images.
\n\"\"<\/a><\/p>\n
\"\"<\/a><\/p>\n
Before you can start running client commands, OpenStack RC file must be downloaded from the Horizon dashboard and sourced in the current SHELL environment.<\/p>\n
To download OpenStack RC file, log in to the Horizon dashboard. Check that you are in the good project (admin for me) and go to Project > API Access<\/p>\n
On the API Access section, use the \u201cDownload OpenStack RC File\u201d link to pull and save the “admin-openrc.sh” file on your desktop.<\/p>\n
Copy the contents of the file on the server.<\/p>\n
stack$ vi admin-openrc.sh<\/pre>\n
Source the file. As a security mechanism the file won\u2019t contain the user password. You\u2019ll be asked to set the password when sourcing the file.<\/p>\n
source admin-openrc.sh\r\nPlease enter your OpenStack Password for project admin as user admin:\r\n<\/pre>\n
Test some OpenStack client commands just to confirm it is working. Check mainly that heat service is started.<\/p>\n
stack$ openstack service list\r\n+----------------------------------+-------------+----------------+\r\n| ID                               | Name        | Type           |\r\n+----------------------------------+-------------+----------------+\r\n| 0b293dc58885450bad190bbfe3bacc40 | nova_legacy | compute_legacy |\r\n| 1c05400514e341d09bd5a973136a9789 | cinderv3    | volumev3       |\r\n| 3049ac1cc4a84b81a41d9fdb559ce922 | heat        | orchestration  |\r\n| 775998becd0142579289a613a4313e1a | keystone    | identity       |\r\n| 840023d4bc6f4e75a7fdb6e7d49ed28e | placement   | placement      |\r\n| b9a2b39775a94d4f8a5fdfb25b9e4dc1 | neutron     | network        |\r\n| c7b83375dafa428cbc21ceafb8611fbe | heat-cfn    | cloudformation |\r\n| e62bfc0c37774f8da910b3062df43d53 | cinder      | block-storage  |\r\n| f2ffbf578599481295140dec77bcd549 | nova        | compute        |\r\n| f619511aea824a59a76e66702de4e1c2 | glance      | image          |\r\n+----------------------------------+-------------+----------------+<\/pre>\n
In order to avoid to set the password each time you source the RC file, you can optionally comment out the lines that prompts you the password and provide it statically:<\/p>\n
stack$ vi admin-openrc.sh\r\n# With Keystone you pass the keystone password.\r\n#echo \"Please enter your OpenStack Password for project $OS_PROJECT_NAME as user $OS_USERNAME: \"\r\n#read -sr OS_PASSWORD_INPUT\r\n#export OS_PASSWORD=$OS_PASSWORD_INPUT\r\nexport OS_PASSWORD='xxxxxxxxxxx'<\/pre>\n
You can copy the RC file to keystonerc_admin<\/p>\n
stack$ cp admin-openrc.sh keystonerc_admin\r\nstack$ source keystonerc_admin<\/pre>\n
You can run some others OpenStack client commands to confirm that all is working properly:<\/p>\n
stack$ openstack catalog list\r\n+-------------+----------------+----------------------------------------------------------------------------+\r\n| Name        | Type           | Endpoints                                                                  |\r\n+-------------+----------------+----------------------------------------------------------------------------+\r\n| nova_legacy | compute_legacy | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/compute\/v2\/d81af43ddd074376a8e7fff88d61c905  |\r\n|             |                |                                                                            |\r\n| cinderv3    | volumev3       | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/volume\/v3\/d81af43ddd074376a8e7fff88d61c905   |\r\n|             |                |                                                                            |\r\n| heat        | orchestration  | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/heat-api\/v1\/d81af43ddd074376a8e7fff88d61c905 |\r\n|             |                |                                                                            |\r\n| keystone    | identity       | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/identity                                     |\r\n|             |                |                                                                            |\r\n| placement   | placement      | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/placement                                    |\r\n|             |                |                                                                            |\r\n| neutron     | network        | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx:9696\/                                        |\r\n|             |                |                                                                            |\r\n| heat-cfn    | cloudformation | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/heat-api-cfn\/v1                              |\r\n|             |                |                                                                            |\r\n| cinder      | block-storage  | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/volume\/v3\/d81af43ddd074376a8e7fff88d61c905   |\r\n|             |                |                                                                            |\r\n| nova        | compute        | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/compute\/v2.1                                 |\r\n|             |                |                                                                            |\r\n| glance      | image          | RegionOne                                                                  |\r\n|             |                |   public: http:\/\/xxx.xxx.xxx.xxx\/image                                        |\r\n|             |                |                                                                            |\r\n+-------------+----------------+----------------------------------------------------------------------------+<\/pre>\n
I checked the endpoint list to find public endpoint for orchestration service (heat).<\/p>\n
stack$ openstack endpoint list\r\n+----------------------------------+-----------+--------------+----------------+---------+-----------+------------------------------------------------+\r\n| ID                               | Region    | Service Name | Service Type   | Enabled | Interface | URL                                            |\r\n+----------------------------------+-----------+--------------+----------------+---------+-----------+------------------------------------------------+\r\n| 064822424bfe4c4394951dce1832e316 | RegionOne | cinder       | block-storage  | True    | public    | http:\/\/xxx.xxx.xxx.xxx\/volume\/v3\/$(project_id)s  |\r\n| 11fbdcab6dfe42cb82c3ac4c3f61296a | RegionOne | nova         | compute        | True    | public    | http:\/\/xxx.xxx.xxx.xxx\/compute\/v2.1              |\r\n| 2cb9561aa98a4c079d0c7f35ba347647 | RegionOne | keystone     | identity       | True    | public    | http:\/\/xxx.xxx.xxx.xxx\/identity                  |\r\n| 52bcd8dde6fb4f7b82d976cf71a0d37e | RegionOne | cinderv3     | volumev3       | True    | public    | http:\/\/xxx.xxx.xxx.xxx\/volume\/v3\/$(project_id)s  |\r\n| 82d29e1ceb464b7f831b84434ebb0be3 | RegionOne | glance       | image          | True    | public    | http:\/\/xxx.xxx.xxx.xxx\/image                     |\r\n| 98037666c0e74127ab713bd4865b062d | RegionOne | neutron      | network        | True    | public    | http:\/\/xxx.xxx.xxx.xxx:9696\/                     |\r\n| 9bda08ed79fe4fc399f94f6274ceaca0 | RegionOne | placement    | placement      | True    | public    | http:\/\/xxx.xxx.xxx.xxx\/placement                 |\r\n| cc35f42f35304534b83301f4fc70e778 | RegionOne | nova_legacy  | compute_legacy | True    | public    | http:\/\/xxx.xxx.xxx.xxx\/compute\/v2\/$(project_id)s |\r\n+----------------------------------+-----------+--------------+----------------+---------+-----------+------------------------------------------------+<\/pre>\n
stack$ openstack orchestration service list\r\n+-----------------+-------------+--------------------------------------+-----------------+--------+----------------------------+--------+\r\n| Hostname        | Binary      | Engine ID                            | Host            | Topic  | Updated At                 | Status |\r\n+-----------------+-------------+--------------------------------------+-----------------+--------+----------------------------+--------+\r\n| xxxxxxxxxxxxxxx | heat-engine | 5ffc9a0d-2756-462a-8da1-b5f2aeca165b | xxxxxxxxxxxxxxx | engine | 2021-11-15T21:40:55.000000 | up     |\r\n| xxxxxxxxxxxxxxx | heat-engine | 54387f8e-44d7-4749-853a-c06d6be92ace | xxxxxxxxxxxxxxx | engine | 2021-11-15T21:40:55.000000 | up     |\r\n+-----------------+-------------+--------------------------------------+-----------------+--------+----------------------------+--------+<\/pre>\n
KYPO CRP installation<\/h2>\n
OpenStack Requirements<\/strong><\/p>\n
Check before the OpenStack Requirements here<\/a><\/p>\n
root# openstack flavor create --ram 2048 --disk 20 --vcpus 1 csirtmu.tiny1x2\r\n+----------------------------+--------------------------------------+\r\n| Field                      | Value                                |\r\n+----------------------------+--------------------------------------+\r\n| OS-FLV-DISABLED:disabled   | False                                |\r\n| OS-FLV-EXT-DATA:ephemeral  | 0                                    |\r\n| description                | None                                 |\r\n| disk                       | 20                                   |\r\n| id                         | 69fb4a25-d8f3-4a5b-afbd-8a4823210733 |\r\n| name                       | csirtmu.tiny1x2                      |\r\n| os-flavor-access:is_public | True                                 |\r\n| properties                 |                                      |\r\n| ram                        | 2048                                 |\r\n| rxtx_factor                | 1.0                                  |\r\n| swap                       |                                      |\r\n| vcpus                      | 1                                    |\r\n+----------------------------+--------------------------------------+<\/pre>\n
stack$ wget https:\/\/cloud-images.ubuntu.com\/focal\/current\/focal-server-cloudimg-amd64.img -P \/tmp\/\r\nResolving cloud-images.ubuntu.com (cloud-images.ubuntu.com)... 91.189.88.248, 91.189.88.247, 2001:67c:1360:8001::33, ...\r\nConnecting to cloud-images.ubuntu.com (cloud-images.ubuntu.com)|91.189.88.248|:443... connected.\r\nHTTP request sent, awaiting response... 200 OK\r\nLength: 568131584 (542M) [application\/octet-stream]\r\nSaving to: \u2018\/tmp\/focal-server-cloudimg-amd64.img.1\u2019\r\n\r\nfocal-server-cloudimg-amd64.img.1      100%[===========================================================================>] 541.81M  87.5MB\/s    in 6.2s\r\n\r\n2021-11-15 21:50:30 (88.1 MB\/s) - \u2018\/tmp\/focal-server-cloudimg-amd64.img.1\u2019 saved [568131584\/568131584]<\/pre>\n
stack$ openstack image create --disk-format qcow2 --container-format bare --public --property \\\r\n> os_type=linux --file \/tmp\/focal-server-cloudimg-amd64.img ubuntu-focal-x86_64\r\n\r\n+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\r\n| Field            | Value                                                                                                                                                                    |\r\n+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\r\n| container_format | bare                                                                                                                                                                     |\r\n| created_at       | 2021-11-15T21:49:14Z                                                                                                                                                     |\r\n| disk_format      | qcow2                                                                                                                                                                    |\r\n| file             | \/v2\/images\/f748c173-c9d7-4ded-92c2-d84d9d6bcd82\/file                                                                                                                     |\r\n| id               | f748c173-c9d7-4ded-92c2-d84d9d6bcd82                                                                                                                                     |\r\n| min_disk         | 0                                                                                                                                                                        |\r\n| min_ram          | 0                                                                                                                                                                        |\r\n| name             | ubuntu-focal-x86_64                                                                                                                                                      |\r\n| owner            | d81af43ddd074376a8e7fff88d61c905                                                                                                                                         |\r\n| properties       | os_hidden='False', os_type='linux', owner_specified.openstack.md5='', owner_specified.openstack.object='images\/ubuntu-focal-x86_64', owner_specified.openstack.sha256='' |\r\n| protected        | False                                                                                                                                                                    |\r\n| schema           | \/v2\/schemas\/image                                                                                                                                                        |\r\n| status           | queued                                                                                                                                                                   |\r\n| tags             |                                                                                                                                                                          |\r\n| updated_at       | 2021-11-15T21:49:14Z                                                                                                                                                     |\r\n| visibility       | public                                                                                                                                                                   |\r\n+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------+<\/pre>\n
Base Infrastructure<\/strong><\/p>\n
I then followed this tutorial<\/a> that describes how to prepare the KYPO base infrastructure used by the KYPO Cyber Range Platform.<\/p>\n
stack$ sudo apt install python3-pip openssh-client jq\r\nReading package lists... Done\r\nBuilding dependency tree\r\nReading state information... Done\r\nopenssh-client is already the newest version (1:8.2p1-4ubuntu0.3).\r\nopenssh-client set to manually installed.\r\npython3-pip is already the newest version (20.0.2-5ubuntu1.6).\r\nThe following NEW packages will be installed:\r\n  jq libjq1 libonig5\r\n0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.\r\nNeed to get 313 kB of archives.\r\nAfter this operation, 1062 kB of additional disk space will be used.\r\nGet:1 http:\/\/eu-west-3.ec2.archive.ubuntu.com\/ubuntu focal\/universe amd64 libonig5 amd64 6.9.4-1 [142 kB]\r\nGet:2 http:\/\/eu-west-3.ec2.archive.ubuntu.com\/ubuntu focal-updates\/universe amd64 libjq1 amd64 1.6-1ubuntu0.20.04.1 [121 kB]\r\nGet:3 http:\/\/eu-west-3.ec2.archive.ubuntu.com\/ubuntu focal-updates\/universe amd64 jq amd64 1.6-1ubuntu0.20.04.1 [50.2 kB]\r\nFetched 313 kB in 0s (2145 kB\/s)\r\nSelecting previously unselected package libonig5:amd64.\r\n(Reading database ... 140023 files and directories currently installed.)\r\nPreparing to unpack ...\/libonig5_6.9.4-1_amd64.deb ...\r\nUnpacking libonig5:amd64 (6.9.4-1) ...\r\nSelecting previously unselected package libjq1:amd64.\r\nPreparing to unpack ...\/libjq1_1.6-1ubuntu0.20.04.1_amd64.deb ...\r\nUnpacking libjq1:amd64 (1.6-1ubuntu0.20.04.1) ...\r\nSelecting previously unselected package jq.\r\nPreparing to unpack ...\/jq_1.6-1ubuntu0.20.04.1_amd64.deb ...\r\nUnpacking jq (1.6-1ubuntu0.20.04.1) ...\r\nSetting up libonig5:amd64 (6.9.4-1) ...\r\nSetting up libjq1:amd64 (1.6-1ubuntu0.20.04.1) ...\r\nSetting up jq (1.6-1ubuntu0.20.04.1) ...\r\nProcessing triggers for man-db (2.9.1-1) ...\r\nProcessing triggers for libc-bin (2.31-0ubuntu9.2) ...<\/pre>\n
stack$ sudo pip3 install pipenv\r\n\/usr\/lib\/python3\/dist-packages\/secretstorage\/dhcrypto.py:15: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead\r\n  from cryptography.utils import int_from_bytes\r\n\/usr\/lib\/python3\/dist-packages\/secretstorage\/util.py:19: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead\r\n  from cryptography.utils import int_from_bytes\r\nCollecting pipenv\r\n  Downloading pipenv-2021.11.15-py2.py3-none-any.whl (3.6 MB)\r\n     |\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588| 3.6 MB 25.8 MB\/s\r\nRequirement already satisfied: virtualenv in \/usr\/local\/lib\/python3.8\/dist-packages (from pipenv) (20.10.0)\r\nRequirement already satisfied: setuptools>=36.2.1 in \/usr\/local\/lib\/python3.8\/dist-packages (from pipenv) (59.1.0)\r\nCollecting virtualenv-clone>=0.2.5\r\n  Downloading virtualenv_clone-0.5.7-py3-none-any.whl (6.6 kB)\r\nRequirement already satisfied: certifi in \/usr\/lib\/python3\/dist-packages (from pipenv) (2019.11.28)\r\nRequirement already satisfied: pip>=18.0 in \/usr\/local\/lib\/python3.8\/dist-packages (from pipenv) (21.3.1)\r\nRequirement already satisfied: filelock<4,>=3.2 in \/usr\/local\/lib\/python3.8\/dist-packages (from virtualenv->pipenv) (3.3.2)\r\nRequirement already satisfied: platformdirs<3,>=2 in \/usr\/local\/lib\/python3.8\/dist-packages (from virtualenv->pipenv) (2.4.0)\r\nRequirement already satisfied: distlib<1,>=0.3.1 in \/usr\/local\/lib\/python3.8\/dist-packages (from virtualenv->pipenv) (0.3.3)\r\nRequirement already satisfied: six<2,>=1.9.0 in \/usr\/local\/lib\/python3.8\/dist-packages (from virtualenv->pipenv) (1.16.0)\r\nRequirement already satisfied: backports.entry-points-selectable>=1.0.4 in \/usr\/local\/lib\/python3.8\/dist-packages (from virtualenv->pipenv) (1.1.1)\r\nInstalling collected packages: virtualenv-clone, pipenv\r\nSuccessfully installed pipenv-2021.11.15 virtualenv-clone-0.5.7\r\nWARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https:\/\/pip.pypa.io\/warnings\/venv<\/pre>\n
Create application credentials with this video<\/a>. Be sure to generate Application Credentials with the parameter unrestricted.<\/p>\n
After application credentials created, download on your desktop the “app-cred-kypo-openrc.sh” file from the Horizon dashboard and copy\/paste the contents of the file on the server.<\/p>\n
stack$ vi app-cred-kypo-openrc.sh<\/pre>\n
Source the file<\/p>\n
stack$ source app-cred-kypo-openrc.sh<\/pre>\n
stack$ git clone https:\/\/gitlab.ics.muni.cz\/muni-kypo-crp\/devops\/kypo-crp-openstack-base.git\r\nCloning into 'kypo-crp-openstack-base'...\r\nremote: Enumerating objects: 269, done.\r\nremote: Counting objects: 100% (138\/138), done.\r\nremote: Compressing objects: 100% (80\/80), done.\r\nremote: Total 269 (delta 54), reused 129 (delta 47), pack-reused 131\r\nReceiving objects: 100% (269\/269), 78.56 KiB | 1.31 MiB\/s, done.\r\nResolving deltas: 100% (111\/111), done.<\/pre>\n
stack$ cd kypo-crp-openstack-base<\/pre>\n
stack$ pipenv install\r\nCreating a virtualenv for this project...\r\nPipfile: \/opt\/stack\/devstack\/kypo-crp-openstack-base\/Pipfile\r\nUsing \/usr\/bin\/python3.8 (3.8.10) to create virtualenv...\r\n\u2834 Creating virtual environment...created virtual environment CPython3.8.10.final.0-64 in 235ms\r\n  creator CPython3Posix(dest=\/opt\/stack\/.local\/share\/virtualenvs\/kypo-crp-openstack-base-5QbM23-5, clear=False, no_vcs_ignore=False, global                                                                                        =False)\r\n  seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=\/opt\/stack\/.local\/share\/virtualenv                                                                                        )\r\n    added seed packages: pip==21.3.1, setuptools==58.3.0, wheel==0.37.0\r\n  activators BashActivator,CShellActivator,FishActivator,NushellActivator,PowerShellActivator,PythonActivator\r\n\u2714 Successfully created virtual environment!\r\nVirtualenv location: \/opt\/stack\/.local\/share\/virtualenvs\/kypo-crp-openstack-base-5QbM23-5\r\nInstalling dependencies from Pipfile.lock (5ccba9)...\r\n  \ud83d\udc0d   \u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589 61\/61 \u2014 00:01:39\r\nTo activate this project's virtualenv, run pipenv shell.\r\nAlternatively, run a command inside the virtualenv with pipenv run.<\/pre>\n
stack$ pipenv shell\r\nCreating a virtualenv for this project...\r\nPipfile: \/opt\/stack\/Pipfile\r\nUsing \/usr\/bin\/python3 (3.8.10) to create virtualenv...\r\n\u280b Creating virtual environment...created virtual environment CPython3.8.10.final.0-64 in 619ms\r\n  creator CPython3Posix(dest=\/opt\/stack\/.local\/share\/virtualenvs\/stack-mJieuOd4, clear=False, no_vcs_ignore=False, global=False)\r\n  seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=\/opt\/stack\/.local\/share\/virtualenv)\r\n    added seed packages: pip==21.3.1, setuptools==58.3.0, wheel==0.37.0\r\n  activators BashActivator,CShellActivator,FishActivator,NushellActivator,PowerShellActivator,PythonActivator\r\n\u2714 Successfully created virtual environment!\r\nVirtualenv location: \/opt\/stack\/.local\/share\/virtualenvs\/stack-mJieuOd4\r\nCreating a Pipfile for this project...\r\nLaunching subshell in virtual environment...\r\nstack$  . \/opt\/stack\/.local\/share\/virtualenvs\/stack-mJieuOd4\/bin\/activate<\/pre>\n
((kypo-crp-openstack-base) ) stack$ pipenv sync\r\n\r\nInstalling dependencies from Pipfile.lock (5ccba9)...\r\n  \ud83d\udc0d   \u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589\u2589 0\/0 \u2014 00:00:00\r\nAll dependencies are now up-to-date!<\/pre>\n
Before to go to the deployment, you need to obtain several configuration values that might be specific to your OpenStack instance.<\/p>\n
stack$ openstack network list --external --column Name\r\n+--------+\r\n| Name   |\r\n+--------+\r\n| public |\r\n+--------+<\/pre>\n
stack$ openstack image list --column Name\r\n+---------------------------------+\r\n| Name                            |\r\n+---------------------------------+\r\n| Fedora-Cloud-Base-33-1.2.x86_64 |\r\n| cirros-0.5.2-x86_64-disk        |\r\n| ubuntu-focal-x86_64             |\r\n+---------------------------------+<\/pre>\n
stack$ openstack flavor list --column Name\r\n+-----------+\r\n| Name      |\r\n+-----------+\r\n| m1.tiny   |\r\n| m1.small  |\r\n| m1.medium |\r\n| m1.large  |\r\n| m1.nano   |\r\n| m1.xlarge |\r\n| m1.micro  |\r\n| cirros256 |\r\n| ds512M    |\r\n| ds1G      |\r\n| ds2G      |\r\n| ds4G      |\r\n+-----------+<\/pre>\n
Un-Source all variables from previous source command<\/p>\n
stack$ unset \"${!OS_@}\"<\/pre>\n
Below is the default openstack-defaults.sh file.<\/p>\n
stack$ cat openstack-defaults.sh\r\n#!\/usr\/bin\/env bash\r\n\r\nexport KYPO_HEAD_FLAVOR=\"standard.large\"\r\nexport KYPO_HEAD_IMAGE=\"ubuntu-focal-x86_64\"\r\nexport KYPO_HEAD_USER=\"ubuntu\"\r\nexport KYPO_PROXY_FLAVOR=\"standard.medium\"\r\nexport KYPO_PROXY_IMAGE=\"ubuntu-focal-x86_64\"\r\nexport KYPO_PROXY_USER=\"ubuntu\"\r\nexport DNS1=\"1.1.1.1\"\r\nexport DNS2=\"1.0.0.1\"<\/pre>\n
Modify this file and edit the desired values for images (<kypo_base_image>) and flavors (<kypo_base_flavor>). On my side, I remove “standard.large” flavor and “standard.medium” flavor. I replaced them with “m1.small” beause my config is not very strong.<\/p>\n
stack$ cat openstack-defaults.sh\r\n#!\/usr\/bin\/env bash\r\n\r\nexport KYPO_HEAD_FLAVOR=\"m1.small\"\r\nexport KYPO_HEAD_IMAGE=\"ubuntu-focal-x86_64\"\r\nexport KYPO_HEAD_USER=\"ubuntu\"\r\nexport KYPO_PROXY_FLAVOR=\"m1.small\"\r\nexport KYPO_PROXY_IMAGE=\"ubuntu-focal-x86_64\"\r\nexport KYPO_PROXY_USER=\"ubuntu\"\r\nexport DNS1=\"1.1.1.1\"\r\nexport DNS2=\"1.0.0.1\"<\/pre>\n
stack$ source openstack-defaults.sh<\/pre>\n
I checked default Security Group Rules. I’m not sure if I have to delete them or not. The tutorial is not clear about this point.<\/b><\/p>\n
stack$ openstack security group rule list default\r\n+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+\r\n| ID                                   | IP Protocol | Ethertype | IP Range  | Port Range | Remote Security Group                |\r\n+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+\r\n| 38b8c48a-494c-49bd-bee3-51e2c415f30b | None        | IPv4      | 0.0.0.0\/0 |            | d18b863a-0b8d-4110-878a-de40e24307a5 |\r\n| 7e5ae97e-cb42-4024-aeef-ed631a2b567c | None        | IPv6      | ::\/0      |            | None                                 |\r\n| d8808eb1-1edc-4e3f-8ddb-7061927fe9a3 | None        | IPv6      | ::\/0      |            | d18b863a-0b8d-4110-878a-de40e24307a5 |\r\n| de4d2cce-2fee-4e01-b966-5f7420c5d484 | None        | IPv4      | 0.0.0.0\/0 |            | None                                 |\r\n+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+<\/pre>\n
I then bootstraped Floating IPs and Keypair. The results will be saved into kypo-base-params.yml file. Private key of the keypair will be saved into <openstack-project>_kypo-base-key.key<\/p>\n
stack$ .\/bootstrap.sh public\r\nFloating IP kypo-base-head for network public does not exist. Creating...\r\nFloating IP kypo-base-proxy for network public does not exist. Creating...\r\nNo keypair with a name or ID of 'admin_kypo-base-key' exists.\r\nCreating keypair admin_kypo-base-key.\r\nfingerprint: 86:8f:ea:34:dc:4b:bc:77:a8:6d:d5:7b:42:3c:a4:e4\r\nname: admin_kypo-base-key\r\nuser_id: 042e20a21d0f4cf2a8473daf72ca2193\r\nPrivate key for user access does not exist. Creating...\r\nGenerating RSA private key, 2048 bit long modulus (2 primes)\r\n......................+++++\r\n..+++++\r\ne is 65537 (0x010001)<\/pre>\n
stack$ .\/create-base.sh\r\n\r\n2021-11-15 23:57:31Z [kypo-base-networking-stack]: CREATE_IN_PROGRESS  Stack CREATE started\r\n2021-11-15 23:57:31Z [kypo-base-networking-stack.kypo-base-net]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:31Z [kypo-base-networking-stack.kypo-base-net]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:31Z [kypo-base-networking-stack.kypo-base-subnet]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:32Z [kypo-base-networking-stack.kypo-base-router-public]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:32Z [kypo-base-networking-stack.kypo-base-subnet]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:32Z [kypo-base-networking-stack.kypo-base-router-public-port]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:33Z [kypo-base-networking-stack.kypo-base-router-public-port]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:34Z [kypo-base-networking-stack.kypo-base-router-public]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:34Z [kypo-base-networking-stack.kypo-base-router-public-interface]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:36Z [kypo-base-networking-stack.kypo-base-router-public-interface]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:36Z [kypo-base-networking-stack]: CREATE_COMPLETE  Stack CREATE completed successfully\r\n+---------------------+--------------------------------------+\r\n| Field               | Value                                |\r\n+---------------------+--------------------------------------+\r\n| id                  | cb20a1c9-da98-4699-a14e-09b4d2ee78a4 |\r\n| stack_name          | kypo-base-networking-stack           |\r\n| description         | KYPO base networking.                |\r\n| creation_time       | 2021-11-15T23:57:30Z                 |\r\n| updated_time        | None                                 |\r\n| stack_status        | CREATE_COMPLETE                      |\r\n| stack_status_reason | Stack CREATE completed successfully  |\r\n+---------------------+--------------------------------------+\r\n2021-11-15 23:57:42Z [kypo-base-security-groups-stack]: CREATE_IN_PROGRESS  Stack CREATE started\r\n2021-11-15 23:57:43Z [kypo-base-security-groups-stack.kypo-base-head-sg]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:43Z [kypo-base-security-groups-stack.kypo-base-head-sg]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:44Z [kypo-base-security-groups-stack.kypo-global-ingress-icmp]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:44Z [kypo-base-security-groups-stack.kypo-global-ingress-icmp]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:45Z [kypo-base-security-groups-stack.kypo-base-proxy-sg]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:45Z [kypo-base-security-groups-stack.kypo-base-proxy-sg]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:45Z [kypo-base-security-groups-stack.kypo-global-remote-security-groups]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:57:57Z [kypo-base-security-groups-stack.kypo-global-remote-security-groups]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:57:57Z [kypo-base-security-groups-stack]: CREATE_COMPLETE  Stack CREATE completed successfully\r\n+---------------------+--------------------------------------+\r\n| Field               | Value                                |\r\n+---------------------+--------------------------------------+\r\n| id                  | 0b52e47b-45d8-47cb-aa06-c204feedb038 |\r\n| stack_name          | kypo-base-security-groups-stack      |\r\n| description         | KYPO base security groups.           |\r\n| creation_time       | 2021-11-15T23:57:42Z                 |\r\n| updated_time        | None                                 |\r\n| stack_status        | CREATE_COMPLETE                      |\r\n| stack_status_reason | Stack CREATE completed successfully  |\r\n+---------------------+--------------------------------------+\r\n2021-11-15 23:58:00Z [kypo-head-stack]: CREATE_IN_PROGRESS  Stack CREATE started\r\n2021-11-15 23:58:00Z [kypo-head-stack.kypo-head-port]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:58:01Z [kypo-head-stack.kypo-head-port]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:58:01Z [kypo-head-stack.kypo-head-floating-ip]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:58:01Z [kypo-head-stack.kypo-head]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:58:01Z [kypo-head-stack.kypo-head-floating-ip]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:58:06Z [kypo-head-stack.kypo-head]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:58:06Z [kypo-head-stack]: CREATE_COMPLETE  Stack CREATE completed successfully\r\n+---------------------+--------------------------------------+\r\n| Field               | Value                                |\r\n+---------------------+--------------------------------------+\r\n| id                  | 043f10e3-a13d-4e87-9732-e85e13eb6e6c |\r\n| stack_name          | kypo-head-stack                      |\r\n| description         | KYPO Head server.                    |\r\n| creation_time       | 2021-11-15T23:58:00Z                 |\r\n| updated_time        | None                                 |\r\n| stack_status        | CREATE_COMPLETE                      |\r\n| stack_status_reason | Stack CREATE completed successfully  |\r\n+---------------------+--------------------------------------+\r\n2021-11-15 23:58:12Z [kypo-proxy-jump-stack]: CREATE_IN_PROGRESS  Stack CREATE started\r\n2021-11-15 23:58:12Z [kypo-proxy-jump-stack.kypo-proxy-jump-port]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:58:13Z [kypo-proxy-jump-stack.kypo-proxy-jump-port]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:58:13Z [kypo-proxy-jump-stack.kypo-proxy-jump-floating-ip]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:58:13Z [kypo-proxy-jump-stack.kypo-proxy-jump]: CREATE_IN_PROGRESS  state changed\r\n2021-11-15 23:58:14Z [kypo-proxy-jump-stack.kypo-proxy-jump-floating-ip]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:58:19Z [kypo-proxy-jump-stack.kypo-proxy-jump]: CREATE_COMPLETE  state changed\r\n2021-11-15 23:58:19Z [kypo-proxy-jump-stack]: CREATE_COMPLETE  Stack CREATE completed successfully\r\n+---------------------+--------------------------------------+\r\n| Field               | Value                                |\r\n+---------------------+--------------------------------------+\r\n| id                  | 479af43a-a6f8-4413-8291-5ce03eb56a4b |\r\n| stack_name          | kypo-proxy-jump-stack                |\r\n| description         | KYPO Proxy Jump server.              |\r\n| creation_time       | 2021-11-15T23:58:12Z                 |\r\n| updated_time        | None                                 |\r\n| stack_status        | CREATE_COMPLETE                      |\r\n| stack_status_reason | Stack CREATE completed successfully  |\r\n+---------------------+--------------------------------------+<\/pre>\n
I checked the stack list<\/p>\n
stack$ openstack stack list\r\n+--------------------------------------+---------------------------------+-----------------+----------------------+--------------+\r\n| ID                                   | Stack Name                      | Stack Status    | Creation Time        | Updated Time |\r\n+--------------------------------------+---------------------------------+-----------------+----------------------+--------------+\r\n| 479af43a-a6f8-4413-8291-5ce03eb56a4b | kypo-proxy-jump-stack           | CREATE_COMPLETE | 2021-11-15T23:58:12Z | None         |\r\n| 043f10e3-a13d-4e87-9732-e85e13eb6e6c | kypo-head-stack                 | CREATE_COMPLETE | 2021-11-15T23:58:00Z | None         |\r\n| 0b52e47b-45d8-47cb-aa06-c204feedb038 | kypo-base-security-groups-stack | CREATE_COMPLETE | 2021-11-15T23:57:42Z | None         |\r\n| cb20a1c9-da98-4699-a14e-09b4d2ee78a4 | kypo-base-networking-stack      | CREATE_COMPLETE | 2021-11-15T23:57:30Z | None         |\r\n+--------------------------------------+---------------------------------+-----------------+----------------------+--------------+<\/pre>\n
I checked all the installation on GUI Horizon dashboard<\/p>\n
\"\"<\/a><\/p>\n
\"\"<\/a><\/p>\n
\"\"<\/a><\/p>\n
\"\"<\/a><\/p>\n
\"\"<\/a><\/p>\n
\"\"<\/a><\/p>\n
I launched Ansible scripts to test connectivity. PING and SSH are OK.<\/p>\n
((kypo-crp-openstack-base) ) root@xxxxxxxx:~\/kypo-crp-openstack-base# .\/ansible-check-base.sh\r\n\r\nPLAY [Check Base Stack] *********************************************************************************************************************************************************************************************************************\r\n\r\nTASK [ping : Wait for ssh connection] *******************************************************************************************************************************************************************************************************\r\nok: [kypo-base-head]\r\nok: [kypo-base-proxy]\r\n\r\nTASK [Try to reach the machine via ping] ****************************************************************************************************************************************************************************************************\r\nok: [kypo-base-head]\r\nok: [kypo-base-proxy]\r\n\r\nPLAY RECAP **********************************************************************************************************************************************************************************************************************************\r\nkypo-base-head             : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0\r\nkypo-base-proxy            : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0<\/pre>\n
((kypo-crp-openstack-base) ) root@xxxx:~\/kypo-crp-openstack-base# .\/ansible-user-access.sh\r\n\r\nPLAY [Create Access for KYPO User] **********************************************************************************************************************************************************************************************************\r\n\r\nTASK [Gathering Facts] **********************************************************************************************************************************************************************************************************************\r\nok: [kypo-base-proxy]\r\n\r\nTASK [user : Ensure group kypo] *************************************************************************************************************************************************************************************************************\r\nchanged: [kypo-base-proxy]\r\n\r\nTASK [Ensure user kypo] *********************************************************************************************************************************************************************************************************************\r\nchanged: [kypo-base-proxy]\r\n\r\nTASK [Set authorized key for kypo user] *****************************************************************************************************************************************************************************************************\r\nchanged: [kypo-base-proxy]\r\n\r\nTASK [Add kypo user to sudoers] *************************************************************************************************************************************************************************************************************\r\nchanged: [kypo-base-proxy]\r\n\r\nPLAY RECAP **********************************************************************************************************************************************************************************************************************************\r\nkypo-base-proxy            : ok=5    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0<\/pre>\n
All seem to be OK.<\/p>\n
Now I have a problem. I rebooted my OpenStack server and I lost connectivity between Openstask host and instances VM. Ping and SSH was NOK.<\/strong><\/p>\n
After several researches, I found that a Devstack environment is not persistent across server reboots.<\/strong><\/p>\n
DevStack provides a set of scripts for automated installation of OpenStack on Ubuntu as well as Fedora Linux. It is a tool to help OpenStack developers to quickly set up an OpenStack environment using scripts. These scripts automatically download or clone the required packages and repositories from the OpenStack website that are necessary for setting up an OpenStack cloud.\u00a0One drawback with this approach is that the environment is not persistent across server reboots.<\/p>\n
Newer versions of DevStack runs it’s services as systemd unit files so, you can use systemctl to manage them.\u00a0I checked Openstask services. All seem to be OK<\/p>\n
((kypo-crp-openstack-base) ) root@ip-172-31-6-66:~\/kypo-crp-openstack-base# sudo systemctl list-units devstack@*\r\n  UNIT                                  LOAD   ACTIVE SUB     DESCRIPTION\r\n  devstack@c-api.service                loaded active running Devstack devstack@c-api.service\r\n  devstack@c-sch.service                loaded active running Devstack devstack@c-sch.service\r\n  devstack@c-vol.service                loaded active running Devstack devstack@c-vol.service\r\n  devstack@dstat.service                loaded active running Devstack devstack@dstat.service\r\n  devstack@etcd.service                 loaded active running Devstack devstack@etcd.service\r\n  devstack@g-api.service                loaded active running Devstack devstack@g-api.service\r\n  devstack@h-api-cfn.service            loaded active running Devstack devstack@h-api-cfn.service\r\n  devstack@h-api.service                loaded active running Devstack devstack@h-api.service\r\n  devstack@h-eng.service                loaded active running Devstack devstack@h-eng.service\r\n  devstack@keystone.service             loaded active running Devstack devstack@keystone.service\r\n  devstack@n-api-meta.service           loaded active running Devstack devstack@n-api-meta.service\r\n  devstack@n-api.service                loaded active running Devstack devstack@n-api.service\r\n  devstack@n-cond-cell1.service         loaded active running Devstack devstack@n-cond-cell1.service\r\n  devstack@n-cpu.service                loaded active running Devstack devstack@n-cpu.service\r\n  devstack@n-novnc-cell1.service        loaded active running Devstack devstack@n-novnc-cell1.service\r\n  devstack@n-sch.service                loaded active running Devstack devstack@n-sch.service\r\n  devstack@n-super-cond.service         loaded active running Devstack devstack@n-super-cond.service\r\n  devstack@placement-api.service        loaded active running Devstack devstack@placement-api.service\r\n  devstack@q-ovn-metadata-agent.service loaded active running Devstack devstack@q-ovn-metadata-agent.service\r\n  devstack@q-svc.service                loaded active running Devstack devstack@q-svc.service\r\n\r\nLOAD   = Reflects whether the unit definition was properly loaded.\r\nACTIVE = The high-level unit activation state, i.e. generalization of SUB.\r\nSUB    = The low-level unit activation state, values depend on unit type.\r\n\r\n20 loaded units listed. Pass --all to see loaded but inactive units, too.\r\nTo show all installed unit files use 'systemctl list-unit-files'.<\/pre>\n
I also restarted all services without change<\/p>\n
sudo systemctl restart devstack@*<\/pre>\n
I checked the status of Open Vswitch<\/p>\n
((kypo-crp-openstack-base) ) root@ip-172-31-6-66:~\/kypo-crp-openstack-base# ovs-vsctl show\r\n95bd0929-30f8-42d8-9a66-699036952e8c\r\n    Manager \"ptcp:6640:127.0.0.1\"\r\n        is_connected: true\r\n    Bridge br-ex\r\n        Port br-ex\r\n            Interface br-ex\r\n                type: internal\r\n        Port patch-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3-to-br-int\r\n            Interface patch-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3-to-br-int\r\n                type: patch\r\n                options: {peer=patch-br-int-to-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3}\r\n    Bridge br-int\r\n        fail_mode: secure\r\n        datapath_type: system\r\n        Port br-int\r\n            Interface br-int\r\n                type: internal\r\n        Port tapf147ff8d-9b\r\n            Interface tapf147ff8d-9b\r\n        Port tapc6517e8f-b0\r\n            Interface tapc6517e8f-b0\r\n        Port tap7e86de1c-70\r\n            Interface tap7e86de1c-70\r\n        Port patch-br-int-to-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3\r\n            Interface patch-br-int-to-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3\r\n                type: patch\r\n                options: {peer=patch-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3-to-br-int}\r\n    ovs_version: \"2.13.3\"<\/pre>\n
((kypo-crp-openstack-base) ) root@ip-172-31-6-66:~\/kypo-crp-openstack-base# ovs-vsctl list-ports br-ex\r\npatch-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3-to-br-int<\/pre>\n
((kypo-crp-openstack-base) ) root@ip-172-31-6-66:~\/kypo-crp-openstack-base# ovs-vsctl list-ports br-int\r\npatch-br-int-to-provnet-b606a04f-2955-4f7d-807b-3677bb3cb4e3\r\ntap7e86de1c-70\r\ntapc6517e8f-b0\r\ntapf147ff8d-9b<\/pre>\n
I found some error but I don’t if it’s important<\/p>\n
((kypo-crp-openstack-base) ) root@ip-172-31-6-66:~\/kypo-crp-openstack-base# ovs-ofctl dump-ports br-ex\r\n2021-11-29T18:15:59Z|00001|vconn|WARN|unix:\/var\/run\/openvswitch\/br-ex.mgmt: version negotiation failed (we support version 0x01, peer supports versions 0x04, 0x06)\r\novs-ofctl: br-ex: failed to connect to socket (Broken pipe)<\/pre>\n
((kypo-crp-openstack-base) ) root@ip-172-31-6-66:~\/kypo-crp-openstack-base# ovs-dpctl show -s\r\nsystem@ovs-system:\r\n  lookups: hit:8565 missed:364 lost:0\r\n  flows: 4\r\n  masks: hit:14131 total:2 hit\/pkt:1.58\r\n  port 0: ovs-system (internal)\r\n    RX packets:0 errors:0 dropped:0 overruns:0 frame:0\r\n    TX packets:0 errors:0 dropped:0 aborted:0 carrier:0\r\n    collisions:0\r\n    RX bytes:0  TX bytes:0\r\n  port 1: br-ex (internal)\r\n    RX packets:0 errors:0 dropped:4285<\/strong> overruns:0 frame:0\r\n    TX packets:0 errors:0 dropped:0 aborted:0 carrier:0\r\n    collisions:0\r\n    RX bytes:0  TX bytes:0\r\n  port 2: br-int (internal)\r\n    RX packets:0 errors:0 dropped:0 overruns:0 frame:0\r\n    TX packets:0 errors:0 dropped:0 aborted:0 carrier:0\r\n    collisions:0\r\n    RX bytes:0  TX bytes:0\r\n  port 3: tap7e86de1c-70\r\n    RX packets:407 errors:0 dropped:0 overruns:0 frame:0\r\n    TX packets:38 errors:0 dropped:0 aborted:0 carrier:0\r\n    collisions:0\r\n    RX bytes:30048 (29.3 KiB)  TX bytes:2668 (2.6 KiB)\r\n  port 4: tapc6517e8f-b0\r\n    RX packets:4 errors:0 dropped:0 overruns:0 frame:0\r\n    TX packets:16 errors:0 dropped:0 aborted:0 carrier:0\r\n    collisions:0\r\n    RX bytes:360  TX bytes:1216 (1.2 KiB)\r\n  port 5: tapf147ff8d-9b\r\n    RX packets:1592 errors:0 dropped:0 overruns:0 frame:0\r\n    TX packets:119 errors:0 dropped:0 aborted:0 carrier:0\r\n    collisions:0\r\n    RX bytes:115182 (112.5 KiB)  TX bytes:6126 (6.0 KiB)<\/pre>\n
For the moment, I stopped the procedure at this level. I come back quickly. If you have some idea to help me to find connectivity between the OpenStack Host and instances VM, you are welcome !<\/p>\n
Ressources<\/h2>\n
Website: https:\/\/www.kypo.cz\/<\/a>
\nDocumentation: https:\/\/docs.crp.kypo.muni.cz\/<\/a>
\nGitlab: https:\/\/gitlab.ics.muni.cz\/muni-kypo-crp<\/a>
\nTwitter: https:\/\/twitter.com\/KYPOCRP<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
KYPO is a Cyber Range Platform (KYPO CRP) developed by Masaryk University since 2013. KYPO CRP is entirely based on state-of-the-art approaches such as containers, infrastructures as code, microservices, and open-source software, including cloud provider technology – OpenStack. (source). KYPO CRP is now part of CONCORDIA consortium. CONCORDIA H2020 is a dedicated consortium of over […]<\/p>\n","protected":false},"author":1,"featured_media":1759,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38],"tags":[],"class_list":{"0":"post-1765","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-en"},"a3_pvc":{"activated":false,"total_views":0,"today_views":0},"yoast_head":"\nInstall KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud - Space & Cybersecurity Info<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud - Space & Cybersecurity Info\" \/>\n<meta property=\"og:description\" content=\"KYPO is a Cyber Range Platform (KYPO CRP) developed by Masaryk University since 2013. KYPO CRP is entirely based on state-of-the-art approaches such as containers, infrastructures as code, microservices, and open-source software, including cloud provider technology – OpenStack. (source). KYPO CRP is now part of CONCORDIA consortium. CONCORDIA H2020 is a dedicated consortium of over […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/\" \/>\n<meta property=\"og:site_name\" content=\"Space & Cybersecurity Info\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-14T21:30:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-11-30T16:33:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2021\/11\/openstack-dashboard.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"467\" \/>\n\t<meta property=\"og:image:height\" content=\"487\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fran\u00e7ois Quiquet\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fran\u00e7ois Quiquet\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"19 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/\"},\"author\":{\"name\":\"Fran\u00e7ois Quiquet\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/person\\\/5e36ba49bf1d87a387c9ab60c233013c\"},\"headline\":\"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud\",\"datePublished\":\"2021-11-14T21:30:36+00:00\",\"dateModified\":\"2021-11-30T16:33:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/\"},\"wordCount\":1420,\"commentCount\":4,\"publisher\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/openstack-dashboard.jpg\",\"articleSection\":[\"Cyber\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/\",\"name\":\"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud - Space & Cybersecurity Info\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/openstack-dashboard.jpg\",\"datePublished\":\"2021-11-14T21:30:36+00:00\",\"dateModified\":\"2021-11-30T16:33:29+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/openstack-dashboard.jpg\",\"contentUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/openstack-dashboard.jpg\",\"width\":467,\"height\":487},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/install-kypo-cyber-range-platform-on-openstack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/\",\"name\":\"Space Cybersecurity Info\",\"description\":\"La cybers\u00e9curit\u00e9 appliqu\u00e9e au domaine de l'espace\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#organization\",\"name\":\"Space Security Info\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/SSI-Logo-4.jpg\",\"contentUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/SSI-Logo-4.jpg\",\"width\":594,\"height\":144,\"caption\":\"Space Security Info\"},\"image\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/person\\\/5e36ba49bf1d87a387c9ab60c233013c\",\"name\":\"Fran\u00e7ois Quiquet\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g\",\"caption\":\"Fran\u00e7ois Quiquet\"},\"description\":\"(EN) I'm a cybersecurity engineer in network, telecommunication and embedded\\\/integrated systems. Founder of the website spacesecurity.info. Passionate about cybersecurity and space, I share my two passions through this site. My goal is to federate a community around these two themes. Join my LinkedIn Group. (FR) Je suis ing\u00e9nieur cybers\u00e9curit\u00e9 en r\u00e9seau, t\u00e9l\u00e9communication et syst\u00e8mes embarqu\u00e9s et int\u00e9gr\u00e9s. Fondateur du site spacesecurity.info. Passionn\u00e9 de cybers\u00e9curit\u00e9 et du monde de l'espace, j'ai souhait\u00e9 partager mes deux passions \u00e0 travers ce site. Mon objectif est de f\u00e9d\u00e9rer une communaut\u00e9 autour de ces deux th\u00e8mes. Rejoindre mon groupe LinkedIn.\",\"sameAs\":[\"https:\\\/\\\/www.spacesecurity.info\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/francoisquiquet\\\/\"],\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/author\\\/francois\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud - Space & Cybersecurity Info","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/","og_locale":"en_US","og_type":"article","og_title":"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud - Space & Cybersecurity Info","og_description":"KYPO is a Cyber Range Platform (KYPO CRP) developed by Masaryk University since 2013. KYPO CRP is entirely based on state-of-the-art approaches such as containers, infrastructures as code, microservices, and open-source software, including cloud provider technology – OpenStack. (source). KYPO CRP is now part of CONCORDIA consortium. CONCORDIA H2020 is a dedicated consortium of over […]","og_url":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/","og_site_name":"Space & Cybersecurity Info","article_published_time":"2021-11-14T21:30:36+00:00","article_modified_time":"2021-11-30T16:33:29+00:00","og_image":[{"width":467,"height":487,"url":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2021\/11\/openstack-dashboard.jpg","type":"image\/jpeg"}],"author":"Fran\u00e7ois Quiquet","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fran\u00e7ois Quiquet","Est. reading time":"19 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#article","isPartOf":{"@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/"},"author":{"name":"Fran\u00e7ois Quiquet","@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/person\/5e36ba49bf1d87a387c9ab60c233013c"},"headline":"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud","datePublished":"2021-11-14T21:30:36+00:00","dateModified":"2021-11-30T16:33:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/"},"wordCount":1420,"commentCount":4,"publisher":{"@id":"https:\/\/www.spacesecurity.info\/en\/#organization"},"image":{"@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2021\/11\/openstack-dashboard.jpg","articleSection":["Cyber"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/","url":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/","name":"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud - Space & Cybersecurity Info","isPartOf":{"@id":"https:\/\/www.spacesecurity.info\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#primaryimage"},"image":{"@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2021\/11\/openstack-dashboard.jpg","datePublished":"2021-11-14T21:30:36+00:00","dateModified":"2021-11-30T16:33:29+00:00","breadcrumb":{"@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#primaryimage","url":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2021\/11\/openstack-dashboard.jpg","contentUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2021\/11\/openstack-dashboard.jpg","width":467,"height":487},{"@type":"BreadcrumbList","@id":"https:\/\/www.spacesecurity.info\/en\/install-kypo-cyber-range-platform-on-openstack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.spacesecurity.info\/en\/"},{"@type":"ListItem","position":2,"name":"Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud"}]},{"@type":"WebSite","@id":"https:\/\/www.spacesecurity.info\/en\/#website","url":"https:\/\/www.spacesecurity.info\/en\/","name":"Space Cybersecurity Info","description":"La cybers\u00e9curit\u00e9 appliqu\u00e9e au domaine de l'espace","publisher":{"@id":"https:\/\/www.spacesecurity.info\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.spacesecurity.info\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.spacesecurity.info\/en\/#organization","name":"Space Security Info","url":"https:\/\/www.spacesecurity.info\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2020\/05\/SSI-Logo-4.jpg","contentUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2020\/05\/SSI-Logo-4.jpg","width":594,"height":144,"caption":"Space Security Info"},"image":{"@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/person\/5e36ba49bf1d87a387c9ab60c233013c","name":"Fran\u00e7ois Quiquet","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g","caption":"Fran\u00e7ois Quiquet"},"description":"(EN) I'm a cybersecurity engineer in network, telecommunication and embedded\/integrated systems. Founder of the website spacesecurity.info. Passionate about cybersecurity and space, I share my two passions through this site. My goal is to federate a community around these two themes. Join my LinkedIn Group. (FR) Je suis ing\u00e9nieur cybers\u00e9curit\u00e9 en r\u00e9seau, t\u00e9l\u00e9communication et syst\u00e8mes embarqu\u00e9s et int\u00e9gr\u00e9s. Fondateur du site spacesecurity.info. Passionn\u00e9 de cybers\u00e9curit\u00e9 et du monde de l'espace, j'ai souhait\u00e9 partager mes deux passions \u00e0 travers ce site. Mon objectif est de f\u00e9d\u00e9rer une communaut\u00e9 autour de ces deux th\u00e8mes. Rejoindre mon groupe LinkedIn.","sameAs":["https:\/\/www.spacesecurity.info","https:\/\/www.linkedin.com\/in\/francoisquiquet\/"],"url":"https:\/\/www.spacesecurity.info\/en\/author\/francois\/"}]}},"_links":{"self":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts\/1765","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/comments?post=1765"}],"version-history":[{"count":47,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts\/1765\/revisions"}],"predecessor-version":[{"id":1882,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts\/1765\/revisions\/1882"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/media\/1759"}],"wp:attachment":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/media?parent=1765"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/categories?post=1765"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/tags?post=1765"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}