The Liquidstate Lab Server is an aged Dell PowerEdge 840, which used to run a whitebox version of ESXi 4.  However, times change and I didn't fancy trying to re-do all the driver work to get ESXi 5 (or soon 6) installed.  So, instead, I decided to deploy OpenStack instead.  Installing RedHat's RDO release is remarkable straight-forward if you follow the QuickStart "all-in-one"guide, but it sets everything up on a network, meaning that you won't be able to access your virtual machines from your home network.  In this post, I'll talk you through OpenStack RDO installation and network configuration.

The Setup

First, a bit about my set up here.  I have a local area network that uses the address range.  My gateway is on and I use google for my DNS ( and  I've assigned for the OpenShift management interface.  I want OpenShift virtual machines to be connected to a private internal network on  I wish to connect those two networks such that I can assign floating IPs to virtual machines, making them accessible on my home network.

Initial OS Installation

Start with a base CentOS 6.x image, making sure its all up to date. Install the RDO yum repository and install the Open vSwitch package, which we'll use later.  Finally, do a quick reboot to ensure we're using the latest kernel.

yum install -y
yum update
yum install openvswitch

Configure Networking

Now we want to re-configure our networking such that our primary network interface acts as a bridge into OpenStack's virtual networking.  Define ifcfg-br-ex using the IP address that you would like to use for the management interface for OpenStack.

$ cat /etc/sysconfig/network-scripts/ifcfg-br-ex

Now, re-configure your primary interface (eth0 in my case) to use the new bridge interface:

$ cat /etc/sysconfig/network-scripts/ifcfg-eth0

Restart the networking stack, and if everything has gone well, you should still be able to access the server from your local network.

service network restart

Install RDO OpenStack

Install PackStack (a utility for installing and configuring OpenStack) and run it.  PackStack will install and configure all the various OpenStack components.  It can take quite a long time, depending on your server specification and Internet connection.  For me, it took around 10-15 minutes.  You might want to fetch a nice cold beer ... you might need it for the next bit!

yum install -y openstack-packstack
packstack —allinone

There is some minor changes required to OpenStack's configuration to make it work they way we want:

$ for i in /etc/neutron/*.ini
    sed -i "s/^[# ]*ovs_use_veth.*$/ovs_use_veth = True/g" $i
$ sed -i \
    -e "s/^[# ]*enable_isolated_metadata.*$/enable_isolated_metadata = True/g" \
    -e "s/^[# ]*enable_metadata_network.*$/enable_metadata_network = True/g"  \

Once the configuration is updated, reboot and let OpenStack start up its various services.


Remove Default Network Configuration

After the reboot, you should be able to log in to the OpenStack web interface "Horizon" - for me, at   The username is admin and you will find the password in /root/keystonerc_admin.

Once logged in, go to the Routers and Networks sections and remove the default networking configuration.  For me, that included router1, the public network and the demo network.

New Network Configuration

SSH into your OpenStack server as root and load the admin keystone details.  This will configure your environment so that you can re-configure OpenStack from the command line.

$ source /root/keystonerc_admin

Now let's define the default security group to allow pings and SSH.

nova secgroup-add-rule default icmp -1 -1
nova secgroup-add-rule default tcp 22 22

Create a private virtual network for OpenStack to launch VMs on.  I use Google's DNS server (, but you could replace this with another if you wish.

neutron net-create private
neutron subnet-create private --name private --dns-nameserver

Tell OpenStack about your home network and what IPs you wish to use as floating IPs for virtual machines.  You will need to tailor these settings to your own network.  For me, my router is on and there's nothing currently using -, so I've decided to dedicate that to OpenStack.

neutron net-create homelan --router:external=True
neutron subnet-create homelan --name homelan --enable_dhcp False --allocation_pool start=,end= --gateway

Now, create a virtual router in OpenStack to link the private virtual network to your physical homelan network.

HOMELAN_NETWORK_ID=`neutron net-list | grep homelan | awk '{ print $2 }'`
PRIVATE_SUBNET_ID=`neutron subnet-list | grep private | awk '{ print $2}'`
ADMIN_TENANT_ID=`keystone tenant-list | grep admin | awk '{ print $2}'`
neutron router-create --name router --tenant-id $ADMIN_TENANT_ID router
neutron router-gateway-set router $HOMELAN_NETWORK_ID
neutron router-interface-add router $PRIVATE_SUBNET_ID


And, that's it!  Now you should be able to spin up new instances on the private network and assign floating IPs from the network to make them accessible outside OpenStack.  "easy" when you know how, right?