To create a new eve-ng instance on Openstack infrastructure:
1. Login to Openstack via https://cloud.grid.pub.ro/ using login upb (same steps used for login to curs upb). You should be alreayd included in sred_prj (in case you do not have access, please contact @horia.stoenescu via Teams).
2. Go to instances and launch a new one using the following configuration:
- give it a specific name - Instance Name - for example: ion_popescu_eve_ng
- for Source, select image SRED eve-ng
- for flavor, select m1.sred_flavor (⚠️ lower ones will not work as image requires at least 60 GB of storage and 16GB of RAM)
- for network, select vlan9 (your VM should have IP 10.9.*.* after spawning the instance)
- for network ports and security groups keep default values
- in case you did not have already a key pair generated, create a new one, save the private key to your fep instance on path /root/.ssh/fep_rsa, and select it for the newly deployed instance
- the rest of configuration keep as it is
3. Wait for 2, 3 minutes for the instance to boot up, login using default credential root:eve (in case they did not work, wait some more minutes). After this, you will configure the instance from Console tab: add a root password, select dhcp, and default ntp server.
4. Login again to Console using the same credentials, find the ip address, and using ssh forward the port 80 of eve-ng platform to local one (let's say 8080):
ssh -i /path/to/ssh/private/key -L 127.0.0.1:8080:$IP-EVE-NG-INSTANCE:80 $USER-LDAP@fep.grid.pub.ro # change IP-EVE-NG-INSTANCE and USER-LDAP with your personal values
5. At last, login to platform from browser using default credentials admin:eve and start working on lab exercises
6. (update) For connecting nodes to Internet, you cannot use Management/Cloud0/pnet0, as we require special permissions (enabling Promiscuous mode, forged arp packets, and mac address changes), and instead use a workaround to trick it by using Cloud1 (from here: https://www.youtube.com/watch?v=7CJR2l8VXM0&ab_channel=NetworkCollective).
Steps:
A. Configure interface pnet1 from /etc/network/interfaces as follows:
iface eth1 inet manual auto pnet1 iface pnet1 inet static bridge_ports eth1 bridge_stp off address 10.199.199.1 netmask 255.255.255.0
Then, restart networking service:
systemctl restart networking.service
B. Enable ip forwarding by commenting from /etc/sysctl.conf:
# from sysctl.conf net.ip4.ip_forward=1 # then sysctl -p /etc/sysctl.conf
C. At last, add a rule for forwarding all packets via nat to pnet0 and make this configuration persistent:
iptables -t nat -A POSTROUTING -s 10.199.199.0/24 -o pnet0 -j MASQUERADE # install iptables-persistent apt-get install -y iptables-persistent # after a reboot, configuration should remain for nat chain