Open Stack

Hello,

If you want an environment as close to production as possible, having one single node is not enough. Plus, there will be operations that you won't be able to do, like live-migration / cold migration, as there is no other compute node.

At a minimum, you should have 3 nodes (1 OpenStack controller + 2 compute nodes). The OpenStack Controller will have to be a Linux-type OS and for its setup, you can use RDO / Fuel. Or, if it's just for testing, devstack could also work.

As for the compute nodes, I suggest upgrading to at least Windows / Hyper-V Server 2012 R2, even even the newly released Windows / Hyper-V Server 2016, as a lot of great features were added in the later versions of Hyper-V. Keep in mind that Hyper-V Server is FREE, and you can download it from here:  [1]. Another thing that you should have, is an Active Directory, and have your Hyper-V nodes joined in that AD; this will allow you to perform live-migration. For AD, you will need a Windows Server. You can simply enable it.

In order to use your Hyper-V compute nodes in your environment, I suggest using this installer: [2]

As for networking, my first recommendation would be to use Windows OVS [3].  If not, there's neutron-hyperv-agent, which can do the port binding, but it can only bind flat / vlan networks. Also, you will need to install the "hyperv" mechanism_driver. See this for more details [4].

But, for a simple, quick one-node deployment, you can try v-magine. [5]

As far as images go, don't forget to sysprep your images with cloud-init for Linux-type VMs and cloudbase-init for Windows VMs [6]. You can find some already sysprepped Windows Server 2012 R2 images here: [7]

Since your interest is Security, I'd suggest you look into Shielded VMs [8]. It is a new features that came out with Windows Server 2016, which basically means highly secure VMs, which can't be accessed in any way without the proper credentials, even if the Hyper-V host is compromised.

For more information about all sorts of OpenStack + Hyper-V information, you can check the plethora of articles on this blog: [9]

[1] https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2016
[2] https://cloudbase.it/openstack-hyperv-driver/
[3] https://cloudbase.it/openvswitch/
[4] https://cloudbase.it/neutron-hyper-v-plugin/
[5] https://cloudbase.it/v-magine/
[6] https://cloudbase.it/cloudbase-init/
[7] https://cloudbase.it/windows-cloud-images/
[8] https://cloudbase.it/hyperv-shielded-vms-part-1/
[9] https://cloudbase.it/blog/

Best regards,

Claudiu Belu

________________________________________
From: Björn Stübe [info at bjoern-stuebe.de]
Sent: Wednesday, November 30, 2016 11:14 AM
To: openstack at lists.openstack.org
Subject: [Openstack] Implementation OpenStack

Hey Community,

I want to implement an OpenStack infrastructure to make a security audit
for study purposes. The environment should be close to a productive
environment. In my university, I'm able to use an server with Windows
Server 2012 and Hyper-V installed. Is this a hardware environment which
is usable for me? Do you have other tipps to implement such an
environment for my purposes?

Best regards,
Björn

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack