How To Change OpenStack’s Dashboard Root URL

.

Horizon is the canonical implementation of OpenStack’s Dashboard which provides web interface to OpenStack services like Nova, Swift, …. To access Horizon, you browse to “http://Your-IP-Address/dashboard/” and you get this page:

But what if you have multiple applications and you want to have the URL like this “http://Your-IP-Address/Something/dashboard“.  Follow these steps:

Usually the Apache main configuration file is “/etc/httpd/conf/httpd.conf“. In this file you have this statement: IncludeOptional “/etc/httpd/conf.d/*.conf”. This means the configuration files in this folder “/etc/httpd/conf.d/” are included. Open the file “/etc/httpd/conf.d/15-horizon_vhost.conf” :

# vi /etc/httpd/conf.d/15-horizon_vhost.conf

Lets say you want to add /openstack to the original URL. So you want to browse the dashboard as following “http://Your-IP-Address/openstack/dashboard“. Change this line:

WSGIScriptAlias /dashboard “/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi”

To

WSGIScriptAlias /openstack/dashboard “/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi”

Now open the file “/usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py” and customize the following lines to use “/openstack/dashboard” instead of just “/dashboard”:

LOGIN_REDIRECT_URL=”Your-IP-Address/dashboard”

LOGIN_URL = ‘/dashboard/auth/login/’
LOGOUT_URL = ‘/dashboard/auth/logout/’
LOGIN_REDIRECT_URL = ‘/dashboard’

Now you need to restart Apache:

# systemctl restart httpd.service

Now browse to “http://Your-IP-Address/openstack/dashboard” and you will get this page again. Congratulation !

Click on the picture below and look at the URL. It is changed.

And this is the page you get after successful login. Click on the picture and look at the URL:

Screenshot from 2015-03-10 21:29:51You can also make it like this “http://Your-IP-Address/openstack/horizon-dashboard“. In this case the WSGIScriptAlias will be /openstack/horizon-dashboard. The same for other parameters customization.


Advertisements

Homer as a SIP Capturing System – Part 2

.

Introduction

In Part 1, i have talked about the definition of Homer. In this article i will talk about these:

  • Compilation and Installation of SipCapture module with OpenSIPS. To have more control over the installation process, i will do the compilation from the source.
  • Preparing Homer database.
  • Installation and configuration of Homer web interface.

Please have a look here OpenSIPS Compilation and Installation.

Some Packages must be Installed

To be able to compile the Sip_Capture module and install it, you need some packages installed on your system. Here i am using Fedora Red Hat.

# yum  install autoconf automake bzip2 cpio curl curl-devel curl-devel expat-devel fileutils make gcc gcc-c++ gettext-devel gnutls-devel ncftp nmap openssl openssl-devel mod_ssl mcrypt perl patch unzip wget zip zlib zlib-devel bison flex mysql mysql-server mysql-devel pcre-devel libxml2-devel sox httpd php php-gd php-mysql php-json git php-mysql php-devel php-gd

# yum install php-pecl-jsonc php-pecl-jsonc-devel

Some of above packages are needed for Homer Web interface.

Compilation and Installation of SipCapture Module

  • Go to the folder where you have the source code of OpenSIPS. SipCapture module is included with OpenSIPS (“/usr/local/src/opensips_1_11/modules/sipcapture”). To compile it, do these:

# cd  /usr/local/src/opensips_1_11/

  • Compile the SipCapture module as following:

# make include_modules=”sipcapture” modules

  • Install it:

# make install

  • Go to “/usr/local/opensips_1_11/lib64/opensips/modules/” and be sure there is a file named sipcapture.so

Downoad Homer Web

 # cd /var/www/

# git clone https://code.google.com/p/homer/

Or

# git clone https://github.com/sipcapture/homer/

# cd homer

Preparing Homer Databases

Now we want to prepare the databases that are used by the capturing server and the web interface:

Run Mysql server: # systemctl start mysqld.service

  • We will login to mysql as root (# mysql -uroot -p password) and add the super user “homeruser” :

MariaDB [(none)]> CREATE USER homeruser@localhost IDENTIFIED BY “homerpass”;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO homeruser@localhost WITH GRANT OPTION;

  • Create the database “homer_db” by the user “homeruser”:

# mysql –uhomeruser –phomerpass -e “create database IF NOT EXISTS homer_db”;

  • Create another database “homer_users“:

# mysql -uhomeruser -phomerpass -e create database IF NOT EXISTS homer_users;

  • Create the required tables:

# mysql -uhomeruser -phomerpass -Dhomer_db < sql/create_sipcapture_version_4.sql

# mysql -uhomeruser -phomerpass -Dhomer_db < webhomer/sql/statistics.sql
# mysql -uhomeruser -phomerpass -Dhomer_users < webhomer/sql/homer_users.sql

  • Some nodes are added as default. So  i will delete them:

# mysql -uhomeruser -phomerpass -Dhomer_users -e TRUNCATE TABLE homer_nodes;

  • Now i will add my node:

# mysql -uhomeruser -phomerpass -Dhomer_users -e “INSERT INTO homer_nodes VALUES(1,’127.0.0.1′,’homer_db’,’3306′,’homeruser’,’homerpass’,’sip_capture’,’node1′, 1);”

  • Add web user: user level can be: 1 – ADMIN, 2 – Power User, 3 – User

I will delete the default user (test@test.com,test123):

# mysql -uhomeruser -phomerpass -Dhomer_users -e TRUNCATE TABLE homer_logon;

Now i will add my admin:

# mysql -uhomeruser -phomerpass -Dhomer_users -e “INSERT INTO homer_logon VALUES(NULL, ‘Admin’, MD5(‘admin123’), 1);”

Configuration of Homer Web Interface

We are in this folder “/var/www/homer/webhomer/”. The configuration and preferences PHP pages are exist in that folder. Just rename the files “configuration_example.php”  to “configuration.php” and  “preferences_example.php” to “preferences.php”.

# cp configuration_example.php configuration.php
# cp preferences_example.php preferences.php

Give (Read,Write,Execute) permission to Homer tmp folder:

# chmod 777 tmp/

If you have SELinux enabled, please run SELinux troubleshooter and follow what it will suggest to do to give permission to “tmp/”

Set the time zone of the Homer server

Take the time zone of your system (# system-config-date) and set it in the variable “HOMER_TIMEZONE” in the file “preferences.php”.

# vim preferences.php

define(‘HOMER_TIMEZONE’, “Europe/Stockholm”);

Configuration of database access credentials

Adjust the database access credentials in the configuration file “configuration.php”.

/* Access Credentials to “homer_users” Database */
define(‘HOST’, “localhost”);
define(‘PORT’, 3306);
define(‘USER’, “homeruser”);
define(‘PW’, “homerpass”);
define(‘DB’, “homer_users”);

/* Access Credentials to “homer_db” Database */
define(‘HOMER_HOST’, “localhost”);
define(‘HOMER_PORT’, 3306);
define(‘HOMER_USER’, “homeruser”);
define(‘HOMER_PW’, “homerpass”);
define(‘HOMER_DB’, “homer_db”);
define(‘HOMER_TABLE’, “sip_capture”);

Some paths must be adjusted:

define(‘PCAPDIR’,”/var/www/homer/webhomer/tmp/”);
define(‘WEBPCAPLOC’,”/var/www/homer/webhomer/tmp/”);
define(‘APILOC’,”/var/www/homer/webhomer/api/”);

Apache Configuration

# vi /etc/httpd/conf/httpd.conf

Add these to httpd configuration file:

<Directory /var/www/homer/webhomer>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

Alias /homer /var/www/homer/webhomer

Restart the Httpd

# systemctl restart httpd

Open the browser and go to the URL : http://IP_address/homer. You will be here:

Login by this user  (username=”admin”, password=”admin123″). If it is ok with authentication, you will be here:

If you could not login from another computer, check the firewall configuration (Open the port 80 and 443 on your server). 443 is the HTTPS port /HTTP over TLS/SSL). We will see the related configuration in another article.

Till now Homer database is empty and we need to run the capturing server which is responsible for capturing packets and insert them in the database.

OpenSIPS Configuration to be a Homer Capturing Server

OpenSIPS configuration file will be like the following:

# This Configuration file is taken from Homer GIT Page:

####### Global Parameters #########

debug=3
log_stderror=no
log_facility=LOG_LOCAL1

fork=yes
children=5

listen=udp:10.0.0.9:5060   # CUSTOMIZE ME

disable_tcp=yes
disable_tls=yes
#db_default_url="mysql://opensips:opensipsrw@localhost/opensips"

####### Modules Section ########
#set module path
mpath="/usr/local/opensips_1_11/lib64/opensips/modules/"

loadmodule "db_mysql.so"
loadmodule "sipcapture.so"

####### Routing Logic ########
modparam("sipcapture", "db_url", "mysql://homeruser:homerpass@localhost/homer_db")
modparam("sipcapture", "capture_on", 1)
modparam("sipcapture", "table_name", "sip_capture")
/* activate HEP capturing */
modparam("sipcapture", "hep_capture_on", 1)

/* configuration for Mirroring PORT */
modparam("sipcapture", "raw_socket_listen", "10.0.0.9:5060-6000")
modparam("sipcapture", "raw_interface", "eth1")
/* activate monitoring port capturing */
modparam("sipcapture", "raw_moni_capture_on", 1)
modparam("sipcapture", "raw_sock_children", 4)
/* Promiscious mode */
modparam("sipcapture", "promiscious_on", 1)

####### Routing Logic ########


# main request routing logic

# Main SIP request routing logic
# - processing of any incoming SIP request starts with this route
route {
        #For example, you can capture only needed methods...
        #if (!(method =~ "^(OPTIONS|NOTIFY|SUBSCRIBE)$"))) {
                sip_capture();
        #}
        drop;
}

onreply_route {

        #And only needed reply or needed requests method
        #if(status =~ "^(1[0-9][0-9]|[3[0-9][0-9]|4[0-9]|[56][0-9][0-9])") {
        #if(!($rm =~ "^(NOTIFY|SUBSCRIBE|OPTIONS|)$")) {
                sip_capture();
        #}
        drop;
}

Save the file and restart OpenSIPS:

# systemctl restart opensips.service

Troubleshooting

Missed column  “authorization” in the capturing table “sip_capture”

MariaDB [(none)]> alter table sip_capture ADD authorization VARCHAR(125);

Now the capturing server can store the packets in the database homer_db

OpenSIPS as a SIP Capturing Agent

OpenSIPS SIPTRACE module can send the captured packets to an external HEP server (Homer capturing server) instead of storing them in the local database. The following is the configuration to send the captured packets out:

modparam(“siptrace”, “duplicate_uri”, “sip:10.0.0.1:9060″) # The capturing server address to send a duplicate of traced message to.

modparam(“siptrace”, “duplicate_with_hep”, 1)  # Enable HEP

modparam(“siptrace”, “trace_to_database”, 0) # Disable tracing to the local database


Next

The next part will be exploring Homer through its web interface and enabling statistics.


More Information


OpenSIPS-CP Installation & Configuration

.

.

Installation and Configuration Steps:

Apache must be Installed and Configured:

# yum install httpd

Run it :

# systemctl start httpd

Then be sure it is running: # ps aux |grep http or # netstat -lpn |grep http

Go to  http://opensips-cp.sourceforge.net/ and get the source:

# cd /var/www

# svn checkout svn://svn.code.sf.net/p/opensips-cp/code/trunk opensips-cp

Install PHP and some extensions: Here i have Fedora Red Hat:

 #  yum install php php-common php-gd php-mysql php-xmlrpc php-pear

Install Mysql Driver

# pear install mdb2#mysql

Check if the Extensions are Installed Correctly:

For Redhat check “mysql.ini”/”mysqlnd.ini”, “gd.ini”, “xmlrpc.ini” in “/etc/php.d/”.

Enable short_open_tag in “/etc/php.ini”:

 short_open_tag = On

Configure OpenSIPS-CP’s Database Connection:

# cd /var/www/opensips-cp

# vi config/db.inc.php

Configure OpenSIPS-CP Boxes:

The configuration of these boxes determines how the OpenSIPS-CP will communicate with OpenSIPS. For example you can configure Mi box to access the OpenSIPS Mi interface. This can be through RPC protocol, FIFO, UDP, or JSON.

 # vi config/boxes.global.inc.php

Part of this file:

            // options: fifo:/path/to/fifo_file | xmlrpc:host:port | udp:host:port | json:json_url

            $boxes[$box_id][‘mi’][‘conn’]=”fifo:/tmp/opensips_fifo“;

This file “/tmp/opensips_fifo” is configured  in OpenSIPS’s configuration file in the FIFO module section:

            #### FIFO Management Interface

            loadmodule “mi_fifo.so”

            modparam(“mi_fifo”, “fifo_name”, “/tmp/opensips_fifo”)

            modparam(“mi_fifo”, “fifo_mode”, 0666)

This file is created by OpenSIPS. so the access permission to this file is determined by OpenSIPS. “0666” is the (read&write for all ) permission to the fifo file.

Note: The global  file “/var/www/opensips-cp/config/boxes.global.inc.php” is important but also the local file for each module is important. For example: the file “/var/www/opensips-cp/config/tools/system/dialog/local.inc.php” contains some options  for “dialog” module.

If you have any problem related to accessing the fifo file please click here.

Now OpenSIPS-CP can access the opensips database and can communicate with opensips through Mi interface.

OpenSIPS-CP needs an extra table as an addition to OpenSIPS’s Database. We need to push it in the opensips database. Install the “ocp_admin_privileges” table schema.

# cd /var/www/opensips-cp

# mysql -Dopensips -p < config/tools/admin/add_admin/ocp_admin_privileges.mysql

Create Admin Account with all Privileges:

You will use this account from the opensips-cp web interface. I will add the user admin with password admin withh full permission:

Login to the Database as Root

         # mysql -uroot -p

Mysql> use opensips;

Mysql> INSERT INTO ocp_admin_privileges (username,password,ha1,available_tools,permissions) values (‘admin’,’admin’,md5(‘admin:admin’),’all’,’all’);

Configure Apache:

# vi /etc/httpd/conf/httpd.conf

Add the following:

<Directory /var/www/opensips-cp>

Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all denied

</Directory>

<Directory  /var/www/opensips-cp/web>

Options Indexes FollowSymLinks MultiViews

AllowOverride None
Require all granted

</Directory>

Alias /cp /var/www/opensips-cp/web

Restart Apache:

# systemctl restart httpd

Make apache, the owner of opensips-cp folder:

# chown -R apache:apache /var/www/opensips-cp/

Open the browser and go to OpenSIPS-CP main page: http://localhost/cp

 snapshot6Login by username:admin and password:admin

snapshot7

Go a head and explore it.


More Information