OpenStack instances come online with multiple network ports attached

I ran into an interesting problem recently in my production OpenStack deployment that runs the Mitaka release. On various occasions, instances were coming online with multiple network ports attached, even though I only asked for one network port. The problem If I issued a build request for ten instances, I’d usually end up with this: 6 instances with one network port attached 2-3 instances with two network ports attached (not what I want) 1-2 instances with three or four network ports attached (definitely not what I want) When I examined the instances with multiple network ports attached, I found that one of the network ports would be marked as up while the others would be marked as down....

2016-08-03 · 6 min · Major Hayden

Setting up a telnet handler for OpenStack Zuul CI jobs in GNOME 3

The OpenStack Zuul system has gone through some big changes recently, and one of those changes is around how you monitor a running CI job. I work on OpenStack-Ansible quite often, and the gate jobs can take almost an hour to complete at times. It can be helpful to watch the output of a Zuul job to catch a problem or follow a breakpoint. New Zuul In the previous version of Zuul, you could access the Jenkins server that was running the CI job and monitor its progress right in your browser....

2016-07-22 · 3 min · Major Hayden

What’s Happening in OpenStack-Ansible (WHOA) – July 2016

This post is the second installment in the series of What’s Happening in OpenStack-Ansible (WHOA) posts that I’m assembling each month. My goal is to inform more people about what we’re doing in the OpenStack-Ansible community and bring on more contributors to the project. July brought lots of changes for the OpenStack-Ansible project and the remaining work for the Newton release is coming together well. Many of the changes made in the Newton branch have made deployments faster, more reliable and more repeatable....

2016-07-22 · 5 min · Major Hayden

Join me on Thursday to talk about OpenStack LBaaS and security hardening

If you want to learn more about load balancers and security hardening in OpenStack clouds, join me on Thursday for the Rackspace Office Hours podcast1! Walter Bentley, Kenneth Hui and I will be talking about some of the new features available in the 12.2 release of Rackspace Private Cloud powered by OpenStack. The release has a tech preview of OpenStack’s Load Balancer as a Service project. The new LBaaSv2 API is stable and makes it easy to create load balancers, add pools, and add members....

2016-07-19 · 2 min · Major Hayden

What’s Happening in OpenStack-Ansible (WHOA) – June 2016

The world of OpenStack moves quickly. Each day brings new features, new bug fixes, and new ways of thinking. The OpenStack-Ansible community strives to understand these changes and make them easier for operators to implement. The OpenStack-Ansible project is a collection of playbooks and roles written by operators for operators. These playbooks make it easier to deploy, maintain, and upgrade an OpenStack cloud. Keeping up with the changes in the OpenStack-Ansible project is challenging....

2016-06-15 · 7 min · Major Hayden

Troubleshooting OpenStack network connectivity

NOTE: This post is a work in progress. If you find something that I missed, feel free to leave a comment. I’ve made plenty of silly mistakes, but I’m sure I’ll make a few more. :) Completing a deployment of an OpenStack cloud is an amazing feeling. There is so much automation and power at your fingertips as soon as you’re finished. However, the mood quickly turns sour when you create that first instance and it never responds to pings....

2016-05-17 · 6 min · Major Hayden

802.1x with NetworkManager using nmcli

Authenticating to a wired or wireless network using 802.1x is simple using NetworkManager’s GUI client. However, this gets challenging on headless servers without a graphical interface. The nmcli command isn’t able to store credentials in a keyring and this causes problems when you try to configure an interfaces with 802.1x authentication. If you aren’t familiar with 802.1x, there is some light reading and heavier reading available on the topic. Start by setting some basic configurations on the interface using the nmcli editor shell:...

2016-05-03 · 2 min · Major Hayden

Lessons learned: Five years of colocation

Back in 2011, I decided to try out a new method for hosting my websites and other applications: colocation. Before that, I used shared hosting, VPS providers (“cloud” wasn’t a popular thing back then), and dedicated servers. Each had their drawbacks in different areas. Some didn’t perform well, some couldn’t recover from failure well, and some were terribly time consuming to maintain. This post will explain why I decided to try colocation and will hopefully help you avoid some of my mistakes....

2016-04-22 · 10 min · Major Hayden

Enable IPv6 privacy in NetworkManager

On most IPv6-enabled networks, network addresses are distributed via stateless address autoconfiguration (SLAAC). That is a fancy way to say that hosts on an IPv6 network will configure their own IP addresses. The process usually works like this: The host sends out a router solicitation request: Hey, who is the router around here? The router replies with a prefix: I am the router and your IPv6 address should start with this prefix....

2016-04-17 · 3 min · Major Hayden

Automated Let’s Encrypt DNS challenges with Rackspace Cloud DNS

Let’s Encrypt has taken the world by storm by providing free SSL certificates that can be renewed via automated methods. They have issued over 1.4 million certificates since launch in the fall of 2015. If you are not familiar with how Let’s Encrypt operates, here is an extremely simple explanation: Create a private key Make a request for a new certificate Complete the challenge process You have a certificate! That is highly simplified, but there is plenty of detail available on how the whole system works....

2016-03-31 · 4 min · Major Hayden