- Tags/
openstack
2018
2017
Ensuring keepalived starts after the network is ready
··310 words·2 mins
After a recent OpenStack-Ansible (OSA) deployment on CentOS, I found that keepalived was not starting properly at boot time:
Changes in RHEL 7 Security Technical Implementation Guide Version 1, Release 3
··501 words·3 mins
The latest release of the Red Hat Enterprise Linux Security Technical Implementation Guide (STIG) was published last week.
Import RPM repository GPG keys from other keyservers temporarily
··311 words·2 mins
I’ve been working through some patches to OpenStack-Ansible lately to optimize how we configure yum repositories in our deployments.
Enable AppArmor on a Debian Jessie cloud image
··472 words·3 mins
I merged some initial Debian support into the openstack-ansible-security role and ran into an issue enabling AppArmor.
Fixing OpenStack noVNC consoles that ignore keyboard input
··561 words·3 mins
I opened up a noVNC console to a virtual machine today in my OpenStack cloud but found that the console wouldn’t take keyboard input.
OpenStack-Ansible networking on CentOS 7 with systemd-networkd
··568 words·3 mins
Although OpenStack-Ansible doesn’t fully support CentOS 7 yet, the support is almost ready.
RHEL 7 STIG v1 updates for openstack-ansible-security
··204 words·1 min
DISA’s final release of the Red Hat Enterprise Linux (RHEL) 7 Security Technical Implementation Guide (STIG) came out a few weeks ago and it has plenty of improvements and changes.
OpenStack isn’t dead. It’s boring. That’s a good thing.
··648 words·4 mins
NOTE: The opinions shared in this post are mine alone and are not related to my employer in any way.
systemd-networkd on Ubuntu 16.04 LTS (Xenial)
··529 words·3 mins
My OpenStack cloud depends on Ubuntu, and the latest release of OpenStack-Ansible (what I use to deploy OpenStack) requires Ubuntu 16.
augenrules fails with “rule exists” when loading rules into auditd
··425 words·2 mins
When I came back from the holiday break, I found that the openstack-ansible-security role wasn’t passing tests any longer.
2016
Talk Recap: Holistic Security for OpenStack Clouds
··541 words·3 mins
Thanks to everyone who attended my talk at the OpenStack Summit in Barcelona!
Preventing critical services from deploying on the same OpenStack host
··579 words·3 mins
OpenStack’s compute service, nova, manages all of the virtual machines within a OpenStack cloud.
OpenStack instances come online with multiple network ports attached
··1128 words·6 mins
I ran into an interesting problem recently in my production OpenStack deployment that runs the Mitaka release.
Setting up a telnet handler for OpenStack Zuul CI jobs in GNOME 3
··522 words·3 mins
The OpenStack Zuul system has gone through some big changes recently, and one of those changes is around how you monitor a running CI job.
Talk recap: The friendship of OpenStack and Ansible
··569 words·3 mins
The 2016 Red Hat Summit is underway in San Francisco this week and I delivered a talk with Robyn Bergeron earlier today.
Automated security hardening with Ansible: May updates
··434 words·3 mins
Lots of work has gone into the openstack-ansible-security Ansible role since I delivered a talk about it last month at the OpenStack Summit in Austin.
Troubleshooting OpenStack network connectivity
··1140 words·6 mins
NOTE: This post is a work in progress.
Getting started with gertty
··435 words·3 mins
When you’re ready to commit code in an OpenStack project, your patch will eventually land in a Gerrit queue for review.
Talk Recap: Automated security hardening with OpenStack-Ansible
··598 words·3 mins
Today is the second day of the OpenStack Summit in Austin and I offered up a talk on host security hardening in OpenStack clouds.
2015
What I learned while securing Ubuntu
··1308 words·7 mins
The blog posts have slowed down a bit lately because I’ve been heads down on a security project at work.
Making things more super with supernova 2.0
··220 words·2 mins
I started supernova a little over three years ago with the idea of making it easier to use novaclient.
2014
Testing grouped environment support for supernova
··224 words·2 mins
I’ve added some grouped environment support for supernova tonight.
2013
A humble farewell to Seth Vidal
··402 words·2 mins
I was shocked to see Robyn Bergeron’s email today about Seth Vidal’s passing.
2012
Relocating a python virtual environment
··340 words·2 mins
Python’s virtual environment capability is extremely handy for situations where you don’t want the required modules for a particular python project to get mixed up with your system-wide installed modules.
Proud to be a part of OpenStack at Rackspace
··94 words·1 min
Troy Toman delivered a great keynote this morning about OpenStack and how Rackspace uses it:
Keep tabs on OpenStack development with OpenStack Watch on Twitter
··189 words·1 min
It’s no secret that I’m a fan of Twitter and OpenStack.
supernova: Manage multiple OpenStack nova environments with ease
··212 words·1 min
While working on multiple nova (OpenStack Compute) environments at Rackspace, I found myself thrashing between multiple terminal windows where I had exported environment variables for python-novaclient to use.
2011
Tracing a build through OpenStack Compute (Nova)
··323 words·2 mins
My work at Rackspace has changed a bit in the last few weeks and I’ve shifted from managing a team of engineers to a full technical focus on OpenStack Nova.