What I’m looking forward to at IBM Interconnect 2017

IBM Interconnect 2017 is coming up next month in Las Vegas. Last year’s conference was a whirlwind of useful talks, inspiring hallway conversations, and great networking opportunities. I was exhausted by the week’s end, but it was totally worth it. One of my favorite sessions from last year was Tanmay Bakshi’s keynote. It was truly inspiring to see someone so young take command of such a large stage and teach us all something....

2017-02-23 · 2 min · Major Hayden

systemd-networkd on Ubuntu 16.04 LTS (Xenial)

My OpenStack cloud depends on Ubuntu, and the latest release of OpenStack-Ansible (what I use to deploy OpenStack) requires Ubuntu 16.04 at a minimum. I tried upgrading the servers in place from Ubuntu 14.04 to 16.04, but that didn’t work so well. Those servers wouldn’t boot and the only recourse was a re-install. Once I finished re-installing them (and wrestling with several installer bugs in Ubuntu 16.04), it was time to set up networking....

2017-01-15 · 3 min · Major Hayden

augenrules fails with “rule exists” when loading rules into auditd

When I came back from the holiday break, I found that the openstack-ansible-security role wasn’t passing tests any longer. The Ansible playbook stopped when augenrules ran to load the new audit rules. The error wasn’t terribly helpful: /usr/sbin/augenrules: No change Error sending add rule data request (Rule exists) There was an error in line 5 of /etc/audit/audit.rules A duplicated rule? I’ve been working on lots of changes to implement the Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) and I assumed I put in the same rule twice with an errant copy and paste....

2017-01-03 · 2 min · Major Hayden

Talk Recap: Holistic Security for OpenStack Clouds

Thanks to everyone who attended my talk at the OpenStack Summit in Barcelona! I really enjoyed sharing some tips with the audience and it was great to meet some attendees in person afterwards. If you weren’t able to make it, don’t fret! This post will cover some of the main points of the talk and link to the video and slides. Purpose OpenStack clouds are inherently complex. Operating a cloud involves a lot of moving pieces in software, hardware, and networking....

2016-10-31 · 3 min · Major Hayden

What’s Happening in OpenStack-Ansible (WHOA) – September 2016

Welcome to the fourth post in the series of What’s Happening in OpenStack-Ansible (WHOA) posts that I’m assembling each month. OpenStack-Ansible is a flexible framework for deploying enterprise-grade OpenStack clouds. In fact, I use OpenStack-Ansible to deploy the OpenStack cloud underneath the virtual machine that runs this blog! My goal with these posts is to inform more people about what we’re doing in the OpenStack-Ansible community and bring on more contributors to the project....

2016-09-30 · 4 min · Major Hayden

Getting ready for IBM Edge 2016

IBM Edge 2016 starts next week in Las Vegas with an emphasis on changing how we think about technology. I’ll definitely be interested in the sessions on open source technology and advances in OpenPOWER. Here are a few of the sessions from my must-see list: OpenPower Revolution in the Datacenter IBM Power Systems - Made for the future of Cloud - Tech and Strategy Overview Scalable TensorFlow Deep Learning Deploying an OpenStack Cloud on POWER8 Using Ubuntu Metal-as-a-Service and Juju Power Cloud: PowerVM in a Heterogenous OpenStack Cloud (from members of the OpenStack-Ansible community!...

2016-09-14 · 1 min · Major Hayden

What’s Happening in OpenStack-Ansible (WHOA) – August 2016

Welcome to the third post in the series of What’s Happening in OpenStack-Ansible (WHOA) posts that I’m assembling each month. OpenStack-Ansible is a flexible framework for deploying enterprise-grade OpenStack clouds. In fact, I use OpenStack-Ansible to deploy the OpenStack cloud underneath the virtual machine that runs this blog! My goal with these posts is to inform more people about what we’re doing in the OpenStack-Ansible community and bring on more contributors to the project....

2016-08-23 · 5 min · Major Hayden

Preventing critical services from deploying on the same OpenStack host

OpenStack’s compute service, nova, manages all of the virtual machines within a OpenStack cloud. When you ask nova to build an instance, or a group of instances, nova’s scheduler system determines which hypervisors should run each instance. The scheduler uses filters to figure out where each instance belongs. However, there are situations where the scheduler might put more than one of your instances on the same host, especially when resources are constrained....

2016-08-09 · 3 min · Major Hayden

OpenStack instances come online with multiple network ports attached

I ran into an interesting problem recently in my production OpenStack deployment that runs the Mitaka release. On various occasions, instances were coming online with multiple network ports attached, even though I only asked for one network port. The problem If I issued a build request for ten instances, I’d usually end up with this: 6 instances with one network port attached 2-3 instances with two network ports attached (not what I want) 1-2 instances with three or four network ports attached (definitely not what I want) When I examined the instances with multiple network ports attached, I found that one of the network ports would be marked as up while the others would be marked as down....

2016-08-03 · 6 min · Major Hayden

Setting up a telnet handler for OpenStack Zuul CI jobs in GNOME 3

The OpenStack Zuul system has gone through some big changes recently, and one of those changes is around how you monitor a running CI job. I work on OpenStack-Ansible quite often, and the gate jobs can take almost an hour to complete at times. It can be helpful to watch the output of a Zuul job to catch a problem or follow a breakpoint. New Zuul In the previous version of Zuul, you could access the Jenkins server that was running the CI job and monitor its progress right in your browser....

2016-07-22 · 3 min · Major Hayden