Odd Bits - openstackhttp://blog.oddbit.com/One of these things is not like the othersWed, 02 Aug 2017 00:00:00 -0400Ansible for Infrastructure Testinghttp://blog.oddbit.com/2017/08/02/ansible-for-infrastructure-testing/<p>At <code>$JOB</code> we often find ourselves at customer sites where we see the same set of basic problems that we have previously encountered elsewhere ("your clocks aren't in sync" or "your filesystem is full" or "you haven't installed a critical update", etc). We would like a simple tool that could …</p>Lars Kellogg-StedmanWed, 02 Aug 2017 00:00:00 -0400tag:blog.oddbit.com,2017-08-02:/2017/08/02/ansible-for-infrastructure-testing/ansibleansible-assertiveopenstackOpenStack, Containers, and Logginghttp://blog.oddbit.com/2017/06/14/openstack-containers-and-logging/<p>I've been thinking about logging in the context of OpenStack and containerized service deployments. I'd like to lay out some of my thoughts on this topic and see if people think I am talking crazy or not.</p> <p>There are effectively three different mechanisms that an application can use to emit …</p>Lars Kellogg-StedmanWed, 14 Jun 2017 00:00:00 -0400tag:blog.oddbit.com,2017-06-14:/2017/06/14/openstack-containers-and-logging/openstackloggingMaking sure your Gerrit changes aren't brokenhttp://blog.oddbit.com/2017/01/22/making-sure-your-gerrit-changes-aren-t-b/<p>It's a bit of an embarrassment when you submit a review to Gerrit only to have it fail CI checks immediately because of something as simple as a syntax error or pep8 failure that you should have caught yourself before submitting...but you forgot to run your validations before submitting …</p>Lars Kellogg-StedmanSun, 22 Jan 2017 00:00:00 -0500tag:blog.oddbit.com,2017-01-22:/2017/01/22/making-sure-your-gerrit-changes-aren-t-b/openstackgerritgitExploring YAQL Expressionshttp://blog.oddbit.com/2016/08/11/exploring-yaql-expressions/<p>The Newton release of <a href="https://wiki.openstack.org/wiki/Heat">Heat</a> adds support for a <a href="http://docs.openstack.org/developer/heat/template_guide/hot_spec.html#yaql">yaql</a> intrinsic function, which allows you to evaluate <a href="https://yaql.readthedocs.io/en/latest/">yaql</a> expressions in your Heat templates. Unfortunately, the existing yaql documentation is somewhat limited, and does not offer examples of many of yaql's more advanced features.</p> <p>I am working on a <a href="http://www.fluentd.org/">Fluentd</a> composable …</p>Lars Kellogg-StedmanThu, 11 Aug 2016 00:00:00 -0400tag:blog.oddbit.com,2016-08-11:/2016/08/11/exploring-yaql-expressions/openstackheathotyaqlConnecting another vm to your tripleo-quickstart deploymenthttp://blog.oddbit.com/2016/05/19/connecting-another-vm-to-your-tripleo-qu/<p>Let's say that you have set up an environment using <a href="https://github.com/openstack/tripleo-quickstart/">tripleo-quickstart</a> and you would like to add another virtual machine to the mix that has both "external" connectivity ("external" in quotes because I am using it in the same way as the quickstart does w/r/t the undercloud) and …</p>Lars Kellogg-StedmanThu, 19 May 2016 00:00:00 -0400tag:blog.oddbit.com,2016-05-19:/2016/05/19/connecting-another-vm-to-your-tripleo-qu/openvswitchopenstacktripleoDeploying an HA OpenStack development environment with tripleo-quickstarthttp://blog.oddbit.com/2016/02/19/deploy-an-ha-openstack-development-envir/<p>In this article I would like to introduce <a href="https://github.com/redhat-openstack/tripleo-quickstart">tripleo-quickstart</a>, a tool that will automatically provision a virtual environment and then use <a href="http://docs.openstack.org/developer/tripleo-docs/">TripleO</a> to deploy an HA OpenStack on top of it.</p> <h2>Introducing Tripleo-Quickstart</h2> <p>The goal of the <a href="https://github.com/redhat-openstack/tripleo-quickstart">Tripleo-Quickstart</a> project is to replace the <code>instack-virt-setup</code> tool for quickly setting up virtual …</p>Lars Kellogg-StedmanFri, 19 Feb 2016 00:00:00 -0500tag:blog.oddbit.com,2016-02-19:/2016/02/19/deploy-an-ha-openstack-development-envir/openstacktripleordoansibleAnsible 2.0: New OpenStack moduleshttp://blog.oddbit.com/2015/10/26/ansible-20-new-openstack-modules/<p>This is the second in a loose sequence of articles looking at new features in Ansible 2.0. In the previous article I looked at the <a href="http://blog.oddbit.com/2015/10/13/ansible-20-the-docker-connection-driver/">Docker connection driver</a>. In this article, I would like to provide an overview of the new-and-much-improved suite of modules for interacting with an <a href="http://www.openstack.org/">OpenStack …</a></p>Lars Kellogg-StedmanMon, 26 Oct 2015 00:00:00 -0400tag:blog.oddbit.com,2015-10-26:/2015/10/26/ansible-20-new-openstack-modules/ansibleopenstackansible_20_seriesMigrating Cinder volumes between OpenStack environments using shared NFS storagehttp://blog.oddbit.com/2015/09/29/migrating-cinder-volumes-between-openstack-environments/<p>Many of the upgrade guides for OpenStack focus on in-place upgrades to your OpenStack environment. Some organizations may opt for a less risky (but more hardware intensive) option of setting up a parallel environment, and then migrating data into the new environment. In this article, we look at how to …</p>Lars Kellogg-StedmanTue, 29 Sep 2015 00:00:00 -0400tag:blog.oddbit.com,2015-09-29:/2015/09/29/migrating-cinder-volumes-between-openstack-environments/openstackcinderProvider external networks (in an appropriate amount of detail)http://blog.oddbit.com/2015/08/13/provider-external-networks-details/<p>In <a href="http://blog.oddbit.com/2013/11/14/quantum-in-too-much-detail/">Quantum in Too Much Detail</a>, I discussed the architecture of a Neutron deployment in detail. Since that article was published, Neutron gained the ability to handle multiple external networks with a single L3 agent. While I <a href="http://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/">wrote about that</a> back in 2014, I covered the configuration side of it …</p>Lars Kellogg-StedmanThu, 13 Aug 2015 00:00:00 -0400tag:blog.oddbit.com,2015-08-13:/2015/08/13/provider-external-networks-details/openstackneutronopenvswitchnetworkingIn which we are amazed it doesn't all fall aparthttp://blog.oddbit.com/2015/07/26/in-which-we-are-amazed-it-doesnt-all-fall-apart/<p>So, the Kilo release notes say:</p> <pre><code>nova-manage migrate-flavor-data </code></pre> <p>But nova-manage says:</p> <pre><code>nova-manage db migrate_flavor_data </code></pre> <p>But that says:</p> <pre><code>Missing arguments: max_number </code></pre> <p>And the help says:</p> <pre><code>usage: nova-manage db migrate_flavor_data [-h] [--max-number &lt;number&gt;] </code></pre> <p>Which indicates that --max-number is optional, but whatever, so you try:</p> <pre><code>nova-manage db migrate_flavor_data --max-number 100 </code></pre> <p>And that says …</p>Lars Kellogg-StedmanSun, 26 Jul 2015 00:00:00 -0400tag:blog.oddbit.com,2015-07-26:/2015/07/26/in-which-we-are-amazed-it-doesnt-all-fall-apart/openstackrantOpenStack Networking without DHCPhttp://blog.oddbit.com/2015/06/26/openstack-networking-without-dhcp/<p>In an OpenStack environment, <a href="https://cloudinit.readthedocs.org/en/latest/">cloud-init</a> generally fetches information from the metadata service provided by Nova. It also has support for reading this information from a <em>configuration drive</em>, which under OpenStack means a virtual CD-ROM device attached to your instance containing the same information that would normally be available via the …</p>Lars Kellogg-StedmanFri, 26 Jun 2015 00:00:00 -0400tag:blog.oddbit.com,2015-06-26:/2015/06/26/openstack-networking-without-dhcp/openstacknovaneutroncloud-initHeat-kubernetes Demo with Autoscalinghttp://blog.oddbit.com/2015/06/19/heatkubernetes-demo-with-autoscaling/<p>Next week is the <a href="http://www.redhat.com/summit/">Red Hat Summit</a> in Boston, and I'll be taking part in a <a href="http://www.projectatomic.io/">Project Atomic</a> presentation in which I will discuss various (well, two) options for deploying Atomic into an OpenStack environment, focusing on my <a href="https://github.com/projectatomic/heat-kubernetes/">heat-kubernetes</a> templates.</p> <p>As part of that presentation, I've put together a short …</p>Lars Kellogg-StedmanFri, 19 Jun 2015 00:00:00 -0400tag:blog.oddbit.com,2015-06-19:/2015/06/19/heatkubernetes-demo-with-autoscaling/openstackheatkubernetesatomicdockerDiagnosing problems with an OpenStack deploymenthttp://blog.oddbit.com/2015/03/09/diagnosing-problems-with-an-openstack-deplo/<p><img src="/assets/2015/03/09/lucy.jpg" width="200" style="float: right; margin: 2ex; border: thin solid black;"/></p> <p>I recently had the chance to help a colleague debug some problems in his OpenStack installation. The environment was unique because it was booting virtualized <a href="https://fedoraproject.org/wiki/Architectures/AArch64">aarch64</a> instances, which at the time did not have any PCI bus support...which in turn precluded things like graphic consoles (i.e., VNC or …</p>Lars Kellogg-StedmanMon, 09 Mar 2015 00:00:00 -0400tag:blog.oddbit.com,2015-03-09:/2015/03/09/diagnosing-problems-with-an-openstack-deplo/openstackInstalling nova-docker with devstackhttp://blog.oddbit.com/2015/02/11/installing-novadocker-with-devstack/<p>This is a long-form response to <a href="https://ask.openstack.org/en/question/60679/installing-docker-on-openstack-with-ubuntu/">this question</a>, and describes how to get the <a href="http://github.com/stackforge/nova-docker/">nova-docker</a> driver up running with <a href="http://devstack.org/">devstack</a> under Ubuntu 14.04 (Trusty). I wrote a <a href="http://blog.oddbit.com/2015/02/06/installing-nova-docker-on-fedora-21/">similar post</a> for Fedora 21, although that one was using the <a href="http://openstack.redhat.com/">RDO</a> Juno packages, while this one is using <a href="http://devstack.org/">devstack</a> and the …</p>Lars Kellogg-StedmanWed, 11 Feb 2015 00:00:00 -0500tag:blog.oddbit.com,2015-02-11:/2015/02/11/installing-novadocker-with-devstack/openstackdockerdevstackInstalling nova-docker on Fedora 21/RDO Junohttp://blog.oddbit.com/2015/02/06/installing-nova-docker-on-fedora-21/<p>This post comes about indirectly by a request on IRC in <code>#rdo</code> for help getting <a href="https://github.com/stackforge/nova-docker">nova-docker</a> installed on Fedora 21. I ran through the process from start to finish and decided to write everything down for posterity.</p> <h2>Getting started</h2> <p>I started with the <a href="https://getfedora.org/en/cloud/download/">Fedora 21 Cloud Image</a>, because I'm installing …</p>Lars Kellogg-StedmanFri, 06 Feb 2015 00:00:00 -0500tag:blog.oddbit.com,2015-02-06:/2015/02/06/installing-nova-docker-on-fedora-21/dockeropenstacknovaFiltering libvirt XML in Novahttp://blog.oddbit.com/2015/02/05/filtering-libvirt-xml-in-nova/<p>I saw a request from a customer float by the other day regarding the ability to filter the XML used to create Nova instances in libvirt. The customer effectively wanted to blacklist a variety of devices (and device types). The consensus seems to be "you can't do this right now …</p>Lars Kellogg-StedmanThu, 05 Feb 2015 00:00:00 -0500tag:blog.oddbit.com,2015-02-05:/2015/02/05/filtering-libvirt-xml-in-nova/openstacknovaRunning nova-libvirt and nova-docker on the same hosthttp://blog.oddbit.com/2015/01/17/running-novalibvirt-and-novadocker-on-the-same-host/<p>I regularly use <a href="http://www.openstack.org/">OpenStack</a> on my laptop with <a href="http://www.libvirt.org/">libvirt</a> as my hypervisor. I was interested in experimenting with recent versions of the <a href="https://github.com/stackforge/nova-docker">nova-docker</a> driver, but I didn't have a spare system available on which to run the driver, and I use my regular <code>nova-compute</code> service often enough that I didn't …</p>Lars Kellogg-StedmanSat, 17 Jan 2015 00:00:00 -0500tag:blog.oddbit.com,2015-01-17:/2015/01/17/running-novalibvirt-and-novadocker-on-the-same-host/openstackdockerAccessing the serial console of your Nova servershttp://blog.oddbit.com/2014/12/22/accessing-the-serial-console-of-your-nova-servers/<p>One of the new features available in the Juno release of OpenStack is support for <a href="https://blueprints.launchpad.net/nova/+spec/serial-ports">serial console access to your Nova servers</a>. This post looks into how to configure the serial console feature and then how to access the serial consoles of your Nova servers.</p> Lars Kellogg-StedmanMon, 22 Dec 2014 00:00:00 -0500tag:blog.oddbit.com,2014-12-22:/2014/12/22/accessing-the-serial-console-of-your-nova-servers/openstacknovaCloud-init and the case of the changing hostnamehttp://blog.oddbit.com/2014/12/10/cloudinit-and-the-case-of-the-changing-hostname/<h2>Setting the stage</h2> <p>I ran into a problem earlier this week deploying RDO Icehouse under RHEL 6. My target systems were a set of libvirt guests deployed from the RHEL 6 KVM guest image, which includes <a href="https://cloudinit.readthedocs.org/en/latest/">cloud-init</a> in order to support automatic configuration in cloud environments. I take advantage of …</p>Lars Kellogg-StedmanWed, 10 Dec 2014 00:00:00 -0500tag:blog.oddbit.com,2014-12-10:/2014/12/10/cloudinit-and-the-case-of-the-changing-hostname/openstackrdoneutronFedora Atomic, OpenStack, and Kubernetes (oh my)http://blog.oddbit.com/2014/11/24/fedora-atomic-openstack-and-kubernetes-oh-my/<p>While experimenting with <a href="http://www.projectatomic.io/">Fedora Atomic</a>, I was looking for an elegant way to automatically deploy Atomic into an <a href="http://openstack.org/">OpenStack</a> environment and then automatically schedule some <a href="http://docker.com/">Docker</a> containers on the Atomic host. This post describes my solution.</p> Lars Kellogg-StedmanMon, 24 Nov 2014 00:00:00 -0500tag:blog.oddbit.com,2014-11-24:/2014/11/24/fedora-atomic-openstack-and-kubernetes-oh-my/openstackkubernetesfedoraatomicCreating a Windows image for OpenStackhttp://blog.oddbit.com/2014/11/15/creating-a-windows-image-for-openstack/<p>If you want to build a Windows image for use in your OpenStack environment, you can follow <a href="http://docs.openstack.org/image-guide/content/windows-image.html">the example in the official documentation</a>, or you can grab a Windows 2012r2 evaluation <a href="http://www.cloudbase.it/ws2012r2/">pre-built image</a> from the nice folks at <a href="http://www.cloudbase.it/">CloudBase</a>.</p> <p>The CloudBase-provided image is built using a set of scripts and configuration files that CloudBase has <a href="https://github.com/cloudbase/windows-openstack-imaging-tools/">made available on GitHub</a>.</p> <p>The CloudBase repository is an excellent source of information, but I wanted to understand the process myself. This post describes the process I went through to establish an automated process for generating a Windows image suitable for use with OpenStack.</p> Lars Kellogg-StedmanSat, 15 Nov 2014 00:00:00 -0500tag:blog.oddbit.com,2014-11-15:/2014/11/15/creating-a-windows-image-for-openstack/openstackwindowsIntegrating custom code with Nova using hookshttp://blog.oddbit.com/2014/09/27/integrating-custom-code-with-n/<p>Would you like to run some custom Python code when Nova creates and destroys virtual instances on your compute hosts? This is possible using Nova's support for <a href="http://docs.openstack.org/developer/nova/devref/hooks.html">hooks</a>, but the existing documentation is somewhat short on examples, so I've spent some time trying to get things working.</p> <p>The <a href="https://github.com/larsks/demo_nova_hooks">demo_nova_hooks</a> repository …</p>Lars Kellogg-StedmanSat, 27 Sep 2014 00:00:00 -0400tag:blog.oddbit.com,2014-09-27:/2014/09/27/integrating-custom-code-with-n/openstacknovaHeat Hangouthttp://blog.oddbit.com/2014/09/05/heat-hangout/<p>I ran a Google Hangout this morning on <a href="https://plus.google.com/events/c9u4sjn7ksb8jrmma7vd25aok94">Deploying with Heat</a>. You can find the slides for the presentation on line <a href="http://oddbit.com/rdo-hangout-heat-intro/#/">here</a>, and the Heat templates (as well as slide sources) are available <a href="https://github.com/larsks/rdo-hangout-heat-intro/">on github</a>.</p> <p>If you have any questions about the presentation, please feel free to ping me on …</p>Lars Kellogg-StedmanFri, 05 Sep 2014 00:00:00 -0400tag:blog.oddbit.com,2014-09-05:/2014/09/05/heat-hangout/openstackrdoheatVisualizing Heat stackshttp://blog.oddbit.com/2014/09/02/visualizing-heat-stacks/<p>I spent some time today learning about Heat <a href="https://wiki.openstack.org/wiki/Heat/AutoScaling">autoscaling groups</a>, which are incredibly nifty but a little opaque from the Heat command line, since commands such as <code>heat resource-list</code> don't recurse into nested stacks. It is possible to introspect these resources (you can pass the physical resource id of a …</p>Lars Kellogg-StedmanTue, 02 Sep 2014 00:00:00 -0400tag:blog.oddbit.com,2014-09-02:/2014/09/02/visualizing-heat-stacks/openstackheatDocker plugin bugshttp://blog.oddbit.com/2014/09/01/docker-plugin-bugs/<p>This is a companion to my <a href="http://blog.oddbit.com/2014/08/30/docker-plugin-for-openstack-he/">article on the Docker plugin for Heat</a>.</p> <p>While writing that article, I encountered a number of bugs in the Docker plugin and elsewhere. I've submitted patches for most of the issues I encountered:</p> <h2>Bugs in the Heat plugin</h2> <ul> <li> <p><a href="https://bugs.launchpad.net/heat/+bug/1364017">https://bugs.launchpad.net/heat/+bug …</a></p></li></ul>Lars Kellogg-StedmanMon, 01 Sep 2014 00:00:00 -0400tag:blog.oddbit.com,2014-09-01:/2014/09/01/docker-plugin-bugs/openstackdockerheatAnnotated documentation for DockerInc::Docker::Containerhttp://blog.oddbit.com/2014/08/30/docker-contain-doc/<p>This is a companion to my <a href="http://blog.oddbit.com/2014/08/30/docker-plugin-for-openstack-he/">article on the Docker plugin for Heat</a>.</p> <h2>DockerInc::Docker::Container</h2> <h3>Properties</h3> <ul> <li> <p><code>cmd</code> : List</p> <p>Command to run after spawning the container.</p> <p>Optional property.</p> <p>Example:</p> <pre><code>cmd: [ 'thttpd', '-C', '/etc/thttpd.conf', '-D', '-c', '*.cgi'] </code></pre> </li> <li> <p><code>dns</code> : List</p> <p>Set custom DNS servers.</p> <p>Example:</p> <pre><code>dns: - …</code></pre></li></ul>Lars Kellogg-StedmanSat, 30 Aug 2014 00:00:00 -0400tag:blog.oddbit.com,2014-08-30:/2014/08/30/docker-contain-doc/dockeropenstackheatorchestrationDocker plugin for OpenStack Heathttp://blog.oddbit.com/2014/08/30/docker-plugin-for-openstack-he/<p>I have been looking at both Docker and OpenStack recently. In my <a href="http://blog.oddbit.com/2014/08/28/novadocker-and-environment-var/">last post</a> I talked a little about the <a href="https://github.com/stackforge/nova-docker">Docker driver for Nova</a>; in this post I'll be taking an in-depth look at the Docker plugin for Heat, which has been available <a href="https://blog.docker.com/2014/03/docker-will-be-in-openstack-icehouse/">since the Icehouse release</a> but is surprisingly …</p>Lars Kellogg-StedmanSat, 30 Aug 2014 00:00:00 -0400tag:blog.oddbit.com,2014-08-30:/2014/08/30/docker-plugin-for-openstack-he/dockeropenstackheatorchestrationUsing wait conditions with Heathttp://blog.oddbit.com/2014/08/30/using-wait-conditions-with-hea/<p>This post accompanies my <a href="http://blog.oddbit.com/2014/08/30/docker-plugin-for-openstack-he/">article on the Docker plugin for Heat</a>.</p> <p>In order for <code>WaitCondition</code> resources to operate correctly in Heat, you will need to make sure that that you have:</p> <ul> <li>Created the necessary Heat domain and administrative user in Keystone,</li> <li>Configured appropriate values in <code>heat.conf</code> for <code>stack_user_domain</code>, <code>stack_domain_admin …</code></li></ul>Lars Kellogg-StedmanSat, 30 Aug 2014 00:00:00 -0400tag:blog.oddbit.com,2014-08-30:/2014/08/30/using-wait-conditions-with-hea/openstackheatnova-docker and environment variableshttp://blog.oddbit.com/2014/08/28/novadocker-and-environment-var/<p>I've been playing with <a href="https://docker.com/">Docker</a> a bit recently, and decided to take a look at the <a href="https://github.com/stackforge/nova-docker">nova-docker</a> driver for <a href="http://openstack.org/">OpenStack</a>.</p> <p>The <code>nova-docker</code> driver lets Nova, the OpenStack Compute service, spawn Docker containers instead of hypervisor-based servers. For certain workloads, this leads to better resource utilization than you would get with …</p>Lars Kellogg-StedmanThu, 28 Aug 2014 00:00:00 -0400tag:blog.oddbit.com,2014-08-28:/2014/08/28/novadocker-and-environment-var/openstackdockerBooting an instance with multiple fixed addresseshttp://blog.oddbit.com/2014/05/28/booting-an-instance-with-multi/<p>This article expands on my answer to <a href="https://ask.openstack.org/en/question/30690/add-multiple-specific-ips-to-instance/">Add multiple specific IPs to instance</a>, a question posted to <a href="https://ask.openstack.org/">ask.openstack.org</a>.</p> <p>In order to serve out SSL services from an OpenStack instance, you will generally want one local ip address for each SSL virtual host you support. It is possible to …</p>Lars Kellogg-StedmanWed, 28 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-28:/2014/05/28/booting-an-instance-with-multi/openstackneutronnetworkingMultiple external networks with a single L3 agenthttp://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/<p>In the old days (so, like, last year), Neutron supported a single external network per L3 agent. You would run something like this...</p> <pre><code>$ neutron net-create external --router:external=true </code></pre> <p>...and neutron would map this to the bridge defined in <code>external_network_bridge</code> in <code>/etc/neutron/l3_agent.ini</code>. If you wanted to support …</p>Lars Kellogg-StedmanWed, 28 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-28:/2014/05/28/multiple-external-networks-wit/openstackneutronnetworkingVideo: Configuring OpenStack's external bridge on a single-interface systemhttp://blog.oddbit.com/2014/05/27/configuring-openstacks-externa/<p>I've just put a video on Youtube that looks at the steps required to set up the external bridge (<code>br-ex</code>) on a single-interface system:</p> <iframe width="560" height="315" src="//www.youtube.com/embed/8zFQG5mKwPk" frameborder="0" allowfullscreen="1"></iframe>Lars Kellogg-StedmanTue, 27 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-27:/2014/05/27/configuring-openstacks-externa/openstacknetworkingopenvswitchOpen vSwitch and persistent MAC addresseshttp://blog.oddbit.com/2014/05/23/open-vswitch-and-persistent-ma/<p>Normally I like to post solutions, but today's post is about a vexing problem to which I have not been able to find a solution.</p> <p>This started as a simple attempt to set up external connectivity on an all-in-one Icehouse install deployed on an OpenStack instance. I wanted to add <code>eth0</code> to <code>br-ex</code> in order to model a typical method for providing external connectivity, but I ran into a very odd problem: the system would boot and work fine for a few seconds, but would then promptly lose network connectivity.</p> Lars Kellogg-StedmanFri, 23 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-23:/2014/05/23/open-vswitch-and-persistent-ma/openvswitchnetworkingopenstackSolved: Open vSwitch and persistent MAC addresseshttp://blog.oddbit.com/2014/05/23/solved-open-vswitch-and-persis/<p>In my <a href="/2014/05/23/open-vswitch-and-persistent-ma/">previous post</a> I discussed a problem I was having setting a persistent MAC address on an OVS bridge device. It looks like the short answer is, "don't use <code>ip link set ...</code>" for this purpose.</p> <p>You can set the bridge MAC address via <code>ovs-vsctl</code> like this:</p> <pre><code>ovs-vsctl set bridge …</code></pre>Lars Kellogg-StedmanFri, 23 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-23:/2014/05/23/solved-open-vswitch-and-persis/openstackopenvswitchnetworkingFedora and OVS Bridge Interfaceshttp://blog.oddbit.com/2014/05/20/fedora-and-ovs-bridge-interfac/<p>I run OpenStack on my laptop, and I've been chasing down a pernicious problem with OVS bridge interfaces under both F19 and F20. My OpenStack environment relies on an OVS bridge device named <code>br-ex</code> for external connectivity and for making services available to OpenStack instances, but after rebooting, <code>br-ex</code> was …</p>Lars Kellogg-StedmanTue, 20 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-20:/2014/05/20/fedora-and-ovs-bridge-interfac/fedoraopenstackopenvswitchnetworkingFirewalld, NetworkManager, and OpenStackhttp://blog.oddbit.com/2014/05/20/firewalld-and-openstack/<p>These are my notes on making OpenStack play well with <a href="https://fedoraproject.org/wiki/FirewallD">firewalld</a> and <a href="https://wiki.gnome.org/Projects/NetworkManager">NetworkManager</a>.</p> <h2>NetworkManager</h2> <p>By default, NetworkManager attempts to start a DHCP client on every new available interface. Since booting a single instance in OpenStack can result in the creation of several virtual interfaces, this results in a lot of …</p>Lars Kellogg-StedmanTue, 20 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-20:/2014/05/20/firewalld-and-openstack/openstacknetworkingfirewalldNetworkManagerFlat networks with ML2 and OpenVSwitchhttp://blog.oddbit.com/2014/05/19/flat-networks-with-ml-and-open/<p>Due to an unfortunate incident involving sleep mode and an overheated backpack I had the "opportunity" to rebuild my laptop. Since this meant reinstalling OpenStack I used this as an excuse to finally move to the ML2 network plugin for Neutron.</p> <p>I was attempting to add an external network using …</p>Lars Kellogg-StedmanMon, 19 May 2014 00:00:00 -0400tag:blog.oddbit.com,2014-05-19:/2014/05/19/flat-networks-with-ml-and-open/openvswitchopenstackneutronMultinode OpenStack with Packstackhttp://blog.oddbit.com/2014/02/27/multinode/<p>I was the presenter for this morning's <a href="http://openstack.redhat.com/">RDO</a> hangout, where I ran through a simple demonstration of setting up a multinode OpenStack deployment using <a href="https://wiki.openstack.org/wiki/Packstack">packstack</a>.</p> <p>The slides are online <a href="http://goo.gl/Yvmd0P">here</a>.</p> <p>Here's the video (also available on the <a href="https://plus.google.com/events/cm9ff549vmsim737lj7hopk4gao">event page</a>):</p> <iframe width="560" height="315" src="http://www.youtube.com/embed/DGf-ny25OAw" frameborder="0" allowfullscreen="1"></iframe>Lars Kellogg-StedmanThu, 27 Feb 2014 00:00:00 -0500tag:blog.oddbit.com,2014-02-27:/2014/02/27/multinode/openstackrdohangoutShow OVS external-idshttp://blog.oddbit.com/2014/01/19/show-ovs-externalids/<p>This is just here as a reminder for me:</p> <p>An OVS interface has a variety of attributes associated with it, including an <code>external-id</code> field that can be used to associate resources outside of OpenVSwitch with the interface. You can view this field with the following command:</p> <pre><code>$ ovs-vsctl --columns=name,external-ids …</code></pre>Lars Kellogg-StedmanSun, 19 Jan 2014 00:00:00 -0500tag:blog.oddbit.com,2014-01-19:/2014/01/19/show-ovs-externalids/openstackopenvswitchStupid OpenStack Trickshttp://blog.oddbit.com/2014/01/16/stupid-openstack-tricks/<p>I work with several different OpenStack installations. I usually work on the command line, sourcing in an appropriate <code>stackrc</code> with credentials as necessary, but occasionally I want to use the dashboard for something.</p> <p>For all of the deployments with which I work, the keystone endpoint is on the same host …</p>Lars Kellogg-StedmanThu, 16 Jan 2014 00:00:00 -0500tag:blog.oddbit.com,2014-01-16:/2014/01/16/stupid-openstack-tricks/openstacktricksDirect access to Nova metadatahttp://blog.oddbit.com/2014/01/14/direct-access-to-nova-metadata/<p>When you boot a virtual instance under <a href="http://www.openstack.org/">OpenStack</a>, your instance has access to certain <a href="http://docs.openstack.org/admin-guide-cloud/content//section_metadata-service.html">instance metadata</a> via the Nova metadata service, which is canonically available at <a href=""></a>.</p> <p>In an environment running <a href="https://wiki.openstack.org/wiki/Neutron">Neutron</a>, a request from your instance must traverse a number of steps:</p> <ul> <li>From the instance to a router,</li> <li>Through a NAT rule in the router namespace, </li> <li>To an instance of the neutron-ns-metadata-proxy,</li> <li>To the actual Nova metadata service</li> </ul> <p>When there are problem accessing the metadata, it can be helpful to verify that the metadata service itself is configured correctly and returning meaningful information.</p> Lars Kellogg-StedmanTue, 14 Jan 2014 00:00:00 -0500tag:blog.oddbit.com,2014-01-14:/2014/01/14/direct-access-to-nova-metadata/openstackRDO Bug Triagehttp://blog.oddbit.com/2014/01/13/rdo-bug-triage/<p>This Wednesday, January 15, at 14:00 UTC (that's 9AM US/Eastern, or <code>date -d "14:00 UTC"</code> in your local timezone) I will be helping out with the <a href="http://openstack.redhat.com/">RDO</a> <a href="http://openstack.redhat.com/RDO-BugTriage">bug triage day</a>. We'll be trying to validate all the <a href="http://goo.gl/NqW2LN">untriaged bugs</a> opened against RDO.</p> <p>Feel free to drop by …</p>Lars Kellogg-StedmanMon, 13 Jan 2014 00:00:00 -0500tag:blog.oddbit.com,2014-01-13:/2014/01/13/rdo-bug-triage/openstackredhatVisualizing Neutron Networking with GraphVizhttp://blog.oddbit.com/2013/12/23/visualizing-network-with-graphviz/<p>I've put together a few tools to help gather information about your Neutron and network configuration and visualize it in different ways. All of these tools are available as part of my <a href="http://github.com/larsks/neutron-diag/">neutron-diag</a> repository on GitHub.</p> <p>In this post I'm going to look at a tool that will help you visualize the connectivity of network devices on your system.</p> Lars Kellogg-StedmanMon, 23 Dec 2013 00:00:00 -0500tag:blog.oddbit.com,2013-12-23:/2013/12/23/visualizing-network-with-graphviz/openstackneutronnetworkingAn introduction to OpenStack Heathttp://blog.oddbit.com/2013/12/06/an-introduction-to-openstack-heat/<p><a href="https://wiki.openstack.org/wiki/Heat">Heat</a> is a template-based orchestration mechanism for use with OpenStack. With Heat, you can deploy collections of resources -- networks, servers, storage, and more -- all from a single, parameterized template.</p> <p>In this article I will introduce Heat templates and the <code>heat</code> command line client.</p> Lars Kellogg-StedmanFri, 06 Dec 2013 00:00:00 -0500tag:blog.oddbit.com,2013-12-06:/2013/12/06/an-introduction-to-openstack-heat/openstackheatneutronA unified CLI for OpenStackhttp://blog.oddbit.com/2013/11/22/a-unified-cli-for-op/<p>The <a href="https://github.com/openstack/python-openstackclient">python-openstackclient</a> project, by <a href="https://github.com/dtroyer">Dean Troyer</a> and others, is a new command line tool to replace the existing command line clients (including commands such as <code>nova</code>, <code>keystone</code>, <code>cinder</code>, etc).</p> <p>This tool solves two problems I've encountered in the past:</p> <ul> <li> <p>Command line options between different command line clients are sometimes inconsistent …</p></li></ul>Lars Kellogg-StedmanFri, 22 Nov 2013 00:00:00 -0500tag:blog.oddbit.com,2013-11-22:/2013/11/22/a-unified-cli-for-op/openstackjson-tools: cli for generating and filtering jsonhttp://blog.oddbit.com/2013/11/17/json-tools/<p>Interacting with JSON-based APIs from the command line can be difficult, and OpenStack is filled with REST APIs that consume or produce JSON. I've just put pair of tools for generating and filtering JSON on the command line, called collectively <a href="http://github.com/larsks/json-tools/">json-tools</a>.</p> <p>Both make use of the Python <a href="https://github.com/akesterson/dpath-python">dpath</a> module to …</p>Lars Kellogg-StedmanSun, 17 Nov 2013 00:00:00 -0500tag:blog.oddbit.com,2013-11-17:/2013/11/17/json-tools/jsonopenstackQuantum in Too Much Detailhttp://blog.oddbit.com/2013/11/14/quantum-in-too-much-detail/<blockquote> <p>I originally posted this article on the <a href="http://openstack.redhat.com/Networking_in_too_much_detail">RDO</a> website.</p> </blockquote> <h1>The players</h1> <p>This document describes the architecture that results from a particular OpenStack configuration, specifically:</p> <ul> <li>Quantum networking using GRE tunnels;</li> <li>A dedicated network controller;</li> <li>A single instance running on a compute host</li> </ul> <p>Much of the document will be relevant to other configurations, but details will vary based on your choice of layer 2 connectivity, number of running instances, and so forth.</p> <p>The examples in this document were generated on a system with Quantum networking but will generally match what you see under Neutron as well, if you replace <code>quantum</code> by <code>neutron</code> in names. The OVS flow rules under Neutron are somewhat more complex and I will cover those in another post.</p> Lars Kellogg-StedmanThu, 14 Nov 2013 00:00:00 -0500tag:blog.oddbit.com,2013-11-14:/2013/11/14/quantum-in-too-much-detail/openstackquantumnetworkingA random collection of OpenStack Toolshttp://blog.oddbit.com/2013/11/12/a-random-collection/<p>I've been working with <a href="http://openstack.org/">OpenStack</a> a lot recently, and I've ended up with a small collection of utilities that make my life easier. On the odd chance that they'll make your life easier, too, I thought I'd hilight them here.</p> Lars Kellogg-StedmanTue, 12 Nov 2013 00:00:00 -0500tag:blog.oddbit.com,2013-11-12:/2013/11/12/a-random-collection/openstackWhy does the Neutron documentation recommend three interfaces?http://blog.oddbit.com/2013/10/28/why-does-the-neutron/<p>The <a href="http://docs.openstack.org/havana/install-guide/install/yum/content/neutron-install.dedicated-network-node.html">documentation for configuring Neutron</a> recommends that a network controller has three physical interfaces:</p> <blockquote> <p>Before you start, set up a machine to be a dedicated network node. Dedicated network nodes should have the following NICs: the management NIC (called MGMT_INTERFACE), the data NIC (called DATA_INTERFACE), and the external NIC (called EXTERNAL_INTERFACE).</p> </blockquote> <p>People occasionally ask, "why three interfaces? What if I only have two?", so I wanted to provide an extended answer that might help people understand what the interfaces are for and what trade-offs are involved in using fewer interfaces.</p> Lars Kellogg-StedmanMon, 28 Oct 2013 00:00:00 -0400tag:blog.oddbit.com,2013-10-28:/2013/10/28/why-does-the-neutron/openstackneutronnetworkingAutomatic configuration of Windows instances in OpenStack, part 1http://blog.oddbit.com/2012/11/04/openstack-windows-1/<p>This is the first of two articles in which I discuss my work in getting some Windows instances up and running in our <a href="http://www.openstack.org/">OpenStack</a> environment. This article is primarily about problems I encountered along the way, while the <a href="/post/openstack-windows-2">second article</a> focuses on the mechanism I eventually put in place.</p> <h2>Motivations …</h2>Lars Kellogg-StedmanSun, 04 Nov 2012 00:00:00 -0400tag:blog.oddbit.com,2012-11-04:/2012/11/04/openstack-windows-1/openstackwindowsChasing OpenStack idle connection timeoutshttp://blog.oddbit.com/2012/07/30/openstack-idle-connection-timeouts/<h2>The original problem</h2> <p>I've recently spent some time working on an OpenStack deployment. I ran into a problem in which the <a href="http://docs.openstack.org/trunk/openstack-compute/starter/content/Compute_Worker_nova-compute_-d1e232.html">compute service</a> would frequently stop communicating with the <a href="http://www.amqp.org/">AMQP</a> message broker (<code>qpidd</code>).</p> <p>In order to gather some data on the problem, I ran the following simple test:</p> <ul> <li>Wait <code>n …</code></li></ul>Lars Kellogg-StedmanMon, 30 Jul 2012 00:00:00 -0400tag:blog.oddbit.com,2012-07-30:/2012/07/30/openstack-idle-connection-timeouts/openstacknetworking