On Mon, 09 Mar 2015 11:25:20 +0100
Miroslav Suchý <msuchy(a)redhat.com> wrote:
On 03/07/2015 06:59 PM, Kevin Fenzi wrote:
> All thats set and I can see console in the web dash again just fine
> for any of the instances I tried, and they are all https using
> only.
Works for me too. Nice. Thanks.
Cool.
>> > I tried to automatize adding of SSH keys using this:
> I wonder if we shouldn't have something to update/upload everyones
> ssh keys. Might be handy but of course it's not a blocker/that
> important. We could even look at just tieing into our existing
> fedmsg listener (when someone with a cloud account changes ssh key,
> update the cloud).
Done. Search for "upload SSH keys for users" action.
However it work only initially. Once user alter his password it will
fail. I ignore those cases with "ignore_errors: yes" though.
I have pending RFE for OpenStack so admin is able to upload ssh keys
to user.
I skipped (commented out) users:
* twisted
* cockpit
as I do not know which ssh keys they use. Can somebody put there
right values?
Will have to find out. Those groups aren't from fas...
>> > Anyway, I am able (again) to start VM and log to those
VM.
> Me too. I uploaded the F22 Alpha cloud image and it worked fine.
> (aside cloud-init taking about 35 seconds to run. It seemed to be
> timing out on some metadata ?)
>
> We should look at hooking our cloud image upload service into this
> soon so we can get images as soon as they are done.
I will leave this one for somebody else.
Yeah, will ping oddshocks on it, but possibly wait until our final
re-install.
> * Might be a good time to look at moving copr to f21? and
builders
> also to be f21? (they should come up faster and in general be
> better than the el6 ones currently used, IMHO)
I will start by moving builder to F21 (this really limit us) and once
it will be finished I move backend and fronted. I'm afraid that by
that time I will move them directly to F22 :)
Hopefully we can get there before then. ;)
> * Right now ansible on lockbox01 is using euca2ools to manage
cloud
> instances, perhaps we could/should just move to nova now? Or this
> could perhaps wait for us to move lockbox01 to rhel7.
I learned (the hard way) that nova/cider/neutron etc. commands are
deprecated. The new preferred way is command "openstack" from
python-openstackclient. However Icehouse use 0.3 version and you
should not think about using this command unless you have 1.0 version
available (Juno or Kilo, not sure). It probably does not matter if
you use ansible modules, but you may consider it if you are calling
commands directly. #justsaying
ok. We may have to do some trial and error.
nova commands worked fine from here, but I didn't really try and do
anything fancy. We could see if the euca stuff will just keep working
for us for now.
kevin