New OpenStack instance - status

Miroslav Suchý msuchy at redhat.com
Mon Mar 9 10:25:20 UTC 2015 

On 03/07/2015 06:59 PM, Kevin Fenzi wrote:
> All thats set and I can see console in the web dash again just fine for
> any of the instances I tried, and they are all https using only. 

Works for me too. Nice. Thanks.

>> > I tried to automatize adding of SSH keys using this:
> I wonder if we shouldn't have something to update/upload everyones ssh
> keys. Might be handy but of course it's not a blocker/that important. 
> We could even look at just tieing into our existing fedmsg listener
> (when someone with a cloud account changes ssh key, update the cloud). 

Done. Search for "upload SSH keys for users" action.
However it work only initially. Once user alter his password it will fail.
I ignore those cases with "ignore_errors: yes" though.
I have pending RFE for OpenStack so admin is able to upload ssh keys to user.

I skipped (commented out) users:
  * twisted
  * cockpit
as I do not know which ssh keys they use. Can somebody put there right values?

>> > Anyway, I am able (again) to start VM and log to those VM.
> Me too. I uploaded the F22 Alpha cloud image and it worked fine.
> (aside cloud-init taking about 35 seconds to run. It seemed to be
> timing out on some metadata ?)
> 
> We should look at hooking our cloud image upload service into this soon
> so we can get images as soon as they are done.

I will leave this one for somebody else.

>> > My plan for next week is to migrate dev instance to new OpenStack
>> > (before it will be re-provisioned) and see what needs to be changed.
> Sounds good!
> 
> I think: 
> 
> * Might be a good time to look at moving copr to f21? and builders also
>   to be f21? (they should come up faster and in general be better than
>   the el6 ones currently used, IMHO)

I will start by moving builder to F21 (this really limit us) and once it will be finished I move backend and fronted.
I'm afraid that by that time I will move them directly to F22 :)

> * Right now ansible on lockbox01 is using euca2ools to manage cloud
>   instances, perhaps we could/should just move to nova now? Or this
>   could perhaps wait for us to move lockbox01 to rhel7. 

I learned (the hard way) that nova/cider/neutron etc. commands are deprecated. The new preferred way is command
"openstack" from  python-openstackclient. However Icehouse use 0.3 version and you should not think about using this
command unless you have 1.0 version available (Juno or Kilo, not sure).
It probably does not matter if you use ansible modules, but you may consider it if you are calling commands directly.
#justsaying

-- 
Miroslav Suchy, RHCE, RHCDS
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys

More information about the infrastructure mailing list