New OpenStack instance - status

Kevin Fenzi kevin at scrye.com
Mon Mar 9 12:00:22 UTC 2015 

On Mon, 09 Mar 2015 11:25:20 +0100
Miroslav Suchý <msuchy at redhat.com> wrote:

> On 03/07/2015 06:59 PM, Kevin Fenzi wrote:
> > All thats set and I can see console in the web dash again just fine
> > for any of the instances I tried, and they are all https using
> > only. 
> 
> Works for me too. Nice. Thanks.

Cool. 

> >> > I tried to automatize adding of SSH keys using this:
> > I wonder if we shouldn't have something to update/upload everyones
> > ssh keys. Might be handy but of course it's not a blocker/that
> > important. We could even look at just tieing into our existing
> > fedmsg listener (when someone with a cloud account changes ssh key,
> > update the cloud). 
> 
> Done. Search for "upload SSH keys for users" action.
> However it work only initially. Once user alter his password it will
> fail. I ignore those cases with "ignore_errors: yes" though.
> I have pending RFE for OpenStack so admin is able to upload ssh keys
> to user.
> 
> I skipped (commented out) users:
>   * twisted
>   * cockpit
> as I do not know which ssh keys they use. Can somebody put there
> right values?

Will have to find out. Those groups aren't from fas... 
 
> >> > Anyway, I am able (again) to start VM and log to those VM.
> > Me too. I uploaded the F22 Alpha cloud image and it worked fine.
> > (aside cloud-init taking about 35 seconds to run. It seemed to be
> > timing out on some metadata ?)
> > 
> > We should look at hooking our cloud image upload service into this
> > soon so we can get images as soon as they are done.
> 
> I will leave this one for somebody else.

Yeah, will ping oddshocks on it, but possibly wait until our final
re-install. 

> > * Might be a good time to look at moving copr to f21? and builders
> > also to be f21? (they should come up faster and in general be
> > better than the el6 ones currently used, IMHO)
> 
> I will start by moving builder to F21 (this really limit us) and once
> it will be finished I move backend and fronted. I'm afraid that by
> that time I will move them directly to F22 :)

Hopefully we can get there before then. ;) 

> > * Right now ansible on lockbox01 is using euca2ools to manage cloud
> >   instances, perhaps we could/should just move to nova now? Or this
> >   could perhaps wait for us to move lockbox01 to rhel7. 
> 
> I learned (the hard way) that nova/cider/neutron etc. commands are
> deprecated. The new preferred way is command "openstack" from
> python-openstackclient. However Icehouse use 0.3 version and you
> should not think about using this command unless you have 1.0 version
> available (Juno or Kilo, not sure). It probably does not matter if
> you use ansible modules, but you may consider it if you are calling
> commands directly. #justsaying

ok. We may have to do some trial and error. 

nova commands worked fine from here, but I didn't really try and do
anything fancy. We could see if the euca stuff will just keep working
for us for now. 

kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20150309/fe53b6b3/attachment.sig>

More information about the infrastructure mailing list