I had this in another post, but I think it is worth its own.
sudo hostnamectl set-hostname --static undercloud.ayoung-dell-t1700.test
export address=`ip -4 addr show eth0 primary | awk '/inet/ {sub ("/24" ,"" , $2) ; print $2}'`
echo $address `hostname` | sudo tee -a /etc/hosts
sudo yum -y install ipa-server-dns
export P=FreIPA4All
ipa-server-install -U -r `hostname -d|tr "[a-z]" "[A-Z]"` -p $P -a $P --setup-dns `awk '/^name/ {print "--forwarder",$2}' /etc/resolv.conf`
My Experiment yesterday left me with a broken IPA install. I aim to fix that.
Continue reading
Port 8080 is a popular port. Tomcat uses it as the default port for unencrypted traffic. FreeIA, installs Dogtag which runs in Tomcat. Swift proxy also chose that port number for its traffic. This means that if one is run on that port, the other cannot. Of the two, it is easier to change FreeIPA, as the port is only used for internal traffic, where as Swift’s port is in the service catalog and the documentation.
Continue reading
My Overcloud deploy does not have any VM images associates with it. I want to test launching a VM.
Continue reading
If you spend a lot of time switching between different cloud, different users, or even different projects for the same user when working with openstack, you’ve come across the problem where one environment variable from an old sourceing pollutes the current environment. I’ve been hit by that enough times that I wrote a small script to clear the environment.
I call it clear_os_env
Continue reading
OpenStack libraries now use Authenication plugins from the keystoneauth1 library. One othe the plugins has disappered? Kerbersop. This used to be in the python-keystoneclient-kerberos package, but that is not shipped with Mitaka. What happened?
Continue reading
Dramatis Personae:
Adam Young, Jamie Lennox: Keystone core.
Scene: #openstack-keystone chat room.
The process of deploying the overcloud goes through several technologies. Here’s what I’ve learned about tracing it.
Continue reading
I’ve been using Tripleo Quickstart. I need custom deploys. Start with modifying the heat templates. I’m doing a mitaka deploy
SAML is usually thought of as a WebSSO mechanism, but it can be made to work for command line operations if you use the Extended Client Protocol (ECP). When we did the Rippowam demo last year, we were successful in getting an Unscoped token by using ECP, but that was not sufficient to perform operations on other services that need a scoped token.
Continue reading