No better way to learn some more details of Ansible than to automate a task I need to do on a regular basis: ipa-server-install.
Install FreeIPA via Ansible
5
Resetting a Known Host for SSH
I often create and destroy a virtual machine multiple times in development. SSH records the host and key and often complains about a changed value for a given key. As I am attempting to automate more and more, I need to be able to communicate with these recreated hosts without dealing with the warning messages.
Continue reading
More about Jason Amerine
A mutual friend of mine and Jason’s questioned the use of the word “Whistleblower” in the Survey. We are fairly certain it is the accurate term. Here was the response from Bill Ruhling, Lawyer for Jason.
Continue readingDynamic Policy and Microversions
Both Core APIs and Policy have been static for a long part of OpenStack’s lifespan. While I’ve been working on Dynamic Policy, the Nova team has been looking to use microversions to allow the API to morph more quickly. Are the two approaches going to interoperate, or are they going to conflict?
Jason Amerine
Which takes more courage: to lead a 11 person team deep into enemy territory, or to stand up to your own dysfunctional organization to try and fix it? I know someone that has done both.
Continue readingSetting up an RDO deployment to be Identity V3 Only
The OpenStack Identity API Version 3 provides support for many features that are not available in version 2. Much of the installer code from Devstack, Puppet Modules, and Packstack, all assumes that Keystone is operating with the V2 API. In the interest of hastening the conversion, I set up a deployment that is V3 only. Here is how I did it.
Continue reading
Automating Kerberos Authentication
Sometimes you need unattended authentication. Sometimes you are just lazy. Whatever the reason, if a user (human or otherwise) wants to fetch a Ticket Granting Ticket (TGT) from a Kerberos Key Distribution Center (KDC) automatically, the Global Security Services API (GSSAPI) library shipped with most recent distributions support it.
Creating Hierarchical Projects in Keystone
Hierarchical Multitenancy is coming. Look busy.
Creating a new Network for a dual NIC VM
I need a second network for testing a packstack deployment. Here is what I did to create it, and then to boot a new VM connected to both networks.
Continue reading
Using the openstack command line interface to create a new server.
I have to create a new virtual machine. I want to use the V3 API when authentication to Keystone, which means I need to use the common client, as the keystone client is deprecated and only supports the V2.0 Identity API.