The Sax Doctor

Posted on February 25, 2015 by Adam Young

Distinctive ring that holds the bell of a Selmer Paris Saxophone to the main body of the horn.

Ring of a Selmer Paris Saxophone

Dropped my Sax off at Emilio Lyon’s house and workshop. My folks bought it for me from him at Rayburn Music in Boston back when I was a High School Freshman. I still remember him pointing to the sticker on it that indicated “This is my work.”

As someone who loves both the saxophone and working with my hands, I have to admit I was looking forward to meeting him. I was even a little nervous. He has a great reputation. Was he going to chastise me for the state of my horn? It hadn’t been serviced in…way too long. I was a little worried that the lack of changing the oil on the rods would have worn down some of the metal connections.
Continue reading →

Adding an LDAP backed domain to a Packstack install

Posted on February 13, 2015 by Adam Young

I’ve been meaning to put all the steps together to do this for a while:

Got an IPA server running on Centos7
Got a Packstack all in one install on Centos 7. I registered this host as a FreeIPA client, though that is not strictly required.
Continue reading →

Debugging OpenStack with rpdb

Posted on February 11, 2015 by Adam Young

OpenStack has many different code bases.Â Figuring out how to run in a debugger can be maddening, especially if you are trying to deal with Eventlet and threading issues.Â Adding HTTPD into the mix, as we did for Keystone, makes it even trickier.Â Here’s how I’ve been handling things using the remote pythong debugger (rpdb).

Continue reading →

The Travelling Saxophone

Posted on January 28, 2015 by Adam Young

The Saxophone is a harsh mistress. She demands attention every day. A musician friend once quoted to me: “Skip a day and you know. Skip two days and your friends know. Skip three days and everyone knows.” That quote keeps me practising nightly.

Continue reading →

MySQL On Fedora 20 Setup

Posted on December 1, 2014 by Adam Young

I’ve set up MySQL enough times figuring things out from docs that I decided I need to take notes.

This is a destructive re-install. Don’t do this if you value your data. In fact, just don’t do this.

Continue reading →

Dynamic Policy in Keystone

Posted on November 16, 2014 by Adam Young

Ever get that feeling that an epiphany is right around the corner? I spent a good portion of the OpenStack summit with that feeling. I knew that it would not be earth shattering, or lead me to want to rewrite Keystone, but rather a clarification of how a bunch of things should fall together. The “click” happened on the second to last day, and it can be summarized in a few key points.
Continue reading →

Minimal Token Size

Posted on November 16, 2014 by Adam Young

OpenStack Keystone tokens can become too big to fit in the headers between mod_wsgi and the WSGI applications. Compression mitigates the problem somewhat, but if token sizes continue to grow, eventually they outpace the benefits of compression. How can we keep them to a minimal size?

Continue reading →

Who can sign for what?

Posted on October 14, 2014 by Adam Young

In my last post, I discussed how to extract the signing information out of a token. But just because the signature on a document is valid does not mean that the user who signed it was authorized to do so. How can we got from a signature to validating a token? Can we use that same mechanism to sign other OpenStack messages?

Continue reading →

Who Signed that Token?

Posted on October 10, 2014 by Adam Young

The specification For multiple signers requires a mechanism to determine who signed the token and then determine I’d the signer had the authority to issue a token for the scope of the token.Â These are the steps he he necessary to perform that validation.

Continue reading →

Ansible Hostgroups from FreeIPA

Posted on October 9, 2014 by Adam Young

Ansible provides management for a large array of servers using ssh as the access mechanism. This is a good match forÂ FreeIPA.Â However, by default Ansible uses a flat file to store groups of hosts.Â How can we get that info from FreeIPA? Continue reading →

Adam Young's Web Log

The Notebook of a Programmer Climber Musician Ex-Soldier Woodworker and a few other things

The Sax Doctor

Adding an LDAP backed domain to a Packstack install

Debugging OpenStack with rpdb

The Travelling Saxophone

MySQL On Fedora 20 Setup

Dynamic Policy in Keystone

Minimal Token Size

Who can sign for what?

Who Signed that Token?

Ansible Hostgroups from FreeIPA