Hi Guys,
I am new to openstack and have been using images provided by others in
my test cloud. However, I am trying to so some customization and need
to build my own image. I built CentOS 7.1 on my virtualbox instance
and went through the following steps:
--
/etc/default/grub - fixed this file
Hi Guys,
I am new to openstack and currently have a openstack environment that
seems to have ssl enabled. From my mac I am able to use the openstack
api without any issues and without having to do anything for ssl.
However, from my CentOS 7.1 server I get the following error message:
--
bash-4.2
cate.
>
> [Errno 1] _ssl.c:504: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>
> Interesting issue.
>
> Anthony.
> -Original Message-
> From: Jagga Soorma [mailto:jagg...@gmail.com]
> Sent: Tuesday, March 22, 2016
;>>
>
> Instead of response 300, if you are still getting error here, it means the
> cert is not correct or its unable to find the rootCA in the provided
> location.
>
> *Rahul Sharma*
> *MS in Computer Science, 2016*
> College of Computer and Information Science, Northeastern
Hi Guys,
Currently when using the openstack api I have to save my password in clear
text in the OS_PASSWORD environment variable. Is there a more secure way
to use the openstack api without having to either store this password in
clear text or enter the password manually every time I run a openst
Hi Guys,
I need to push out all alerts in Monasca to a external logfile on a linux
server. Not very familiar with webhooks and was wondering if someone has
already done something similar that I can get a starting point with.
Thanks.
___
Mailing list: h
min on
> the box you are using.
>
> Kerberos is very nice, if you have access to an active directory or a
> local kerberos server, it’s worth a look.
>
> Tim
>
>
>
> On 23/03/16 16:40, "CARVER, PAUL" wrote:
>
> >Jagga Soorma wrote:
> >
> >
Hi Guys,
I am building a new CentOS 6.7 based image for our kilo based openstack
environment. I have followed the instructions on
http://docs.openstack.org/image-guide/centos-image.html.
However when I boot my new image in openstack it does not come all the way
up and I see the following errors
.
Thanks for your help with this.
On Sat, Mar 26, 2016 at 3:32 PM, Remo Mattei wrote:
> did you try the machine local boot with virsh?
> Does it show up?
>
> I am on a trip now but I could look at it later next week if you still
> have some issues…
>
> Remo
>
>
>
>
ing the dhcp server but again make
> sure rules are right.
>
> Inviato da iPhone
>
> Il giorno 26 mar 2016, alle ore 17:01, Jagga Soorma
> ha scritto:
>
> Ahhh.. got further.. looks like eth0 was set to onboot=no :( rebooting
> with onboot=yes gets me a bit further but th
Hey Guys,
I have a new openstack environment and one thing I have noticed is that my
keys are all over the place now which got me thinking what others might be
doing for key management? Just curious if there is a better more
central/secure way to store my keys.
Thanks!
__
Hi Guys,
Looks like freezer integration in horizon is still buggy and every time our
users click on one of the Backup and Recovery tabs under DR they get a
"Something went wrong!" message. We get the same thing when logging into
horizon using the hlm_backup credentials.
Is there a way to complet
which one should I be checking? I don't see anything of importance in
horizon's or freezer's logs.
On Thu, Mar 31, 2016 at 11:43 AM, Remo Mattei wrote:
> What does the log say?
>
> Inviato da iPhone
>
> > Il giorno 31 mar 2016, alle ore 19:29, Jagga Soor
Hi Guys,
When creating a bootable volume (volume source - image) within horizon ui
by pointing it to one of our images we are getting a Error status without
any further details. However, when I try to do the same thing with a
cirros image that was downloaded from a external source it works just
f
This is exactly what I ended up doing. Setting Disabled=true in our
_50_freezer.py and restarting apache. This seems to have disabled the DR
section in horizon.
Thanks.
On Mon, Apr 4, 2016 at 11:21 PM, Matthias Runge wrote:
> On 02/04/16 22:34, Fausto Marzi wrote:
> > Hi Jagga,
> >
> > The we
Hi Guys,
I need to change the default # of floating ips and security groups in
our kilo based openstack environment which has been integrated into
AD. I don't see a Identity tab in the horizon ui (due to AD
integration) and don't want to manually do this every time a new
project is created. Look
Hi Guys,
There is a default security group rule that has the following entry:
--
Direction: Ingress
Ether Type: IPv4
IP Protocol: Any
Port Range: Any
Remote Prefix: -
Remote Security Group: default
--
Now this makes me think that it should basically allow all ingress ipv4
traffic (udp & tcp) on
Hi Guys,
We have a new kilo based openstack environment with ssl enabled. On most
browsers when accessing the https link to horizon when users login they get
the following error:
--
Forbidden (403)
CSRF verification failed. Request aborted.
You are seeing this message because this site requires
not sure how to fix this issue and can't really tell my user
to remove the .xxx.com cookie everytime they run into this issue and can't
tell that site to create a proper cookie with fqdn domain.
Any help with this would be appreciated!
Thanks.
On Mon, Apr 18, 2016 at 5:48 PM, Jagga Soo
BTW I should mention that my openstack instance has been integrated into
active directory so horizon does not show any project member information.
Thanks.
On Wed, Apr 20, 2016 at 4:20 PM, Jagga Soorma wrote:
> Hi Guys,
>
> So I am able to find out what role a user has for a specifi
Hi Guys,
So I am able to find out what role a user has for a specific project, but
have not been able to find a way to list all members in a given project.
Is this doable? Is there a way I can get all members of a existing project
from cli? Don't think horizon exposes this information either.
T
docs.openstack.org/developer/keystone/cli_examples.html#user-list
>
>
>
> From: Jagga Soorma
> Date: Wednesday, April 20, 2016 at 6:20 PM
> To: openstack
> Subject: [Openstack] list members of a project
>
> Hi Guys,
>
> So I am able to find out what role a user
Hey Guys,
We have enabled ssl on our kilo based openstack cloud and some users are
still trying to access the cloud via http instead of https. Would it be
possible to redirect http to https via openstack so that we can minimize
confusion among some users :) This should be doable via the horizon
Hi Guys,
I have a project with a priv network setup and any instance connected to it
can't seem to get to its meta data service and no network gets setup on
that instance.
I created a new priv network in that project and was able to get
communication on a new instance connected to that priv netwo
:0f:c0, length 300
..snip..
--
On Thu, Apr 28, 2016 at 5:55 PM, Jagga Soorma wrote:
> Hi Guys,
>
> I have a project with a priv network setup and any instance connected to
> it can't seem to get to its meta data service and no network gets setup on
> that instance.
>
>
ptured
1121416 packets received by filter
368 packets dropped by kernel
--
Any help with this would be appreciated.
Thanks.
On Thu, Apr 28, 2016 at 6:29 PM, Jagga Soorma wrote:
> I see the mac address of the instance asking for a dhcp address from the
> compute node:
>
> --
> # tcpdu
Hi Guys,
Need some clarification regarding routing for instances without a floating
ip address. Basically we have instances connected to a priv network that is
also connected to our external network and our security group allows all
egress traffic. However, we can't seem to get to any resource on
Also I should mention our openstack environment is kilo based if that makes
any difference.
Thanks.
On Mon, May 2, 2016 at 10:30 PM, Jagga Soorma wrote:
> We us a external vm network of 10.36.6.0/23. Looks like I do have some
> snat rules but no idea what I should be specifically looki
ou
> seem to have patched the problem for that vm with floating ip's.
>
> > Is that by design or is there something wrong with our configuration?
> As per design, you don't need to assign floating ip's for your vm's to get
> out, this should be done by SNAT by default a
Ingress IPv6 Any Any - default Delete Rule
Egress IPv4 Any Any 0.0.0.0/0 - Delete Rule
Ingress IPv4 ICMP Any 0.0.0.0/0 - Delete Rule
Ingress IPv4 TCP 22 0.0.0.0/0 -
On Mon, May 2, 2016 at 10:49 PM, Jagga Soorma wrote:
> Yes, I am able to ping the gateway address from within the snat namesp
qg-09e400d1-28
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe52:dc9a/64 scope link
valid_lft forever preferred_lft forever
--
On Mon, May 2, 2016 at 10:34 PM, Jagga Soorma wrote:
> Also I should mention our openstack environment is kilo based if that
>
The moment I assign a floating IP address I can also get out of that vm to
our external net.
On Mon, May 2, 2016 at 10:51 PM, Jagga Soorma wrote:
> This is what my default security groups looks like just in case that has
> anything to do with why it is not working:
>
> --
> Di
;
> -Dileep
>
> On Mon, May 2, 2016 at 10:30 PM, Jagga Soorma wrote:
>
>> We us a external vm network of 10.36.6.0/23. Looks like I do have some
>> snat rules but no idea what I should be specifically looking for in here:
>>
>> $ ip netns | grep -i snat
>&
.
Thanks.
On Wed, May 11, 2016 at 10:19 PM, Remo Mattei wrote:
> It is possible I have set it up today for a test without any issue on both
> Liberty and mitaka
>
> Inviato da iPhone
>
> Il giorno 11 mag 2016, alle ore 21:44, Jagga Soorma
> ha scritto:
>
> Hey Guys,
Hi Guys,
I have a new openstack cloud that I am unable to provision any
instances on. When provisioning via horizon the state of the instance
gets stuck for a long time at the Scheduling state and then the Build
state and never completes. I see the following time outs in the logs:
Not really su
35 matches
Mail list logo
