So you want to install python Shade in your Red Hat OpenStack environment without destroying your undercloud director node? If you do this without following these instructions, you’ll very likely destroy the usability of your director. I’ll walk you through the steps necessary, as of the writing of this post (2017-08-30), to not only get shade workin on your director — but to deploy an instance in your cloud with it.
Fernet tokens in Keystone are fantastic. Enabling these, instead of UUID or PKI tokens, really does make a difference in your cloud’s performance and overall ease of management. I get asked a lot about how to manage keys on your controller cluster when using fernet. As you may imagine, this could potentially take your cloud down if you do it wrong. Let’s look at what fernet keys are, as well as how to manage them in your Red Hat OpenStack cloud.
With Red Hat OpenStack 12, Fernet keys are now the default. In this guide, I’d like to show you how to not only rotate your decryption keys on the controller, but how to debug any issues you may encounter. This is really meant to be a guide to managing Continue reading
YAML, while very easy to read and extensible, can cause issues with your OpenStack deployment that aren’t readily apparent by simply looking at log output. Issues can arise when your yaml is not syntactically correct, especially where whitespace is concerned.
As of OpenStack Kilo, a new token provider is now available as an alternative to pki and uuid. Ferent tokens, pronounced fehr:NET, are essentially an implementation of ephemeral tokens in Keystone. What this means, from an implementation standpoint, is that tokens are no longer persisted and hence do not need to be replicated across clusters or regions.