Installing and using Python Shade in your Red Hat OpenStack environment

Installing and using Python Shade in your Red Hat OpenStack environment

So you want to install python Shade in your Red Hat OpenStack environment without destroying your undercloud director node? If you do this without following these instructions, you’ll very likely destroy the usability of your director. I’ll walk you through the steps necessary, as of the writing of this post (2017-08-30),  to not only get shade workin on your director — but to deploy an instance in your cloud with it.

Continue reading

Fernet Key Rotation on Red Hat OpenStack Platform with Ansible

Fernet Key Rotation on Red Hat OpenStack Platform with Ansible

Fernet tokens in Keystone are fantastic. Enabling these, instead of UUID or PKI tokens, really does make a difference in your cloud’s performance and overall ease of management. I get asked a lot about how to manage keys on your controller cluster when using fernet. As you may imagine, this could potentially take your cloud down if you do it wrong. Let’s look at what fernet  keys are, as well as how to manage them in your Red Hat OpenStack cloud.

Continue reading

Enabling Keystone’s Fernet Tokens in Red Hat OpenStack Platform 10

Enabling Keystone’s Fernet Tokens in Red Hat OpenStack Platform 10

As of OpenStack Kilo, a new token provider is now available as an alternative to pki and uuid. Ferent tokens, pronounced fehr:NET, are essentially an implementation of ephemeral tokens in Keystone. What this means, from an implementation standpoint, is that tokens are no longer persisted and hence do not need to be replicated across clusters or regions.
Continue reading