On Mon, 09 Mar 2015 11:25:20 +0100 Miroslav Suchý msuchy@redhat.com wrote:
On 03/07/2015 06:59 PM, Kevin Fenzi wrote:
All thats set and I can see console in the web dash again just fine for any of the instances I tried, and they are all https using only.
Works for me too. Nice. Thanks.
Cool.
I tried to automatize adding of SSH keys using this:
I wonder if we shouldn't have something to update/upload everyones ssh keys. Might be handy but of course it's not a blocker/that important. We could even look at just tieing into our existing fedmsg listener (when someone with a cloud account changes ssh key, update the cloud).
Done. Search for "upload SSH keys for users" action. However it work only initially. Once user alter his password it will fail. I ignore those cases with "ignore_errors: yes" though. I have pending RFE for OpenStack so admin is able to upload ssh keys to user.
I skipped (commented out) users:
- twisted
- cockpit
as I do not know which ssh keys they use. Can somebody put there right values?
Will have to find out. Those groups aren't from fas...
Anyway, I am able (again) to start VM and log to those VM.
Me too. I uploaded the F22 Alpha cloud image and it worked fine. (aside cloud-init taking about 35 seconds to run. It seemed to be timing out on some metadata ?)
We should look at hooking our cloud image upload service into this soon so we can get images as soon as they are done.
I will leave this one for somebody else.
Yeah, will ping oddshocks on it, but possibly wait until our final re-install.
- Might be a good time to look at moving copr to f21? and builders
also to be f21? (they should come up faster and in general be better than the el6 ones currently used, IMHO)
I will start by moving builder to F21 (this really limit us) and once it will be finished I move backend and fronted. I'm afraid that by that time I will move them directly to F22 :)
Hopefully we can get there before then. ;)
- Right now ansible on lockbox01 is using euca2ools to manage cloud instances, perhaps we could/should just move to nova now? Or this could perhaps wait for us to move lockbox01 to rhel7.
I learned (the hard way) that nova/cider/neutron etc. commands are deprecated. The new preferred way is command "openstack" from python-openstackclient. However Icehouse use 0.3 version and you should not think about using this command unless you have 1.0 version available (Juno or Kilo, not sure). It probably does not matter if you use ansible modules, but you may consider it if you are calling commands directly. #justsaying
ok. We may have to do some trial and error.
nova commands worked fine from here, but I didn't really try and do anything fancy. We could see if the euca stuff will just keep working for us for now.
kevin