Scanning docker container images
Looking for potential vulnerabilities in docker images is crucial before shipping these to customers or putting them into production. Scanning of images should be a part of any CI pipeline so that it’s ensured that shipped software is secured as possible and security vulnerabilit…
openstack cli in a docker container
If you need to access your openstack cluster but there is no option to install packages on a jumpbox host that can access the cluster (lack of internet access or privileges) an alternative is to build locally a docker image that includes openstack CLI utility. Assumption is that …
Juniper vMX – MPLS over lt interface
I was wondering if I can run MPLS over OVS, VXLAN tenant networks in Openstack (for example VLAN tagging won’t work in such case, not by default at least, didn’t have an option to test with vlan_transparent setting on network level). Wanted to quickly check it out between a pair …
Modifying virtual machine images
What to do when you have a virtual machine image and for a example you need to some files contents like ssh config or so? Modified images can be uploaded to glance – repeating same step after running several VMs of the same type can be easily avoided in this way. There are few to…
Increase LV size of a qcow2 image
When you get a qcow2 image with a given size – it can’t be simply changed on-the-fly while running a VM or by giving just more space to a VM flavor in OpenStack. Situation gets even more complex when image has LVs inside but fortunately by using guestfish and virt-resize image ca…
Heat templates with cinder volumes
While trying to launch several VMs using heat templates on RHEL OpenStack Liberty only 2 out of 8 launched. Rest failed because cinder volumes could not be created. heat stack status was CREATE_FAILED and cinder volume status was error /var/log/cinder/volume.log HTTPInternalServe…
IOS-XRv running on OpenStack
In order to access IOS-XRv running on OpenStack compute node Spice console is required instead of VNC. Instructions can be found under the following links: Josh Restivo notes OpenStack Q&A about Spice console error
Accessing cloud images
For both Fedora and Ubuntu cloud images we can access them using ssh public key generated during bootup. Key can be obtained from a console log: Horizon -> Instances -> <fedora_ubuntu_instance> -> Console -> View Full Console Log From log file sudo vim /va…
Nova installation on OpenSUSE 13.1
Firewalld Firewall rules can be modified from GUI: yast2 firewall Assign internal interfaces to "Internal zone" Add SSH service to "External zone" RabbitMQ In order to allow to access rabbitmq from a remote (and local) host to rabbitmq server before starting rabbitmq-server …
Instance creation fails with 'Cannot find suitable CPU' on Debian 7
KVM by default does not work (even though vmx/smx is enabled for CPUs) – instance creation fails with “Cannot find suitable CPU”. Solution: In /etc/libvirtd/qemu.conf: security_driver = "none" remove file /var/cache/libvirt/qemu/capabilities and restart host (libvir…