tgehrke's profile - activity

2017-09-25 22:33:13 -0600 received badge  Famous Question (source)
2017-02-20 02:23:24 -0600 received badge  Famous Question (source)
2017-02-14 21:05:21 -0600 received badge  Notable Question (source)
2017-02-10 05:11:26 -0600 received badge  Notable Question (source)
2017-02-09 17:13:53 -0600 received badge  Notable Question (source)
2017-02-09 16:49:53 -0600 answered a question self signed cert from python client

Workaround by using insecure=True and ignoring the noise. . .

Problem is solved by added cert to /etc/ssl/certs/

2017-02-09 16:43:56 -0600 received badge  Popular Question (source)
2017-02-09 16:43:21 -0600 answered a question keystone active directory integration and domains?

Problem was solved by using a single non-default domain for the AD integration. The default domain was maintained but only used for administrative tasks. The default domain still authenticates with basic keystone username and passwords

2017-02-09 16:40:46 -0600 received badge  Popular Question (source)
2017-02-09 16:37:23 -0600 answered a question How to configure the meta-data service for multi NIC

The problem turned out to be at the OS and was solved by adding this to the user-data

!/bin/bash

        # Setup
        cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1
        sed -i -e 's/eth0/eth1/g' /etc/sysconfig/network-scripts/ifcfg-eth1
        systemctl restart network
2017-02-09 16:35:05 -0600 received badge  Popular Question (source)
2016-10-04 22:13:23 -0600 asked a question How to configure the meta-data service for multi NIC

We have a vLAN that is share across tenants for internal traffic. We created a private vLAN in a tenant and a router to the public network and try to duel home a VM. Only one NIC gets setup by cloud-init. I made a call to the meta-data service and there is only two IP addresses sent to the VM a private-IPv4 and a public IP-v4 address. Is there something that needs to be configured in Neutron so VMs can be multi-homed?

2016-09-26 22:23:43 -0600 asked a question keystone active directory integration and domains?

Does anyone have any experience with AD - Keystone integration using keystone domains? We are integrating OpenStack keystone into an enterprise with hundreds of thousands of employees. Has anyone had issues with keystone domains or concerns? I know a user can only be in one domain. . . Are there other concerns? Other than being able to delegate some administrative functions are there benefits of using multi-domains in keystone?

Anything you might share is helpful.

2016-09-22 09:01:25 -0600 asked a question self signed cert from python client

We have OpenStack Liberty setup in our development environment using a self signed cert.

From a client we can use the CLI by using OS_CACERT=<path to="" cert="" file="">

But when we try to write python code to interact with the API we can't get it to recognize the cert. It seems that keystone returns the token but the redirect to nova gives an SSL error.

2016-05-12 01:23:48 -0600 received badge  Notable Question (source)
2016-05-12 01:23:48 -0600 received badge  Famous Question (source)
2015-12-18 12:34:26 -0600 received badge  Enthusiast
2015-12-16 13:21:33 -0600 commented answer ceilometer client unable to authenticate

show collections

 alarm
 alarm_history
 event
 meter
 resource
 system.indexes

MongoDB looks OK

2015-12-16 13:14:03 -0600 received badge  Popular Question (source)
2015-12-16 13:07:29 -0600 commented answer ceilometer client unable to authenticate

show dbs

admin 0.031GB

ceilometer 2.999GB

local 0.031GB

show users

    "_id" : "ceilometer.ceilometer",
    "user" : "ceilometer",
    "db" : "ceilometer",
    "roles" : "readWrite",
2015-12-16 12:18:13 -0600 commented answer ceilometer client unable to authenticate

grep mongodb /etc/ceilometer/ceilometer.conf

connection = mongodb://ceilometer:xxxxxx@vctrl01:27017/ceilometer

2015-12-15 12:30:24 -0600 answered a question ceilometer client unable to authenticate

Problem solved! The service endpoint had a typeo in the hostname. (vcrtrl01 -- vctrl01 )


_socketmodule.so->getaddrinfo("vctrl01", "5000", 0x7fff93e97430, 0x7fff93e97418) = 0 _socketmodule.so->getaddrinfo("vctrl01", "5000", 0x7fff93e97ef0, 0x7fff93e97ed8) = 0 _socketmodule.so->getaddrinfo("vcrtrl01", "8777", 0x7fff93e999b0, 0x7fff93e99998) = -2 ('Connection aborted.', gaierror(-2, 'Name or service not known'))

Made changes in database and celiometer meter-list works fine.

2015-12-14 18:49:51 -0600 received badge  Editor (source)
2015-12-14 06:53:55 -0600 asked a question ceilometer client unable to authenticate

This is the same problem as reported in question on ceilometer meter-list - The service catalog is empty. I followed the suggestions to

OS_PROJECT_DOMAIN_ID=default 
OS_IMAGE_API_VERSION=2 
OS_USER_DOMAIN_ID=default
OS_PROJECT_NAME=admin 
OS_PASSWORD=xxxxxxx 
OS_AUTH_URL=http://vctrl01:35357 
OS_USERNAME=admin 
OS_TENANT_NAME=admin
OS_VOLUME_API_VERSION=2

ceilometer --version 2.1.0

I can get a token for the nova-client nova list:

GET /? POST /auth/tokens? GET /tokens/77c66441c89c4612bb74978b77db2753?

But it returns empty for the ceilometer-client ceilometer meter-list:

GET /? POST /auth/tokens? GET /? POST /auth/tokens?
2015-12-14 06:53:54 -0600 answered a question Ceilometer meter-list is empty (Kilo, CentOS7)

I'm having the same problem. "The service catalog is empty." and have followed the suggestions above. OS_PROJECT_DOMAIN_ID=default OS_IMAGE_API_VERSION=2 OS_USER_DOMAIN_ID=default OS_PROJECT_NAME=admin OS_PASSWORD=xxxxxxx OS_AUTH_URL=http://vctrl01:35357 OS_USERNAME=admin OS_TENANT_NAME=admin OS_VOLUME_API_VERSION=2

ceilometer --version 2.1.0

It appears I am not getting a token when I monitor keystone.log doing 'nova list' vs 'ceilometer meter-list' nova list: GET /? POST /auth/tokens? GET /tokens/77c66441c89c4612bb74978b77db2753?

ceilometer meter-list: GET /? POST /auth/tokens? GET /? POST /auth/tokens?