Ask Your Question

Alexander Birkner's profile - activity

2016-10-14 06:33:35 -0500 received badge  Enthusiast
2016-10-11 16:13:51 -0500 received badge  Teacher (source)
2016-10-11 13:52:21 -0500 received badge  Autobiographer
2016-10-11 13:51:36 -0500 answered a question Is it safe to expose openstack horizon on the internet ?

I would recommend you to hide your complete OpenStack management network in a separate VLAN. And then setup a HaProxy as firewall and just forward the needed ports (with a ip whitelist if possible). Or just use a VPN server to access these services.

Horizon does not have protections against brute-force attacks or something like that. The same counts also for the Keystone API.

2016-10-11 13:42:50 -0500 answered a question I cannot create project under api v3

You need to change your user's default project.

Via Horizon: Go to Horizon -> Identity -> Users -> Edit -> Primary Project.

Via CMD: openstack user set [username] --project [project name]

After setting a default project the v3 Identity should work fine for you.

2016-10-11 13:32:50 -0500 answered a question Nova-network with external gateway

I've using now Neutron with Linux Bridge and a Provider Network. It's perfect for our use-case.

2016-10-11 13:30:45 -0500 received badge  Supporter (source)
2016-02-02 20:33:54 -0500 received badge  Famous Question (source)
2016-02-02 20:33:54 -0500 received badge  Notable Question (source)
2015-11-20 21:22:28 -0500 answered a question Intermittent access when configure using mariadb-galera

I had the same issue with keystone and a MariaDB Galera cluster behind a HAProxy. I've increased the idle_timeout in the keystone configuration to 3600 and I also increased the limits in the my.cnf file to:

max_allowed_packet = 128M

wait_timeout = 3600

2015-10-30 11:03:48 -0500 received badge  Popular Question (source)
2015-10-28 12:44:11 -0500 asked a question Cinder + Ceph - Deduplication?


we've set up a test cluster, we've configured Cinder with Ceph. Ceph has 3 OSD nodes. I've created 3 volumes in Horizon and started 3 instances with a Ubuntu 14.04 image. Everything works fine.

Like I understand Ceph should have deduplication, all 3 block devices on the storage have the same files on it but it seems that the Ceph cluster locating the file space for 3 times (3x ~ 800MB). But I thought it should locate the most blocks only one time on the Ceph storage.

Do I need to change some settings to use the deduplication feature for the block devices or is it not possible with Cinder?

Best regards, Alexander Birkner

2014-10-02 09:47:57 -0500 received badge  Famous Question (source)
2014-06-01 08:32:24 -0500 received badge  Notable Question (source)
2014-05-21 04:07:40 -0500 received badge  Popular Question (source)
2014-05-20 14:26:15 -0500 received badge  Editor (source)
2014-05-20 14:24:39 -0500 asked a question Nova-network with external gateway


I need to setup a shared hosting environment. Everything is working fine except the networking. I've created a network with the following command:

nova network-create testnetwork --bridge br100 --multi-host T --fixed-range-v4 --gateway --dns1 --dns2

The result should be that we are using our external gateway in the datacenter. The gateway has many ips and one of them is The complete network except the first ip should be useable on every node host. To reach the instance is not the problem but the instance has no outgoing network connection.

I've seen that one of the node servers got the ip address I don't want to use the node server as gateway. Is there a possibility to use the external gateway? The instance is already in the same network bridge like main interface p4p1.

Would be very awesome if anyone has a idea.

//EDIT: Or is it better to use neutron networking? But I have a very bad feeling about that the complete network traffic runs over one server (ddos).

Best regards, Alexander