Author: Yury Taraday

-

We did tests deploying close to 1000 OpenStack nodes on a pre-installed Kubernetes cluster as a way of finding out what problems you might run into, and fixing them, if at all possible.

-

In a previous post about integrating Infoblox address management with OpenStack, we described a challenge we faced in storing all DHCP and DNS data on an Infoblox appliance to provide enterprise-level DHCP service for internal VMs and DNS for external clients. While DNS driver implementation was pretty straightforward, this integration exposed an interesting problem: DHCP in Nova was hardcoded to only …

-

The simplest way to authenticate a user is to ask for credentials (login+password, login+keys, etc.) and check them over some database. But when it comes to lots of separate services as it is in the OpenStack world, we have to rethink that. The main problem is an inability to use one user entity to be authorized everywhere. For example, a …

-

After some time working with OpenStack installation using existing LDAP installation for authentication, we encountered one big problem. The latest Dashboard code dropped support of old bare authentication in favor of Keystone-based one. That time Keystone had no support for multiple authentication backends, so we had to develop this feature. Now we have a basic support of LDAP authentication in Keystone …

-

Our current integration task involves using goSA as the central management utility. goSA internally uses the LDAP repository for all of its data. So we had to find a solution to make both OpenStack Nova and Dashboard authenticate and authorize users using goSA's LDAP structures. LDAP in Nova Nova stores its users, projects and roles (global and per-project) in LDAP. Necessary schema …

Subscribe to Our Newsletter

Latest Tweets

Suggested Content

LIVE DEMO
Mirantis Cloud Platform
WEBINAR
Top Sysadmin Tasks and How to Do Them with OpenStack
WEBINAR
ONAP Overview