We did tests deploying close to 1000 OpenStack nodes on a pre-installed Kubernetes cluster as a way of finding out what problems you might run into, and fixing them, if at all possible.
Author: Yury Taraday
In a previous post about integrating Infoblox address management with OpenStack, we described a challenge we faced in storing all DHCP and DNS data on an Infoblox appliance to provide enterprise-level DHCP service for internal VMs and DNS for external clients. While DNS driver implementation was pretty straightforward, this integration exposed an interesting problem: DHCP in … Continued
The simplest way to authenticate a user is to ask for credentials (login+password, login+keys, etc.) and check them over some database. But when it comes to lots of separate services as it is in the OpenStack world, we have to rethink that. The main problem is an inability to use one user entity to be … Continued
After some time working with OpenStack installation using existing LDAP installation for authentication, we encountered one big problem. The latest Dashboard code dropped support of old bare authentication in favor of Keystone-based one. That time Keystone had no support for multiple authentication backends, so we had to develop this feature. Now we have a basic … Continued
Our current integration task involves using goSA as the central management utility. goSA internally uses the LDAP repository for all of its data. So we had to find a solution to make both OpenStack Nova and Dashboard authenticate and authorize users using goSA’s LDAP structures. LDAP in Nova Nova stores its users, projects and roles … Continued