OpenStack Nova – deep-dive into the provisioning process

In the last post, we did go through the installation process and the high-level architecture of Nova, talking about the Nova API server, the Nova scheduler and the Nova agent. Today, we will make this a bit more tangible by observing how a typical request to provision an instance flows through this architecture. The use … Continue reading OpenStack Nova – deep-dive into the provisioning process

OpenStack Nova – installation and overview

In this post, we will look into Nova, the cloud fabric component of OpenStack. We will see how Nova is installed and go briefly through the individual components and Nova services. Overview Before getting into the installation process, let us briefly discuss the various components of Nova on the controller and compute nodes. First, there … Continue reading OpenStack Nova – installation and overview

OpenStack supporting services – Glance and Placement

Apart from Keystone, Glance and Placement are two additional infrastructure services that are part of every OpenStack installation. While Glance is responsible for storing and maintaining disk images, Placement (formerly part of Nova) is keeping track of resources and allocation in a cluster. Glance installation Before we get into the actual installation process, let us … Continue reading OpenStack supporting services – Glance and Placement

OpenStack Keystone – a deep-dive into tokens and policies

In the previous post, we have installed Keystone and provided an overview of its functionality. Today, we will dive in detail into a typical authorization handshake and take you through the Keystone source code to see how it works under the hood. The overall workflow Let us first take a look at the overall process … Continue reading OpenStack Keystone – a deep-dive into tokens and policies

Openstack Keystone – installation and overview

Today we will dive into OpenStack Keystone, the part of OpenStack that provides services like management of users, roles and projects, authentication and a service catalog to the other OpenStack components. We will first install Keystone and then take a closer look at each of these areas. Installing Keystone As in the previous lab, I … Continue reading Openstack Keystone – installation and overview

Understanding TLS certificates with Ansible and NGINX – part II

In the first part of this short series, we have seen how Ansible can be used to easily generate self-signed certificates. Today, we will turn to more complicated set-ups and learn how to act as a CA, build chains of certificates and create client-certificates. Creating CA and intermediate CA certificates Having looked at the creation … Continue reading Understanding TLS certificates with Ansible and NGINX – part II

Understanding TLS certificates with NGINX and Ansible – part I

If you read technical posts like this one, chances are that you have already had some exposure to TLS certificates, for instance because you have deployed a service that uses TLS and needed to create and deploy certificates for the servers and potentially for clients. Dealing with certificates can be a challenge, and a sound … Continue reading Understanding TLS certificates with NGINX and Ansible – part I