In the last post, we did go through the installation process and the high-level architecture of Nova, talking about the Nova API server, the Nova scheduler and the Nova agent. Today, we will make this a bit more tangible by observing how a typical request to provision an instance flows through this architecture. The use…More
OpenStack Nova – installation and overview
In this post, we will look into Nova, the cloud fabric component of OpenStack. We will see how Nova is installed and go briefly through the individual components and Nova services. Overview Before getting into the installation process, let us briefly discuss the various components of Nova on the controller and compute nodes. First, there…More
OpenStack supporting services – Glance and Placement
Apart from Keystone, Glance and Placement are two additional infrastructure services that are part of every OpenStack installation. While Glance is responsible for storing and maintaining disk images, Placement (formerly part of Nova) is keeping track of resources and allocation in a cluster. Glance installation Before we get into the actual installation process, let us…More
OpenStack Keystone – a deep-dive into tokens and policies
In the previous post, we have installed Keystone and provided an overview of its functionality. Today, we will dive in detail into a typical authorization handshake and take you through the Keystone source code to see how it works under the hood. The overall workflow Let us first take a look at the overall process…More
Openstack Keystone – installation and overview
Today we will dive into OpenStack Keystone, the part of OpenStack that provides services like management of users, roles and projects, authentication and a service catalog to the other OpenStack components. We will first install Keystone and then take a closer look at each of these areas. Installing Keystone As in the previous lab, I…More
Understanding TLS certificates with Ansible and NGINX – part II
In the first part of this short series, we have seen how Ansible can be used to easily generate self-signed certificates. Today, we will turn to more complicated set-ups and learn how to act as a CA, build chains of certificates and create client-certificates. Creating CA and intermediate CA certificates Having looked at the creation…More
Understanding TLS certificates with NGINX and Ansible – part I
If you read technical posts like this one, chances are that you have already had some exposure to TLS certificates, for instance because you have deployed a service that uses TLS and needed to create and deploy certificates for the servers and potentially for clients. Dealing with certificates can be a challenge, and a sound…More
Setting up our OpenStack playground
In this post, we will describe the setup of our Lab environment and install the basic infrastructure services that OpenStack uses. Environment setup In a real world setup, OpenStack runs on a collection of physical servers on which the virtual machines provided by the cloud run. Now most of us will probably not have a…More
WSGI, middleware, PasteDeploy and all that
When you are a Python programmer or study open source software written in Python, you will sooner or later be exposed to the WSGI standard and to related concepts like WSGI middleware. In this post, I will give you a short overview of this technology and point you to some additional references. What is WSGI?…More
Building your own cloud with OpenStack – overview
Over time, I have worked with a couple of different commercial cloud platforms like AWS, DigitalOcean, GCP, Paperspace or Packet.net. Even though these platforms are rather well documented, there comes a point where you would like to have more insights into the inner workings of a cloud platform. Unfortunately, not too many of use have…More
LeftAsExercise 