breakages. I have learned an incredible amount about OpenStack, Ansible,
complex software deployments, and open source communities. I appreciate
everyone's support as I worked through the creation of the ansible-hardening
role as well as adding CentOS support for OpenStack-Ansible.
- --
k Foundation as well for their continued
support. They have been excellent listeners and they took lots of time to
consider my suggestions for improvements.
I love you all and working in this community has been one of the best
experiences in my professional career. :)
[0] https://review.openstack.or
ts dependencies)?
I've opened a bug:
https://bugs.launchpad.net/openstack-ansible/+bug/1745215
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...
collaborate there to make improvements without
ruining infra's day. ;)
As long as you can put up with a few Dad jokes, I'll be there.
--
Major Hayden
__
OpenStack Development Mailing List (not for usage
ut the workstation[1] one makes some sense. It would be fairly easy
to template the ferm DSL files.
[0] http://ferm.foo-projects.org/
[1] http://ferm.foo-projects.org/download/examples/webserver.ferm
--
Major Hayden
__
Open
the next PTL, and helping to continue to mature
> and improve the project!
We're so thankful that you've put up with us for these past two cycles! :)
You've been a beacon for quality within the project and you've carefully
fostered a ton of new development within OpenStack-An
es rules is battle-tested already
[0] https://review.openstack.org/#/c/479415/
[1]
http://docs-draft.openstack.org/15/479415/5/check/gate-openstack-ansible-specs-docs-ubuntu-xenial/6a50e01//doc/build/html/specs/pike/software-firewall.html
- --
Major Hayden
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEG/m
rioritization works within the openstack-ansible project.
This is a good start! :)
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstac
A 5
>
> IIUC, we're using 'ansible-lint' for style checks. Does it make sense to
> add a new rule which warns/enforces to set the mode (or group/user)?
I'd definitely be in support of that. We should be as
the ansible-hardening role is solid
in my book. ;)
Markos has been doing great work and he's automated quite a few things that we
used to push around manually. SUSE support has been building out *really*
quickly, too.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version
ssible to reduce the chances of problems down the
road if distribution defaults change.
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 05/23/2017 12:23 PM, Major Hayden wrote:
> I'll see if we can move forward with 'ansible-hardening' and keep everyone
> updated! :)
The repo is up and ready to go:
https://github.com/openstack/ansible-hardening
T
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 05/17/2017 12:25 PM, Major Hayden wrote:
> So my questions are:
>
> 1) Should the openstack-ansible-security role be
> renamed to alleviate confusion?
>
> 2) If it should be renamed, what's your suggestion?
; community. It's time to resign my role as a core reviewer, effective
> immediately.
>
> Thanks for all the fish.
You will definitely be missed, Steve! Thanks for everything you've done so far
and for helping so many of us level u
jects that rely on the openstack-ansible-security role and that's
the reason I'm bringing this up on the list.
So my questions are:
1) Should the openstack-ansible-security role be
renamed to alleviate confusion?
2) If it should be renamed, what's your suggestion?
Tha
isaster on
most Thursdays. ;)
If you're new to running meetings and you want some tips on how to run a good
meeting, please let me know. I'll be happy to do some brief training!
Thanks!
[0] https://wiki.openstack.org/wiki/Meetings/openstack-ansible
- --
Major Hayden
-BEGIN PGP SI
s the code easier to read. I'd really love to get some feedback on it
and see if it's useful for others.
[0] https://etherpad.openstack.org/p/osa-ptg-pike-monitoring
[1] https://review.openstack.org/#/c/436498/
[2] https://github.com/major/monitorstack
- --
Major Hayden
-BEGIN PGP SI
gt; and I’ll no longer be able to invest the time and energy required to maintain
> my involvement in the community.
Thanks for all you've done for the project and for all you've done for the
OpenStack-Ansible community members, too. We wish you the best in your future
endea
work to be done.
[0]
http://specs.openstack.org/openstack/openstack-ansible-specs/specs/mitaka/lbaasv2.html
[1] https://review.openstack.org/#/c/417210/
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJYmdSOAAoJEHNwUeDBAR+xk
+1
Anyone who gets into the SELinux trenches with me that many times is
worth having as a core. ;)
--
Major Hayden
On Fri, Feb 3, 2017 at 7:33 AM, Jesse Pretorius
wrote:
> I’d like to propose Marc Gariepy [1] as a core reviewer for
> OpenStack-Ansible. His tireless effort to get CentO
list will
> then be wrong.
I've gone ahead and abandoned the patch for now. It's not critical at the
moment and 2.8.1 should be acceptable for Ocata.
Thanks, though!
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJYj7SnAAoJEHNwUeDBAR+xpGcP/
inja2 changed for Ocata?
Thanks!
[0] https://review.openstack.org/#/c/426857/
[1] https://review.openstack.org/#/c/418494/
[2] https://github.com/pallets/jinja/releases/tag/2.9.5
[3] https://github.com/pallets/jinja/pull/624
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: Gnu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 01/27/2017 08:29 AM, Alexandra Settle wrote:
> I would like to propose Amy Marrich for the core team for OpenStack-Ansible.
+3.14
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJYi15kAAoJEHNwUeD
time. =)
Correct! The Ocata release of OpenStack-Ansible will certainly support Ubuntu
16.04 as the primary OS, but there is a subset of us who are trying to get it
working well on CentOS 7 as well. ;)
--
Major Hayden
_
loaded with LXC containers
I'm still working on reducing some of these bugs down into something tangible
but I hope to do that soon.
[0] https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1638695
[1] https://bugs.launchpad.net/openstack-ansible/+bug/163
1] I'VE BEEN TROLLED THOROUGHLY ABOUT THIS ALREADY. SERIOUSLY. I'M WORKING ON
IT! SHEESH!
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstac
On 01/11/2017 10:08 AM, Alexandra Settle wrote:
> I can run the meeting tomorrow ☺
Thanks so much, Alex! :)
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-r
Hey folks,
A conflict came up and I won't be available to run tomorrow's weekly meeting in
IRC. Would someone else be able to take over this meeting for me?
--
Major Hayden
__
OpenStack Development Mailing Lis
when that occurs and proper release notes
will be provided.
Here are some helpful links:
https://github.com/openstack/openstack-ansible-security
http://docs.openstack.org/developer/openstack-ansible-security/
If you'd like to
reviewing, please take a look at the queue of
patches[2]. I've tried my best to break up the patches into the smallest
pieces possible so that they're easier to review.
THANKS!
- ---
Thanks to everyone who has helped make this role a success with patches,
reviews, testing, and ge
Great work by everyone involved. ;)
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
On 11/02/2016 08:51 AM, Major Hayden wrote:
> At this point, I'm still trying to test some additional theories. Does anyone
> have any other ideas?
Here's an update for today. There are a few bugs open now:
OpenStack-Ansible bug:
https://bugs.launchpad.net/openstack-ansi
On 10/28/2016 04:02 AM, Major Hayden wrote:
> On the topic of threads, the sysbench output from both Trusty and Xenial are
> nearly identical with the exception of threads. Trusty is usually about
> 15-20% faster on that benchmark than Xenial.
I spoke with a few other people and it s
y welcomed! :)
[0] https://review.openstack.org/392205
[1]
http://docs-draft.openstack.org/05/392205/2/check/gate-openstack-ansible-specs-docs-ubuntu-xenial/8f1eec1//doc/build/html/specs/ocata/octavia.html
--
Major Hayden
signature.asc
Description: OpenPGP digital
Hey there,
Monty was kind enough to take a photo of some of the OpenStack-Ansible team
members at the OpenStack Summit in Barcelona. Here's a link to the photo:
http://i.imgur.com/5wOOAhe.jpg
--
Major Hayden
signature.asc
Description: OpenPGP digital sign
On 10/28/2016 10:17 AM, Major Hayden wrote:
>> Also, when running the tests on both systems, track cpu usage and number
>> > of threads to see if one has more restrictions than the other.
> Almost no difference here.
On the topic of threads, the sysbench output from both Tru
here, either.
> I'm assuming that the two virtual machines are identical (CPU type, memory,
> threads, virtio, etc)."
They are! We've seen this occur in the OpenStack CI jobs (with KVM), and I've
also test
s
the max threads per process (16.04 was about half of 14.04). I set them both
to the same value but the performance testing didn't change.
Does anyone else have any ideas of what might be causing this?
--
Major Hayden
signature.asc
Des
about OpenStack-Ansible training from Hastexo!
Previous reports are always available via the 'whoa' tag:
https://major.io/tag/whoa/
Please send over any feedback you have. I wish everyone safe travels to
Barcelona in a few weeks! :)
--
Major Hayden
signature.asc
Description:
x27;s they
produce are helpful and the information contained within them is used when we
improve OSA. The Security Guide is also extremely useful for deployers who
need advice on configuring OpenStack in a secure way.
--
Major Hayden
signature.asc
e feedback -- send me
some! :)
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIsBAEBCAAWBQJXvaBPDxxtYWpvckBtaHR4Lm5ldAAKCRBzcFHgwQEfsXC3D/0W
NzygxrJ0YQH4feQBTRWbtMP3mtlCX740nSjM4F1TV0OyH9I7y4xE4SotSVvsOtjB
E0dEp8WPNpfxcmzb1ORu5kMgCYWjyDMs+c9Dk40G3dV3dXwJ/D1xWO
, Mark! :)
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIsBAEBCAAWBQJXteJHDxxtYWpvckBtaHR4Lm5ldAAKCRBzcFHgwQEfscaxD/9g
gL9yvPldW8rICf+WNw2nEUsVI5omtknza0n7BJLOlWe0m600rLJWgtvFTROXbaAq
Yjsoz3gsS9i8wZTooeTW3cYfJp/TCQwGQAO3YYjVZVxrwtGwZbplWLrRsQbLyRCF
Rot0m0PIyjK8u0doYR7qQR016X+Kd5i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/04/2016 12:45 PM, Major Hayden wrote:
> The existing openstack-ansible-security role uses security configurations
> from the Security Technical Implementation Guide (STIG) and the new Red Hat
> Enterprise Linux 7 STIG is due out s
nse?
2) Is there another idea that makes more sense than these two?
Thanks in advance for your help! I plan to put a spec together once I get some
feedback.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXo38iAAoJEHNwUeDBAR
the Etherpad:
https://etherpad.openstack.org/p/osa-mascot
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.opensta
;s doing excellent work.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXjT6hAAoJEHNwUeDBAR+xeDMP/2Q0SGZFaLmrI1tQ6KJjmp7F
yzxg1KTpc27sI1yPsAfAxk6kjCIyPAxEkY0rzS0QrOM1mBbrn1PvxEzoVqF6UWD0
4VPS20Gy256pF0BBBLEdmGsctIELvO36AAmmQjMq8PQIismvjHezePhiE16MzSol
urWOOrIJP5W
ommunity begins building scenario-based documentation.
Thanks for writing this, Travis! It's really easy to follow along and I plan
to give this a run-through in the lab in the next week or two. :)
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXfU1dAAoJE
t fine. There are
some small performance concerns documented[1], but they don't look huge.
[1]
http://stackoverflow.com/questions/766809/whats-the-difference-between-utf8-general-ci-and-utf8-unicode-ci
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXb
ado, the first edition for June 2016 is here:
https://major.io/2016/06/15/whats-happening-openstack-ansible-whoa-june-2016/
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXYqkyAAoJEHNwUeDBAR+xCUsP+wXzKva4jeNCpjQgQhj5m/3L
+vEhsProy9pIlouqJ+ITZ2MB
comparison code so that it works for both.
> I think the ops repo is the right one - we just need to get the scaffolding
> in place. I'll put a review up shortly.
Thanks, Jesse! :)
--
Major Hayden
__
OpenSt
tp://paste.openstack.org/raw/510670/
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXX/2sAAoJEHNwUeDBAR+xSJ0P/3H188yIgGYUDCW1Wt3Qddum
+2UNPxWSAJSMjAJhp5EeOXPR4XKvVqI5WIcn6r0ymk0Bq19GwiYe5FToXTRR4jPM
B2nI6xWDHMBpK8mF05pqfISHeKd1bxq0HZUSkhA5I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/09/2016 01:51 PM, Major Hayden wrote:
> Once we get that sorted out, we can fire up an etherpad for everyone to sign
> up for a spot.
As promised, here's a link to the etherpad:
https://etherpad.openstack.org/p/osa-midcycle-new
ng within that
range. I'm not sure if hugging a weekend or sitting in the middle of the week
is best for us. I'd imagine that folks outside the US might appreciate a
weekend to recover from time zone changes before or
nce we get that sorted
out, we can fire up an etherpad for everyone to sign up for a spot.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXWbqdAAoJEHNwUeDBAR+xMUYP/1/SN69gCraGCO2XxR52ZKIN
NWzbeY7mw44eQyoeUBXtJLLo/qFxeQniR6ybaz/zMhqhxOliOys0rDn
but 4am isn't when I'm at my best.
Either way, we usually have folks in the channel around the clock, so feel free
to jump in and ask questions.
--
Major Hayden
__
OpenStack Development Mailing List (not for usage
tors have done a lot to "smooth off" the rough edges
of OpenStack deployments, but we find new things that surprise us from time to
time. :)
Feel free to join #openstack-ansible on Freenode or hang out with us during our
IRC meetings on Thursday[2].
[1] https://github.com/majo
r to consume it once it's available?
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXMyaMAAoJEHNwUeDBAR+xYwUP/iLfOuSOgW4TeOZ/pN0hkXuR
H0L1suY6R+oGjDT+xuxox2uDcAADIWbHxBKosV/1jQHJRPoWfKhBhke4W2/MOsTV
miqBrCKILLzJxdcXHrG54QHPb0FBqSLcmJIaFfy
ct, I can think of no better addition to the
> core reviewer team.
Thanks for all the kind words in the thread! :)
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXLNmtAAoJEHNwUeDBAR+xVI0P/0qPXf+Th0Rw
/PTLs on these projects to reach out to
these users and share gerrit dashboard[1] links? A PTL shared some of these
with me and it certainly helped me focus better on the right reviews.
[1] https://github.com/openstack/gerrit-das
to learn how to
> contribute in a way that has value.
I'll take a sample of the folks listed there and contact them. Hopefully I can
provide some general results here soon.
--
Major Hayden
__
OpenStack Development Mail
eview counts, we
could possibly reach out to them as well. Perhaps I'm being too optimistic. :)
But, as Dolph said earlier, leaving this issue alone certainly makes it easier
to single out the folks who are doing someth
order to activate the role.
Thanks!
[1] http://docs.openstack.org/developer/openstack-ansible-security/
[2] https://review.openstack.org/#/c/301152/
--
Major Hayden
__
OpenStack Development Mailing List (not for usage qu
in
the Liberty release that explains how to enable the role with that release?
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack
https://review.openstack.org/#/c/273257/
[2] http://docs.openstack.org/developer/openstack-ansible-security/
--
Major Hayden
signature.asc
Description: OpenPGP digital signature
__
OpenStack Development Mailing List (not for usage ques
ost", you propose the
> /etc/network/interfaces for both controller node (br-vxlan, br-storage:
> manual without IP) and compute node (br-vxlan, br-storage: static with IP).
That makes sense. Would you be able to open a bug for us? I'll be glad to
help you write some
ived?
That should help us figure out if it's a problem in Ansible or within your OS
configuration.
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@li
given you some feedback there in the review that should
help. If not, feel free to make additional comments in that review and we will
have a look. ;)
--
Major Hayden
__
OpenStack Development Mailing List (not for usage quest
rk as well as a customer tenant network is challenging and bridging
those networks could allow an attacker to gain access to other things on that
admin tenant network.
Thanks in advance for your time.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWuLpuAAoJEHN
ort for OpenStack-Ansible comes together. It's a shame that Ubuntu doesn't
have a comprehensive XCCDF profile available as the other distributions do. :/
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWuJmjAAoJEHNwUeDBAR+x7BYP/2Cv31QL7enVAXgEzHThc1Wb
nd the Video Conference invitations to, so please get a Remote
> Partitipation ticket in Eventbrite [2] if you intend to join us through this
> facility.
Thanks for getting the remote participation put together for the event! :
/273749/
I appreciate any and all feedback! :)
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWqoIyAAoJEHNwUeDBAR+xjuEP/2TSZoziJFTbKCsu3LvfkXir
qaC/J0XZTSZVfCFB1gjqdXAsSYQT0T8gxRvEAtWkjXQ9IjbNdn+JP1TS5KntZnLc
PB5+Fg90zj00IG7RHTaeMirv9FHqRwVOwI8AQmLZRovD+t8QFIGMA
] http://docs.openstack.org/developer/openstack-ansible-security/controls.html
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org
it's not possible to run both versions
concurrently. Brandon might be able to share a little more about the reasons
why.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWp9HwAAoJEHNwUeDBAR+x1vEP/A7b+3u42wo9Xf+YUxk83gzr
gWghI6Q/hSy/cF7lqzOUAPzm+vu/ThpLOx7x5
neutron-server instead of
the agent container. It doesn't need any special connections to isolated
networks since it talks to neutron/nova to get that done.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWp85iAAoJEHNwUeDBAR+x/BoP/RDR8dS4Z8/qf3xBPV6/Poff
ujj2ld7O
o would like to have this feature available?
[1]
http://docs.openstack.org/developer/devstack/guides/devstack-with-lbaas-v2.html
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWp8usAAoJEHNwUeDBAR+xXk8P/37tkHZujAbbX3SY
l/openstack-dev/2015-October/077877.html
[3] https://review.openstack.org/#/c/243332/
[4] https://etherpad.openstack.org/p/openstack-ansible-tls-improvement
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWmP+9AAoJEHNwUeDBAR+xZpwP/Ana
but I'm not sure if we can add this to a role by itself.
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWl6O9AAoJEHNwUeDBAR+xCUMQAIg+eZudAHowbFXqwBu3XQ74
Kov9gD2hwd3wq6LPzpeFVjrd61vlw+GOMQUwJlvf5jeM0oXlw7/oRHtJWaHvLcLc
mFQDW2QTfA/jX1gGOSYctkFF6nTahNmW
tasks/auth.yml#L60-L87
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWlmjbAAoJEHNwUeDBAR+x7zAP/RfGnihciZV0m7Jf+hVKSrzf
PEc4gauKRA1mZEFdgX4Ib137Vrztu9p1mPB29bRx9GN8aMcY2TtRwrR1QKmUOHX9
gtrjif9m5XgCM0ja/DMbj82j7pPpIQC5Tby0+CIhX27ZdgGxBpo/9UOj1Dns39Mg
DzOdNGkGVO6ngmBKdqK
out that too. ;)
[1]
https://docs.google.com/spreadsheets/d/1YZC6ng-AIHqbHHHeGPC2mar_JPYunvFm4BzqfAEOYLI/edit#gid=0
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWkCTcAAoJEHNwUeDBAR+xyKgP+wc4EC74SNjkz5wcwjJjR67L
KfA3y719XXVLmuYyB2PllDHC9cDYTxVJFM57/tR0xM4O
braries and some of them are
> not in the oslo namespace
>
> 2) OpenStack Client team as they maintain cliff already and it'd
> perhaps make more sense to have this library there.
#2 makes the most sense to me. Thanks for taking action to keep PrettyTable
alive! :)
- --
Major
e around here. I certainly wouldn't pass up a trip to London
either (if it's in the cards). ;)
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.
evelopers.html
[2]
http://specs.openstack.org/openstack/openstack-ansible-specs/specs/mitaka/security-hardening.html
[3]
https://github.com/openstack/openstack-ansible-specs/blob/master/specs/template.rst
[4]
http://specs.openstack.o
ake sure the service works well with the other
services (like authentication with keystone).
[1]
https://github.com/openstack/openstack-ansible/tree/master/etc/openstack_deploy/env.d
[2]
https://github.com/openstack/openstack-ansible/tr
tack-ansible-specs/blob/master/specs/template.rst
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
ing with 8GB VM's with a highly
specialized configuration that limits resource usage but there's not
enough RAM left over for building VM's.
[1] http://docs.openstack.org/developer/openstack-ansible/developer-
docs/quickstart-aio.html
--
Major Hayden
__
ifference in results or performance between using
> paramiko or turning ssh pipelining off?
I tried running some jobs with pipelining on and off, but the errors still
appeared. It seems like the ssh client itself is part of the problem. I
haven't looked to see if Ubuntu has updated sshd
eems to be moving along fairly quickly.
[1]
https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/connection/ssh.py#L245-L260
[2] https://review.openstack.org/#/c/248361/
--
Major Hayden
__
OpenStack Developme
S: Support in WIP state, not tested
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
omparison.
That sounds good. I'll hopefully get time to take a crack at that along with
the check mode enhancements this week.
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: o
role should be a default in all use cases.
What would you propose as the final steps to get the blueprint marked as
completed? Should documentation be added into openstack-ansible about
integrating openstack-ansible-security or should a script be provided for
quicke
course).
Does that seem like a decent plan? Let me know if that makes sense and I'll
get to work.
[1] http://docs.openstack.org/developer/openstack-ansible-security/
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWPSDTAAoJEHNwUeDBAR
ogtag service looks interesting, but it has quite a few dependencies that
may be a bit heavy resource-wise within the average openstack-ansible
environment.
I'm still on the hunt for a good solution but I appreciate the input so far!
! :)
[1] https://review.openstack.org/#/c/239525/
[2]
http://specs.openstack.org/openstack/openstack-ansible-specs/specs/mitaka/convert-aio-bootstrap-to-ansible.html
--
Major Hayden
__
OpenStack Development Mailing List (not for
d
CA certificates in the deployment configuration and those will be used instead
of generating self-signed certificates.
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-re
deployers don't choose to bring their
own certificates.
Does this approach make sense?
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstac
questions. :)
[1]
https://review.openstack.org/#/q/status:open+project:openstack/openstack-ansible-security,n,z
- --
Major Hayden
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWHVIrAAoJEHNwUeDBAR+xFsEQAIs+UTOGLwdHQKk90Xn2zyg9
4+7UQCmWjHZG3NQb+ydlenhkAVWiPYsKqcmldEVzZu+BGAbdkhIbn777SoCc
stack.org/#/q/status:open+project:openstack/openstack-ansible-security,n,z
[2] https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubs
test/
[5] https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/
--
Major Hayden
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:u
On 09/21/2015 07:14 PM, Sergii Golovatiuk wrote:
> Are any chance to configure chrony instead of ntpd? It acts more predictable
> on virtual environments.
That's my plan, if I can find an upstream Ansible galaxy role to use. ;)
--
M
nd I'd like to
hear some feedback from other folks.
[1] https://bugs.launchpad.net/openstack-ansible/+bug/1413018
[2] https://review.openstack.org/#/c/225006/
--
Major Hayden
__
OpenStack Development Mailing List (not fo
1 - 100 of 106 matches
Mail list logo
