This webinar gives a brief introduction to the OpenStack cloud, covering the topics:
- the OpenStack cloud platform,
- the Open Source community,
- OpenStack architecture and its main elements,
- overview of the compute, networking, block-storage e object-storage services.
If you want to know more about OpenStack, visit our website http://www.create-net.org/community/openstack-training.
The primary requirements for OpenStack based clouds (public, private or hybrid) is that they must be massively scalable and highly available. There are a number of interrelated concepts which make the understanding and implementation of HA complex. The potential for not implementing HA correctly would be disastrous.
This session was presented at the OpenStack Meetup in Boston Feb 2014. We discussed interrelated concepts as a basis for implementing HA and examples of HA for MySQL, Rabbit MQ and the OpenStack APIs primarily using Keepalived, VRRP and HAProxy which will reinforce the concepts and show how to connect the dots.
[Open Infrastructure & Cloud Native Days Korea 2019]
커뮤니티 버전의 OpenStack 과 Ceph를 활용하여 대고객서비스를 구축한 사례를 공유합니다. 유연성을 확보한 기업용 클라우드 서비스 구축 사례와 높은 수준의 보안을 요구하는 거래소 서비스를 구축, 운영한 사례를 소개합니다. 또한 이 프로젝트에 사용된 기술 스택 및 장애 해결사례와 최적화 방안을 소개합니다. 오픈스택은 역시 오픈소스컨설팅입니다.
#openstack #ceph #openinfraday #cloudnative #opensourceconsulting
Virtual machines are generally considered secure. At least, secure enough to power highly multi-tenant, large-scale public clouds, where a single physical machine can host a large number of virtual instances belonging to different customers. Containers have many advantages over virtual machines: they boot faster, have less performance overhead, and use less resources. However, those advantages also stem from the fact that containers share the kernel of their host, instead of abstracting a new independent environment. This sharing has significant security implications, as kernel exploits can now lead to host-wide escalations.
We will show techniques to harden Linux Containers; including kernel capabilities, mandatory access control, hardened kernels, user namespaces, and more, and discuss the remaining attack surface.
This webinar gives a brief introduction to the OpenStack cloud, covering the topics:
- the OpenStack cloud platform,
- the Open Source community,
- OpenStack architecture and its main elements,
- overview of the compute, networking, block-storage e object-storage services.
If you want to know more about OpenStack, visit our website http://www.create-net.org/community/openstack-training.
The primary requirements for OpenStack based clouds (public, private or hybrid) is that they must be massively scalable and highly available. There are a number of interrelated concepts which make the understanding and implementation of HA complex. The potential for not implementing HA correctly would be disastrous.
This session was presented at the OpenStack Meetup in Boston Feb 2014. We discussed interrelated concepts as a basis for implementing HA and examples of HA for MySQL, Rabbit MQ and the OpenStack APIs primarily using Keepalived, VRRP and HAProxy which will reinforce the concepts and show how to connect the dots.
[Open Infrastructure & Cloud Native Days Korea 2019]
커뮤니티 버전의 OpenStack 과 Ceph를 활용하여 대고객서비스를 구축한 사례를 공유합니다. 유연성을 확보한 기업용 클라우드 서비스 구축 사례와 높은 수준의 보안을 요구하는 거래소 서비스를 구축, 운영한 사례를 소개합니다. 또한 이 프로젝트에 사용된 기술 스택 및 장애 해결사례와 최적화 방안을 소개합니다. 오픈스택은 역시 오픈소스컨설팅입니다.
#openstack #ceph #openinfraday #cloudnative #opensourceconsulting
Virtual machines are generally considered secure. At least, secure enough to power highly multi-tenant, large-scale public clouds, where a single physical machine can host a large number of virtual instances belonging to different customers. Containers have many advantages over virtual machines: they boot faster, have less performance overhead, and use less resources. However, those advantages also stem from the fact that containers share the kernel of their host, instead of abstracting a new independent environment. This sharing has significant security implications, as kernel exploits can now lead to host-wide escalations.
We will show techniques to harden Linux Containers; including kernel capabilities, mandatory access control, hardened kernels, user namespaces, and more, and discuss the remaining attack surface.
Docker is one of the fastest-growing open source projects ever, and the ecosystem that has grown around it is evolving at a similar pace. For these reasons, we want to introduce developers, system administrators, and other computer users of a mixed skillset to the Docker project and Linux container concepts.
Docker Online Meetup #22: Docker NetworkingDocker, Inc.
Building on top of his talk at DockerCon 2015, Jana Radhakrishnan, Lead Software Engineer at Docker, does a deep dive into Docker Networking with additional demos and insights on the product roadmap.
Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red HatOpenStack
Multiple Sites and Disaster Recovery with Ceph
Audience: Intermediate
Topic: Storage
Abstract: Ceph is the leading storage solution for OpenStack. As OpenStack deployments become more mission critical and widely deployed, multiple site requirements are increasing as is the need to ensure disaster recovery and business continuity. Learn about the new capabilities in Ceph that assist customers with meeting these requirements for block and object uses.
Speaker Bio: Andrew Hatfield, Red Hat
Andrew has over 20 years experience in the IT industry across APAC, specialising in Databases, Directory Systems, Groupware, Virtualisation and Storage for Enterprise and Government organisations. When not helping customers slash costs and increase agility by moving to the software-defined storage future, he’s enjoying the subtle tones of Islay Whisky and shredding pow pow on the world’s best snowboard resorts.
OpenStack Australia Day Government - Canberra 2016
https://events.aptira.com/openstack-australia-day-canberra-2016/
Boosting I/O Performance with KVM io_uringShapeBlue
Storage performance is becoming much more important. KVM io_uring attempts to bring the I/O performance of a virtual machine on almost the same level of bare metal. Apache CloudStack has support for io_uring since version 4.16. Wido will show the difference in performance io_uring brings to the table.
Wido den Hollander is the CTO of CLouDinfra, an infrastructure company offering total Webhosting solutions. CLDIN provides datacenter, IP and virtualization services for the companies within TWS. Wido den Hollander is a PMC member of the Apache CloudStack Project and a Ceph expert. He started with CloudStack 9 years ago. What attracted his attention is the simplicity of CloudStack and the fact that it is an open-source solution. During the years Wido became a contributor, a PMC member and he was a VP of the project for a year. He is one of our most active members, who puts a lot of efforts to keep the project active and transform it into a turnkey solution for cloud builders.
-----------------------------------------
The CloudStack European User Group 2022 took place on 7th April. The day saw a virtual get together for the European CloudStack Community, hosting 265 attendees from 25 countries. The event hosted 10 sessions with from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.
------------------------------------------
About CloudStack: https://cloudstack.apache.org/
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
Troubleshooting is like going on an adventure. Here are some tips for how to tackle unexpected situations when using Docker.
These cases were pulled from the most common issues encountered while helping folks in the Docker community solve issues.
Docker is one of the fastest-growing open source projects ever, and the ecosystem that has grown around it is evolving at a similar pace. For these reasons, we want to introduce developers, system administrators, and other computer users of a mixed skillset to the Docker project and Linux container concepts.
Docker Online Meetup #22: Docker NetworkingDocker, Inc.
Building on top of his talk at DockerCon 2015, Jana Radhakrishnan, Lead Software Engineer at Docker, does a deep dive into Docker Networking with additional demos and insights on the product roadmap.
Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red HatOpenStack
Multiple Sites and Disaster Recovery with Ceph
Audience: Intermediate
Topic: Storage
Abstract: Ceph is the leading storage solution for OpenStack. As OpenStack deployments become more mission critical and widely deployed, multiple site requirements are increasing as is the need to ensure disaster recovery and business continuity. Learn about the new capabilities in Ceph that assist customers with meeting these requirements for block and object uses.
Speaker Bio: Andrew Hatfield, Red Hat
Andrew has over 20 years experience in the IT industry across APAC, specialising in Databases, Directory Systems, Groupware, Virtualisation and Storage for Enterprise and Government organisations. When not helping customers slash costs and increase agility by moving to the software-defined storage future, he’s enjoying the subtle tones of Islay Whisky and shredding pow pow on the world’s best snowboard resorts.
OpenStack Australia Day Government - Canberra 2016
https://events.aptira.com/openstack-australia-day-canberra-2016/
Boosting I/O Performance with KVM io_uringShapeBlue
Storage performance is becoming much more important. KVM io_uring attempts to bring the I/O performance of a virtual machine on almost the same level of bare metal. Apache CloudStack has support for io_uring since version 4.16. Wido will show the difference in performance io_uring brings to the table.
Wido den Hollander is the CTO of CLouDinfra, an infrastructure company offering total Webhosting solutions. CLDIN provides datacenter, IP and virtualization services for the companies within TWS. Wido den Hollander is a PMC member of the Apache CloudStack Project and a Ceph expert. He started with CloudStack 9 years ago. What attracted his attention is the simplicity of CloudStack and the fact that it is an open-source solution. During the years Wido became a contributor, a PMC member and he was a VP of the project for a year. He is one of our most active members, who puts a lot of efforts to keep the project active and transform it into a turnkey solution for cloud builders.
-----------------------------------------
The CloudStack European User Group 2022 took place on 7th April. The day saw a virtual get together for the European CloudStack Community, hosting 265 attendees from 25 countries. The event hosted 10 sessions with from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.
------------------------------------------
About CloudStack: https://cloudstack.apache.org/
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
Troubleshooting is like going on an adventure. Here are some tips for how to tackle unexpected situations when using Docker.
These cases were pulled from the most common issues encountered while helping folks in the Docker community solve issues.
Troubleshooting Tips from a Docker Support Engineer - Jeff Anderson, DockerDocker, Inc.
Docker makes everything easier. But even with the easiest platforms, sometimes you run into problems. In this session, you'll learn first hand from someone whose job is helping customers fix these problems. Using Docker and Docker Data Center, you can keep your apps running smoothly with minimal downtime. In this session, you'll learn how to apply your troubleshooting skills in the Docker ecosystem, including: 1. Identification and characterization of the problem. 2. Command line tools to inspect networking and namespaces. 3. Applying these skills to your workloads on OSS Docker and on DDC.
In this presentation, I am going to briefly talk about 'what cloud is' and highlight the various types of cloud (IaaS, PaaS, SaaS). The bulk of the talk will be about using the fog gem using IaaS. I will discuss fog concepts (collections, models, requests, services, providers) and supporting these with actual examples using fog
This workshop was given in Vancouver B.C. in May 2015 at the OpenStack Summit
In this interactive workshop, the Designate team will walk attendees through the installation and configuration of Designate on a virtual machine. Attendees will leave with an understanding of the various components of Designate, including the new services such as the MiniDNS and Pool Manager, and with a working single-VM install on their laptops.
Attendees will learn:
Designate Architecture 101
How to Install and Configure Designate
How to perform day to day Designate operations tasks
End user usage of the API, CLI and Horizon UI
Tips and Tricks for using Designate
Contributing to Designate 101
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios
Mike Weber's presentation on Expanding NRDS Capabilities on Linux Systems.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...Nagios
Rob Hassing's presentation on How To Maintain Over 20 Monitoring Appliances.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
In the ever-evolving landscape of technology, enterprise software development is undergoing a significant transformation. Traditional coding methods are being challenged by innovative no-code solutions, which promise to streamline and democratize the software development process.
This shift is particularly impactful for enterprises, which require robust, scalable, and efficient software to manage their operations. In this article, we will explore the various facets of enterprise software development with no-code solutions, examining their benefits, challenges, and the future potential they hold.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Integration of neutron, nova and designate how to use it and how to configure it
1. Integration of Neutron, Nova
and Designate: How to Use
It and How to Configure It
Miguel Lavalle, Software Developer, mlavalle @ irc.freenode.net
James Anziano, Software Developer, janzian @ irc.freenode.net
2. Agenda
• Workshop prep
• Neutron internal DNS resolution
• Configuring internal DNS resolution
• Integration with an external DNS service
• Use case 1: Floating IPs are published with associated port DNS
attributes
• Use case 2: Floating IPs are published in the external DNS service
• Use case 3: Ports are published directly in the external DNS
service
• Configuring integration with an external DNS service
• Performance considerations
• Useful links
3. Workshop prep / requirements
• Grab a USB key!
• A computer with:
• 2+ GB of RAM
• Virtualbox and Vagrant. Both included in USB drive
• Windows users need SSH client (putty, cygwin)
• Copy * from USB drive
• `vagrant up && vagrant ssh`
4. Create a Nova instance
$ source openrc.user1
$ neutron net-list
$ nova flavor-list
$ nova image-list
$ nova boot my_vm --image <image-uuid> --flavor <flavor-id>
--nic net-id=<net-uuid>
5. Agenda
• Workshop prep
• Neutron internal DNS resolution
• Configuring internal DNS resolution
• Integration with an external DNS service
• Use case 1: Floating IPs are published with associated port DNS
attributes
• Use case 2: Floating IPs are published in the external DNS service
• Use case 3: Ports are published directly in the external DNS
service
• Configuring integration with an external DNS service
• Performance considerations
• Useful links
6. Neutron’s internal DNS with Nova in Mitaka
$ neutron port-create …
--dns-name instance.hostname
ReST API Neutron
Server
DHCP
Agent
dnsmasq
SIGHUP
fa:16:3e:c9:cb:f0
172.31.252.4
my-vm
my-vm.my-domain.org.
dns_domain = my-domain.org.
neutron.conf
Nova compute manager
creating instance my_vm
RPC
{“port”:
“fixed_ips”: [
{“subnet_id”: ...
“ip_address”: “172.31.252.4”
}
],
“dns_name”: “my-vm”,
“dns_assignment”: [
{ “hostname”: “my-vm”,
“ip_address”: “172.31.252.4”,
“fqdn”: “my-vm.my-domain.org.”
}
]
}
7. Let’s confirm...
$ nova list
$ neutron port-list --device-id <instance-uuid>
$ neutron port-show <port-uuid>
8. Configuring Neutron’s internal DNS resolution
• Edit the /etc/neutron.conf file and assign a value different to
‘openstacklocal’ (its default value) to the dns_domain
parameter in the [default] section. As an example:
dns_domain = my-domain.org.
• Add ‘dns’ to extension_drivers in the [ml2] section of
/etc/neutron/plugins/ml2/ml2_conf.ini. The following is an
example:
[ml2]
extension_drivers = port_security,dns
9. Agenda
• Workshop prep
• Neutron internal DNS resolution
• Configuring internal DNS resolution
• Integration with an external DNS service
• Use case 1: Floating IPs are published with associated port DNS
attributes
• Use case 2: Floating IPs are published in the external DNS service
• Use case 3: Ports are published directly in the external DNS
service
• Configuring integration with an external DNS service
• Performance considerations
• Useful links
10. Use case 1: Floating IPs are published with
associated port DNS attribute
$ neutron net-update
--dns-domain my-domain.org.
ReST API
Neutron Designate
{“network”:
...
“name”: “tenant1-network”,
“dns_domain”: “my-domain.org.”,
“id”: “b06b4967-ba73-4567-b060-cf6a9d7ecac6:
...
}
ReST API
11. Let’s create a zone and update network
$ openstack zone create --email malavall@us.ibm.com
my-domain.org.
$ neutron net-list
$ neutron net-update <net-uuid> --dns-domain my-domain.org.
$ neutron net-show <net-uuid>
12. Use case 1: Floating IPs are published with
associated port DNS attribute
ReST API
Neutron Designate
ReST API
$ neutron floatingip-create …
--port-id b9a82377-a89f-4b02-93ec-3573333f70c6
{“floatingip”:
“dns_domain”: “”,
“dns_name”: “”,
“fixed_ip_address”: “172.31.252.4”,
“floating_ip_address”: “172.31.255.10”,
...
}
In zone nova-neutron.org.:
record type: A
name: my-vm.my-domain.org.
records: 172.31.252.4
In zone 252.31.172.in-addr.arpa.
record type: PTR
name: 4.252.31.172.in-addr.arpa.
records: my-vm.my-domain.org.
13. Let’s do it...
$ neutron floatingip-create <net-uuid> --port-id <port-uuid>
$ openstack recordset list my-domain.org.
In a second ssh session:
$ source openrc.admin
$ openstack zone list
$ openstack recordset list 255.32.172.in-addr.arpa.
14. Use case 2: Floating IPs are published in the
external DNS service
ReST API
Neutron Designate
ReST API
$ neutron floatingip-create …
--port_id b9a82377-a89f-4b02-93ec-3573333f70c6
--dns_name my-fip
--dns_domain my-domain.org.
{“floatingip”:
“dns_domain”: “my-other-domain.org”,
“dns_name”: “my-fip”,
“fixed_ip_address”: “172.31.252.8”,
“floating_ip_address”: “172.31.255.4”,
...
}
In zone my-other-domain.org.:
record type: A
name: my-fip.my-domain.org.
records: 172.31.255.4
In zone 255.31.172.in-addr.arpa.
record type: PTR
name: 4.255.31.172.in-addr.arpa.
records: my-fip.my-domain.org.
15. Let’s do it...
$ neutron floatingip-create <net-uuid> --dns-name my-fip
--dns-domain my-domain.org.
$ openstack recordset list my-domain.org.
In a second ssh session:
$ source openrc.admin
$ openstack zone list
$ openstack recordset list 255.32.172.in-addr.arpa.
16. Use case 3: Ports are published directly in the
external DNS service
$ neutron port-create …
--dns-name instance.hostname
ReST API Neutron
Server
Nova compute manager
creating instance my_vm_2
RPC
Designate
In zone my-other-domain.org.:
record type: A
name: my-vm-2.my-domain.org.
records: 172.31.255.4
record type: AAAA
name: my-vm-2.my-domain.org.
records: fd5e:7a6b:1a62::6
In zone 251.31.172.in-addr.arpa.
record type: PTR
name: 6.251.31.172.in-addr.arpa.
records: my-vm-2.my-domain.org.
In zone ip6.arpa.
record type: PTR
name: .ip6.arpa
records: my-vm-2.my-domain.org.
{“port”:
“dns_name”: “my-vm-2”,
“dns_assignment”: [
{ “hostname”: “my-vm-2”,
“ip_address”: “172.31.251.6”,
“fqdn”: “my-vm-2.my-domain.org.”
},
{ “hostname”: “my-vm-2”,
“ip_address”: “fd5e:7a6b:1a62::6”,
“fqdn”: “my-vm-2.my-domain.org.”
},
]
}
18. Let’s do it...
In a second ssh session:
$ source openrc.admin
$ openstack zone list
$ openstack recordset list 251.32.172.in-addr.arpa.
$ openstack recordset list
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.6.a.1.b.6.a.7.e.5.d.f.ip6.arpa
19. Configuring integration with an external DNS
service
• Edit the [default] section of /etc/neutron/neutron.conf and
specify the external DNS service driver to be used in
parameter external_dns_driver. Example for Designate:
external_dns_driver = designate
• Valid options are defined in the following namespace:
neutron.services.external_dns_drivers
20. Configuring integration with an external DNS
service
• For Designate, create a [designate] section in
/etc/neutron/neutron.conf with following parameters:
[designate]
url = http://127.0.0.1:9001/v2
admin_auth_url = http://127.0.0.1:35357/v2.0
admin_username = admin
admin_password = password
admin_tenant_name = admin
allow_reverse_dns_lookup = True
ipv4_ptr_zone_prefix_size = 24
ipv6_ptr_zone_prefix_size = 116
21. Agenda
• Workshop prep
• Neutron internal DNS resolution
• Configuring internal DNS resolution
• Integration with an external DNS service
• Use case 1: Floating IPs are published with associated port DNS
attributes
• Use case 2: Floating IPs are published in the external DNS service
• Use case 3: Ports are published directly in the external DNS
service
• Configuring integration with an external DNS service
• Performance considerations
• Useful links
22. Performance considerations
For use case 3, Ports are published directly in the external DNS,
if Port Binding extension is enabled in Neutron:
• Nova will execute one additional port update operation
when allocating a port for an instance during the boot
process
• This may have a noticeable effect on the performance of
the boot process, that must be evaluated before adoption
of this use case
23. Useful links
• DNS Integration in OpenStack Networking:
• http://docs.openstack.org/mitaka/networking-guide/adv-config-dns.
html