Re: [Openstack-operators] [neutron] Routing to tenant networks

On Tue, Jan 12, 2016 at 11:32 AM, Dan Sneddon wrote: > I can confirm that OpenStack doesn't have Carrier Grade NAT (CGN), but > this RFC simply sets aside a set of addresses which can be used for CGN > (100.64.0.0/10), and lays out some required and best practices for >

Re: [Openstack-operators] OpenStack Puppet module Keystone Juno

Thanks for helping out. I hope that I am not being too much of a pest, but I really want my group to adopt the Openstack community's puppet modules for deploying Openstack. Now that I have keystone working on one node I want to expand on that. I have an HAProxy cluster and I have a signed

[Openstack-operators] DVR and public IP consumption

Hi! I have just deployed an OpenStack Kilo installation with DVR and expected that it will consume one Public IP per network node as per http://assafmuller.com/2015/04/15/distributed-virtual-routing-floating-ips/, but it still eats one per virtual Router. What is the correct behavior? Otherwise,

Re: [Openstack-operators] [neutron] Routing to tenant networks

On Thu, Jan 14, 2016 at 9:59 AM, Mike Spreitzer wrote: > I think OpenStack's position should be that it is the operator's choice how > to assign/use addresses. And OpenStack's advice to the operators should be > to follow the RFC (duh!). Of course, I don't speak for

[Openstack-operators] [openstack-operators] 2016-01-13 OSOps meeting notes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hey everyone! We had a pretty good turn out for the meeting, which is great. I want to take a moment and say that I take full responsibility for not sending out the reminder note, and apologize for not doing it. I'll make a better effort in the

Re: [Openstack-operators] [openstack-operators] 2016-01-13 OSOps meeting notes

Darn I meant to attend this and forgot. I showed up a week early b/c the ICS file had it for the 6th. nk > On Jan 14, 2016, at 12:55 PM, JJ Asghar wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hey everyone! > > We had a pretty good turn out for the meeting,

Re: [Openstack-operators] [openstack-operators] 2016-01-13 OSOps meeting notes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 1/14/16 2:20 PM, Nathaniel Kimball wrote: > Darn I meant to attend this and forgot. I showed up a week early > b/c the ICS file had it for the 6th. Yep, that's one of the action items from the meeting I'm going to get done ASAP. Sorry to

Re: [Openstack-operators] OpenStack Puppet module Keystone Juno

Thanks Richard, I am not sure where to look ... # pwd /etc/puppetlabs/puppet/environments/production/modules # ls apache apt concat firewall inifile keystone mysql openstacklib postgresql rabbitmq staging stdlib # find . -type f -exec grep -i SECURE_PROXY_SSL_HEADER {} \; no

Re: [Openstack-operators] OpenStack Puppet module Keystone Juno

If you’re terminating SSL at HAproxy, look into the ‘SECURE_PROXY_SSL_HEADER’ and related parameters. > On Jan 14, 2016, at 9:50 AM, Russell Cecala > wrote: > > Thanks for helping out. I hope that I am not being too much of a pest, but I > really want my group to

Re: [Openstack-operators] [neutron] Routing to tenant networks

> From: Carl Baldwin > To: Dan Sneddon > Cc: Matt Kassawara , Mike Spreitzer/Watson/ > IBM@IBMUS, "openstack-operators@lists.openstack.org" operat...@lists.openstack.org> > Date: 01/14/2016 10:59 AM > Subject: Re: