OpenStack: Fix Security Group Enforcement on Compute Nodes

I discovered the instances in my home lab were not being protected by the neutron security groups I’d set up for them – what followed was a week-long odyssey to discover the culprit. IPTables rules were being put in place, and every other aspect of Neutron networking was just fine. Making things more mysterious, a… Continue reading OpenStack: Fix Security Group Enforcement on Compute Nodes

OpenStack: Dedicate Compute Hosts to Projects

Use case: We want to deploy instances on a particular set of compute hosts┬ábecause of their special or specialized capabilities. On the API server(s) ensure that the following scheduler_default_filters are set: AggregateInstanceExtraSpecsFilter,AggregateMultiTenancyIsolation Dedicate Compute Hosts To a Specific Project Create a host aggregate: $ nova aggregate-create DedicatedCompute $ nova aggregate-add-host DedicatedCompute dedicated-compute-host1 $ nova aggregate-add-host… Continue reading OpenStack: Dedicate Compute Hosts to Projects

Importing an OpenStack VM into Amazon EC2

Some quick notes for those interested: Install EC2 API TOOLS Set Access and Secret key environment variables: export AWS_ACCESS_KEY=xxxxxxxxxxxxxxx export AWS_SECRET_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Set up an S3 bucket and secure it to taste, to be specified later If exporting from OpenStack, remove the cloud-init package Note all prep considerations on http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/PreparingYourVirtualMachine.html Export the VM image – I’m… Continue reading Importing an OpenStack VM into Amazon EC2