July 16, 2018

Got Certified!!!

Posted in OpenStack at 8:56 am by alessiodini

I passed the EX210 exam obtaining the Redhat Openstack certification!! Another little step to Redhat Cloud Architect, -2 exams to my goal!
Now a little break, then I’ll begin to study Openshift certification 🙂



May 11, 2018

Openstack: Bridges and OVS

Posted in OpenStack at 3:27 pm by alessiodini

In these days I’m studying Openstack network components.
I already worked with OVS and bridges but I have the opportunity to deep them more as possible. For this purpose I’m looking for a good documentation on the web. I found this page about bridges. It explains clearly what is a bridge and how it works.
Have a look at this blog, it’s pretty good !!

May 9, 2018

Openstack exam preparation

Posted in OpenStack at 3:06 pm by alessiodini

In these days I began to study Openstack, because before September I would like to take the Redhat Openstack RHCSA exam. I already worked and designed a Openstack Undercloud/Overcloud but it was 2 years ago, I forgot several infos 🙂
Let’s work hard for this new challenge !! 😀

April 5, 2017

RHOSP 10 Composable Roles

Posted in OpenStack at 10:06 am by alessiodini

I read about Redhat OpenStack 10 composable roles.
What I’m speaking about? The option to configure a single baremetal server with multiple roles, for example it can be both compute and controller at same time!!
This is fantastic and I can’t wait for play with those roles!

August 9, 2016

Redhat Openstack Kilo: How to backup the Overcloud objects?

Posted in OpenStack at 11:25 am by alessiodini

The last week me and a collegue began to plan an Openstack hardware upgrade ( customer needs to increase compute nodes and ceph storage nodes ).
I immediatelly asked: what about if something goes wrong during the upgrade? Can we backup the overcloud objects? ( I mean routers, networks, subnets, definitions and all other objects )
Ceph side I tested RBD backup and restore procedure, it’s easy. What about overcloud?
Looking in the web I did not found anything, just the Undercloud official backup procedure.
For this purpose I made a SR to Redhat and they said me that there is still not an official overcloud backup procedure!!! They are still writing about it.
This is no good for us, so I began to study something and I think we can achieve this goal with:

1) Python scripts

I think the first one should be the best but I still don’t know Python. I know that is very important to learn it and I will soon. But basically now we have low time so I try to study the REST APIs.
Let’s see what will happen 🙂

May 26, 2016

Puppet use with OpenStack and cloudinit

Posted in OpenStack at 9:08 am by alessiodini

I finally was able to use HEAT templates writing inside puppet manifests.
With this method I can cover automatic installation and configuration of middleware products after the first boot og the instance. .

Following some line from my code ( be careful , pasting lines here destroys the yaml format )

type: OS::Nova::Server
name: test_01
image: { get_param: image_id }
flavor: m1.medium
– port: { get_resource: server1_port }
user_data_format: RAW
get_resource: server_init


type: OS::Heat::SoftwareConfig
group: script
config: |
setenforce 0
sed -i ‘s/SELINUX=enforcing/SELINUX=permissive/’ /etc/selinux/config
rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
yum -y install puppet
puppet apply /tmp/01-setup.pp


type: OS::Heat::CloudConfig
– path: “/tmp/01-setup.pp”
permissions: ‘0666’
owner: root:root
content: |
class utilities {

package { ‘wget’:
ensure => ‘present’,

May 23, 2016

Redhat Openstack Kilo: how let running instances use sctp protocol

Posted in OpenStack at 12:55 pm by alessiodini

The Last week I faced a comunication issue on Openstack Kilo. A couple of CentOS 7 instances were not able to comunicate each other via sctp protocol ( this was the first time I heard about sctp protocol! ).
It seems that standard security group policies don’t allow to define sctp protocol within the rules. Looking on the web I found an open bugzilla but I tought about some iptable rule on compute nodes.
After a couple of days of multiple tests , analysis I was able to solve the issue. How?

1) You must configure the allow of any traffic for the protocol number 132 ( see sctp RFC )
2) If the step 1 did not solve the issue , you can add iptable rules to neutron-openvswi-sg-fallback chain ( this chain is always called when top rules do not match any traffic type )
3) After step 2 , you must run the modprobe of ip_conntrack_proto_sctp module on each compute node you have.

What did I use for sctp test? I found one nice utility , here:

This is a perfect tool when you must test any sctp communication
I’m ready for the next challenge 🙂

May 3, 2016

Openstack Kilo: Which installation method to choose?

Posted in OpenStack at 10:04 am by alessiodini

I know there are three Openstack installation methods:

– Packstack
– TripleO
– Foreman

In my experience I used both Packstack and TripleO. I saw huge differences between them:

– very easy to deal with
– it requires each node is already installed with RHEL ( I was curious to see it in action with Vmware virtual machines and it worked greatly too! )
– very easy when u upgrade your infrastructure ( adding more controllers , computes , … )
– you can have different hardware resources for the same role ( example: you can have 2x different hw compute resources acting as a compute node )
– The systems u want to use don’t need IPMI interface
– useful for PoC and testing purposes

– you can’t drive actions to Ceph Storage nodes ( packstack does not know about Ceph )
– during the infrastracture setup u can’t drive extra actions on any node

– you use YAML/JSON templates and DO EVERYTHING U NEED OR WANT!!!
– during the infrastructure setup u can install and configure Ceph Storage Nodes too ( also the Ceph cluster )
– You have Undercloud and Overcloud , in Undercloud you easy control Ceph nodes. For example in my case I have this

– Useful for complex infrastructure installations

– not easy to deal with during infrastructure upgrade ( as I said in my experience )
– You can have only 1 profile for each role , so you can’t mix different hw resources for the same role ( this is due to the big final command , example:

openstack overcloud deploy –templates ~/templates/my-overcloud -e /home/stack/templates/my-overcloud/environments/network-isolation.yaml -e /home/stack/templates/network-environment.yaml –control-scale 1 –compute-scale 2 –ceph-storage-scale 1 –control-flavor Flavor-8cpu-x86_64-16384MB-135GB –compute-flavor Flavor-16cpu-x86_64-49152MB-135GB –ceph-storage-flavor cephdell –ntp-server 0.rhel.pool.ntp.org –neutron-network-type vxlan –neutron-tunnel-types vxlan

I never used Foreman , but I would like in the future 🙂

November 25, 2015

First OpenStack Stack wrote!!

Posted in OpenStack at 2:50 pm by alessiodini

Yesterday I wrote and launched my first heat stack creating a new ec2 instance!!
I read the template and I made some experiment, creating the instance without any network. I just wanted to see and check the yaml syntax, very fun!

This is the code:

heat_template_version: 2013-05-23
description: >
Template tradotto per lanciare una istanza EC2 di Amazon
type: AWS::EC2::Instance
InstanceType: m1.small
KeyName: prova
ImageId: 3c4bf15a-c11f-411b-8018-10245206999f

I’m glad to see that I also made the KeyName and the ImageId OpenStack side, I’m working since the delivery of baremetal nodes that now are the overcloud :))


November 11, 2015

Redhat OpenStack Kilo + Redhat Ceph Storage project done!

Posted in OpenStack at 4:19 pm by alessiodini

Today I finally completed my company project where I designed and realized a small Openstack/Ceph environment ( composited by 5 physical systems ). My company wants to test OpenStack with scaling and developing Virtual Network Functions ( VNF )
OpenStack was very hard to deal with, now it’s fully configured with Ceph. Even Cinder, Glance and Nova work greatly too with Ceph Storage.
I’m very happy!!
I would like to be Redhat RHCA Cloud 😀