Posts

Creating an SSL certificate and adding it to Apache

Just a brain dump, will format it latter https://letsencrypt.org/getting-started/ ~/letsencrypt$ sudo ./letsencrypt-auto certonly -d venumurthy.com -d www.venumurthy.com Congratulations! Your certificate and chain have been saved at   https://letsencrypt.org/getting-started/  /etc/letsencrypt/live/obhiyo.com/fullchain.pem cert.pem  chain.pem  fullchain.pem  privkey.pem vim sites-enabled/000-default.conf <VirtualHost 54.169.00.52:443>         ServerName www.venumurtyy.com         ServerAdmin contact@venumurty.com         DocumentRoot /var/www/venumurthy         SSLEngine on         SSLCertificateFile /etc/letsencrypt/live/vm.com/cert.pem         SSLCertificateKeyFile /etc/letsencrypt/live/vm.com/privkey.pem         SSLCertificateChainFile /etc/letsencrypt/live/vm.com/fullchain.pem         ErrorLog ${APACHE_LOG_DIR}/error.log         CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> vim /etc/apache2/sites-available/default-ssl.conf            

Choosing Apache mod_wsgi over Eventlet in OpenStack Kilo and Liberity

While installing OpenStack Liberty release you disable the keystone service from starting up automatically and we also see a note such as " In Kilo and Liberty releases, the keystone project deprecates eventlet in favor of a separate web server with WSGI extensions. This guide uses the Apache HTTP server with   mod_wsgi   to serve Identity service requests on port 5000 and 35357. By default, the keystone service still listens on ports 5000 and 35357. Therefore, this guide disables the keystone service. The keystone project plans to remove eventlet support in Mitaka."   The reason behind this is Eventlet by design performs well in networked environments and handles everything in a single thread. Due to Apache's ability to do multi-threading it was better to use it as the frontend. Keystone depends on apache/web-server modules to handle federated identity (validation of SAML and etc) and similar Single Sign On type authentication. Eventlet has proven problemati

Vagrant on steroids

Image
Source This is our life when we are working on automating some really complicated machine building and provisioning procedures. I.e. while developing the playbooks in Ansible, or CookBooks in Chef or manifests in Puppet. It is not easy to fail faster and fix early as the script might have to download all the dependencies again and again. Adding to all the odds, it could be that the dependencies are being downloaded on a low bandwidth. Even though Vagrant makes bringing up VM and their management faster, the provisioning (using Ansible, Chef or Puppet or etc) might take inordinately long times when it involves, and it usually does involve downloading packages on the VMs. And it gets painful when you have to download a full stack of several libraries to test your VM. To help overcome this issue, we can use the following to cache the dependencies and test the configuration scripts or recipes faster, the following should set you up (assuming you have vagrant already installe

Ansible - Error - stderr: E: There are problems and -y was used without --force-yes

Image
In case your tasks is to install some packages and it errors out as below - name: Install linux-headers apt: pkg={{item}} state=installed install_recommends=yes update_cache=yes with_items: - linux-headers-generic - dkms sudo: yes failed: [parallelsUbuntu] => (item=linux-headers-generic,dkms) => {"failed": true, "item": "linux-headers-generic,dkms"} stderr: E: There are problems and -y was used without --force-yes stdout: Reading package lists... Building dependency tree... Reading state information... The following extra packages will be installed:   cpp fakeroot gcc libfakeroot linux-headers-3.13.0-63   linux-headers-3.13.0-63-generic patch Suggested packages:   cpp-doc dpkg-dev debhelper gcc-multilib manpages-dev autoconf automake1.9   libtool flex bison gdb gcc-doc diffutils-doc The following NEW packages will be installed:   cpp dkms fakeroot gcc libfakeroot linux-headers-3

Software Defined Environment - Environments on Demand

Get the Development, QA, Staging or Production Environment you need at the click of a button. Software Defined Environment The current situation It wouldn’t be a bold statement to say that all software’s ultimate goal is to enhance the customer experience. How many times have we not read such comments on app stores or heard business say?   “Great app, but I can only give it three stars until the developers add ...” But the Development team’s side of the story is     “I am waiting for the environment to test the code with new features” Continuous Delivery and Continuous Integration can help release software updates more frequently and with almost no manual intervention, but there are some bottlenecks to being able to do this. Following are a few: - Delay in getting the Environments   Lack of self-provisioning creates dependency on IT department. Lack of easily customizable Environments For Development, Testing and Staging with new feat

neutron IOError: [Errno 2] No such file or directory: '/proc/sys/net/ipv6/conf/default/disable_ipv6'

Error: neutron IOError: [Errno 2] No such file or directory: '/proc/ sys/net/ ipv6/conf/ default/ disable_ ipv6' Due to this error, the neutron-l3-agent does not start up. End errors out. with the above error. There is a bug filed for this and patched in releases after Icehouse. Solution This bug is fixed by doing this curl -o /usr/lib/python 2.6/site-packag es/neutron/comm on/ipv6_utils.p y  https://raw.git hubusercontent. com/openstack/n eutron/stable/i cehouse/neutron /common/ipv6_ut ils.py

Error: Chef::Exceptions::JSON::ParseError: parse error: premature EOF

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 52.0.234.85 52.0.234.85 Starting Chef Client, version 11.18.6 52.0.234.85 52.0.234.85 ================================================================================ 52.0.234.85 Chef encountered an error attempting to load the node data for "first1" 52.0.234.85 ================================================================================ 52.0.234.85 52.0.234.85 Unexpected Error: 52.0.234.85 ----------------- 52.0.234.85 Chef::Exceptions::JSON::ParseError: parse error: premature EOF 52.0.234.85 52.0.234.85                      (right here) ------^ 52.0.234.85 52.0.234.85 [2015-02-09T02:36:38-05:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out 52.0.234.85 Chef Client failed. 0 resources updated in 0.854925495 seconds 52.0.234.85 [2015-02-09T02:36:38-05:00] ERROR: parse error: premature EOF 52.0.234.85 52.0.234.85                      (right here) ------^ 52