LaunchPad bug 1013893 asked nicely if the drop action for iptables rules created by nova-network could be configured. The idea here is that you might want to do something other than a plain old drop — for example logging before dropping. This has now been implemented in Havana. To configure the drop action, set the…
Tag: nova
Upgrade problems with the new Fixed IP quota
In the last few weeks a new quota has been added to Nova covering Fixed IPs. This was done in response to LaunchPad bug 1125468, which was disclosed as CVE 2013-1838. To be honest I think there are some things the vulnerability management team learned the hard way with this disclosure. For example, we didn’t…
Havana Nova PTL elections
This is just a quick reminder that there are only a couple more days to vote in the Nova PTL elections for the Havana cycle. If you’re eligible to vote, you should have a voting URL in your email. The candidates: Russell Bryant — announcement Michael Still — announcement The incumbent PTL, Vishvananda Ishaya, has…
Further adventures with base images in OpenStack
I was bored over the New Years weekend, so I figured I’d have a go at implementing image cache management as discussed previously. I actually have an implementation of about 75% of that blueprint now, but its not ready for prime time yet. The point of this post is more to document some stuff I…
Openstack compute node cleanup
I’ve never used openstack before, which I imagine is similar to many other people out there. Its actually pretty cool, although I encountered a problem the other day that I think is worthy of some more documentation. Openstack runs virtual machines for users, in much the same manner as Amazon’s EC2 system. These instances are…