PyronoidNinja

Be a learn-it-all

Author: Eranachandran

OpenStack and Object Storage(Swift )

OpenStack Platform Openstack Is an open source cloud computing platform used to implement the cloud environment. This environment is providing the best way to manage a large amount of data, it has a large number of resources, networking, and storage which provides reliable performance. The OpenStack platform will accept all integrations and the operating system […]

Read More

ARM Template to Provision Ubuntu, Redhat, and CentOS Virtual Machines

View it in GitHub by using this link https://github.com/Eranachandran/Azure_VM_Provision_ARM

Read More

Securing OpenStack API service endpoints using CA Signed Certificates

CA Certificate(certificate authority) CA-Signed Certificates are Valid SSL Certificates, the main difference between self-signed certificates and Trusted CA Certificates is the browsers will throw an error for self-signed certificate (Insecure Warning and the certificate is not valid SSL, not issued by trusted CA) . In previous posts was published about the Configuring Self-signed certificates for OpenStack […]

Read More

Configuring OpenSSL for OpenStack Horizon

Create a Self-Signed certificates’s keyfile and certificate file using Following OpenSSL command, sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout  /etc/ssl/client.key -out /etc/ssl/client.crt  The above command generates client.key file and client.crt file  Configuring SSL in /etc/apache2/sites-available/default-ssl.conf Now Horizon will work with both http and https, so the http traffic should be redirected as https, this will be enabled by adding Redirect / https:// {domain or […]

Read More

Adding Self-Signed Certificate for Heat and Cinder API Service Endpoints

Configuring Self-Signed Certificate for Heat API Service endpoints  Update /etc/heat/heat.conf  [DEFAULT]  heat_metadata_server_url = https://controller:8000  heat_waitcondition_server_url = https://controller:8000/v1/waitcondition  [clients_keystone]  auth_uri = https://controller:35357  cert_file =  /etc/ssl/client.pem  key_file =  /etc/ssl/client-key.pem  insecure = true  [ec2authtoken]  auth_uri = https://controller:5000/v3  cert_file =  /etc/ssl/client.pem  key_file =  /etc/ssl/client-key.pem  insecure = true  [heat_api]  cert_file = /etc/ssl/client.pem  key_file = /etc/ssl/client-key.pem  [keystone_authtoken]  auth_uri = https://controller:5000  auth_url = https://controller:35357  certfile =  /etc/ssl/client.pem  keyfile =  /etc/ssl/client-key.pem  insecure = true  [trustee]  auth_url = https://controller:35357  After this, make the changes in endpoint urls from http to https in Database or recreate the endpoints […]

Read More

Adding Self-Signed Certificate for Nova and Neutron API Service endpoints

Configuring Self-Signed Certificate for Nova API Service endpoints  Update /etc/nova/nova.conf  [DEFAULT]  ssl_only = True    cert = /etc/ssl/client.pem  key = /etc/ssl/client-key.pem  enabled_ssl_apis = osapi_compute,metadata  [glance]  api_servers = https://controller:9292  certfile = /etc/ssl/client.pem  keyfile = /etc/ssl/client-key.pem  insecure = true  [keystone_authtoken]  auth_uri = https://controller:5000  auth_url = https://controller:35357  certfile = /etc/ssl/client.pem  keyfile = /etc/ssl/client-key.pem  insecure = true  The Placement API service endpoints also should be configured with Self-Signed certificate for nova.  In /etc/apache2/sites-available/ location nova-placement-api.conf will be available,this file is used to configure Self-Signed […]

Read More

Adding Self-Signed Certificate for Keystone and Glance API Service endpoints

1.Generating Self-Signed Certificates  Enable ssl by typing this command sudo a2enmod ssl  Enabling ssl requires the apache2 service should be restarted, so restart apache by using this command service apache2 restart  Create a directory for the Self-Signed certificate by using sudo mkdir /etc/ssl  Generate Self-Signed Certificate by using the below command sudo openssl req -x509 -nodes -days 365 –newkey rsa:2048 –keyout  /etc/ssl/client.key -out /etc/ssl/client.crt              The above command generates client.key file and client.crt file   Convert the generated files into pem format by […]

Read More

Simple Ansible Script to Provision an Instance In AWS EC2

Ec2 Instance provisioning example – name: Creating AWS resources hosts: localhost vars: aws_access_key: aws_secret_key: key_name: aws_region: vpc_id: vpc_subnet_id: ami_id: instance_type: my_local_cidr_ip: group_id: connection: local gather_facts: False tasks: – name: Create an EC2 instance ec2: aws_access_key: “{{aws_access_key}}” aws_secret_key: “{{aws_secret_key}}” key_name: “{{key_name}}” region: “{{aws_region}}” vpc_subnet_id: “{{vpc_subnet_id}}” group_id: “{{group_id}}” instance_type: “{{instance_type}}” image: “{{ami_id}}” wait: yes volumes: – device_name: […]

Read More

Uploading files into the Cisco Switch or Router by using TFTP

Uploading files to a Cisco Switch or Router by using TFTP The files are uploaded into the Cisco switch or router by using TFTP servers, instead of using SCP I)TFTP Configuration in Ubuntu 1)Install TFTP by using this command sudo apt update; sudo apt install tftp-hpa tftpd-hpa 2)Configure TFTP by, Edit the Following Configuration File […]

Read More

Static and Dynamic Routing

Routing and types of routing Routing is a process of forwarding packets from one network to another network in an optimal way. It happens in Layer3 or network layer and it performed by a dedicated device called router. Routing process will happens based on the routing tables. It was specified by a network administrator or […]

Read More