Ansible and OpenStack introduction

Ansible is a configuration management tool. It can take a YAML file describing how the result should look like (e.g. list of installed sotware or given config options) called playbook and perform steps to make it happen. It uses SSH for connection to the target machines (called inventory), so no agent or other special software is needed on controlled machines. One of very nice features of Ansible is idempotency - if the playbook runs multiple times on already configured machine, nothing is changed.

#openstack #ansible

Writing a new ManageIQ OpenStack Event Monitor

This article focuses on writing an Event Monitor class in ManageIQ project for a new arbitrary event service. Let's imagine a situation that none of supported event-providing services (AMQP, Ceilometer, Panko) is suitable to given use case and a new one needs to be implemented. In this article, it will be called http_monitor which should fit to most of HTTP-based event providing services. Where to start Source code responsible for event monitoring feature is located at https://github.

#manageiq #openstack

ManageIQ and Openstack Events

This article describes how Events from OpenStack telemetry are used in ManageIQ cloud management tool. There are multiple telemetry technologies in OpenStack, but this article focuses on TripleO / RHOS distribution. Introduction An OpenStack Event is a short mesage basically including timestamp, event-type and payload. The payload typically contains more detailed information about objects which the Event is related to (e.g. VM UUID for compute.instance.reboot event). Purpose of capturing Events from OpenStack is to

#manageiq #openstack

ManageIQ and Openstack

This is an introduction to a short article serie dedicated to ManageIQ/OpenStack integration. ManageIQ is a cloud management tool which allows user to control IT infrastucture from single web UI even it runs on different cloud or on-premise technologies. Supported platforms include RHV, OpenStack, VMware, AWS, Azure etc. OpenStack is an Infrastructure-as-a-Service software. So it can take hardware machines in your datacenter, set it up, manage it and provide virtual compute, storage and networking resources on top of that.

#manageiq #openstack

Anddos nginx server module

Anddos is a nginx server plugin. It aims to differentiate clients by their behaviour (requests sent on server). The basic approach is classifying clients based on server's response to their requests. It can define patterns of “normal” client and divide normal/not normal clients and block them if needed. More detailed information can be found at I wrote it as a diploma thesis in the end of my university studies. Unfortunately, the project is discontinued and it does not fully work.


Ruby vs. Python

Notes from my point of view after working with Ruby for 5 years (almost with Rails) and Python 7 months (CLI tools typically). I understand, that some people might have different view;-) Python works with some objects, but it is not object oriented language (e.g. there is no encapsulation on objects, function body can be taken out from object, etc ). py-1 Python's not [] is True (empty array is false) is strange, usage of object's internal methods (like _iteritem etc.

#python #ruby

Split screen with GNU Screen

In a last post I wrote some use-cases of screen command. Now, I am going to add one missing thing - split screen (vertically). See following screenshot. Commands: Ctrl+a followed by | # (pipe) Split window Ctrl+a followed by Tab # Switch between split parts Once you switched into created split window, you can either create a new window (Ctrl+a followed by c) or reopen already existing window with Ctrl+a followed by n.

#cli #linux

Examples of screen command usage

GNU Screen is a program which allows you run virtual consoles. The advantage is that screen’s console sessions are not broken when network connection (to machine where the console runs) breaks. But it has many other features, which make it really useful. Basics Let’s start with screen command. It opens a new shell session within screen. screen Detach screen (close but keep running on background), command screen -d Or shortcut (e.

#cli #linux

Block outgoing SMTP traffic for non-postfix users

I still administer a LAMP webhosting server and I had issue with outgoing spam. The problem was, that Postfix logs gave no information about sent spams. It was not send through local MTA, but PHP connected to remote MTA's directly. This could be disabled with something in PHP or better (since there is also CGI) on system level - with iptables. Postfix has it's own system user, what means that SMTP traffic can by only initiated by postfix user.

#cli #linux

Unwanted redirect from iframe

Iframe tag allows insert to the webpage content from different URL. Browsers take care about it's isolation to avoid security risks. What a surprise when I experienced, that page in iframe redirects parent window. The evil code which can do that is: = "http://some.url" Easy way to avoid this behavior is to use HTML5 sandbox attribute. Example: <iframe height='500px' sandbox='allow-forms allow-scripts' src='http://some.url' width='99.6%'></iframe> Caveats: sandbox side-effect is also restriction of PDF opening etc.