OpenStack Cloud Computing Cookbook
http://www.openstackcookbook.com/
Monthly Archives: August 2015
The OpenStack Cloud Computing Cookbook – Third Edition – is now available to purchase!
August 20, 2015
Posted by on Thanks to Cody Bunch and Egle Sigler – and whole bunch of tech reviewers spanning the cloud and OpenStack community, the OpenStack Cloud Computing Cookbook has had its 3rd reboot. We coverĀ configuration of Nova, Neutron, Glance, Keystone, Cinder and Swift. We show you how to use these. We show you how to use Ansible to deploy this in your datacentre. We show you how to use things like Heat and Cloud-Init to automate your cloud application environments as well as the latest and greatest like DVR and FWaaS.
We provide this with an accompanying multi-node Vagrant environment, where you can try out the steps in the book using free and open source stools such as VirtualBox and Vagrant – and we always make the latest versions of OpenStack available here too.
This is the best book in the series by far and now it’s availableĀ to buy here.
-Kevin Jackson
Installing and Configuring OpenLDAP
August 17, 2015
Posted by on In order to operate OpenStack Identity service with an external authentication source, it is necessary that one have an external authentication service available. In the OpenStack Cloud Computing Cookbook, we used OpenLDAP. As installing and configuring OpenLDAP is beyond the scope of the book, that information is provided here.
Getting ready
We will be performing an installation and configuration of OpenLDAP on it’s own Ubuntu 14.04 server.
How to do it…
We will break this into two steps: installing OpenLDAP, and configuring it for use with OpenStack.
Installing OpenLDAP
Once you are logged in, to your Ubuntu 14.04 node, run the following commands to install OpenLDAP:
We set the Ubuntu installer to non-interactive, as we will be providing the configuration values for OpenLDAP prior to installation:
export DEBIAN_FRONTEND=noninteractive
Next we provide an admin password so OpenLDAP will install:
echo -e " \ slapd slapd/internal/generated_adminpw password openstack slapd slapd/password2 password openstack slapd slapd/internal/adminpw password openstack slapd slapd/password1 password openstack " | sudo debconf-set-selections
Finally, we install OpenLDAP via slapd package:
sudo apt-get install -y slapd ldap-utils
Configuring
OpenStack has a few requirements regarding which attribute types are used for user information. To accomodate this in our OpenLDAP we need to add these values to the new-attributes schema file:
sudo echo " attributetype ( 1.2.840.113556.1.4.8 NAME 'userAccountControl' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' )
objectclass ( 1.2.840.113556.1.5.9 NAME 'user' DESC 'a user' SUP inetOrgPerson STRUCTURAL MUST ( cn ) MAY ( userPassword $ memberOf $ userAccountControl ) )
" >> /etc/ldap/schema/new-attributes.schema
Finally, restart OpenLDAP:
sudo service slapd restart
How it works…
What we have done here is install OpenLDAP on Ubuntu 14.04. Additionally we created an LDAP schema, configuring the userAccountControl property, and configuring a ‘user’ object to provide login authorization.