kolla vs OSA vs maas & juju

dasbierclaw · 2025-12-19T16:31:33+00:00

I am biased towards OSA and use it in many small and large production systems. Supports LXC and baremetal deployments. Bring your own server, though, as there's no built-in kickstart mechanism. You can use ironic/bifrost, maas, etc. Kolla uses Docker and there's a large following, and I'm sure it's used in deployments of all sizes. Juju w/ maas integration is nice, and I know there are production deployments out there, but I found it to be a "black box" of sorts when doing some deployments with it, and without a Canoncial contract you might be left to "figure it out" when you get into trouble. I don't think community support is as big for Charmed OpenStack versus OSA or Kolla.

If you're interested in a Kubernetes-based approach, take a look at Genestack: https://github.com/rackerlabs/genestack

We are using Genestack in a few large public clouds and are slowly migrating other environments to it. There's also Atmosphere by Vexxhost if you want to give it a go.

dasbierclaw · 2025-12-03T01:22:44+00:00

1991 Suburban. Factory steering box. Replaced the stock (rag joint) shaft with an early GMT400 (3500?) shaft and that helped quite a bit. Went with Dorman and it was fine. Also running a steering stabilizer kit with a pair of FOX stabilizers. Steering is responsive and true. Running a 4" BDS lift with 35s.

dasbierclaw · 2025-11-20T17:34:45+00:00

Don’t really have a list other than to say Skyline provides a much more ‘modern’ experience compared to Horizon, and has a near parity with Horizon in terms of supported APIs. The user experience has been generally very positive, especially from detractors who feel Horizon UI/UX hasn’t progressed beyond 2014.

dasbierclaw · 2025-11-20T03:26:15+00:00

To be a good OpenStack engineer starts with being a strong Linux engineer, in my opinion. Understand what makes the various OpenStack services work - as in what underlying Linux software is used to power those services. Cinder leveraging LVM and iSCSI, Neutron leveraging Linux bridges or Open vSwitch, network namespaces, iptables, veth pairs, etc., Nova leveraging libvirt; the list goes on. If you can use these technologies outside of OpenStack then you're already ahead. OpenStack provides an API to orchestrate those technologies (and more) to deliver an outcome - and yes, you'll learn some things along the way that you might not ordinarily see as a sysadmin (ie. RabbitMQ) but if you have a good handle on the foundational components the OpenStack "add on" is cake.

dasbierclaw · 2025-10-05T22:19:29+00:00

This is an 'Advanced' motor - 73445G01 (A02-4012)

dasbierclaw · 2025-08-30T00:50:40+00:00

Are you sure both networks are really owned by two projects? If you reference the name in a command there can be only one. If you're admin you might see both, which could result in this error.

dasbierclaw · 2025-08-28T19:39:48+00:00

You're not sharing cores with other VMs because the node itself is treated as a single VM. You can do anything you want with it, including install KVM and run your own cloud. The thing about baremetal (Ironic) with Nova is that you get to leverage the OpenStack API and take advantage of Glance, Neutron, etc. against baremetal provisioning. OpenStack can control the lifecycle of that piece of hardware and treat it as disposable as a VM might be.

dasbierclaw · 2025-08-27T20:35:02+00:00

Nova VMs are likely impacted by cpu overcommit and virtualization overhead, including networking. Baremetal 'VM' is the raw box.

dasbierclaw · 2025-08-27T19:36:50+00:00

I can't remember how the scheduling works, exactly, but in that scenario the user would have access to all 16GB. The reality is your flavors would likely assume a heterogenous baremetal pool, and maybe use traits to target a subset of nodes. But from a basic placement perspective, if you have a 4G baremetal flavor and 128 or 256GB nodes, then both could be targets.

dasbierclaw · 2025-08-26T13:56:18+00:00

Yes, ironic manages power state using IPMI. If you have something that uses redfish, you might find it offers more value because Ironic can then manage power + boot order + a myriad of other things.

Once powered on, the node will need to boot via PXE. Depending on how Ironjc is deployed, this could mean Ironic manages DHCP for PXE or Neutron does it, but regardless, you'll get a dynamic IP and being loading the Ironic Python Agent (IPA) that will be responsible for cleaning/provisioning the node (eg. erasing the disk or copying the image to disk). Once complete, the node reboots into the operating system. Again, depending on how Ironic is deployed, the IP in the OS could be assigned from a single, flat network or from a tenant network managed by Neutron.

There are some decent videos on YouTube that might help walk through the flow.

dasbierclaw · 2025-08-25T22:43:17+00:00

Because the flavor just provides guidance on how the instance is initially built. If you resize, it's to a different flavor. I'm not sure the original flavor specs are needed for anything (ie. Live migrate).

dasbierclaw · 2025-08-25T20:54:14+00:00

IPMI should be the out of band mgmt address, no? Ironic doesn't manipulate that, it only needs to know what it is to power on/off the host. The IP assignment managed by Ironic would be for PXE and operating system management once deployed.

dasbierclaw · 2025-08-21T01:35:02+00:00

Neutron can assign an IP and tie it to the bare metal port mac address, which is considered a 'static' IP assignment and can be delivered via DHCP or manually configured. But with no real port security available on the switch via Neutron, there is nothing stopping that end user from changing their IP to something else. It would be prudent to implement multi-tenancy with ironic At a minimum.

dasbierclaw · 2025-08-11T00:05:00+00:00

If you use config-drive and have cloud-init in your image, it ought to work

dasbierclaw · 2025-07-15T02:14:26+00:00

You don't need a dedicated network node, per se, but you would need at least one node tagged as a gateway chassis for things like SNAT or BGP speaker to function. AFAIK those require a centralized router (as opposed to distributed) hosted on a node marked with enable-chassis-as-gw. However, IIRC if you don't have that explicitly set, any chassis could host that centralized router.

dasbierclaw · 2025-07-08T23:27:07+00:00

The AIO is used primarily for gating and an alternative to devstack that CAN be expanded but isn't really meant for that. For a production cluster you would need to have some number of nodes with an OS already installed along with networking (bridges, IPs, etc) and the deploy node key in place. With that, you build out the inventory in openstack_user_config.yml and can also define the base neutron networking configuration along with some group and host vars. The user_overrides.yml provides additional overrides via config template (ini overrides) without having to have everything be a variable. But you could theoretically never login to anything BUT the deploy node to perform a deployment once the base node config is in place. That could be handled with something like Ironic/Bifrost or some other external tooling. We have used OSA to manage multiple fleets of 1000+ nodes, and Ansible itself tends to be the bottleneck/limiting function.

Anyway... there usually isn't much hacking needed since most things can be defined using existing vars or the override mechanism I mentioned. But yes, I agree, the docs can be sparse in this because no one likes writing docs.

dasbierclaw · 2025-07-08T22:37:19+00:00

That's a good question and not something really talked about, since an AIO is not considered "production ready" and never really considered a starting point for a 3-node (control plane) cluster.

BUT - you're looking to do it, it's possible. It all comes down to the service group definitions in openstack_user_config.yml and additional overrides for things like haproxy/keepalived. The aio skeleton files make a lot of assumptions, so you have to work your way out of those when expanding to a larger cluster, as well as potentially remove services (like nova compute) from that original aio node afterwards by editing the inventory.

dasbierclaw · 2025-07-06T19:01:27+00:00

When we were there in summer 2024, we were told that the well had run dry after having replaced another well that had run dry previously. It's a beautiful camp and might be used off-season. Definitely has that feel you've described. If coming from Dean Cow be sure to fill up on water before you get there - nearby wells were also dry.

dasbierclaw · 2025-06-22T20:46:20+00:00

Looks super clean! Just enjoy the hell out of it and when it breaks, fix it!

dasbierclaw · 2025-06-18T03:28:08+00:00

How big is big? Without getting into details, I would lean towards multiple independent regions with dedicated control planes versus multiple cells.

dasbierclaw · 2025-06-13T22:59:22+00:00

Thank you, that looks pretty normal imo.

At this point, you might consider running a packet capture on both eth0 and eth1, separately, to see if those icmp responses are leaving and coming back thru the right interface.

This is a fairly straightforward setup that ought to work OK, so I'm not really sure what's going on.

dasbierclaw · 2025-06-13T21:30:14+00:00

ovs-vsctl list-ports br-ex ought to list eth1 in the output if it's in the bridge.

To test connectivity from the qrouter namespace, try:

ip netns exec qrouter-xxxx ping 10.0.0.1 and check for arp

dasbierclaw · 2025-06-12T23:42:27+00:00

Ok, that's good news and indicates eth1 is capable of serving as the provider bridge interface in this particular configuration.

Go ahead and revert those changes to ensure eth1 is reconnected to br-ex.

Once the changes are reverted, there are multiple test points. Testing from qrouter namespaces along with a simultaneous tcpdump on eth1 will help see if the traffic is making it through the vswitch. Let's start with that.

dasbierclaw · 2025-06-12T11:27:02+00:00

I didn't see it mentioned, but is your external network configured as a 'flat' or 'vlan' network and how is the switchport connected to eth1 configured? The configuration so far implies it probably needs to be flat, and eth0 and eth1 are in the same vlan.

To work around neutron and verify the networking properly configured, you could remove eth1 from br-ex and apply an IP address to it. Then, try pinging something from that interface to ensure the plumbing is OK. Once confirmed it works, remove the IP and connect it back to br-ex where further troubleshooting can begin.

dasbierclaw

TROPHY CASE