[Updated 01Oct2013 to correct spelling and command formatting] Building images to boot in a cloud can be a lot of fun, especially since no two clouds are built alike. Now fortunately the differences are mostly minor, but some of the minor differences can be fatal. Ugh. Good News The recent release of Fedora 18 brought with it a pleasant surprise, the build of some images suitable for loading into your favorite cloud, ala Ubuntu's UEC images. The mailing list notice gives the background and a reply in that thread mentions some desirable changes. So in order to make those changes

In the first part of this series we covered creating a pair of certificate authorities and a signed certificate with the same attributes commonly found in commercial certificates. This part covers the OpenStack Python clients and proper certificate verification. The OpenStack client repositories (or packages) include both the Python API bindings and the reference command line interface (CLI) implementation to communicate with the OpenStack APIs. Client support for modern encrypted connections, i.e SSLv3 and/or TLSv1, has been spotty at best. Most of the clients are capable of using SSL for encryption but often the certificate verification part of the protocol

We all know that the difference between https and http is the addition of encryption, right? Of course, but less attention is paid to the other purposes of SSL and TLS: to verify one or both of the parties involved in the connection and to validate that the objects used in the verification meet certain criteria. [1] In the common case of a user directing a web browser to a 'secure' site, only one side is potentially validated, that being the server. Maybe. Browsers generally go a good job of performing server certificate verification and validation but other https clients

This worked well enough but has been superceeded by ``appliance-creator`` Ubuntu has these nice UEC images that make a great base for cloud appliances. Fedora has nothing official although there are a couple of older images floating around (links please!). Nothing for Fedora 17 though. Let's build one! The most flexible image builder seems to be oz, as it runs the standard install process and can build nearly anything that boots in KVM. There are some specific requirements for libguestfs and that usually doesn't work properly in a VM. This all had to be done on bare metal. Even then,

First birthdays are always fun...especially the bit where the birthday kidlet is encouraged to make a mess of the cake to the mild amusement of the adults present. At least that's how it worked in the little burg where I grew up. (Little burg? Isn't that redundant?) My parents have pictures of me doing that, I have pictures of my kids doing that, I anticipate the cycle will continue someday. Now that the OpenStack Grizzly Design Summit is over I realize that DevStack is just over a year old, having been shown off for the first time at the Essex