Books, Cloud Infra, HashiCorp, SysAdmin

Book Review – Terraform: Up & Running: Writing Infrastructure as Code

Terraform: Up & Running: Writing Infrastructure as Code

On Terraform: Up & Running: Writing Infrastructure as Code author Yevgeniy Brikman does an excellent job defending the use of Terraform, a tool designed to make the deployment of infrastructure as code. The book comes with many hands-on examples with all the code available on github for download allowing the reader to follow along.

The author provides answers to questions such as What is Infrastructure as code and What are the benefits of using Infrastructure as code. He provides context of why we are seeing a proliferation of a new set of tools – think Terraform, Packer, Docker, Ansible. He finally show how ties them back to the rise of the DevOps movement.

On DevOps, he uses a definition shared by many, myself included: “The goal of DevOps is to make software delivery more efficient”. The emphasis here is on efficiency and Terraform delivers it.

Throughout the rest of the book the many examples and exercises are set to run on Amazon AWS. Although you can run them someplace else, I would tell you to create an account on AWS and do it there. The examples do follow a logical path. You start with a single server and ending with a cluster of web servers.

To make use of new Terraform concepts, the author makes changes to the initial examples, adopting building blocks available on AWS. These concepts can to different cloud providers and the choice of AWS illustrates the power of Terraform.

One thing to keep in mind, is the fact that there isn’t a simple “brain transfer” between one cloud provider and another. This means that you can’t expect that a specific configuration on one platform will work on another. For example, an Elastic Load Balancers is a specific solution from Amazon and although a similar offer might exist in another place, Terraform can’t guarantee that it will work or act the same.

Terraform uses the HashiCorp Configuration Language (HCL), a declarative language intended to create the infrastructure. “Why should I learn yet another language” you might ask and the answer is: “To make your life easier” and here is why. Terraform can create infrastructure on different platforms such as public and private cloud providers (e.g.: AWS, Azure, DigitalOcean, OpenStack) and virtualization solutions like vSphere. This a core concept in Terraform called providers. Terraform knows how to ‘talk’ to different providers. This takes you away from having to know how to automate these platforms. Instead you can focus on learning one declarative language, HCL. This saves you from having to keep up with CloudFormation, ARM, HEAT, vRealize Automation and others.

Using Infrastructure as Code brings some important considerations. How to provide file isolation, file locking and safeguard the state of the infrastructure managed by Terraform? This brings another point, the trade-offs when using Infrastructure as Code. There are advantages of using Terraform to deploy an infrastructure. Its clear, concise, reproducible method are a plus. The drawback to have in mind is this: when not careful, a commit can break your entire infrastructure. This could be your production and staging environment.

To mitigate potential issues like that, the author shows a few practical approaches. To start, he talks about file isolation and proposes a layout to better organize your code. There’s a chapter deidcated to the use of modules (to avoid code duplication) and version control your code.

If you are new to Terraform this book will bring you up to speed and teaching you about this new and powerful tool. If you have used Terraform before, chances are you can still learn from the vast experience that Yevgeniy brings.

Terraform is a cutting edge tool and it is here to address a complex problem. This book allows you to get the information you need in no time with many examples. Recommended!

To Yevgeniy Brikman: Thank you for writing this book. Staying up to date with a tool still in it’s early days is a challenge. Writing about it must be very hard, so thank you.

FreeBSD, SysAdmin

Merry Xmas: Gift ideas for a BSD aficionado

Greetings fellow BSD folks! Christmas is here ! Did you know that there’s life outside of chocolate, turkey and countless hours of watching Home Alone? Here are 6 gift ideas for the BSD aficionados out there.

1. Introduction to the FreeBSD Open Source Operating System LiveLessons


This series of videos from Addison-Wesley, is a must have for the BSD fan. During the more than 10 hours of discourse,  Dr. Marshall Kirk McKusick does a superb job of taking you into a tour of the many subsystems that make FreeBSD. The material presented here will go side-by-side with the Design and Implementation of the FreeBSD Operating System. This course is a subset of a 15-weeks long training that McKusick offers as a consultant. More information can be found on his personal website

Here’s what Dr. McKusick covers during this LiveLessons:

  • Lesson 1: Introduction to the FreeBSD Community
  • Lesson 2: Introduction to the Kernel
  • Lesson 3: Processes
  • Lesson 4: Virtual Memory
  • Lesson 5: I/O System Overview
  • Lesson 6: Devices
  • Lesson 7: The Fast Filesystem
  • Lesson 8: The ZFS Filesystem
  • Lesson 9: Networking and Interprocess Communication

You can buy the LiveLessons here.

2. Raspberry Pi


Yes, the Raspberry Pi, a tiny little computer that you can run FreeBSD. You can fetch a ready to go image at the official repo (RPI-B and RPI2) and for RPI3 you can use the images at RaspBSD. In my setup (above picture) I have a mix of 3 RPI2 and one RPI3 coupled with a NETGEAR GS108E switch (capable of VLAN tagging). To power up this setup, I’m using an Anker Multi-USB Charger.

With FreeBSD you can access the GPIO interface with gpioctl(1). Vadim Zaigrin has a full detailed blog post on how to use it.

3. Annual subscription to the FreeBSD Journal

FreeBSD Journal.png

Keeping up with all things FreeBSD might be hard, we have a very active community and  there seems to be something interesting happening. An excellent resource to keep you up to date is the FreeBSD Journal. The Journal is a bi-monthly publication that contains articles from known FreeBSD figures such as Allan Jude, Dru Lavigne, George Neville-Neil, Joseph Kong and Michael W. Lucas just to name a few.

4. All of the books from Michael Lucas


I can’t praise him enough, Michael Lucas has a rare gift of making really dry material palatable to the masses. From SSH, to PAM going to FreeBSD (including an incredible specialty series on filesystems – yep, ZFS is covered), he has done it all – but don’t tell him that, we still want him to publish more  🙂 . You can’t go wrong with any of his material, so this is extremely recommended. Check out his work at the Tilted Windmill Press or at Amazon.

5. BSD Magazine Online Courses


The BSD Magazine is a free (yes, free!) online resource that is published on a monthly basis with news, various articles and tutorials. On the BSD Magazine website you can also find some courses such as the DevOps with Chef on FreeBSD, Using FreeBSD as a Fileserver with ZFS and Deploying on office / workgroup server on FreeBSD. During the holiday season you can use the promo code holidays30 to get 30% off on everything announced on their site! A pretty good deal!

6. FreeBSD Mall Goodies


The FreeBSD Mall is a known place if you want to get FreeBSD memorabilia. From t-shirts, polo shirts, CDs, books, stickers and hats, the FreeBSD Mall has it all. Check their promo and special sections to get extra savings on assorted items. On December 23rd they just released two new FreeBSD baseball caps (have to check them out!).

Have your self a Merry Christmas and an awesome New Year !


Cloud Infra, FreeBSD, OpenStack

Using release(7) to create FreeBSD images for OpenStack – Yes, you can do it!


During a recent BSDNow podcast, Allan and Kris mentioned that it would be nice to have a tutorial on how to create a FreeBSD image for OpenStack using the official release(7) tools.

With that, it came to me that: #1 I do have access to an OpenStack environment and #2 I am interested in having FreeBSD as a guest image in my environment. Looks like I was up for the challenge.

Previously, I’ve had success running FreeBSD 11.0-RELEASE on OpenStack with success but more could/should be done. For instance, as suggested by Allan,  wouldn’t be nice to deploy the latest code from FreeBSD ? Running -STABLE or even -CURRENT ? Yes, it would. Also, wouldn’t it be nice to customize these images for a specific need? I’d say ‘Yes’ for that as well.

With that, I thought I would give it a try, so without further ado, here’s how you
can bake a FreeBSD image using the official releng toolset.

After some research I found that the current openstack.conf file, located at /usr/src/release/tools/ could use some extra tweaks to get where I wanted. I’ve created and attached that to a bugzilla on the same topic. You can read about that here.

This diff brings the following changes:

  •  resize FreeBSD to the size of the OpenStack flavor (growfs).
  • speeds up the boot process by disabling sendmail.
  • allows an user to ssh as root with a public key.
  • make ssh respond faster by disabling DNS lookups (can be reverted).
  • enable DHCP on the vtnet interface.

Here’s our goal:

Create a FreeBSD image for OpenStack (KVM based) using the release(7) tools.

and as a bonus:

  • Be able to upload the image to OpenStack’s Glance and to manipulate a HEAT stack _from FreeBSD_


  • Make sure you have a system that can do a build(7) – disk space is important here, more CPU power helps too.
  • Patch the openstack.conf file with the new changes – you can get the file from here.
# $FreeBSD: releng/11.0/release/tools/openstack.conf 277458 2015-01-20
# 23:56:04Z gjb $

# Set to a list of packages to install.
export VM_EXTRA_PACKAGES="net/cloud-init
 devel/py-pbr devel/py-iso8601 \
 net/py-eventlet net/py-netaddr comms/py-serial devel/py-six \
 devel/py-babel net/py-oauth net/py-netifaces"

# Set to a list of third-party software to enable in rc.conf(5).
export VM_RC_LIST="cloudinit"


vm_extra_pre_umount() {
 #env ASSUME_ALWAYS_YES=yes pkg -c ${DESTDIR} delete -f -y pkg
 #rm ${DESTDIR}/var/db/pkg/repo-*.sqlite

 echo 'growfs_enable="YES"' >> ${DESTDIR}/etc/rc.conf

 # Enable sshd by default
 echo 'sshd_enable="YES"' >> ${DESTDIR}/etc/rc.conf

 # Disable DNS lookups by default to make SSH connect quickly
 echo 'UseDNS no' >> ${DESTDIR}/etc/ssh/sshd_config

 echo 'PermitRootLogin without-password' >>

 # Enable DHCP for the OpenStack instance
 echo 'ifconfig_DEFAULT="SYNCDHCP"' >> ${DESTDIR}/etc/rc.conf

 # Disable sendmail
 echo 'sendmail_enable="NO"' >> ${DESTDIR}/etc/rc.conf
 echo 'sendmail_submit_enable="NO"' >> ${DESTDIR}/etc/rc.conf
 echo 'sendmail_outbound_enable="NO"' >> ${DESTDIR}/etc/rc.conf
 echo 'sendmail_msp_queue_enable="NO"' >> ${DESTDIR}/etc/rc.conf

 # Openstack wants sudo(8) usable by default without a password.
 rm -f ${DESTDIR}/etc/resolv.conf

 # The console is not interactive, so we might as well boot quickly.
 echo 'autoboot_delay="-1"' >> ${DESTDIR}/boot/loader.conf
 echo 'beastie_disable="YES"' >> ${DESTDIR}/boot/loader.conf

 # Reboot quickly, Don't wait at the panic screen
 echo 'debug.trace_on_panic=1' >> ${DESTDIR}/etc/sysctl.conf
 echo 'debug.debugger_on_panic=0' >> ${DESTDIR}/etc/sysctl.conf
 echo 'kern.panic_reboot_wait_time=0' >> ${DESTDIR}/etc/sysctl.conf

 touch ${DESTDIR}/firstboot
 return 0


  • Fetch the FreeBSD source code and extract it under /usr/src
  • Once the code is in place, follow the regular process of build(7) and perform a `make buildworld buildkernel`
  • Change into the release directory (/usr/src/release) and perform a make cloudware

That’s it! This will generate a qcow2 image with 1.4G in size and a raw image of 2G.
The entire process uses the release(7) toolchain to generate the image and should work with newer versions of FreeBSD.

Tested with 11.0-RELEASE-p1 and also tested on OpenStack Mitaka.

Bonus Tips: Installing OpenStack cli tools.

Instal pip:

pkg install py27-pip

Install the OpenStack Python Client:

pip install python-openstackclient

Install the legacy OpenStack Clients (might be needed for some environments).

pip install python-heatclient
pip install python-nova client

Next, create an openrc file and source it. Here’s an example:

unset ${!OS_*}
export OS_AUTH_URL=
export OS_USERNAME=admin
export OS_PASSWORD=NotMyPassw0rd
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=default

Then, source it:

source ~/

Right now, you have all you need to operate OpenStack. To test, let’s try the following:

  1. Upload our newly created FreeBSD image to OpenStack’s Glance.
  2. Spin up a stack that uses our FreeBSD image by invoking a Heat template
  3. Test the connectivity to the new stack
  4. Clean the stack

Let’s go!

With the image now fully created, upload it to glance.

[root@freebsd /usr/src/release]# cd /usr/obj/usr/src/release
[root@freebsd /usr/obj/usr/src/release]# glance image-create \ 
 --progress              \ 
 --disk-format qcow2     \
 --name FreeBSD-OpenStack\
 --file openstack.qcow2  \
 --container bare

Create a heat stack called “freebsd-image-test” using the freebsd-openstack.yaml file.

[root@freebsd ~]# openstack stack create -t ./freebsd-openstack.yaml freebsd-image-test

| Field               | Value                                      |    
| id                  | e217ba55-6892-4012-aebb-e8b2f7032df7       |    
| stack_name          | freebsd-image-test                         |    
| description         | This template generates a FreeBSD instance |    
|                     |                                            |    
| creation_time       | 2016-12-07T01:26:46                        |    
| updated_time        | None                                       |    
| stack_status        | CREATE_IN_PROGRESS                         |    
| stack_status_reason | Stack CREATE started                       |    

Now that the stack is created, let’s get the floating IP of the instance and ssh into it. For this example, I’m using a key named “cse-pubkey”. You can/should change that on the template to reflect your environment.

[root@freebsd ~]# openstack stack output show --all freebsd-image-test 
| Field               | Value                                   |             
| instance_private_ip | {                                       |             
|                     |   "output_value": "",          |             
|                     |   "output_key": "instance_private_ip",  |             
|                     |   "description": "No description given" |             
|                     | }                                       |             
| instance_public_ip  | {                                       |             
|                     |   "output_value": "",     |             
|                     |   "output_key": "instance_public_ip",   |             
|                     |   "description": "No description given" |             
|                     | }                                       |             

Test the connection to the instance.

[root@lppa240 ~]# ssh -i cse_id_rsa
The authenticity of host ' (' can't be established.
ECDSA key fingerprint is SHA256:LX06d48gTGV+SCrl3DJlWw5i4j7+IjaHDW6J2s/JwzQ.
No matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (ECDSA) to the list of known hosts.
FreeBSD 11.0-RELEASE-p1 (GENERIC) #1: Sat Dec  3 10:54:58 EST 2016

Welcome to FreeBSD!

Release Notes, Errata:
Security Advisories:
FreeBSD Handbook:
Questions List:
FreeBSD Forums:

Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with:  pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.

Show the version of FreeBSD installed:  freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages:  man man
FreeBSD directory layout:      man hier

Edit /etc/motd to change this login announcement.
root@freebsd-image-test-instance-qk6lpulwbxp4:~ # uptime
 1:30AM  up 3 mins, 1 users, load averages: 0.27, 0.30, 0.14

All set!

Cleaning the stack

[root@freebsd ~]# heat stack-delete freebsd-image-test


FreeBSD, SysAdmin

Continuous Learning: Why I’ve opted to learn BSD’s and so should you

– I’m making this a permanent entry into the blog under “Learn BSD”.
– Added reference to BSDTV, OpenBSD FAQ, Dragronfly BSD Digest

Magic now. Magic I unnerstan’.

The Color of Magic, Discworld #1


Yes, magic, but unlike our character Rincewind in The Color of Magic, the spells that I’ve learned over the years by using BSD’s are still somewhat accessible in my memory – I don’t just forget them after studying it for months but using it for just a single time. This is the kind of knowledge you should be going for as well, the one that you can build and sharp over time, that is, without having to relearn it all.

Roughly after 15 years using FreeBSD and OpenBSD and working in a different industries and positions, I do not regret my choice to stick with these systems. I initially, as many I believe, started my UNIX-like journey with Linux, trying various distros for a while. I was fortunate to be introduced to FreeBSD (and OpenBSD after that) by a friend during college, and since that, never looked back. Don’t get me wrong, I still do use Linux, as I did use Solaris, when they made more sense or were somehow required – and that’s ok. I still try to use FreeBSD/OpenBSD whenever I can, in and out of Corporate world.

The BSD Culture

On an interview for the BSD Magazine, Dru Lavigne phrased how the BSD community really works:

You can (and should) slow down and learn how things work. It can be a mind shift to learn that the freedom to use and change how something works does exist, and isn’t considered stealing. And that learning how something works, while hard, can be fun. BSD culture, in particular, is well suited for those who have the time and temperament to dive into how things work.

The BSD culture does indeed invites one to go on, learn and share. Overtime, this mindset will stick with you, it sure did to me, becoming a part of my professional and personal life.

Really ? How? Mind sharing some examples?

I am all for using the right tool for the right job and I’ve being satisfied to a large degree by the amount of proper tools that both, FreeBSD and OpenBSD bring to the table. Here’s a brief list of solutions that I’ve used:

  • OpenBSD’s svlan interface to capture QinQ traffic for a Telecom Customer (capture traffic from a DSLAM Cabinet on the street).
  • Flow analysis with pflow and nfsen on OpenBSD.
  • File sharing with FreeNAS.
  • Firewalling a branch office with OpenBSD.
  • Using Asterisk (Soft PBX) on OpenBSD to connect a small office.
  • Create a 3G wifi hotspot with OpenBSD (pf, ppp) on a tradeshow.
  • Deployed a reversed ssh tunnel from an OpenStack private cloud into a FreeBSD droplet at Digital Ocean. This allowed me and my team to troubleshoot our OpenStack cloud appliance running  on a conference floor (that is, working after hours from the hotel).

All of that can/could be done by something else (Linux, for example). But the simplicity and careful way the BSDs are documented were unprecedented for me as an Engineer. Many times all I had access to were the man pages so knowing they were accurate was unprecedent.

The situation today

The one topic that bothers me though, is the latest trends in IT. Every week, it seems to be a tremendous amount of “new technology” (aka NIH solutions)  all over the place – followed by nonsense hype.  With that, think about what makes sense to you and think about the time you will invest (yes, invest) continuous learning these technologies.

If you are coming from Linux and is new to BSDs, take a moment to read the excelent A Comparative Introduction to FreeBSD for Linux Users at Digital Ocean.

The Tomes of Magic – Audio, Video et al

Reading material (Online):


FreeBSD –

  • The Design and Implementation of the FreeBSD (Amazon)
  • Absolute FreeBSD: The Complete Guide to FreeBSD, 2nd Edition (Amazon)
  • FreeBSD Mastery: Storage Essentials (IT Mastery) (Volume 4) (Amazon)
  • FreeBSD Mastery: ZFS (IT Mastery) (Volume 7) (Amazon)
  • FreeBSD Mastery: Specialty Filesystems (IT Mastery) (Volume 8) (Amazon)
  • FreeBSD Mastery: Advanced ZFS (IT Mastery) (Volume 9) (Amazon)

OpenBSD –

  • Absolute OpenBSD: Unix for the Practical Paranoid 2nd Edition (Amazon)
  • The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall  (Amazon)

Audio and Video:

Meeting the Wizards

In some occasions, you can meet the “pointy-hats” in these events:

This is by no means a full list of the events. For an updated list, please refer to these:

Baking it: Running FreeBSD on a Raspberry Pi

If you want to learn or teach BSD, you should be aware that FreeBSD runs on a few accessible devices ($) such as the Raspberry Pi (B+, 2 and now 3). This is incredible interesting and as we move move forward, more of these devices are expected to be supported. Here’s an idea, you can use RPI’s with the _free_ material from to spread the knowledge. As a matter of fact this would work not only for the internals of FreeBSD  but also for practitioners to get hands on.

  • Pros: Cheap platform, easy way to get started and to teach others.
  • Cons: Initial setup and cost when going with more than one PI. Availability of the Raspberry Pi in your region can be tricky.

In a hurry ? Try using a cloud

A quick way to have access to BSDs is to use one of the main public cloud providers such as Digital Ocean, AWS and Microsoft Azure.

  • Pros: Immediate access. Easiest way to get started. Can be very cheap (pay per use).
  • Cons: Initial setup. Might not be accessible from a Corporate environment (firewall, etc).

If you can’t go with a cloud environment, another option is to fire up Vagrant with FreeBSD with the official releases from the FreeBSD Release Team.

Going all in: Using it as a desktop

To fully learn FreeBSD or another BSD for that matter, is to go all in. Based on my own experience, I would suggest that you install either one of the BSDs and build up a desktop (which is honestly fairly easy) or to go with a ready-to-go option such as the awesome TrueOS. As a matter of fact, one should go ahead with TrueOS and see how well integrated a FreeBSD desktop can be. Don’t be fooled, TrueOS _IS_ FreeBSD and carries all of the advanced computing capabilities you’d find on FreeBSD (OpenZFS, Dtrace, GELI Encryption, Jails, bhyve just to name a few) but it takes the burden of building and fine tuning a FreeBSD Desktop – plus some extra awesomeness developed by Kris and the team (AppCafe, SysAdm, etc).


2016 is almost coming into an end, so how about this as a challenge. How about starting 2017 by deep diving into FreeBSD, taking the time to learn a set of tools that are likely to stay with you for the next years to come? Expect more information on that front here.




Cloud Infra, OpenStack

OpenStack Neutron Diagrams

<!– –>

TL;DR: Neutron diagrams depicted below are available on my Github repo.

During my presentation on Troubleshooting Neutron Networks (OpenStack Summit 2016 in Barcelona – details and video) there were many network diagrams used to illustrated the various scenarios with Neutron networks.

Many stackers were asking where to get these diagrams and as promised, here they are:


east-west DVR traffic


north-south traffic



east-west traffic with VXLAN

GitHub – dcasati/OpenStack/tree/master/OS2016BCN-Troubleshooting-Neutron

The diagrams can be open using and are made available under the Creative Commons License (CC by 4.0). You can show/hide the different layers and well as edit each component individually.

Have fun!

Cloud Infra, OpenStack, Uncategorized

OpenStack Summit Barcelona 2016


OpenStack Summit in Barcelona is now officially over. The Summit happened between October 25 and 28th in Barcelona, Spain.

This being my first Summit, I was excited about what to see and who I would meet during the conference 4 days.  The fact that I had the chance to deliver two presentations alongside my team members.

Since this was the  OpenStack Summit, we could not go on without, well having  OpenStack, so we brought one own. And it was great ! With us this year, we brought the Dell EMC VxRack Neutrino, a hyperconverged turn-key OpenStack solution. Neutrino really shined during the Summit as more and more Stackers were curious wether or not we  really had a running rack or just a gimmick blinking lights. For folks who are still wondering, we did have the real deal with running workloads on it.

Presentations –

With all of the activities during the Summit, it was hard to see all of them while on site, but I did manage to attend a few of them while also presenting.

Without further ado, here’s what I’ve presented and also some of the interesting presentations that I saw:

Accelerate the OpenStack RCA with Kibana and ElasticSearch (Details)

During this presentation, me and David Sanchez went on to talk about how difficult it is for teams and OpenStack practioners to fully have a Root Cause Analysis (RCA), in time and in a reproducible fashion. We’ve delve  the different aspects of a successful RCA and also how to move from the firefighting mode into a more proactive one.

Troubleshooting Neutron – Physical and Virtual (Details)

In this presentation we’ve went through two real scenarios of troubleshooting Neutron, showing the different components involved by following the data traffic trought the network.

Hands-On Workshops –

Hands-On Workshop: Learn About Microservices Architectures with Docker Swarm, Etcd, Kuryr, Neutron (Details)

    This hands-on workshop was presented by Fawad Khaliq from PLUMgrid who essentially did a great job explaining how Microservices work through theory and examples. During the course of this workshop, Fawad showed showed how one would increase and decrease a swarm cluster and how Docker networking and OpenStack Neutron interface through Kuryr.

Neutron Ninja 101: A Hands-On Workshop with Neutron Networking (Details)

    Becoming a Ninja seems very challening, but Phil Hopkins did a great job here to ensure that we would get there. This presentation was packed with good content and Phil was able to drive the conversation by making sure we all had the necessary networking and Linux foundation. I truly enjoyed his style of presenting and his very clear and concise examples. To my surprise, the last set of slides on this workshop were related to explaing some of the more complex aspects of the OpenStack overlay networking, which as great as our Troubleshooting Neutron: Physical and Virtual Networks presentation started right at this point.

A final cherry-on-top-of-the-cake moment happened after this presentation as I met James Denton whose book, Learning OpenStack Networking (Neutron), was mentioned as a excelent source of reference during our presentation.FullSizeRender.jpg

The highlight of an event like this must be the opportunity one has to meet with fellow Stackers and share stories, knowledge and experience. It’s the whole conversation that happens between the presentations and 1×1 engagement with others.

Happy to have the opportunity to travel to the Summit. See you next time.


Mind Map: OpenStack CLI


I love Mind Maps. I’ve actually been called a “Mind Map” junkie by another computer fellow (@open4storage), which I a fan of. I think Mind Maps add a new level of how to lay down a set of information. With it’s visual cues, it is, in my opinion, easier to find a snipet of information one is looking for than it is to skim throughout a notebook.

That been said, I will take this here as an opportunity to start a new section on this blog, where I will share my Mind Maps. To start, here’s a Mind Map based on the OpenStack CLI Cheat Sheet (  The commands on the previous URL do not encompass all of the available CLI commands on OpenStack. As a matter of fact, I do not believe that the purpose of this cheat sheet (and of the Mind Map, by virtue of origin – that is, being a copy of the cli cheat sheet), is to have a compendium of all of the commands, flags, syntax’s and so on. The purpose of the cheat sheet is to be a quick reference guide to the most common commands used on OpenStack (this is debatable but let’s stick with the idea for now).



Mind Map of the OpenStack CLI Cheat Sheet

For beginners, knowing all of these commands can be daunting, but I hope that having a visual cue to them will help you as it did help me.

If you want to try some Mind Maps, you can download here the OpenStack CLI Cheat Sheet. I’d recommend downloading the free version of XMind (, available for Windows, OSX and Linux.

Key takeaways:

  • Mind Maps provide a different way to display complex information in a visual diagram.
  • Learning OpenStack can be difficult. There are a lot of commands, flags and syntax’s to learn. A cheat sheet exists and provides the most common commands. This is specially beneficial to beginners.
  • A new Mind Map, presented here, aims to display the OpenStack CLI in a visual diagram.


  • OpenStack CLI Cheat Sheet Mind  Map (.png / .xmind)

Trash dumping: Finding jewels in the sea of waste

Trash dumping. Unlikely to be your Sunday morning plan (or Saturday evening for that mater), could bring you back something of interest. In my case, my experience is a two-fold, one in the physical world and another in the digital. Although what I’m about to tell you is more of a parable, I did not literally had to dump into any trash to find anything useful, the outcome was positive: In both cases, I did get something valuable out of it.

TLDR: Two things happened here: #1 built a version of the famous hacked “Ikea Standing-Up desk” and #2 I discovered a new, awesome, podcast called Garbage, from two OpenBSD developers. Read along.

Continue reading


Export OVF template failure on ESXi 6

For some reason, when trying to export a VM as an OVF file or OVA I keep getting the following error on VCSA 6:


After going through the forums I found the answer here:

Essentially, you need to add the the VCSA IP address and hostname to the hosts file on the computer that you are connecting to the VCSA, such as your laptop or workstation. (/etc/hosts on *NIX or C:\Windows\System32\drivers\etc on Windows). Once that is done, you should be able to export the OVF or OVA file.


Hope this helps you

Cloud Infra, Uncategorized

OpenStack Images default users


After chasing this information too often, I’ve decided to give a break to my brain and compile a list of the most common OpenStack Images (at least for my day-to-day activities). Without further ado, here’s the list:

Distribution Default User
Ubuntu 14.04 Trusty ubuntu
CentOS 6/7 centos
Red Hat Enterprise Linux 6/7 cloud-user
CirrOS cirros
Debian admin

A complete and up to date list can be found at the OpenStack site.

You can then login into an instance with the provided SSH keys or optionally, you could also change the default user password with the following cloud-config, which will allow you to ssh into an instance but force the password to be changed on the first login:

password: ChangeMe
chpasswd: { expire: True }
ssh_pwauth: True

Let’s understand the options from the above configuration.

# you can set passwords for a user or multiple users
# this is off by default.
# to set the default user's password, use the 'password' option.
# if set, to 'R' or 'RANDOM', then a random password will be
# generated and written to stdout (the console)
# password: passw0rd
# also note, that this will expire the password, forcing a change
# on first login. If you do not want to expire, see 'chpasswd' below.
# So, a simple working example to allow login via ssh, and not expire
# for the default user would look like:
password: passw0rd
chpasswd: { expire: False }
ssh_pwauth: True

and finally,

# in order to enable password login via ssh you must set
# 'ssh_pwauth'.
# If it is set, to 'True' or 'False', then sshd_config will be updated
# to ensure the desired function.  If not set, or set to '' or 'unchanged'
# then sshd_config will not be updated.
# ssh_pwauth: True

More examples can be found here.