odyssey4me

<Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <Attribute name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" id="upn"/>
    <Attribute name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" id="givenname"/>
    <Attribute name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" id="surname"/>
    <Attribute name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" id="emailaddress"/>
    <Attribute name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" id="name"/>
    <Attribute name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" id="primarysid"/>
    <Attribute name="http://schemas.xmlsoap.org/claims/Group" id="Group"/>

odyssey4me

Introduction

Due to the underlying networking services making use of tunnelling and packet tagging a situation may arise where instance network connectivity, especially when downloading large files or transferring files, is found to be unreliable.

This article describes how to adjust the instance to ensure that it uses a suitable MTU size so that packets are not dropped by the underlying infrastructure.

Note that the appropriate MTU size is delivered via DHCP by the underlying network service, but not all operating systems make use of the DHCP option to dynamically set the MTU size for the NIC. This document thus serves as a failback when then DHCP option is not used.

Symptoms

odyssey4me

# build locally (includes a fair amount of stuff and takes a bit of time)
#lxc-create --name=template3 --template=ubuntu -- --release trusty --arch amd64 --packages openssh-server,python2.7,apt-transport-https,python-lxml
#chroot /var/lib/lxc/template3/rootfs apt-get clean

# use a downloaded image (much faster)
lxc-create --name=template2 --template=download -- --dist ubuntu --release trusty --arch amd64
chroot /var/lib/lxc/template2/rootfs apt-get install -y \
	openssh-server \
	python2.7 \
	apt-transport-https \

odyssey4me

---
#
# Important required settings
#

# set haproxy to handle ssl offloading
haproxy_ssl: true

# configure the SSL certificates for haproxy
# these file paths are on the deployment host

odyssey4me

" Remove old vi compatibility
set nocompatible

" Enable Syntax Highlighting
filetype on
filetype plugin on
syntax enable
set grepprg=grep\ -nH\ $*

" Use spaces instead of tabs

odyssey4me

---
# This should be implemented in /etc/openstack_deploy/env.d/
component_skel:
  galera:
    belongs_to:
      - galera_all


container_skel:
  galera_container:

odyssey4me

rabbitmq_package_url: "{{ _rabbitmq_package_url }}"
rabbitmq_package_version: "{{ _rabbitmq_package_version }}"
rabbitmq_release_version: "{{ _rabbitmq_release_version }}"
rabbitmq_package_sha256: "{{ _rabbitmq_package_sha256 }}"
rabbitmq_package_path: "{{ _rabbitmq_package_path }}"

odyssey4me

---
cidr_networks:
  az1_container: 172.29.236.0/23
  az1_tunnel: 172.29.238.0/23
  az1_storage: 172.29.240.0/23
  az2_container: 172.29.242.0/23
  az2_tunnel: 172.29.244.0/23
  az2_storage: 172.29.246.0/23

used_ips:

odyssey4me

- name: Create containers via host target
  hosts: localhost
  tasks:

    - name: Clean up previous tests
      lxc_container:
        name: "{{ item }}"
        state: absent
      with_items:
        - overlayfs1

odyssey4me

# Note: This test is executed on Ubuntu Trusty

# do this on localhost (deployment host)
# ensure that there's a local ssh private key
ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa

# now make sure that the public key is in the second host's authorized_keys
# then do a test ssh connection to make sure it works, and to add the host
# to known hosts