[Openstack-operators] Example configs
Caius Howcroft
caius.howcroft at gmail.com
Mon Mar 16 16:33:07 UTC 2015
For what its worth all bloomberg's configs are open source (apart from
things like ips, tokens and such) and in chef templates:
https://github.com/bloomberg/chef-bcpc/tree/master/cookbooks/bcpc/templates/default
thats what we run in production on several clusters at the moment,
caius
On Mon, Mar 16, 2015 at 12:08 PM, Jonathan Proulx <jon at jonproulx.com> wrote:
> Hi All,
>
> One of the requests that's come up a few times around here has been
> for 'real' config example.
>
> During the PHL Ops Midccyle we finally mad ea place to put them:
> https://github.com/osops/example-configs
>
> And over the past couple days I pushed up the configs from MIT CSAIL's
> deploy. There's a delightful real world mess, but there you go.
>
> This can also serve as a meta example for how to organize example
> configs, so if anyone has comments on the structure of how I put them
> up now is probably a good time to discuss so that when others (if
> there are others who can do this) put their configs on line the format
> is both good and consistent.
>
> The sanitization process is hairy...
>
> I rgrep'ed through for things like 'password','token','connection' (to
> get the DB connection strings) and probably a couple other things but
> missed 'auth_encryption_key' in the Heat config. Thankfully we're not
> yet big heat users so changing this wasn't a disaster, and also
> reminded me to switch to using trusts rather than the more than
> slightly scary password deferred_auth_method...
>
> So I think this will get all the bits you need to redact (and quite a
> bit more but still less than looking at every line of every file):
>
> rgrep -e key -e token -e encryption -e password
>
> (note there's still a glance-cache.conf:swift_store_key in my configs
> but it's an unused default)
>
> If anyone finds things I left your PLEASE let me know (preferably
> directly), hopefully I won't spend the rest of my life switching keys
> and passwords :)
>
>
> -Jon
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
--
Caius Howcroft
@caiushowcroft
http://www.linkedin.com/in/caius
More information about the OpenStack-operators
mailing list