Painless OpenStack Deployments Powered by Puppet

6,289 views
6,152 views

Published on

Published in: Technology, Business
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
6,289
On SlideShare
0
From Embeds
0
Number of Embeds
317
Actions
Shares
0
Downloads
0
Comments
0
Likes
5
Embeds 0
No embeds

No notes for slide

Painless OpenStack Deployments Powered by Puppet

  1. 1. Painless OpenStack DeploymentsPowered by PuppetPRESENTED BY : Christopher Aedo, July 5 2012 C O N F I D E N T I A L & P R O P R I E TA R Y 1 © 2012 Morphlabs Inc. All Rights Reserved
  2. 2. About Me Christopher Aedo Solutions Architect Technical Evangelist doc@morphlabs.com doc@aedo.net T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 2 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  3. 3. What is OpenStack?Founded July 2010 by RackSpace and NASA“OpenStack is a global collaboration of developers andcloud computing technologists producing the ubiquitousopen source cloud computing platform for public andprivate clouds. The project aims to deliver solutions forall types of clouds by being simple to implement,massively scalable, and feature rich.” T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 3 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  4. 4. What is OpenStack?Built from a series of interrelated projects delivering various components fora cloud infrastructure solution.•Compute (multiple hypervisors, LXC, bare metal)•Storage (Object, Block)•Networking (Nova Network, Quantum, +many others)•Dashboard (Horizon)•Shared Services (Identity, Image storage) T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 4 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  5. 5. Large and quickly expanding ecosystem T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 5 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  6. 6. Large and quickly expanding ecosystem T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 6 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  7. 7. Large and quickly expanding ecosystem T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 7 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  8. 8. Are OpenStack installs painful?Depends...•Single node, just for fun? • Use DevStack! (http://devstack.org)•Need more?•It definitely gets complicated •Multiple compute nodes? •What about networking? Flat DHCP, or VLANs? •Don’t forget Quantum (network connectivity as a service)! •Routing - send traffic back through controller, or direct via multi-host? •Extra bridge devices on your computes (accessing multiple networks, etc.)? •Swift object store! How many nodes in your ring? •Block storage too! Multiple devices, dedicated network for storage? T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 8 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  9. 9. Configuration management!•Consistency is key • reduce your variables, reduce your surprises•One admin can do the work of five • (or five admins don’t have to work too hard!)•Many choices T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 9 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  10. 10. Puppet FTW!•But WHY?? Chef is better!•Wait, Mark Burgess invented the whole concept in 1993 with CFEngine!•You forgot Salt! SaltStack ROCKS!•Chef is easier to use!•Puppet’s RAL is brilliant!•Promise Theory and self healing is genius!•Bah, my bash scripts are more than enough!•Rundeck man, that’s where it’s at! T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 10 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  11. 11. Classic puppet examplesGet the current state (the RAL sorts this for you): dpkg-query --search gitCheck the desired state (you tell Puppet what you want): package {‘git’: ensure => present, }Sync if needed (Puppet delivers): apt-get install gitNote the event (Puppet logs it): state transition: absent -> present T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 11 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  12. 12. Resource types and providers•Common types: • Package, Service, File, User, Group, Exec, Host•Common providers: • Package providers: RPM yum apt • Service providers: init systemd upstart T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 12 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  13. 13. Morphlabs and Puppet•We have been using it for a long time (it feels comfy)•The RAL makes us worry less about underlying changes • “Resource Abstraction Layer” sorts out stuff like “using apt or rpm?” • We use Ubuntu now, but adding RHEL (or other distros) to the mix is no sweat•Performs configurations as state changes • We can encapsulate everything we need in a single config • Add/modify config files, fix ownership • Guarantee necessary packages are installed and running•Written in Ruby (many ruby devs in the house)•Cross-platform (Linux, Windows, BSD, Solaris and more)•Makes our life easy! T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 13 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  14. 14. Why does it matter to Morphlabs?•We deploy private clouds based on OpenStack•We work with large service providers so they can offer private cloud to theircustomers•We work with large enterprises, helping them transition from bare-metal andvirtualized servers to “the cloud”•We support these environments, so if something goes wrong, it’s ourproblem • I want happy customers, and more of them • I also want my admins to sleep easy and not worry about having to deal with surprises•Puppet helps us eliminate unknowns•Dell hardware gives us a power-dense energy efficient highly reliableplatform to run our code•OK, all done with the marketing! T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 14 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  15. 15. Puppet and OpenStack•Puppet Labs crew deeply involved with OpenStack • http://puppetlabs.com/solutions/openstack/•Their OpenStack manifests are where we start • https://github.com/puppetlabs/puppetlabs-openstack/•You can even launch/destroy VMs inside OpenStack with Puppet • http://forge.puppetlabs.com/puppetlabs/node_openstack T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 15 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  16. 16. Speaking of starting...•You have some hardware, now what? • You probably don’t want to start with a boot from your favorite distro CD (unless you’re just starting down this road...)•Provisioning tools • Razor from Puppet Labs • MAAS and Juju from Canonical/Ubuntu • Crowbar from Dell T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 16 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  17. 17. Crowbar FTW!•The Crowbar team has been solving deployment problems for years • IPMI config • RAID config • BIOS updates•The framework is flexible, so you can make it do what you want...•WAIT! Doesn’t Crowbar use Chef for config management? • Yes, that’s true • Puppet will soon be an option • (If there’s demand, CFEngine will likely be an option in the not too distant future!)•Also, we have a pretty good relationship with Dell in general • (Come to OSCON, and I’ll be able to say more!) T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 17 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  18. 18. Provisioning continued•We’ve got Ubuntu 12.04 Server installed on all the nodes in the environment•The network config is good to go • Static IPs, correct route, DNS, NTP, and access to the Internet•Our deployer added nothing but the puppet agent and a config file pointingback to our puppetmaster•Puppet takes over from here (and it’s incredibly uneventful!) • On our puppet server, we note the few unique facts: mcloud: node_type: mcloud-compute controller_name: mc.my-controller-url.net controller_ip: 10.99.3.1 storage_ip: 10.99.255.3 release_environment: 302p03 web_client_listeners: 5 networking: external_interface: eth1 internal_interface: br100 external_ip: 10.172.100.29 internal_ip: 10.99.100.29 T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 18 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  19. 19. Speaking of factsFacter is a standalone tool based on Ruby that provides system information in “key=> value” pairsarchitecture => amd64domain => la.morphlabs.netfacterversion => 1.6.7fqdn => some-url.nethardwareisa => x86_64hardwaremodel => x86_64hostname => serverinterfaces => eth0,eth1,loipaddress => 10.123.254.251ipaddress_eth0 => 10.123.254.251kernel => Linuxkernelrelease => 3.2.0-22-genericlsbdistcodename => preciselsbdistdescription => Ubuntu 12.04 LTSlsbdistid => Ubuntulsbdistrelease => 12.04lsbmajdistrelease => 12macaddress => 00:30:41:f5:aa:74macaddress_eth0 => 00:30:41:f5:aa:74macaddress_eth1 => 00:30:41:f5:aa:75memoryfree => 12.61 GBmemorysize => 15.67 GBmemorytotal => 15.67 GBnetmask => 255.255.0.0netmask_eth0 => 255.255.0.0 T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 19 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  20. 20. Typical manifestclass openstack::glance { package { ["glance", "glance-registry", "glance-common", "glance-client", "glance-api", "python-glance"]: ensure => $::glance_version; }}class openstack::glance::services { #Make sure perms are correct exec{"/bin/chown -R glance:glance /etc/glance /var/lib/glance": alias => glance_set_perms, } service { "glance-api": ensure => running, provider => upstart, require => Exec[glance_set_perms], } service { "glance-registry": ensure => running, provider => upstart, require => Exec[glance_set_perms], }}... T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 20 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  21. 21. Process•All the manifests are in git repos • One for the manifests • One for the environments•For standalone, we use the same manifests•We use “no-op” mode to simulate changes (no surprises!)•Updating environments is safe (but not foolproof)•Can package the update as a deb to be run standalone • Transparency (no sneaky back-doors) T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 21 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  22. 22. An alternative•Dodai-Deploy • Deployment tool • Uses Puppet • Easier than doing this all by hand•https://github.com/nii-cloud/dodai-deploy/•You can spin up deployer with one line •curl https://raw.github.com/nii-cloud/dodai-deploy/master/ setup-env/setup-all-in-one.sh | sudo sh T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 22 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  23. 23. Challenges (the parts that suck)•Surprisingly few! • Provided you put in the work to test your assertions•Rollbacks are not always painless • We try to avoid at all cost (but that’s what everyone does right?)•Direct remote access is rare • - Enterprise corps are not very trusting • + The less access we have, the lower our risk•We have too much work to do • Which brings me to my last slide T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 23 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved
  24. 24. Morphlabs is hiring!•We’re looking for excellent Sysadmins!•We’re looking for excellent Python devs!•Send your details to doc@morphlabs.com• Thank you! T I T L E : PA I N L E S S O P E N S TA C K D E P L O Y M E N T S P O W E R E D B Y P U P P E T C O N F I D E N T I A L & P R O P R I E TA R Y 24 D AT E : July 5 2012 © 2012 Morphlabs Inc. All Rights Reserved

×