Vagrant, Ansible, and OpenStack on your laptop

Vagrant, Ansible and OpenStack on your laptop Lorin Hochstein Nimbis ServicesEmail: lorin@nimbisservices.comTwitter: lhochstein

Setting up OpenStack for production is complex and error-prone2012-08-04 12:31:56 INFO nova.rpc.common [-] Reconnecting to AMQP server on localhost:56722012-08-04 12:31:56 ERROR nova.rpc.common [-] AMQP server on localhost:5672 is unreachable:[Errno 111] ECONNREFUSED. Trying again in 30 seconds.2012-08-04 12:31:56 TRACE nova.rpc.common Traceback (most recent call last):2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/nova/rpc/impl_kombu.py", line 446, in reconnect2012-08-04 12:31:56 TRACE nova.rpc.common self._connect()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/nova/rpc/impl_kombu.py", line 423, in _connect2012-08-04 12:31:56 TRACE nova.rpc.common self.connection.connect()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 154, in connect2012-08-04 12:31:56 TRACE nova.rpc.common return self.connection2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 560, in connection2012-08-04 12:31:56 TRACE nova.rpc.common self._connection = self._establish_connection()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 521, in _establish_connection2012-08-04 12:31:56 TRACE nova.rpc.common conn = self.transport.establish_connection()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/transport/pyamqplib.py", line 255, in establish_connection2012-08-04 12:31:56 TRACE nova.rpc.common connect_timeout=conninfo.connect_timeout)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/transport/pyamqplib.py", line 52, in __init__2012-08-04 12:31:56 TRACE nova.rpc.common super(Connection, self).__init__(*args,

Youre looking for better ways to do deployment

Shell scripts are painful, Puppet & Chef have steep learning curvesif [[ $EUID -eq 0 ]]; then ROOTSLEEP=${ROOTSLEEP:-10} echo "You are running this script as root." echo "In $ROOTSLEEP seconds, we will create a user stack and run as thatuser" sleep $ROOTSLEEP # since this script runs as a normal user, we need to give that user # ability to run sudo if [[ "$os_PACKAGE" = "deb" ]]; then dpkg -l sudo || apt_get update && install_package sudo else rpm -qa | grep sudo || install_package sudo fi if ! getent passwd stack >/dev/null; then echo "Creating a user called stack" useradd -U -s /bin/bash -d $DEST -m stack fiSource: devstack/stack.sh

You want an easy way to write & debug deployment scripts

Use Ansible to write OpenStackdeployment scripts, Vagrant to test them inside of VMs

Ansible big idea: very simple syntax, SSH for communication

Example Ansible play: install ntp---- hosts: controller tasks: - name: ensure ntp packages is installed action: apt pkg=ntp - name: ensure ntp.conf file is present action: copy src=files/ntp.conf dest=/etc/ntp.conf owner=root group=root mode=0644 - name: ensure ntp service is restarted action: service name=ntp state=restarted

Specify hosts in an inventory file[controller]192.168.206.130[compute]192.168.206.131192.168.206.132192.168.206.133192.168.206.134

Run the playbook$ ansible-playbook ntp.yamlPLAY [controller] *********************GATHERING FACTS *********************ok: [192.168.206.130]TASK: [ensure ntp packages is installed] *********************ok: [192.168.206.130]TASK: [ensure ntp.conf file is present] *********************ok: [192.168.206.130]TASK: [ensure ntp service is restarted] *********************ok: [192.168.206.130]PLAY RECAP *********************192.168.206.130 : ok=4 changed=3 unreachable=0 failed=0

What did Ansible just do?1. Made SSH connections to remote host2. Copied over Python modules and arguments parsed from playbook file3. Executed modules on remote machine

Can run a single action using ansible command$ ansible controller –m apt –a "pkg=ntp"192.168.206.130 | success >> { "changed": false, "item": "", "module": "apt"}

Ansible scripts are idempotent: can run multiple times safely$ ansible-playbook ntp.yamlPLAY [controller] *********************GATHERING FACTS *********************ok: [192.168.206.130]TASK: [ensure ntp packages is installed]*********************ok: [192.168.206.130]TASK: [ensure ntp.conf file is present] *********************ok: [192.168.206.130]TASK: [ensure ntp service is restarted] *********************ok: [192.168.206.130]PLAY RECAP *********************192.168.206.130 : ok=4 changed=1 unreachable=0 failed=0

Use handlers if action should only occur on a state change---- hosts: controller tasks: - name: ensure glance database is present action: mysql_db name=glance notify: - version glance database handlers: - name: version glance database action: command glance-manage version_control 0

Use templates to substitute variables in config filekeystone.conf:[DEFAULT]public_port = 5000admin_port = 35357admin_token = {{ admin_token }}keystone.yaml:hosts: controllervars: admin_token: 012345SECRET99TOKEN012345tasks: - name: ensure keystone config script is present action: template src=keystone.conf dest=/etc/keystone/ keystone.conf owner=root group=root mode=0644

Ansible supports multiple modules, can also do arbitrary shell commands• apt & yum packages• Stop/start/restart services• users & groups• Add SSH public keys• MySQL & PostgreSQL users & databases• VMs managed by libvirt• Git checkouts

Vagrant big idea: redistributable VMs, run with config files & commands

Import a new virtual machine (Ubuntu 12.04 64-bit)$ vagrant box add precise64http://files.vagrantup.com/ precise64.box

Make a VagrantfileVagrant::Config.run do |config| config.vm.box = "precise64"end Vagrant can also generate this for you: “vagrant init precise64”

Boot it and connect to it$ vagrant up[default] Importing base box precise64...[default] Matching MAC address for NAT networking...[default] Clearing any previously set forwarded ports...[default] Fixed port collision for 22 => 2222. Now on port 2200.[default] Forwarding ports...[default] -- 22 => 2200 (adapter 1)[default] Creating shared folders metadata...[default] Clearing any previously set network interfaces...[default] Booting VM...[default] Waiting for VM to boot. This can take a few minutes.[default] VM booted and ready for use![default] Mounting shared folders...[default] -- v-root: /vagrant$ vagrant sshWelcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic x86_64) * Documentation: https://help.ubuntu.com/Welcome to your Vagrant-built virtual machine.Last login: Thu Jun 7 00:49:30 2012 from 10.0.2.2vagrant@precise64:~$

Boot multi-VMs: configure IPs, memory, hostnameVagrant::Config.run do |config| config.vm.box = "precise64” config.vm.define :controller do |controller_config| controller_config.vm.network :hostonly, "192.168.206.130" controller_config.vm.host_name = "controller" end config.vm.define :compute1 do |compute1_config| compute1_config.vm.network :hostonly, "192.168.206.131" compute1_config.vm.host_name = "compute1" compute1_config.vm.customize ["modifyvm", :id, "--memory", 1024] endend

Openstack-ansible: Ansible scripts for OpenStack Compute Links to OpenStack Install & Deploy Guide

Config: controller, one compute host, QEMU, FlatDHCP controller compute1 .130 .131 eth1 eth1 192.168.206.* .130 .131 eth2 eth2 eth0 192.168.100.* eth0 NAT NAT

Vagrantfile describes this setupVagrant::Config.run do |config| config.vm.box = "precise64" config.vm.define :controller do |controller_config| controller_config.vm.network :hostonly, "192.168.206.130” controller_config.vm.host_name = "controller" end config.vm.define :compute1 do |compute1_config| compute1_config.vm.network :hostonly, "192.168.206.131” compute1_config.vm.host_name = "compute1" compute1_config.vm.customize ["modifyvm", :id, "--memory",1024] compute1_config.vm.customize ["modifyvm", :id, "--nicpromisc3", "allow-all"] endend

If all goes well…$ make all. . .-------------------------------------+--------------------------------------+| Property | Value |+-------------------------------------+--------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-SRV-ATTR:host | None || OS-EXT-SRV-ATTR:hypervisor_hostname | None || OS-EXT-SRV-ATTR:instance_name | instance-00000001 || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || accessIPv4 | || accessIPv6 | || adminPass | CJ8NNNa4dc6f || config_drive | || created | 2012-08-09T02:51:14Z || flavor | m1.tiny || hostId | || id | 8e9238b8-208d-46a8-8f66-c40660abacff || image | cirros-0.3.0-x86_64 || key_name | mykey || metadata | {} || name | cirros |

Links• Vagrantfile & Ansible playbooks for OpenStack:http://github.com/lorin/openstack-ansible• Ansible: http://ansible.github.com• Vagrant: http://vagrantup.com• Ansible playbook examples: https://github.com/ansible/ansible/tree/devel/examples /playbooks• Vagrant boxes: http://vagrantbox.es

Image sources• http://vagrantup.com• http://ansible.github.com• http://openstack.org• http://en.wikipedia.org/wiki/File:Rack001.jpg• http://en.wikipedia.org/wiki/File:Easy_button.JPG• http://hezik.nl/enable-ssh-server-on-backtrack-5-r2/

Vagrant, Ansible, and OpenStack on your laptop

by Lorin Hochstein on Aug 10, 2012

Accessibility

Categories

Upload Details

Usage Rights

3 Embeds 17

Statistics

Vagrant, Ansible, and OpenStack on your laptop Presentation Transcript

https://twitter.com	8
https://si0.twimg.com	5
https://twimg0-a.akamaihd.net	4