Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Flexible, simple deployments with OpenStack-Ansible


Published on

I gave this talk at the OpenStack Austin Meetup on June 20, 2016. The talk covers the reasons why OpenStack-Ansible exists and the value that it brings for production OpenStack deployments.

Published in: Technology
  • Be the first to comment

Flexible, simple deployments with OpenStack-Ansible

  1. 1. Flexible, simple deployments with OpenStack-Ansible OpenStack Austin Meetup - June 20th, 2016 Major Hayden | | @majorhayden
  2. 2. Agenda 1. About me 2. The big question 3. Why Ansible? 4. Why OpenStack-Ansible? 5. Get involved!
  3. 3. About me Major Hayden Principal Architect, Rackspace At Rackspace since 2006 Contributor to OpenStack and the Fedora Project I am addicted to buying domain names (please don’t give me ideas)
  4. 4. We seriously needed another way to deploy OpenStack clouds?
  5. 5. “Fortunately, the charging one has been solved now that we’ve all standardized on mini-USB. Or is it micro-USB?” STANDARDS
  6. 6. Different use cases demand different deployment methods.
  7. 7. What our customers wanted “I want to focus on what we deploy on our cloud, not how we deploy it. I want to lean on someone else’s experience.” “We want to add hardware on an as- needed basis. I want to expand my cloud without downtime.”
  8. 8. What our customers didn’t want “Don’t tell me I need downtime to change a configuration option. I want my cloud to be flexible for my needs.” “Don’t tell me to ‘lift and shift’ my workloads. Upgrades should be easy.”
  9. 9. Existing deployment methods had limitations Rigid configuration Upgrade challenges No operators in the community Not coordinated Lack of an overall direction
  10. 10. The foundation was set for something entirely different.
  11. 11. Why Ansible?
  12. 12. Highly extensible Each task does one action Tasks are grouped into roles Roles are tied together with playbooks
  13. 13. Simple variable scope Every role or task can have a default Additional variables per environment Deployers can override all of these variables easily
  14. 14. Dependencies make sense If you can read top-down, you understand Ansible’s dependencies
  15. 15. Very little baggage No daemons or agents No clients or servers Everything uses ssh Use your existing keys, users, and auth mechanisms (like Kerberos!)
  16. 16. Why OpenStack-Ansible?
  17. 17. Extensible collection of roles A backbone of playbooks that links multiple roles together Each role deploys an OpenStack service Opinionated defaults are set in each role
  18. 18. OpenStack-Ansible is built by operators, for operators
  19. 19. Isolation Each service deploys into a different container Each service gets unique message queue and database credentials Each service queries different databases and message queue virtual hosts
  20. 20. Coordination Every change is tested as part of the whole stack If a keystone change breaks nova, automated testing will fail Deprecated configurations and imports are handled gracefully
  21. 21. Documentation Lots of installation documentation and reference guides Real-world use cases and integrations
  22. 22. Growing, diverse community Over 2,700 commits from 30 companies Used to deploy the OSIC cluster (over 2,000 nodes) * Newton mid-cycle is in San Antonio in August!
  23. 23. Deploy, maintain, and upgrade with ease
  24. 24. Maintain Upgrade Deploy to one host, 100 hosts, or 1,000 hosts High availability is built-in Control over quantity and location of Openstack services Comes with opinionated defaults from OpenStack operators Deploy
  25. 25. Maintain Upgrade Change configurations with little or no downtime Rebuild any container quickly after a failure or disruption Add, remove or replace control plane nodes as needed Comprehensive host security hardening Deploy
  26. 26. Maintain Upgrade Upgrading between and within major releases is a first class feature Services are carefully upgraded along with database migrations Deprecations are handled gracefully Deploy
  27. 27. What about security?
  28. 28. OpenStack-Ansible has a security role Applies 200+ security configurations on hosts and virtual machines Follows the guidelines from the DISA STIG Lots of auditor-friendly documentation Supports Ubuntu 14.04/16.04, CentOS 7 and Red Hat Enterprise Linux 7 See the OpenStack Summit talk!
  29. 29. Get involved
  30. 30. What’s next? Newton release Ubuntu 16.04 support Multi-arch support (PPCLE) Xen and PowerVM support Improved testing
  31. 31. Join us for the Newton mid-cycle meeting in San Antonio: August 10-12, 2016
  32. 32. Join our community Freenode IRC: #openstack-ansible Mailing list: (use the [openstack-ansible] tag in the subject line) Code: Docs:
  33. 33. Thank you! Major Hayden @majorhayden
  34. 34. Photo credits Title slide: Miles Bintz (Flickr) Construction crane: Richard Carter (Flickr) Lock on old door: Denise Krebs (Flickr) Alamo: Nan Palmero (Flickr) Roadway at night: Paulo Valdivieso (Flickr) All other photos are provided courtesy of Rackspace.