I gave this talk at the OpenStack Austin Meetup on June 20, 2016. The talk covers the reasons why OpenStack-Ansible exists and the value that it brings for production OpenStack deployments.
2. Agenda
1. About me
2. The big question
3. Why Ansible?
4. Why OpenStack-Ansible?
5. Get involved!
3. About me
Major Hayden
Principal Architect, Rackspace
At Rackspace since 2006
Contributor to OpenStack
and the Fedora Project
I am addicted to
buying domain names
(please don’t give me ideas)
7. What our customers wanted
“I want to focus on what
we deploy on our cloud,
not how we deploy it.
I want to lean on
someone else’s
experience.”
“We want to add
hardware on an as-
needed basis.
I want to expand my
cloud without
downtime.”
8. What our customers didn’t want
“Don’t tell me I need
downtime to change a
configuration option.
I want my cloud to be
flexible for my needs.”
“Don’t tell me to ‘lift
and shift’ my
workloads.
Upgrades should
be easy.”
12. Highly extensible
Each task does one action
Tasks are grouped into roles
Roles are tied together with playbooks
13. Simple variable scope
Every role or task can have a default
Additional variables per environment
Deployers can override all of these variables easily
15. Very little baggage
No daemons or agents
No clients or servers
Everything uses ssh
Use your existing keys, users, and auth mechanisms (like Kerberos!)
17. Extensible collection of roles
A backbone of playbooks that links multiple roles together
Each role deploys an OpenStack service
Opinionated defaults are set in each role
19. Isolation
Each service deploys into a different container
Each service gets unique message queue and database credentials
Each service queries different databases and message queue virtual hosts
20. Coordination
Every change is tested as part of the whole stack
If a keystone change breaks nova, automated testing will fail
Deprecated configurations and imports are handled gracefully
22. Growing, diverse community
Over 2,700 commits from 30 companies
Used to deploy the OSIC cluster (over 2,000 nodes)
* Newton mid-cycle is in San Antonio in August!
24. Maintain
Upgrade
Deploy to one host, 100 hosts, or
1,000 hosts
High availability is built-in
Control over quantity and location
of Openstack services
Comes with opinionated defaults
from OpenStack operators
Deploy
25. Maintain
Upgrade
Change configurations with little
or no downtime
Rebuild any container quickly
after a failure or disruption
Add, remove or replace control
plane nodes as needed
Comprehensive host security
hardening
Deploy
26. Maintain
Upgrade
Upgrading between and within
major releases is a first class
feature
Services are carefully upgraded
along with database migrations
Deprecations are handled
gracefully
Deploy
28. OpenStack-Ansible has a security role
Applies 200+ security configurations
on hosts and virtual machines
Follows the guidelines from the DISA STIG
Lots of auditor-friendly documentation
Supports Ubuntu 14.04/16.04, CentOS 7
and Red Hat Enterprise Linux 7
See the OpenStack Summit talk!
https://goo.gl/iyywZD
31. Join us for the
Newton mid-cycle meeting
in San Antonio:
August 10-12, 2016
32. Join our community
Freenode IRC: #openstack-ansible
Mailing list: openstack-dev@lists.rackspace.com
(use the [openstack-ansible] tag in the subject line)
Code: https://github.com/openstack/openstack-ansible
Docs: http://docs.openstack.org/developer/openstack-ansible/
34. Photo credits
Title slide: Miles Bintz (Flickr) https://www.flickr.com/photos/milesbintz/4366494947
Construction crane: Richard Carter (Flickr) https://www.flickr.com/photos/richard_carter/6816885264/
Lock on old door: Denise Krebs (Flickr) https://www.flickr.com/photos/mrsdkrebs/13006945815/
Alamo: Nan Palmero (Flickr) https://www.flickr.com/photos/nanpalmero/15442494764/
Roadway at night: Paulo Valdivieso (Flickr) https://www.flickr.com/photos/p_valdivieso/14908384223/
All other photos are provided courtesy of Rackspace.