Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OpenStack Murano introduction

5,772 views

Published on

An introduction for OpenStack Murano(The Application Catalog Service in OpenStack).

Published in: Technology
  • Be the first to comment

OpenStack Murano introduction

  1. 1. OpenStack Murano - an application catalog service
  2. 2. Agenda  Why Murano?  What is Murano?  Murano architecture  How to use Murano?  Install and configure Murano  push-a-button style deployment for end user  Application Catalog Design in Murano  Murano best practices  Troubleshooting  Understand how Murano-agent works 2
  3. 3. Why Murano? 4 This is how we buy product in Amazon.com. This is how we will consume cloud service on OpenStack by Murano.
  4. 4. What is Murano?  What is Murano  Just like hardware will be useless without software, virtual machine is useless without application.  Murano is an application catalog service runs on the top of OpenStack IaaS layer.  Goal  compose and deploy composite environments on the Application abstraction level via UI or rest API  application life cycle management  be an integration point for various applications and service in OpenStack  Source code  https://git.openstack.org/cgit/?q=Murano  https://launchpad.net/Murano 5
  5. 5. Murano high level overview 6
  6. 6. Murano architecture 7 ❶ user send request via Murano dashboard to Murano python client ❷ Murano python client send request to Murano API server ❸ Murano api server send the request to rabbitmq ❹ Murano conductor pick the request message from queue ❺ Murano conductor parse the message and construct a heat template to heat engine ❻Murano conductor send the really deployment execution plan to the rabbitmq as Murano agent task ❼ heat deploy the whole IaaS level infrastructure via various OpenStack services ❽ OpenStack services provision the vm instances with Murano-agent enabled. ❾ on vms Murano-agent pick up the execution plan assigned by the Murano conductor and execute them via various scripts on certain OS
  7. 7. Murano components Murano API Service • Murano API provides access to the Murano orchestration engine via API. Conductor Service(Orchestration Engine) • Conductor is a Murano orchestration engine that transforms object model sent by REST API service into a series of Heat and Murano-Agent commands. Murano Repository Service • Murano Repository provides access to metadata for Murano Conductor and Murano Dashboard. It also allows to manage metadata objects via API. Editing service definitions (and other data stored in Murano Repository) is made separately for each tenant. Murano Dashboard • Murano Dashboard provides Web UI for Murano Project. 8
  8. 8. How to use Murano?  Murano personas  Install and configure Murano  push-a-button style deploy for end user  Application Catalog Design in Murano 9
  9. 9. Murano personas 10 f cloud catalog admincloud end user 3rd party cloud application provider Murano consumes Maintain and set policy integrate and publish integrates
  10. 10. Install and configure Murano  Using Devstack  $ git clone https://github.com/openstack-dev/devstack.git  $git checkout stable/juno  $ wget https://raw.github.com/stackforge/Murano-deployment/release-0.4/  getting-started/localrc  $ wget https://raw.github.com/stackforge/Murano-deployment/release-0.4/  getting-started/local.sh  $ chmod +x local.sh  $ ./stack.sh 11
  11. 11. Install Murano-Using devstack-Local.sh 12
  12. 12. Murano.conf 13 Rabbit host Keystone auth
  13. 13. Push-a-button style deployment 14 ❶create environment ❷add component from the catalog services ❸deploy the environment ❹consume the cloud service ❺charge by billing system ❻delete the environment start point
  14. 14. Application Catalog Design in Murano  most complex and important part in Murano  generic workflow is  build Murano-agent enabled vm image  create application package  specify the billing rules and usage metrics  test and verify  publish to Murano catalog 15
  15. 15. Design an application catalog high level overview 16 apache OS Modeling in Murano Apache Service in OpenStack Apache service Linux Windows
  16. 16. build Murano-agent enabled vm image  build Murano windows image  Install Required Packages  Configure Shared Resource  Prerequisites  Additional Software  Build Windows Image (Automatic Way)  Build Windows Image (Manual Way)  Upload Image Into Glance 17 • build Murano Linux image • Install Required Packages • Build Linux Image • Guest VM Linux OS preparation • Upload Image Into Glance
  17. 17. Building Windows Image  Install Required Packages  Configure Shared Resource  Prerequisites  Additional Software  Build Windows Image (Automatic Way)  Build Windows Image (Manual Way)  Upload Image Into Glance 18
  18. 18. Building Windows Image -Install Required Packages  ipxe-qemu  kvm-ipxe  qemu-kvm  python-libvirt  libvirt-bin  libvirt0  virt-goodies  virt-manager  virt-top  virt-what  virtinst  python 19 # apt-get install ipxe-qemu kvm-ipxe qemu-kvm virt-goodies virtinst virt-manager libvirt0 libvirt-bin python python-libvirt python-libxml2 python-minimal python-pycurl python-pyorbit python-requests python-six samba samba-common openssh-server virt-top virt-what
  19. 19. Building Windows Image -Configure Shared Resource  Configure samba based share ># mkdir -p /opt/samba/share ># chown -R nobody:nogroup /opt/samba/share  Configure samba server (/etc/samba/smb.conf). ... [global] ... security = user ... [share] comment = Deployment Share path = /opt/samba/share browsable = yes read only = no create mask = 0755 guest ok = yes guest account = nobody ...  Restart services. ># service smbd restart ># service nmbd restart 20
  20. 20. Building Windows Image -Prerequisites•${SHARE_PATH}/libvirt/images/ws-2012-eval.iso •http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx Windows 2012 Server ISO evaluation version •${SHARE_PATH}/libvirt/images/virtio-win-0.1-52.iso •http://alt.fedoraproject.org/pub/alt/virtio-win/stable/virtio-win-0.1-52.iso VirtIO drivers for Windows •${SHARE_PATH}/share/files/CloudbaseInitSetup_Beta.msi •http://www.cloudbase.it/downloads/CloudbaseInitSetup_Beta.msiCloudBase-Init for Windows •${SHARE_PATH}/share/files/Far30b3367.x64.20130426.msi •http://www.farmanager.com/files/Far30b3525.x64.20130717.msi Far Manager •${SHARE_PATH}/share/files/Git-1.8.1.2-preview20130201.exe •https://msysgit.googlecode.com/files/Git-1.8.3-preview20130601.exe Git client •${SHARE_PATH}/share/files/SysinternalsSuite.zip •http://download.sysinternals.com/files/SysinternalsSuite.zipSysinternals Suite •${SHARE_PATH}/share/files/unzip.exe •https://www.dropbox.com/sh/zthldcxnp6r4flm/-k1Om_V6XR unzip.exe tool •${SHARE_PATH}/share/files/Windows6.1-KB2506143-x64.msu •http://www.microsoft.com/en-us/download/details.aspx?id=34595PowerShell v3 •${SHARE_PATH}/share/files/dotNetFx40_Full_x86_x64.exe •http://www.microsoft.com/en-us/download/details.aspx?id=17718.NET 4.0 •${SHARE_PATH}/share/files/dotNetFx45_Full_setup.exe •http://www.microsoft.com/en-us/download/details.aspx?id=30653 .NET 4.5 •${SHARE_PATH}/share/files/MuranoAgent.zip •https://www.dropbox.com/sh/zthldcxnp6r4flm/-k1Om_V6XRMurano Agent 21
  21. 21. Building Windows Image -Additional Software  Windows ADK  ${SHARE_PATH}/libvirt/images/ws-2012-eval.iso  Windows Assessment and Deployment Kit (ADK) for Windows® 8 is required to build your own answer files for auto unattended Windows installation.  http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx  PuTTY  PuTTY is a useful tool to manage your Linux boxes via SSH.  Windows Server 2012 ISO image  Image Name: 9200.16384.WIN8_RTM.120725-1247_X64FRE_SERVER_EVAL_EN-US-HRM_SSS_X64FREE_EN-US_DV5.iso  URL: http://technet.microsoft.com/en-US/evalcenter/hh670538.aspx?ocid=&wt.mc_id=TEC_108_1_33  VirtIO Red Hat drivers ISO image  Download drivers from http://alt.fedoraproject.org/pub/alt/virtio-win/stable/  Floppy Image With Unattended File  Create empty floppy image in your home folder  ># dd bs=512 count=2880  if=/dev/zero of=~/floppy.img  mkfs.msdos ~/floppy.img  Mount the image to /media/floppy  ># mkdir /media/floppy mount -o loop  ~/floppy.img /media/floppy  Download autounattend.xml file from https://raw.github.com/stackforge/Murano-deployment/master/image-builder/share/files/ws-2012-std/autounattend.xml  ># cd ~  ># wget https://raw.github.com/stackforge/Murano-deployment  /master/image-builder/share/files/ws-2012-std/autounattend.xmlMurano Agent  Copy our autounattend.xml to /media/floppy  ># cp ~/autounattend.xml /media/floppy  Unmount the image  ># umount /media/floppy 22
  22. 22. Building Windows Image- Build Windows Image (Automatic Way) Clone Murano-deployment repository  ># git clone git://github.com/stackforge/Murano-deployment.git  Change directory to Murano-deployment/image-builder folder.  Create folder structure for image builder  ># make build-root  Create shared resource  Add to /etc/samba/smb.conf.  [image-builder-share]  comment = Image Builder Share  browsable = yes  path = /opt/image-builder/share  guest ok = yes  guest user = nobody  read only = no  create mask = 0755  Restart samba services.  ># restart smbd && restart nmbd  Test that all required files are in place  ># make test-build-files  Get list of available images  ># make  Run image build process  ># make ws-2012-std  Wait until process finishes  he image file ws-2012-std.qcow2 should be stored under /opt/image-builder/share/images folder. 23
  23. 23. Building Windows Image- Build Windows Image (Manual Way)  Get Post-Install Scripts  Download package installation script named wpi.ps1 from https://raw.github.com/stackforge/Murano- deployment/master/image-builder/share/scripts/ws-2012-std/wpi.ps1  Download Clean-up script Start-Sysprep.ps1 from https://raw.github.com/stackforge/Murano- deployment/master/image-builder/share/scripts/ws-2012-std/Start-Sysprep.ps1  Create a VM  Using CLI Tools  Preallocate disk image ># qemu-img create -f raw /var/lib/libvirt/images/ws-2012.img 40G  Start the VM ># virt-install --connect qemu:///system --hvm --name WinServ --ram 2048 --vcpus 2 --cdrom /opt/samba/share/9200.16384.WIN8_RTM .120725-1247_X64FRE_SERVER_EVAL_EN-US-HRM_SSS_X64FREE_EN-US_DV5.ISO --disk path=/opt/samba/share/virtio-win-0.1-52.iso,device=cdrom --disk path=/opt/samba/share/floppy.img,device=floppy --disk path=/var/lib/libvirt/images/ws-2012.qcow2 ,format=qcow2,bus=virtio,cache=none --network network=default,model=virtio --memballoon model=virtio --vnc --os-type=windows --os-variant=win2k8 --noautoconsole --accelerate --noapic --keymap=en-us --video=cirrus –force 24
  24. 24. Building Windows Image- Build Windows Image (Manual Way)-cont  Using virt-manager UI  Launch virt-manager from shell as root  Set a name for VM and select Local install media  Add one cdrom and attach Windows Server ISO image to it  Select OS type Windows and it's version Windows Server 2008  Set CPU and RAM amount  Deselect option Enable storage for this virtual machine  Select option Customize configuration before install  Add second cdrom for ISO image with virtio drivers  Add a floppy drive and attach our floppy image to it  Add (or create new) HDD image with Disk bus VirtIO and storage format RAW  Set network device model VirtIO  Start installation process and open guest vm screen through Console button  Convert the image from RAW to QCOW2 format.  # qemu-img convert -O qcow2 /var/lib/libvirt/images/ws-2012.raw  /var/lib/libvirt/images/ws-2012-ref.qcow2 25
  25. 25. Building Windows Image -Upload Image Into Glance  import your disk image to Glance >$ glance image-create --name <NAME> --is-public true --disk-format qcow2 --container-format bare --file <IMAGE_FILE> --property <IMAGE_METADATA>  to update the exiting image meta data  >$ glance image-update <IMAGE-ID> --property <IMAGE_MATADATA> 26
  26. 26. Building Linux Image  Install Required Packages  Build Linux Image  Guest VM Linux OS preparation  Upload Image Into Glance 27
  27. 27. Building Linux Image-Install Required Packages  ipxe-qemu  kvm-ipxe  qemu-kvm  python-libvirt  libvirt-bin  libvirt0  virt-goodies  virt-manager  virt-top  virt-what  virtinst  python 28 ># apt-get install ipxe-qemu kvm-ipxe qemu-kvm virt-goodies virtinst virt-manager libvirt0 libvirt-bin python python-libvirt python-libxml2 python-minimal python-pycurl python-pyorbit python-requests python-six samba samba-common openssh-server virt-top virt-what
  28. 28. Building Linux Image-Build Linux Image  Create a VM via CLI  Preallocate disk image  ># qemu-img create -f qcow2 /var/lib/libvirt/images/cloud-linux.img 10G  Start the VM ># virt-install --connect qemu:///system --hvm --name cloud-linux --ram 2048 --vcpus 2 --cdrom /PATH_TO_YOUR_LINUX.ISO --disk path=/var/lib/libvirt/images/cloud-linux.img, format=qcow2,bus=virtio,cache=none --network network=default,model=virtio --memballoon model=virtio --vnc --os-type=linux --accelerate --noapic --keymap=en-us --video=cirrus --force 29
  29. 29. Building Linux Image-Build Linux Image  Create a VM via virt-manager UI  Launch virt-manager from shell as root  Set a name for VM and select Local installation media  Add one cdrom and attach your linux ISO image to it  Select OS type Linux and it's version choose yours  Set CPU and RAM amount  Deselect option Enable storage for this virtual machine  Select option Customize configuration before install  Add (or create new) HDD image with Disk bus VirtIO and storage format QCOW2  Set network device model VirtIO  Start installation process and open guest vm screen through Console button 30
  30. 30. Building Linux Image-Guest VM Linux OS preparation OS system required tools preparation ># apt-get -y update; apt-get -y dist-upgrade ># apt-get install -y git unzip make cmake gcc python-dev python-pip openssh-server  Murano-agent installation steps ># mkdir -p /opt/git ># cd /opt/git ># git clone https://github.com/stackforge/Murano-agent.git ># cd Murano-agent/python-agent ># git checkout release-0.3 ># chmod a+x setup*.sh # To install Murano Agent on Ubuntu run: ># ./setup.sh install # To install Murano Agent on CentOS run: ># ./setup-centos.sh install  cloud-init installation  install cloud-init ># apt-get install -y cloud-init cloud-initramfs-growroot # dpkg-reconfigure cloud-init  cloud-init configuration options ># vi /etc/cloud/cloud.cfg user: ec2-user disable_root: 1 preserve_hostname: False 31
  31. 31. Building Linux Image-Guest VM Linux OS preparation  Security setup ># useradd -m -G sudo -s /bin/bash ec2-user ># passwd ec2-user ># echo "ec2-user ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ec2-user ># chmod 440 /etc/sudoers.d/ec2-user  Disable SSH password-based logins in the /etc/ssh/sshd_config. ... GSSAPIAuthentication no PasswordAuthentication no PermitRootLogin no ...  Network handling  # rm -f /etc/udev/rules.d/70-persistent-net.rules  Shutdown VM  Convert the image from RAW to QCOW2 ># qemu-img convert -O qcow2 /var/lib/libvirt/images/cloud-linux.img /var/lib/libvirt/images/cloud-linux.img.qcow2 32
  32. 32. Building Linux Image-Upload Image Into Glance  import image to glance ># glance image-create --disk-format=qcow2 --container-format=bare --is-public=true --file=cloud-linux.img --name=cloud-linux 33
  33. 33. create application package  Step 1. Prepare Execution Plans  Step 2. Prepare MuranoPL class definitions  Step 3. Prepare Dynamic UI Form Definition  Step 4. Prepare application logo  Step 5. Prepare manifest file  Step 6. Compose a zip archive 34
  34. 34. create application package  Step 1. Prepare Execution Plans  FormatVersion - version of Execution Plan syntax format  Version - version of Execution Plan  Name - human-readable name of the Execution Plan  Parameters - parameters received from MuranoPL  Body - Python statement, should start with | symbol  Scripts - dictionary that maps script names to script definitions.  Type: Deployment Platform name that script is targeted to.  Version: optional minimum version of deployment platform/executor required by the script.  EntryPoint: relative path to the file that contains a script entry point  Files: This is an optional array of additional files required for the script. Use <> to specify a relative path to the file. The root directory is Resource/scripts.  Options: an optional argument of type contains additional options 35
  35. 35. Example - DeployTelnet.template FormatVersion: 2.0.0 Version: 1.0.0 Name: Deploy Telnet Parameters: appName: $appName Body: | return deploy(args.appName).stdout Scripts: deploy: Type: Application Version: 1.0.0 EntryPoint: deployTelnet.sh Files: - installer.sh - common.sh Options: captureStdout: true captureStderr: false 36 Like main func Like sub func Like 2>&1
  36. 36. create application package  Step 1. Prepare Execution Plans  Step 2. Prepare MuranoPL class definitions  MuranoPL classes control application deployment workflow execution. Namespaces: =: io.Murano.apps.linux std: io.Murano res: io.Murano.resources Name: Telnet Extends: std:Application Properties: name: Contract: $.string().notNull() instance: Contract: $.class(res:Instance).notNull() Workflow: deploy: Body: - $.instance.deploy() - $resources: new('io.Murano.system.Resources') - $template: $resources.json('DeployTelnet.template') - $.instance.agent.call($template, $resources) 37
  37. 37. MuranoPL  Developed for managing complex compound applications with minimal code duplication.  Has YAML-based syntax.  Built on classes, composition and inheritance.  Safe enough to be used for execution of untrusted code 38
  38. 38. Murano PL – YAQL(Yet Another Query Language) https://github.com/ativelkov/yaql  query language designed as part of Murano project.  a language for expression evaluation  presence of ‘$’ sign  no built in list of functions  Everything YAQL can access is customizable  3* foo(3,6) depends on the implementation of ‘foo’ and operator ‘*’  $foo means get the value of $foo?  a lot of OOTB functions  no assignment operator in YAQL  ‘=‘ means ‘==‘ in Python 39
  39. 39. Murano PL – common class structure Name: class name Namespaces: namespaces specification Extends: [list of parent classes] Properties: properties declaration Workflow: methodName: Arguments: - list - of - arguments Body: - list - of - instructions 40 Murano.overview class MyClass (MyBase1, MyBase2,…): name = ‘hello’ value = ‘world’ def say(self,*args,**kargs): pass def say_again(self, *args, **kargs): pass
  40. 40. Murano PL – common class structure- Namespaces Namespaces: =: com.mirantis.Murano.services.windows srv: com.mirantis.Murano.services std: com.mirantis.Murano srv:foo equals to com.mirantis.Murano.services.foo ‘=‘ means current namespace ‘MyClass’ equals com.mirantis.Murano.services.windows.MyClass 41
  41. 41. Murano PL – common class structure- Extends Extends: [base1, base2,..] Extends: Base Extends: 42 MyClass(base1,base2,..) MyClass(Base) MyClass(com.mirantis.Murano.Object)
  42. 42. Murano PL – common class structure- Properties propertyName: Contract: property contract Usage: property usage Default: property default 43
  43. 43. Murano PL – common class structure- Properties- Contract YAQL expressions to define expected type of value and constraints imposed on this property. 44
  44. 44. Murano PL – common class structure- Properties- contract 45
  45. 45. Murano PL – common class structure- Properties-Usage  Usage states purpose of the property.  indicates who and how can access the property 46
  46. 46. Murano PL – common class structure- Properties-Default  Specify the default value of the property  Conform to the constraints set by contract. 47
  47. 47. Murano PL – common class structure- Workflow  Workflows are the methods that together describe how the entities that are represented by MuranoPL classes deployed. 48 methodName: Arguments: - list - of - arguments Body: - list - of - instructions 3 types of instructions Expressions Assignment Block constructs
  48. 48. Murano PL – common class structure- Workflow-Expression 49 • YAQL expressions • in a syntax like $obj.methodName(arguments)
  49. 49. Murano PL – common class structure- Workflow-Assignment 50 • YAQL expressions • single-key dictionaries with YAQL expression as key and arbitrary structure as a value
  50. 50. Murano PL – common class structure- Workflow-Blocks 51 • Block constructs control program flow.
  51. 51. create application package  Step 1. Prepare Execution Plans  Step 2. Prepare MuranoPL class definitions  Step 3. Prepare Dynamic UI Form Definition 52
  52. 52. Dynamic UI  Goal  generate application creation forms "on-the-fly“  YAML format  Version - points out to which syntax version is used, optional  Templates - optional, auxiliary section, using together with an Application section, optional  Application - object model description which will be used in application deployment, required  Forms - web form definitions, required  YAQL  https://wiki.openstack.org/wiki/Murano/Documentation/DynamicUI#Dyna mic_UI_Definition_specification 53
  53. 53. Dynamic UI -telnet ui definition example Version: 2 Templates: instance: ?: type: io.Murano.resources.Instance name: generateHostname($.serviceConfiguration.unitNamingPattern, 1) flavor: $.instanceConfiguration.flavor image: $.instanceConfiguration.osImage Application: ?: type: io.Murano.apps.linux.Telnet name: $.serviceConfiguration.name instance: $instance 54 Underline IAAS leve resource definition Application modeling by MuranoPL
  54. 54. Dynamic UI 55 UI elements is generated UI definition file
  55. 55. Dynamic UI -telnet ui definition example Forms: - serviceConfiguration: fields: - name: title type: string required: false hidden: true description: Telnet service that can be installed at linux - name: name type: string label: Service Name description: >- Enter a desired name for a service. Just A-Z, a-z, 0-9, dash and underline are allowed. minLength: 2 maxLength: 64 regexpValidator: '^[-w]+$' errorMessages: invalid: Just letters, numbers, underscores and hyphens are allowed. helpText: Just letters, numbers, underscores and hyphens are allowed. 56 Will be displayed in UI Input Validation
  56. 56. create application package  Step 1. Prepare Execution Plans  Step 2. Prepare MuranoPL class definitions  Step 3. Prepare Dynamic UI Form Definition  Step 4. Prepare application logo 57
  57. 57. Step6. Prepare application logo in .png format 58
  58. 58. create application package  Step 1. Prepare Execution Plans  Step 2. Prepare MuranoPL class definitions  Step 3. Prepare Dynamic UI Form Definition  Step 4. Prepare application logo  Step 5. Prepare manifest file 59
  59. 59. Prepare manifest file  in YAML format  should contains:  Format - version of a manifest syntax format  Type - package type. Valid choices are: Library and Application  Name - human-readable application name  Description - a brief description of an application  Author - person or company name which created an application package  Classes - MuranoPL class list, on which application deployment is based  Tags - list of words, associated with this application. Will be helpful during the search.Optional parameter 60
  60. 60. Prepare manifest file- example Format: 1.0 Type: Application FullName: io.Murano.apps.linux.Telnet Name: Telnet Description: | Telnet is the traditional protocol for making remote console connections over TCP. Author: 'Mirantis, Inc' Tags: [Linux, connection] Classes: io.Murano.apps.linux.Telnet: telnet.yaml UI: telnet.yaml Logo: telnet.png 61
  61. 61. create application package  Step 1. Prepare Execution Plans  Step 2. Prepare MuranoPL class definitions  Step 3. Prepare Dynamic UI Form Definition  Step 4. Prepare application logo  Step 5. Prepare manifest file  Step 6. Compose a zip archive 62
  62. 62. Compose a zip archive  Classes folder  MuranoPL class definitions should be put inside this folder  Resources folder  This folder should contain Execution scripts  Scripts folder  All script files, needed for an application deployment should be placed here  UI folder  Place dynamic ui yaml definitions here  logo.png  Image file should be placed in the root folder. It can have any name, just specify it in the manifest file.  manifest.yaml  Application manifest file. It's an application entry point. The file name is fixed. 63
  63. 63. Murano application anatomy by example  manifest.yaml  Logo.png  UI  Resources  Classes 64
  64. 64. Resources 65 Deployment scripts Deployment template in yaml format
  65. 65. Resources FormatVersion: 2.0.0 Version: 1.0.0 Name: Deploy Apache Parameters: enablePHP: $enablePHP Body: | return apacheDeploy('{0}'.format(args.enablePHP)).stdout Scripts: apacheDeploy: Type: Application Version: 1.0.0 EntryPoint: runApacheDeploy.sh Files: - <installer.sh> - <common.sh> Options: captureStdout: true captureStderr: true 66
  66. 66. Classes Namespaces: =: io.Murano.apps.apache std: io.Murano res: io.Murano.resources sys: io.Murano.system Name: Apache Extends: std:Application Properties: name: Contract: $.string().notNull() enablePHP: Contract: $.bool() Default: false instance: Contract: $.class(res:Instance).notNull() 67
  67. 67. manifest.yaml 68
  68. 68. Logo or icon 69
  69. 69. Murano best practices  Use Separate vHost in RabbitMQ  advantages  this prevents queue name collisions  this prevents message stealing from queues  this simplify debugging  configure example ># rabbitmqctl add_user Muranouser Muranopassword ># rabbitmqctl set_user_tags Muranouser administrator ># rabbitmqctl add_vhost Muranovhost ># rabbitmqctl set_permissions -p Muranovhost Muranouser ".*" ".*" ".*" 70
  70. 70. Troubleshooting 71 Root cause: By default ,Murano needs a router name that contains keyword like Murano and external network solution: modify the /etc/Murano/Murano.conf in [networking] section [networking] … external_network=<your_existing_network_name> router_name=<your_exiting_router_name> …
  71. 71. Troubleshooting(1)  Issue  Failed to provision instance, nova report failed to plug vif 72 Root cause: This is a known issue in juno solution:
  72. 72. Troubleshooting(2)  Issue  access meta data failed 73 Root cause: The neutron meta data service cannot authenticate against keystone solution: vi /etc/neutron/metadata_agent.ini
  73. 73. Troubleshooting(3)  Issue  agent failed to execute the execution plan 74 Possible Root cause: 1. Murano-agent cannot connect to the rabbitmq server 2. Murano-agent failed find the message in queue solution: As for No1., check the rabbitmq server status via cli #rabbitmqctl status As for No2. login to vm instance check the /etc/Murano/agent.conf to find the input_queue id find if the message by this input_queue in rabbitmq
  74. 74. Understand how Murano agent works 75 Murano-agent.conf rabbitmq VM heat- client Murano-agent ❹ ❸ ❺ ❷ ❶ heat picks up the message from rabbitmq ❷ heat will generate the Murano-agent.conf using cloud-init ❸ Murano agent will use this agent.conf file to find the right rabbitmq server and the input_queue ❹ Murano agent will pickup the right message from rabbitmq ❺ Murano agent will execute the execution plan beard in the message ❶ execution plans
  75. 75. /var/lib/heat-cfntools/cfn-userdata root@Murano-tkuoai2lpm47x1-nwhcoi2lplzls1-bsojzo5io7vr:~# cat /var/lib/heat-cfntools/cfn-userdata #!/bin/sh service Murano-agent stop AgentConfigBase64='W0RFRkFVTFRdCmRlYnVnPVRydWUKdmVyYm9zZT1UcnVlCmxvZ19maWxlID0gL3Zhci9sb2c vbXVyYW5vLWFnZW50LmxvZwoKc3RvcmFnZT0vdmFyL211cmFuby9wbGFucwoKW3JhYmJpdG1xXQoKIyBJbnB1d CBxdWV1ZSBuYW1lCmlucHV0X3F1ZXVlID0gZWNjZWNkNTBjMWM0ZjQ5NWE5MjYwY2NlNWZhNGNmOWRhLWg 1YTU0ZDUwOC1iNTZmLTRkNDYtODJiZC03MTVmMjRhMjA3MDcKCiMgT3V0cHV0IHJvdXRpbmcga2V5ICh1c3VhbG x5IHF1ZXVlIG5hbWUpCnJlc3VsdF9yb3V0aW5nX2tleSA9IC1leGVjdXRpb24tcmVzdWx0cy10a3VvYWkybHBtNDd4M QoKIyBDb25uZWN0aW9uIHBhcmFtZXRlcnMgdG8gUmFiYml0TVEgc2VydmljZQoKIyBIb3N0bmFtZSBvciBJUCBhZGR yZXNzIHdoZXJlIFJhYmJpdE1RIGlzIGxvY2F0ZWQuCmhvc3QgPSAxOTIuODUuMTgwLjEzOAoKIyBSYWJiaXRNUSBwb3J 0ICg1NjcyIGlzIGEgZGVmYXVsdCkKcG9ydCA9IDU2NzIKCiMgVXNlIFNTTCBmb3IgUmFiYml0TVEgY29ubmVjdGlvbnM gKFRydWUgb3IgRmFsc2UpCnNzbCA9IGZhbHNlCgojIFBhdGggdG8gU1NMIENBIGNlcnRpZmljYXRlIG9yIGVtcHR5IHR vIGFsbG93IHNlbGYgc2lnbmVkIHNlcnZlciBjZXJ0aWZpY2F0ZQpjYV9jZXJ0cyA9CgojIFJhYmJpdE1RIGNyZWRlbnRpYW xzLiBGcmVzaCBSYWJiaXRNUSBpbnN0YWxsYXRpb24gaGFzICJndWVzdCIgYWNjb3VudCB3aXRoICJndWVzdCIgcGFzc 3dvcmQuCmxvZ2luID0gZ3Vlc3QKcGFzc3dvcmQgPSBwYXNzd29yZAoKIyBSYWJiaXRNUSB2aXJ0dWFsIGhvc3QgKHZ ob3N0KS4gRnJlc2ggUmFiYml0TVEgaW5zdGFsbGF0aW9uIGhhcyAiLyIgdmhvc3QgcHJlY29uZmlndXJlZC4KdmlydHV hbF9ob3N0ID0gLwo=' if [ ! -d /etc/Murano ]; then mkdir /etc/Murano fi echo $AgentConfigBase64 | base64 -d > /etc/Murano/agent.conf chmod 664 /etc/Murano/agent.conf service Murano-agent start 76 root@Murano-tkuoai2lpm47x1-nwhcoi2lplzls1-bsojzo5io7vr:~# echo $AgentConfigBase64 | base64 -d [DEFAULT] debug=True verbose=True log_file = /var/log/Murano-agent.log storage=/var/Murano/plans [rabbitmq] # Input queue name input_queue = eccecd50c1c4f495a9260cce5fa4cf9da-h5a54d508-b56f-4d46-82bd-715f24a20707 # Output routing key (usually queue name) result_routing_key = -execution-results-tkuoai2lpm47x1 # Connection parameters to RabbitMQ service # Hostname or IP address where RabbitMQ is located. host = 192.85.180.138 # RabbitMQ port (5672 is a default) port = 5672 # Use SSL for RabbitMQ connections (True or False) ssl = false # Path to SSL CA certificate or empty to allow self signed server certificate ca_certs = # RabbitMQ credentials. Fresh RabbitMQ installation has "guest" account with "guest" password. login = guest password = password # RabbitMQ virtual host (vhost). Fresh RabbitMQ installation has "/" vhost preconfigured. virtual_host = /
  76. 76. Murano-agent.conf 77 root@Murano-tkuoai2lpm47x1-nwhcoi2lplzls1-bsojzo5io7vr:~# echo $AgentConfigBase64 | base64 -d [DEFAULT] debug=True verbose=True log_file = /var/log/Murano-agent.log storage=/var/Murano/plans [rabbitmq] # Input queue name input_queue = eccecd50c1c4f495a9260cce5fa4cf9da-h5a54d508-b56f-4d46-82bd-715f24a20707 # Output routing key (usually queue name) result_routing_key = -execution-results-tkuoai2lpm47x1 # Connection parameters to RabbitMQ service # Hostname or IP address where RabbitMQ is located. host = 192.85.180.138 # RabbitMQ port (5672 is a default) port = 5672 # Use SSL for RabbitMQ connections (True or False) ssl = false # Path to SSL CA certificate or empty to allow self signed server certificate ca_certs = # RabbitMQ credentials. Fresh RabbitMQ installation has "guest" account with "guest" password. login = guest password = password # RabbitMQ virtual host (vhost). Fresh RabbitMQ installation has "/" vhost preconfigured. virtual_host = /
  77. 77. check the message in rabbitmq  {"Body": "return apacheDeploy('{0}'.format(args.enablePHP)).stdoutn", "Files": {"f17cecd3704f4a958b3f4998617ce8dc": {"Body": "IyEvYmluL2Jhc2gKIwpJTlNUQUxMRVJfT1BUUz0iIgpVTklOU1RBTExFUl9PUFRTPSIiClBNR1I9nIiIKUE1HUl9MSVNUX09QVFM9IiIKCmZ1bmN0aW9uIGluY2x1ZGUoKXsKICAgIGN1cnJfZGlyPSQonY2QgJChkaXJuYW1lICIkMCIpICYmIHB3ZCkKICAgIGluY19maWxlX3BhdGg9JGN1cnJfZGlyLyQx nCiAgICBpZiBbIC1mICIkaW5jX2ZpbGVfcGF0aCIgXTsgdGhlbgogICAgICAgIC4gJGluY19maWxlnX3BhdGgKICAgIGVsc2UKICAgICAgICBleGl0IDEKICAgIGZpCn0KZnVuY3Rpb24gc2V0X2luc3RhnbGxfb3B0aW9ucygpewogICAgY2FzZSAkMSBpbgogICAgICAgIGFwdC1nZXQgKQogICAgICAgICAg nICBJTlNUQUxMRVJfT1BUUz0iLXkgLXEgaW5zdGFsbCIKICAgICAgICAgICAgVU5JTlNUQUxMRVJfnT1BUUz0iLXkgLXEgcmVtb3ZlIgogICAgICAgICAgICBQTUdSPSJkcGtnIgogICAgICAgICAgICBQnTUdSX0xJU1RfT1BUUz0iLXMiCiAgICAgICAgICAgIDs7CiAgICAgICAgeXVtICkKICAgICAgICAgnICAg SU5TVEFMTEVSX09QVFM9Ii0tYXNzdW1leWVzIGluc3RhbGwiCiAgICAgICAgICAgIFVOSU5TnVEFMTEVSX09QVFM9Ii0tYXNzdW1leWVzIGVyYXNlIgogICAgICAgICAgICBQTUdSPSJycG0iCiAgnICAgICAgICAgIFBNR1JfTElTVF9PUFRTPSItcSIKICAgICAgICAgICAgOzsKICAgICAgICB1cnBtnKiApCi AgICAgICAgICAgIElOU1RBTExFUl9PUFRTPSIteSIKICAgICAgICAgICAgVU5JTlNUQUxMnRVJfT1BUUz0iIgogICAgICAgICAgICBQTUdSPSJycG0iCiAgICAgICAgICAgIFBNR1JfTElTVF9PnUFRTPSItcSIKICAgICAgICAgICAgOzsKICAgICAgICB6eXBwZXIgKQogICAgICAgICAgICBJTlNUnQUxMRVJfT1BU Uz0iaW5zdGFsbCIKICAgICAgICAgICAgVU5JTlNUQUxMRVJfT1BUUz0icmVtb3ZlnIC0tcXVpZXQiCiAgICAgICAgICAgIFBNR1I9InJwbSIKICAgICAgICAgICAgUE1HUl9MSVNUX09QnVFM9Ii1xIgogICAgICAgICAgICA7OwogICAgICAgIHBpcCApCiAgICAgICAgICAgIElOU1RBTExFnUl9PUFRTPSJpbn N0YWxsIgogICAgICAgICAgICBVTklOU1RBTExFUl9PUFRTPSJ1bmluc3RhbGwgnLS15ZXMiCiAgICAgICAgICAgIGZpbmRfcGlwCiAgICAgICAgICAgIFBBQ0tBR0VSPSRQSVBDTUQKnICAgICAgICAgICAgUE1HUj0kUElQQ01ECiAgICAgICAgICAgIFBNR1JfTElTVF9PUFRTPSJmcmVlnemUgfCBncmVw IgogICAgICAgICAgICA7OwogICAgICAgICogKQogICAgICAgICAgICBleGl0IDEKnICAgICAgICAgICAgOzsKICAgIGVzYWMKICAgIFBBQ0tBR0VSPSQod2hpY2ggJDEpCiAgICBpZiBbnICQ/IC1uZSAwIF07IHRoZW4KICAgICAgICBsb2cgIkNhbid0IGZpbmQgXCIkMVwiLCBleGl0aW5nnISIKICAgICAgICBl eGl0IDEKICAgIGZpCn0KZnVuY3Rpb24gcGFja2FnZV9pbnN0YWxsKCl7CiAgnICBQS0c9JDEKICAgIGV2YWwgIiRQTUdSICRQTUdSX0xJU1RfT1BUUyAkUEtHIiA+IC9kZXYvbnVsnbCAyPiYxCiAgICBpZiBbICQ/IC1lcSAwIF07IHRoZW4KICAgICAgICBsb2cgIlwiJFBLR1wiIGFsncmVhZHkgaW5zdGFsb GVkIgogICAgZWxzZQogICAgICAgIGxvZyAiSW5zdGFsbGluZyBcIiRQS0dcnIiAuLi4iCiAgICAgICAgJFBBQ0tBR0VSICRJTlNUQUxMRVJfT1BUUyAkUEtHID4gL2Rldi9udWxsnIDI+JjEKICAgICAgICBpZiBbICQ/IC1uZSAwIF07IHRoZW4KICAgICAgICAgICAgbG9nICJcIiRQnS0dcIiBpbnN0YWxsYXRpb24 gZmFpbHMsIGV4aXRpbmchIgogICAgICAgICAgICBleGl0IDEKICAgnICAgICBlbHNlCiAgICAgICAgICAgIGxvZyAiXHRcdC4uLnN1Y2Nlc3MiCiAgICAgICAgZmkKICAgnIGZpCn0KZnVuY3Rpb24gcGFja2FnZV91bmluc3RhbGwoKXsKICAgIFBLRz0kMQogICAgZXZhbCAinJFBNR1IgJFBNR1JfTElTVF9PU FRTICRQS0ciID4gL2Rldi9udWxsIDI+JjEKICAgIGlmIFsgJD8gnLWVxIDEgXTsgdGhlbgogICAgICAgIGxvZyAiXCIkUEtHXCIgbm90IGluc3RhbGxlZCIKICAgIGVsnc2UKICAgICAgICBsb2cgIlVubnN0YWxsaW5nIFwiJFBLR1wiIC4uLiIKICAgICAgICAkUEFDS0FHnRVIgJFVOSU5TVEFMTEVSX09QVFMgJFB LRyA+IC9kZXYvbnVsbCAyPiYxCiAgICAgICAgaWYgWyAknPyAtbmUgMCBdOyB0aGVuCiAgICAgICAgICAgIGxvZyAiXCIkUEtHXCIgdW5pbnN0YWxsYXRpb24gnZmFpbHMsIGV4aXRpbmchIgogICAgICAgICAgICBleGl0IDEKICAgICAgICBlbHNlCiAgICAgICAgnICAgIGxvZyAiXHRcdC4uLnN1Y2Nlc3 MiCiAgICAgICAgZmkKICAgIGZpCn0KZnVuY3Rpb24gcnVunX2luc3RhbGwoKXsKICAgIGZvciBQS0cgaW4gJEAKICAgIGRvCiAgICAgICAgcGFja2FnZV9pbnN0nYWxsICRQS0cKICAgIGRvbmUKfQpmdW5jdGlvbiBydW5fdW5pbnN0YWxsKCl7CiAgICBmb3IgUEtHnIGluICRACiAgICBkbwogICAgICA gIHBhY2thZ2VfdW5pbnN0YWxsICRQS0cKICAgIGRvbmUKfQojnIE1haW4gd29ya2Zsb3cKaW5jbHVkZSAiY29tbW9uLnNoIgppZiBbICQjIC1lcSAwIF07IHRoZW4KnICAgIHNjcmlwdD0kKGJhc2VuYW1lICQwKQogICAgZWNobyAtZSAiVXNhZ2U6XG5cdCogaW5zdGFsnbCBwYWNrYWdlcyAtLS AuLyRzY3JpcHQgLXAgcGFja2FnZV9tYW5hZ2VyIC1pIHBhY2thZ2UwIFtwnYWNrYWdlTl1cblx0KiByZW1vdmUgcGFja2FnZXMgLS0gLi8kc2NyaXB0IC1wIHBhY2thZ2VfbWFunYWdlciAtciBwYWNrYWdlMCBbcGFja2FnZU5dIgogICAgZXhpdCAxCmZpClBhY2thZ2VyPScnCmdlndF9vcwppZiBbI CQ/IC1uZSAwIF07IHRoZW4KICAgIGxvZyAiVW5zdXBwb3J0ZWQgKm5peCB2ZXJznaW9uICgkRGlzdHJvQmFzZWRPbiAtICRESVNULyRQU1VFRE9OQU1FLyRSRVYvJE1BQ0gpIgogICAgnZXhpdCAxCmZpCndoaWxlIGdldG9wdHMgIjpwOmk6cjoiIG9wdCA7IGRvCiAgICBjYXNlICIkb3B0nIiBpbg ogICAgICAgIHApCiAgICAgICAgICAgIGlmIFtbICIkT1BUQVJHIiAhPSBzeXMgXV07IHRonZW4KICAgICAgICAgICAgICAgIFBhY2thZ2VyPSRPUFRBUkcKICAgICAgICAgICAgZmkKICAgICAgnICAgICAgc2V0X2luc3RhbGxfb3B0aW9ucyAkUGFja2FnZXIKICAgICAgICAgICAgOzsKICAgICAgnICBpKQogIC AgICAgICAgICBuPSRPUFRBUkcKICAgICAgICAgICAgcnVuX2luc3RhbGwgJChjb2xsnZWN0X2FyZ3MgJG4gJEApCiAgICAgICAgICAgIGJyZWFrOwogICAgICAgICAgICA7OwogICAgICAgnIHIpCiAgICAgICAgICAgIG49JE9QVEFSRwogICAgICAgICAgICBydW5fdW5pbnN0YWxsICQoY29snbGVjdF9hc mdzICRuICRAKQogICAgICAgICAgICBicmVhazsKICAgICAgICAgICAgOzsKICAgICAgnICBcPykKICAgICAgICAgICAgbG9nICJJbnZhbGlkIG9wdGlvbjogLSRPUFRBUkciID4mMgogICAgnICAgICAgICBleGl0IDEKICAgICAgICAgICAgOzsKICAgIGVzYWMKZG9uZQpzaGlmdCAkKChPUFRJnTkQtMSkpn", "BodyType": "Base64", "Name": "installer.sh"}, "6cbbe00d1e974b0b8d929c4fe5945b0b": {"Body": "IyEvYmluL2Jhc2gKIyAKREVCVUdMVkw9MwpMT0dGSUxFPS90bXAvbXVyYW5vZGVwbG95bWVudC5snb2cKUElQQVBQUz0icGlwIHB5dGhvbi1waXAgcGlwLXB5dGhvbiIKUElQQ01EPSIiCmlmIFsgIiREnRUJVR0xWTCIgLWVxIDQgXTsgdGhlbgogICAgc2V0IC14CmZpCmZ1bmN0aW9uIGxvZ yB7CiAgICBpnZiBbICIkREVCVUdMVkwiIC1ndCAwIF07IHRoZW4KICAgICAgICBjaGFycz0kKGVjaG8gIkAkIiB8nIHdjIC1jKQogICAgICAgIGNhc2UgJERFQlVHTFZMIGluCiAgICAgICAgICAgIDEgKQogICAgICAgnICAgICAgICAgZWNobyAtZSAiTE9HOj4kQCIKICAgICAgICAgICAgICAgIDs7CiAgICAgICA gICAgnIDIpCiAgICAgICAgICAgICAgICBlY2hvIC1lICIkKGRhdGUgKyIlbS0lZC0lWSAlSDolTSIpIExPnRzo+JEAiIHwgdGVlIC0tYXBwZW5kICRMT0dGSUxFCiAgICAgICAgICAgICAgICA7OwogICAgICAgnICAgICAzKQogICAgICAgICAgICAgICAgZWNobyAtZSAiJChkYXRlICsiJW0tJWQtJVkgJUg6JU0inKS BMT0c6PiRAIiA+PiAkTE9HRklMRQogICAgICAgICAgICAgICAgOzsKICAgICAgICAgICAgNCkKnICAgICAgICAgICAgICAgIGVjaG8gLWUgIiQoZGF0ZSArIiVtLSVkLSVZICVIOiVNIikgTE9HOj4knQCIgfCB0ZWUgLS1hcHBlbmQgJExPR0ZJTEUKICAgICAgICAgICAgICAgIDs7CiAgICAgICAgZXNhnYwogICA gZmkKfQpmdW5jdGlvbiBsb3dlcmNhc2UoKXsKICAgIGVjaG8gIiQxIiB8IHNlZCAieS9BnQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWi9hYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ei8iCn0KnZnVuY3Rpb24gZmluZF9waXAoKQp7CiAgICBmb3IgY21kIGluICRQSVBBUFBTCiAgICBkbwogICAgnIC AgIF9jbWQ9JCh3aGljaCAkY21kIDI+L2Rldi9udWxsKQogICAgICAgIGlmIFsgJD8gLWVxIDAgnXTt0aGVuCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgIGZpCiAgICBkb25lCiAgICBpZiBbnIC16ICRfY21kIF07dGhlbgogICAgICAgIGVjaG8gIkNhbid0IGZpbmQgXCJwaXBcIiBpbiBzeXN0nZW0sIHBsZ WFzZSBpbnN0YWxsIGl0IGZpcnN0LCBleGl0aW5nISIKICAgICAgICBleGl0IDEKICAgnIGVsc2UKICAgICAgICBQSVBDTUQ9JF9jbWQKICAgIGZpCn0KT1BUSU5EPTEgIyBSZXNldCBpZiBnnZXRvcHRzIHVzZWQgcHJldmlvdXNseQpmdW5jdGlvbiBjb2xsZWN0X2FyZ3MoKXsKICAgIF9uPSQxnCiAgICB zaGlmdAogICAgQVJHUz0nJwogICAgd2hpbGUgdHJ1ZQogICAgZG8KICAgICAgICBpZiBbnWyAiJF9uIiA9PSAtKiBdXSB8fCBbIC16ICIkX24iIF07IHRoZW4KICAgICAgICAgICAgT1BUSU5EnPSQoKE9QVElORCAtIDEpKQogICAgICAgICAgICBicmVhawogICAgICAgIGZpCiAgICAgICAgI2VjnaG8gIl9uPS RfbiA7ICRPUFRJTkQiCiAgICAgICAgaWYgWyAteiAiJEFSR1MiIF07IHRoZW4KICAgnICAgICAgICAgQVJHUz0kT1BUQVJHCiAgICAgICAgZWxzZQogICAgICAgICAgICBBUkdTPSIkQVJHnUyAkX24iCiAgICAgICAgZmkKICAgICAgICBldmFsIF9uPVwkJE9QVElORAogICAgICAgIE9QVElOnRD0kKChPUFR JTkQgKyAxKSkKICAgICAgICAjc2xlZXAgMQogICAgZG9uZQogICAgZWNobyAkQVJHnUwogICAgdW5zZXQgX24KICAgIHVuc2V0IEFSR1MKfQpmdW5jdGlvbiBnZXRfb3MoKXsKICAgIEtFnUk5FTD0kKHVuYW1lIC1yKQogICAgTUFDSD0kKHVuYW1lIC1tKQogICAgT1M9JCh1bmFtZSkKICAgnIGlm IFsgIiR7T1N9IiA9ICJMaW51eCIgXSA7IHRoZW4KICAgICAgICBpZiBbIC1mIC9ldGMvcmVknaGF0LXJlbGVhc2UgXSA7IHRoZW4KICAgICAgICAgICAgRGlzdHJvQmFzZWRPbj0nUmVkSGF0JwognICAgICAgICAgICBQYWNrYWdlcj0neXVtJwogICAgICAgICAgICBESVNUPSQoY2F0IC9ldGMvcmVkn aGF0LXJlbGVhc2UgfHNlZCBzL1wgcmVsZWFzZS4qLy8pCiAgICAgICAgICAgIFBTVUVET05BTUU9nJChjYXQgL2V0Yy9yZWRoYXQtcmVsZWFzZSB8IHNlZCBzLy4qXCgvLyB8IHNlZCBzL1wpLy8pCiAgnICAgICAgICAgIFJFVj0kKGNhdCAvZXRjL3JlZGhhdC1yZWxlYXNlIHwgc2VkIHMvLipyZWxlYXNl nXCAvLyB8IHNlZCBzL1wgLiovLykKICAgICAgICBlbGlmIFsgLWYgL2V0Yy9TdVNFLXJlbGVhc2UgnXSA7IHRoZW4KICAgICAgICAgICAgRGlzdHJvQmFzZWRPbj0nU3VTZScKICAgICAgICAgICAgUGFjna2FnZXI9J3p5cHBlcicKICAgICAgICAgICAgUFNVRURPTkFNRT0kKGNhdCAvZXRjL1N1U0UtcmVs nZWFzZSB8IHRyICJcbiIgJyAnfCBzZWQgcy9WRVJTSU9OLiovLykKICAgICAgICAgICAgUkVWPSQonY2F0IC9ldGMvU3VTRS1yZWxlYXNlIHwgdHIgIlxuIiAnICcgfCBzZWQgcy8uKj1cIC8vKQogICAgnICAgIGVsaWYgWyAtZiAvZXRjL21hbmRyYWtlLXJlbGVhc2UgXSA7IHRoZW4KICAgICAgICAgICAg nRGlzdHJvQmFzZWRPbj0nTWFuZHJha2UnCiAgICAgICAgICAgIFBhY2thZ2VyPSd1cnBtaSB1cnBtnZScKICAgICAgICAgICAgUFNVRURPTkFNRT0kKGNhdCAvZXRjL21hbmRyYWtlLXJlbGVhc2UgfCBznZWQgcy8uKlwoLy8gfCBzZWQgcy9cKS8vKQogICAgICAgICAgICBSRVY9JChjYXQgL2V0Yy9tY W5kncmFrZS1yZWxlYXNlIHwgc2VkIHMvLipyZWxlYXNlXCAvLyB8IHNlZCBzL1wgLiovLykKICAgICAgnICBlbGlmIFsgLWYgL2V0Yy9kZWJpYW5fdmVyc2lvbiBdIDsgdGhlbgogICAgICAgICAgICBEaXN0ncm9CYXNlZE9uPSdEZWJpYW4nCiAgICAgICAgICAgIFBhY2thZ2VyPSdhcHQtZ2V0JwogICAgI CAgnICAgICBESVNUPSQoY2F0IC9ldGMvbHNiLXJlbGVhc2UgfCBncmVwICdeRElTVFJJQl9JRCcgfCBhnd2sgLUY9ICAneyBwcmludCAkMiB9JykKICAgICAgICAgICAgUFNVRURPTkFNRT0kKGNhdCAvZXRjnL2xzYi1yZWxlYXNlIHwgZ3JlcCAnXkRJU1RSSUJfQ09ERU5BTUUnIHwgYXdrIC1GPSAgJ3s gcHJpnbnQgJDIgfScpCiAgICAgICAgICAgIFJFVj0kKGNhdCAvZXRjL2xzYi1yZWxlYXNlIHwgZ3JlcCAnnXkRJU1RSSUJfUkVMRUFTRScgfCBhd2sgLUY9ICAneyBwcmludCAkMiB9JykKICAgICAgICBmaQognICAgICAgIGlmIFsgLWYgL2V0Yy9Vbml0ZWRMaW51eC1yZWxlYXNlIF0gOyB0aGVuCiAgIC AgICAgnICAgIERJU1Q9IiR7RElTVH1bJChjYXQgL2V0Yy9Vbml0ZWRMaW51eC1yZWxlYXNlIHwgdHIgIlxunIiAnICcgfCBzZWQgcy9WRVJTSU9OLiovLyldIgogICAgICAgIGZpCiAgICAgICAgT1M9JChsb3dlncmNhc2UgJE9TKQogICAgICAgIERpc3Ryb0Jhc2VkT249JChsb3dlcmNhc2UgJERpc3Ryb0J hc2VknT24pCiAgICAgICAgcmVhZG9ubHkgT1MKICAgICAgICByZWFkb25seSBESVNUCiAgICAgICAgcmVhnZG9ubHkgRGlzdHJvQmFzZWRPbgogICAgICAgIHJlYWRvbmx5IFBTVUVET05BTUUKICAgICAgICBynZWFkb25seSBSRVYKICAgICAgICByZWFkb25seSBLRVJORUwKICAgICAgICByZWFkb 25seSBNQUNInCiAgICAgICAgI3JlYWRvbmx5IFBhY2thZ2VyCiAgICBlbHNlCiAgICAgICAgT1M9dW5rbm93bgognICAgICAgIHJlYWRvbmx5IE9TCiAgICAgICAgbG9nICJPUzokT1MiCiAgICAgICAgZXhpdCAxCiAgnICBmaQp9CmZ1bmN0aW9uIGFkZF9md19ydWxlKCl7CiAgICBfcnVsZV9zdHJpbmc 9JEAKICAgIF90nbXBfZndfcG9ydD0kKGVjaG8gJF9ydWxlX3N0cmluZyB8IGdyZXAgLW8gLWUgImRwb3J0IFswLTldnKlxzIikKICAgIF90bXBfZndfcHJvdG89JChlY2hvICRfcnVsZV9zdHJpbmcgfCBncmVwIC1vIC1lnICItcCBcdypccyIpCiAgICBfZndfcG9ydD0kKGVjaG8gJF90bXBfZndfcG9ydCB8IGF3a yAne3BynaW50ICQyfScpCiAgICBfZndfcHJvdG89JChlY2hvICRfdG1wX2Z3X3Byb3RvIHxhd2sgJ3twcmlundCAkMn0nKQogICAgX2Z3X3JlbG9hZD0iIgogICAgI2ZpbmQgaXB0YWJsZXMgYW5kIGFkZCBydWxlnCiAgICBjYXNlICRESVNUIGluCiAgICAgICAgIkZlZG9yYSIpCiAgICAgICAgICAgIF9md19j bWQ9nJCh3aGljaCBmaXJld2FsbC1jbWQpCiAgICAgICAgICAgIF9md19wb3J0PSQoZWNobyAkX3J1bGVfnc3RyaW5nIHwgZ3JlcCAtbyAtZSAiZHBvcnQgWzAtOV0qXHMiIHwgYXdrICd7cHJpbnQgJDJ9JykKnICAgICAgICAgICAgX2Z3X3Byb3RvPSQoZWNobyAkX3J1bGVfc3RyaW5nIHwgZ3JlcCA tbyAtZSAinLXAgXHcqXHMiIHwgYXdrICd7cHJpbnQgJDJ9JykKICAgICAgICAgICAgX2Z3X3J1bGU9Ii0tcGVynbWFuZW50IC0tYWRkLXBvcnQ9JF9md19wb3J0LyRfZndfcHJvdG8iCiAgICAgICAgICAgIF9md19lnbmFibGVfcnVsZXM9IiRfZndfY21kIC0tcmVsb2FkIgogICAgICAgICAgICA7OwogICAgIC AgICopnCiAgICAgICAgICAgIF9md19jbWQ9JCh3aGljaCBpcHRhYmxlcykKICAgICAgICAgICAgX2Z3X3J1nbGU9JF9ydWxlX3N0cmluZwogICAgICAgICAgICBfZndfZW5hYmxlX3J1bGVzPSJzZXJ2aWNlICQonYmFzZW5hbWUgJF9md19jbWQpIHNhdmUiCiAgICAgICAgICAgIDs7CiAgICBlc2FjCiAgIC BpcHRjnbWRzYXZlPSQod2hpY2ggaXB0YWJsZXMtc2F2ZSkKICAgIGlmIFtbICIkX2Z3X2NtZCIgIT0gJycgnXV0gJiYgW1sgIiRpcHRjbWRzYXZlIiAhPSAnJyBdXTsgdGhlbgogICAgICAgIGV2YWwgIiRpcHRjnbWRzYXZlIHwgZ3JlcCAtZSBcIiRfdG1wX2Z3X3BvcnRcIiB8IGdyZXAgLWUgXCIkX3RtcF9md1 9wncm90b1wiIiA+IC9kZXYvbnVsbCAyPiYxCiAgICAgICAgaWYgWyAkPyAtbmUgMCBdOyB0aGVuCiAgnICAgICAgICAgIGV2YWwgJF9md19jbWQgJF9md19ydWxlCiAgICAgICAgICAgIGlmIFsgJD8gLW5lnIDAgXTsgdGhlbgogICAgICAgICAgICAgICAgbG9nICJDYW4ndCBzZXQgZmlyZXdhbGwgcn VsZXMsnIGV4aXRpbmcuLi4iCiAgICAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgICAgZWxzZQogICAgnICAgICAgICAgICAgaWYgWyAtbiAiJF9md19lbmFibGVfcnVsZXMiIF07IHRoZW4KICAgICAgICAgnICAgICAgICAgICBsb2cgIlJ1bm5pbmcgXCIkX2Z3X2VuYWJsZV9ydWxlc1wiIgogICAgICAgIC AgnICAgICAgICAgICRfZndfZW5hYmxlX3J1bGVzID4gL2Rldi9udWxsCiAgICAgICAgICAgICAgICBmnaQogICAgICAgICAgICAgICAgbG9nICIkX2Z3X2NtZCBydWxlIHdpdGggJF9md19ydWxlIHNldC4inCiAgICAgICAgICAgIGZpCiAgICAgICAgZWxzZQogICAgICAgICAgICBsb2cgIiRfZndfY21kIHJ1nbG UgZXhpc3RzLiIKICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGxvZyAiVGhlcmUgYXJlIG5vnIGZ3IGZvdW5kLi4uIgogICAgZmkKfQpmdW5jdGlvbiBlbmFibGVfaW5pdCgpewogICAgX2luaXRjndHJsPSIiCiAgICBfaW5pdF9zdWZmaXg9IiIKICAgIF9zZXJ2aWNlPSQxCiAgICBjYXNlICREaXN0ncm9CY XNlZE9uIGluCiAgICAgICAgImRlYmlhbiIpCiAgICAgICAgICAgIF9pbml0Y3RybD0idXBknYXRlLXJjLmQiCiAgICAgICAgICAgIF9pbml0X3N1ZmZpeD0iZGVmYXVsdHMiCiAgICAgICAgICAgnIDs7CiAgICAgICAgKikKICAgICAgICAgICAgX2luaXRjdHJsPSJjaGtjb25maWciCiAgICAgICAgnICAgIF9pbml0X3 N1ZmZpeD0ib24iCiAgICAgICAgICAgIDs7CiAgICBlc2FjCiAgICAkX2luaXRjndHJsICRfc2VydmljZSAkX2luaXRfc3VmZml4CiAgICBpZiBbICQ/IC1uZSAwIF07IHRoZW4KICAgnICAgICBsb2cgIiRfaW5pdGN0cmwgJF9zZXJ2aWNlICRfaW5pdF9zdWZmaXggLSBmYWlscyEiCiAgnICAgICAgZXhpdCAxCi AgICBmaQp9CmZ1bmN0aW9uIHJlc3RhcnRfc2VydmljZSgpewogICAgX3NlncnZpY2U9JDEKICAgIHNlcnZpY2UgJF9zZXJ2aWNlIHJlc3RhcnQgPiAvZGV2L251bGwgMj4mMQognICAgaWYgWyAkPyAtbmUgMCBdOyB0aGVuCiAgICAgICAgbG9nICJDYW4ndCBzdGFydCAkX3NlcnZpnY2Ugc2Vy dmljZSEiCiAgICAgICAgZXhpdCAxCiAgICBmaQp9CmZ1bmN0aW9uIHBhY2thZ2VfcmVunYW1lcigpewogICAgX3BrZz0kMQogICAgY2FzZSAkRGlzdHJvQmFzZWRPbiBpbgogICAgICAgICJknZWJpYW4iKQogICAgICAgICAgICBfcGtnPSQoZWNobyAkX3BrZyB8IHNlZCAncy8tZGV2ZWwkLy1knZXY vJykKICAgICAgICAgICAgOzsKICAgICAgICAqKQogICAgICAgICAgICBfcGtnPSQoZWNobyAknX3BrZyB8IHNlZCAncy8tZGV2JC8tZGV2ZWwvJykKICAgICAgICAgICAgOzsKICAgIGVzYWMKICAgnIGVjaG8gJF9wa2cKfQ==n", "BodyType": "Base64", "Name": "common.sh"}, "c6119b50f94244409ec0f89714a8a63a": {"Body": "#!/bin/bashn#nfunction include(){n curr_dir=$(cd $(dirname "$0") && pwd)n inc_file_path=$curr_dir/$1n if [ -f "$inc_file_path" ]; thenn . $inc_file_pathn elsen echo -e "$inc_file_path not found!"n exit 1n fin}ninclude "common.sh"n# FirewallRulesnFW_RULE1='-I INPUT 1 -p tcp -m tcp --dport 443 -j ACCEPT -m comment --comment "by Murano, Apache server access on HTTPS port 443"'nFW_RULE2='-I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT -m comment -- comment "by Murano, Apache server access on HTTP port 80"'nAPP=''nget_osn[[ $? -ne 0 ]] && exit 1ncase $DistroBasedOn inn "debian")n APP="apache2"n ;;n "redhat")n APP="httpd"n ;;nesacn_php=""nif [[ "$1" == "True" ]]; thenn _php="php"nfinAPPS_TO_INSTALL="$APP $_php $FW_BOOT_PKG"nbash installer.sh -p sys -i $APPS_TO_INSTALLnenable_init $APPnservice $APP start > /dev/null 2>&1nadd_fw_rule $FW_RULE1nadd_fw_rule $FW_RULE2n", "BodyType": "Text", "Name": "runApacheDeploy.sh"}}, "Name": "Deploy Apache", "Parameters": {"enablePHP": false}, "FormatVersion": "2.0.0", "Version": "1.0.0", "Scripts": {"apacheDeploy": {"Files": ["f17cecd3704f4a958b3f4998617ce8dc", "6cbbe00d1e974b0b8d929c4fe5945b0b"], "EntryPoint": "c6119b50f94244409ec0f89714a8a63a", "Version": "1.0.0", "Type": "Application", "Options": {"captureStdout": true, "captureStderr": true}}}, "Action": "Execute", "ID": "63aa0329592e4737bbb550b7be48498b"} 78
  78. 78. Execute real deployment via Murano agent 79 Base64 encrypted
  79. 79. Summary  Murano is an OpenStack application catalog service  As for end user  provides a push-button-style application deployment  As for cloud app publisher  provides application design framework via complex modeling and dynamic UI definition to publish the app to openstack.  As for cloud admin  provides set of api to maintain the service catalog  Pros:  Flexible in application design using MuranoPL  Using heat to deploy the underline IaaS infrasture  Easy to use UI dashboard  Support various deployment script Python, Shell, Powershell etc.  Cons:  Application design is complicated  Have to learn the MuranoPL (kinda vendor lockin?)  The Murano agent runs on only VM instead of Physical box  Agent based the task execution(some customer don’t want to run agent in their instance) 81
  80. 80. References  http://Murano-docs.github.io/latest/developers-guide/content/ch01.html  https://Murano.readthedocs.org/en/latest/  http://Murano-docs.github.io/0.4.1/administrators-guide/content/ch01.html  http://Murano-docs.github.io/latest/getting-started/content/ch01.html  https://wiki.openstack.org/wiki/Murano/Documentation/DynamicUI  https://wiki.openstack.org/wiki/Murano/Documentation/How_to_create_applica tion_package  https://wiki.openstack.org/wiki/Murano#Murano_Screencasts  https://wiki.openstack.org/wiki/Murano/Documentation/How_to_create_applica tion_package  https://github.com/ativelkov/yaql 82
  81. 81. Thanks & Questions? 83

×