Dag Sonstebo presented on automating CloudStack and hypervisor installation and configuration. He discussed why automation is important for consistency, speed, and handling less technical teams. He demonstrated how to automate hypervisor builds using zero-touch scripts for XenServer and ESXi. He then showed how to automate the CloudStack installation using Ansible playbooks to configure the necessary components like MySQL and management servers. Finally, he outlined next steps like expanding the deployment and integrating load balancers.

1. Dag Sonstebo
Forseti
Consulting
Ltd
AUTOMATING CLOUDSTACK AND
HYPERVISOR INSTALLATION
AND CONFIGURATION

2.  Cloud and virtualization technical architect with background in
the banking and service provider industry.
 Specialize and great interest in:
 Virtualisation - VMware vSphere, Citrix XenServer, KVM, Hyper-V.
 Cloud orchestration – vCloud, OpenStack, CloudStack.
 LinkedIn: https://www.linkedin.com/in/dagsonstebo
 Blog: https://dsonstebo.wordpress.com
 Github: https://github.com/dagsonstebo
 Contact: dag@forseticonsulting.co.uk
 The small print…
 Any opinion or view expressed are my own and do not in any way reflect the
opinions or views of my present or previous employers or clients.
ABOUT ME

3.  Why consider private cloud?
 What are your options?
 CloudStack
 History
 What is it and how does work?
 Automation and builds:
 Zero touch hypervisor builds
 Automated CloudStack builds
 CloudStack demo
 Q&A
OVERVIEW

4.  Why consider private / hybrid cloud options?
 Choices:
 Do nothing – stick with traditional IT:
 Danger of shadow IT.
 Lack of automation and orchestration means increased turnaround time.
 Going fully public comes at a cost:
 AWS: Windows t2.medum @ 2vCPU + 4GB RAM costs ~£500 / year
 RackSpace: General purpose Windows @ 4GB RAM costs ~£1000 / year
 Azure: A2 Windows @ 2vCPU + 3.5GB RAM costs ~£660 / year
 Building own private clouds gives the benefit of quick self service,
automation and multi-tenancy within your own data centre.
PRIVATE CLOUDS

5.  What are your choices?
 VMware vCloud
 OpenStack
 CloudStack
 Microsoft
 A long list of others:
 Flexiant
 Eucalyptus
 Joyent
 OpenNebula
 Nimbus
 Abiquo
 Etc….
 Or – build your own……
BUILDING YOUR OWN CLOUD

6.  Launched in May 2010 as Vmops, rebranded to Cloud.com.
 Acquired by Citrix in July 2011. Donated to the Apache Software
Foundation in April 2012 and continue being developed as an open
source Apache Software Foundation project on the Apache License v2.
 Citrix maintain their own commercial fork from the the open source
project, and have rebranded this Citrix CloudPlatform.
 Citrix also developed the proprietary CloudPortal Business Manager to
provide a commercial front end for automated provisioning, billing,
metering and user management.
 Version at time of writing:
 Apache CloudStack 4.4.2 development version
 Apache CloudStack 4.3.2 production version.
 Citrix CloudPlatform 4.5.
CLOUDSTACK – A BACKGROUND

7.  The list is long… http://cloudstack.apache.org/users.html
CLOUDSTACK USERS

8. WHAT ARE OUR BUILDING BLOCKS?
Cloud Components
Self service
front end
Cloud
orchestration:
Resource
management
back end
Hypervisor
backend
Storage:
hypervisor
storage and
object stores
Data center
network
Reporting /
billing /
chargeback

9. Features:
•User friendly web GUI to manage IaaS resources on demand
•Native API with optional compatibility with Amazon EC2 / S3 API
•Automatic management and orchestration of all hypervisor resources, storage and networking
•Full multi tenancy segregation
•User / domain / project management and accounting / billing
•Single management role (compared to OpenStack which need 8-10 service to deliver the same functionality)
Hypervisors:
•Citrix XenServer 5.x + 6.x as well as Xen Project
•VMware ESXi 5.0, 5.1, 5.5
•KVM
•W2K12 Hyper-V
•LXC (experimental)
•Bare metal
Storage:
•NFS
•iSCSI
•FC
•VMFS (vSphere)
•SMB/CIFS (Hyper-V)
CLOUDSTACK – FEATURES

10. Network segregation and SDN technologies:
•Basic L3 networks
•VLANs
•VXLANS
•Nicira NVP
•Midonet
•OVS – Open vSwitch
End user network offerings:
•Basic networking with security groups (similar to Amazon EC2), provides
guest isolation on L3 networks hosted on single flat L2 network.
•Advanced networking providing L2 tenant isolation using VLANs and SDN.
•Per client routing, DHCP, DNS, VPN, firewall, NAT, port forwarding, VPC
•Loadbalancer and firewall integration with physical F5 / Netscaler / Juniper
SRX
CLOUDSTACK – FEATURES

11.  CloudStack management server(s)
 MySQL server(s)
 Hypervisors
 Storage:
 Primary storage for hypervisor clusters
 Secondary storage for ISOs, templates and snapshots.
 Networking:
 Physical data centre networking
 Logical traffic types across physical networks
HIGH LEVEL CLOUDSTACK BUILDING
BLOCKS

12. Clusters:
•XenServer pools
•ESXi clusters
•Sets of KVM hosts
•Hyper-V clusters
•Primary storage: NFS / iSCSI / FC SAN / SMB-CIFS
(Hyper-V) / VMFS (vSphere)
Pods:
•A rack or row of racks including one or more
clusters
Availability zones:
•Typically single data center or part of DC
•Contains one or more pods and zone wide
secondary storage
Regions:
•Collection of one or more AZ’s in close proximity
managed by one or more management servers
CLOUDSTACK HIERARCHY
Image courtesy of Apache.org

13.  Virtual routers:
 Handles routing for guest networks, routes between guest isolated
network and public network.
 DHCP and DNS
 VPN, firewall, NATing, and port forwarding
 Secondary storage VM:
 Handles export and import of templates, ISOs and snapshots
 Console proxy VM:
 Provides console access to guest VMs.
CLOUDSTACK SYSTEM VMS

14. Physical networks:
• Basic zone networking
• Advanced zone networking
Traffic types (tags):
• Guest: isolated VLAN or SDN networks.
• Management traffic
• Public: internet or internal intranet.
• Storage
Connecting to private LAN networks
• Client networks can be connected directly to e.g. enterprise LAN
networks.
CLOUDSTACK NETWORKS

15. NETWORK OVERVIEW (ADVANCED ZONE)

16.  What we’ll cover:
 Automating hypervisor builds
 Automating CloudStack build
 Other things to consider:
 Storage
 Data centre networking and associated cost
 Hardware choice – branded vs. white label kit
BUILDING HYPERVISORS AND
APACHE CLOUDSTACK

17.  Why automate?
 CD install ….
 Fast and consistent builds.
 Quick RTO in DR / BCM scenarios
 Compensates for less technical teams with little time and bandwidth
 Zero touch builds – why?
 Minimal input to build cuts out error prone operations
 Advance preparation
 CMDB / inventory DB / source control CI integration
 Scripting for hypervisors:
 XenServer: relatively easy to create scripted installs due to full bash shell
 ESXi: tricky due to low functionality ash shell
 KVM: Linux build
 Hyper-V: SCCM
AUTOMATING YOUR HYPERVISOR BUILD

18.  Prerequisites:
 PXE: DHCP + TFTP/FTP/HTTP infrastructure
 Fully dynamic build scripts
 Per host answer files
 How do you detect individual hosts?
 Known MAC addresses supplied by vendor prior to delivery allows for true
zero touch builds.
 PXE menu host selection allows for single touch builds.
 Puppet Razor was developed to do builds based on policies around
hardware detection.
 Some examples:
 https://github.com/dagsonstebo/Citrix-Xenserver-6.2-zero-touch-build-
scripts
 https://github.com/dagsonstebo/VMware-ESXi-5.5-zero-touch-build-
scripts
ZERO TOUCH BUILDS

19. ZERO TOUCH BUILDS PROCESS

20. ################################
# General settings
CFG_HOSTNAME="xs62cn1.mylab.local";
CFG_IP="192.168.0.30";
CFG_NETMASK="255.255.255.0";
CFG_DG="192.168.0.1";
CFG_DNS1="192.168.0.2";
CFG_DNS2="192.168.0.3";
CFG_SEARCHDOMAIN="mylab.local";
CFG_NTP1="ntp.cis.strath.ac.uk";
CFG_PASSWORD="Password123";
CFG_SERVERROLE="POOLMASTER";
CFG_POOLNAME="XS62Pool1";
CFG_POOLMASTER="192.168.0.30";
CFG_POOLMASTERPWD="Password123";
CFG_DOM0MEM="";
CFG_INITIALNIC="eth0";
CFG_EDITION="free";
CFG_LICENSESRV="";
CFG_LICENSEPORT="";
################################
HOST ANSWER FILE EXAMPLE
# CloudStack example
CFG_NW1_NAME="cloud-private";
CFG_NW1_DESC="Cloud private network";
CFG_NW1_T YPE="bond";
CFG_NW1_NICA="eth0";
CFG_NW1_NICB="eth1";
CFG_NW1_BONDMODE="active-backup";
CFG_NW1_MTU="";
CFG_NW1_VLAN="0";
CFG_NW1_IF="none";
CFG_NW2_NAME="cloud-public";
CFG_NW2_DESC="Cloud public network";
CFG_NW2_T YPE="bond";
CFG_NW2_NICA="eth2";
CFG_NW2_NICB="eth3";
CFG_NW2_BONDMODE="active-backup";
CFG_NW2_MTU="";
CFG_NW2_VLAN="0";
CFG_NW2_IF="none";
CFG_NW2_IFIP="none";
……….

21. ZERO TOUCH BUILDS

22.  Hypervisors
 Storage:
 Primary storage for hypervisor clusters
 Secondary storage for ISOs, templates and snapshots.
 Networking:
 Physical data centre networking
 Logical traffic types across physical networks
 CloudStack management server(s)
 MySQL server(s)
CLOUDSTACK BUILD RECAP

23.  Install documentation:
 Apache documentation
http://docs.cloudstack.apache.org/projects/cloudstack-
installation/en/latest/installation.html
 Citrix documentation
http://support.citrix.com/proddocs/topic/cloudplatform/clst-
wrapper.html
 Manual builds are straight forward - Linux.
 Automated builds ensure quick repeatable install.
INSTALLING CLOUDSTACK

24. Management / MySQL server prerequisites:
•64-bit CentOS/RHEL 6.3+ or Ubuntu 12.04 preferred, 4 GB of memory, CPU cores
according to load, 250 GB of local disk minimum,500 GB recommended.
Configuration of RPM / DEB repositories.
Installation using yum / apt-get.
MySQL
•Can be installed on the same node as CloudStack management, or running separately.
•Configuration of CloudStack DB
Prepare the system VM template on secondary storage
HIGH LEVEL BUILD STEPS

25.  Using Ansible:
 https://github.com/dagsonstebo/CloudStack-Ansible-Playbook
 All CloudStack installation steps in one Ansible playbook:
 –tags=base: NTP, Selinux, CloudStack and EPEL yum repos
 –tags=mysql: all MySQL and DB installation and configuration steps
 –tags=csmanagement: installs and configures base CloudStack build
INSTALLING CLOUDSTACK USING
ANSIBLE

26.  Base install is now complete – but needs configuration:
 Regions, zones, pods and clusters
 Primary and secondary storage
 Network model – including network segregation mechanism
 Public, private and guest network IP ranges, as well as VLAN / SDN
ranges
 How?
 Manually through the CloudStack GUI
 Using CloudMonkey
 Or again using Ansible – the following utilises CloudMonkey under
the bonnet:
https://github.com/dagsonstebo/CloudStack-Ansible-
Playbook/blob/master/cloudmonkey.yml
CLOUDSTACK CONFIGURATION

27. COMPLETED CLOUDSTACK INSTALL AND
CONFIGURATION

28.  Expansion to further regions, zones, pods and clusters
 Add portal:
 Commercial offerings, e.g. Citrix CloudPlatform Business manager
 or you write your own…
 Configure reporting and billing
 Increase resilience:
 Add additional management servers
 Configure MySQL master/slave or MySQL / Galera cluster
 Integrate hardware load balancers:
 Netscalers
 Juniper SRX
 F5
CLOUDSTACK – NEXT STEPS

29. CLOUDSTACK DEMO

30. Q&A….
QUESTIONS

31. Apache CloudStack site:
http://docs.cloudstack.apache.org/en/master/
Citrix CloudPlatform:
http://www.citrix.com/products/cloudplatform/tech-info.html
My blog: https://dsonstebo.wordpress.com
My Github repo: https://github.com/dagsonstebo
Contact: dag@forseticonsulting.co.uk
MORE INFORMATION