Andy McCrae presented on using Ansible to deploy and automate OpenStack. He discussed how OSAD (OpenStack Ansible Deployment) was created by Rackspace to solve common deployment, maintenance, scalability and stability problems with OpenStack. OSAD uses LXC containers, a source-based installation of OpenStack and a multi-master architecture orchestrated by Ansible. It aims to provide a stable, scalable deployment of OpenStack without proprietary components or out of date packages. McCrae then demonstrated OSAD and took questions from the audience.
Build cloud like Rackspace with OpenStack AnsibleJirayut Nimsaeng
Build cloud like Rackspace with OpenStack Ansible Workshop in 2nd Cloud OpenStack-Container Conference and Workshop 2016 at Grand Postal Building, Bangrak, Bangkok on September 22-23, 2016
Build cloud like Rackspace with OpenStack AnsibleJirayut Nimsaeng
Build cloud like Rackspace with OpenStack Ansible Workshop in 2nd Cloud OpenStack-Container Conference and Workshop 2016 at Grand Postal Building, Bangrak, Bangkok on September 22-23, 2016
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStackOpenStack
Containers and OpenStack
Audience: Intermediate
Topic: Infrastructure
Abstract: Containers are the new darling of the development world, and many are calling for an end of the IaaS world. But there are still key reasons that IaaS is important even as Container based development becomes the desired path for the development community. We will review containers in the context of their growth in popularity, and look at how OpenStack both continues to support and enable Container solutions, and the latest developments in OpenStack as a containerized solution directly.
Speaker Bio: Marc Van Hoof, Kumulus
Marc van Hoof has been in the technology industry for over 20 years, focused on developing, deploying, and scaling internet applications. He was part of a team that built the first internet data centre in Australia, has worked on some of the largest online real-time events, and advises companies on how to take advantage of the true benefits of migrating to the cloud.
OpenStack Australia Day Government - Canberra 2016
https://events.aptira.com/openstack-australia-day-canberra-2016/
OpenStack “Liberty,” due for imminent release, represents the 12th release of the open source computing platform for public and private clouds. Recent OpenStack releases have focused on improving stability and enhancing the operator experience. This is still the case with Liberty, but there are still new features to consider.
Join Sean Cohen and Steve Gordon to review notable features of this new OpenStack release, including:
Network quality of service (QoS) support via a new extensible API for dynamically defining per-port and per-network QoS policies.
Mark host down API enhancement in support of external high-availability solutions, including pacemaker, providing resilient instances in the event of compute node failure.
Enhanced Security Assertion Markup Language (SAML) support including dashboard integration, Ipsilon, and OpenID Connect support.
Role-based access control (RBAC) for networks, providing fine-grained permissions for sharing networks between tenants.
Dashboard support for database-as-a-service (Trove), subnet allocation, floating IP assignment, and volume migration.
Generic volume migration—adding the ability to migrate workloads from iSCSI to non-iSCSI back ends.
New Cinder replication API to allow block level replication between back ends.
Nondisruptive backup to allow backup while the volume is still attached, by performing backup from a temporary attached snapshot.
New Image signing and encryption to guarantee integrity by supporting signing and signature validation of bootable images.
In addition we’ll discuss the state of emerging projects including Manila and Zaqar.
Devstack is an opinionated installer for Openstack. Gigaspaces Cloudify uses the Ravello cloud to run multiple instances of Devstack, with nested virutalization, each with a different openstack version and configuration
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...Elos Technologies s.r.o.
Konference Red Hat Cloud Infrastructure 2013 ze dne 20.9. 2013 a prezentace od product managera pro cloud ze společnosti Red Hat. Všechna práva vyhrazena.
Software Defined networking - An overview
OpenStack Neutron Overview
OpenVswitch - Overview
Neutron-VXLAN-GRE-OVS : behind the scenes
neutron Packet flow to external network
neutron Packet flow from VM to VM
OpenStack Journey to implement private cloud at Kaidee in 2nd Cloud OpenStack-Container Conference and Workshop 2016 at Grand Postal Building, Bangrak, Bangkok on September 22-23, 2016.
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStackOpenStack
Containers and OpenStack
Audience: Intermediate
Topic: Infrastructure
Abstract: Containers are the new darling of the development world, and many are calling for an end of the IaaS world. But there are still key reasons that IaaS is important even as Container based development becomes the desired path for the development community. We will review containers in the context of their growth in popularity, and look at how OpenStack both continues to support and enable Container solutions, and the latest developments in OpenStack as a containerized solution directly.
Speaker Bio: Marc Van Hoof, Kumulus
Marc van Hoof has been in the technology industry for over 20 years, focused on developing, deploying, and scaling internet applications. He was part of a team that built the first internet data centre in Australia, has worked on some of the largest online real-time events, and advises companies on how to take advantage of the true benefits of migrating to the cloud.
OpenStack Australia Day Government - Canberra 2016
https://events.aptira.com/openstack-australia-day-canberra-2016/
OpenStack “Liberty,” due for imminent release, represents the 12th release of the open source computing platform for public and private clouds. Recent OpenStack releases have focused on improving stability and enhancing the operator experience. This is still the case with Liberty, but there are still new features to consider.
Join Sean Cohen and Steve Gordon to review notable features of this new OpenStack release, including:
Network quality of service (QoS) support via a new extensible API for dynamically defining per-port and per-network QoS policies.
Mark host down API enhancement in support of external high-availability solutions, including pacemaker, providing resilient instances in the event of compute node failure.
Enhanced Security Assertion Markup Language (SAML) support including dashboard integration, Ipsilon, and OpenID Connect support.
Role-based access control (RBAC) for networks, providing fine-grained permissions for sharing networks between tenants.
Dashboard support for database-as-a-service (Trove), subnet allocation, floating IP assignment, and volume migration.
Generic volume migration—adding the ability to migrate workloads from iSCSI to non-iSCSI back ends.
New Cinder replication API to allow block level replication between back ends.
Nondisruptive backup to allow backup while the volume is still attached, by performing backup from a temporary attached snapshot.
New Image signing and encryption to guarantee integrity by supporting signing and signature validation of bootable images.
In addition we’ll discuss the state of emerging projects including Manila and Zaqar.
Devstack is an opinionated installer for Openstack. Gigaspaces Cloudify uses the Ravello cloud to run multiple instances of Devstack, with nested virutalization, each with a different openstack version and configuration
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...Elos Technologies s.r.o.
Konference Red Hat Cloud Infrastructure 2013 ze dne 20.9. 2013 a prezentace od product managera pro cloud ze společnosti Red Hat. Všechna práva vyhrazena.
Software Defined networking - An overview
OpenStack Neutron Overview
OpenVswitch - Overview
Neutron-VXLAN-GRE-OVS : behind the scenes
neutron Packet flow to external network
neutron Packet flow from VM to VM
OpenStack Journey to implement private cloud at Kaidee in 2nd Cloud OpenStack-Container Conference and Workshop 2016 at Grand Postal Building, Bangrak, Bangkok on September 22-23, 2016.
During a Denver Women in Tech (WIT) User Group meeting I led a discussion on resume tips & tricks as well as gave feedback on resumes that were submitted beforehand.
Docker in Production from Docker meetup Thailand 2016 #1 @ Kaidee on January 14, 2016
This slide will tell you about pitfall when you want to use Docker in Production.
A presentation delivered by Arctiq, onsite in Toronto, on Mar 1, 2017. The presentation discusses Ansible as an automation tool for Linux, Windows, and network devices. Reach out if you would like more information www.arctiq.ca
Microservices: Where do they fit within a rapidly evolving integration archit...Kim Clark
Do microservices force us to look differently at the way we lay down and evolve our integration architecture, or are they purely about how we build applications? Are microservices a new concept, or an evolution of the many ideas that came before them? What is the relationship between microservices and other key initiatives such as APIs, SOA, and Agile. In this session, we will unpick what microservices really are, and indeed what they are not. We will consider whether there is something unique about this particular point time in technology that has enables microservice concepts to take hold. Finally, we will look at if, when, where and how an enterprise can take on the benefits of microservices, and what products and technologies are applicable for that journey.
Ansible: How to Get More Sleep and Require Less CoffeeSarah Z
Why you need automation, configuration management and remote execution in your life. An intro to Ansible and how it can make your life in Ops infinitely easier.
Keynote at Dockercon Europe Amsterdam Dec 4th, 2014.
Speeding up development with Docker.
Summary of some interesting web scale microservice architectures.
Please send me updates and corrections to the architecture summaries @adrianco
Thanks Adrian
This is an Introductory presentation about Docker and Openstack, where they come together. This also give details about community projects in this area (Docker + Openstack) and more details about Nova-Docker. It assumes background of both Dockers and Openstack in general.
Presentation give at the Melbourne Docker Meetup on container related projects within OpenStack. Specifically looking at Project Magnum and Project Kolla and how they are leveraging technologies like Docker, Kubernetes and Atomic.
9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)Stacy Véronneau
Like that title states, this is a quick slide deck to help people consume OpenStack resources from Kubernetes. It covers elements running on a laptop to consuming a full production cloud.
"In the beginning there was RPM, and it was good." Certainly, Linux packaging has solved many of the problems involved in shipping software, from creation to consumption and maintenance. As software development and deployment have evolved, however, new pain points have cropped up that have not been solved by traditional packaging tools.
Are containers the answer? They may be able to solve many of the current problems, but they also introduce a new set of issues and ignore important lessons from the evolution of distribution-level packaging.
Presentation given during Virginia Alliance for Secure Computing and Networking (VASCAN). Covers what containers actually are, as well as how they change the way we secure, patch, and run apps and infrastructure.
OpenShift Commons Briefing: Ask Me Anything about Cinder and GlanceBrian Rosmaita
Overview and update on the OpenStack Cinder and Glance projects, including a discussion of upstream OpenStack development, Cinder third-party backend drivers, and how these impact OpenShift.
Accelerating Neutron with Intel DPDK from #vBrownBag session at OpenStack Summit Atlanta 2014.
1. Many OpenStack deployments use Open vSwitch plugin for Neutron.
2. But its performance and scalability are not enough for production.
3. Intel DPDK vSwitch - an DPDK optimized version of Open vSwitch developed by Intel and publicly available at 01.org. But it doesn't have enough functionality for Neutron. We have implemented the needed parts included GRE and ARP stacks. Neutron pluging
4. We got 5 times performance improving for netwroking in OpenStack!
OpenStack is a free and open-source software platform for cloud computing, mostly deployed as an infrastructure-as-a-service (IaaS). OpenDaylight is an open source project under the Linux Foundation with the goal of furthering the adoption and innovation of SDN through the creation of a common industry supported platform.
In this session, I will talk about how OpenStack and OpenDaylight can be combined together to solve real world business cases and networking needs. We will cover:
- What is OpenDaylight
- Use cases for OpenDaylight with OpenStack
- The OpenDaylight NetVirt project
- How OpenDaylight interacts with OpenStack
- The future of OpenDaylight, and how we see it help solving challenges in the networking industry such as NFV, container networking and physical network fabric management -- the open source way.
Introduction to Docker, the open source Linux containers engine.
Presentation for the Montreal DevOps meetup on Jan 6, 2014.
Material, code, examples available at https://github.com/colinsurprenant/devopsmtl-docker
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...Cynthia Thomas
This session offers techniques for securing Docker containers and hosts using open source network virtualization technologies to implement microsegmentation. Come learn real tips and tricks that you can apply to keep your production environment secure.
Do you think of cheetahs not RabbitMQ when you hear the word Swift? Think a Nova is just a giant exploding star, not a cloud compute engine. This deck (presented at the OpenStack Boston meetup) provides introduction will answer your many questions. It covers the basic components including: Nova, Swift, Cinder, Keystone, Horizon and Glance.
Similar to Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, OpenStack Israel 2015 (20)
In any Cloud Native architecture there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity.
In this talk we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level events. We will also show how to create Falco rules to detect behaviors in these new event streams. We show how we implemented Kubernetes audit events in Falco, and how to configure the event stream.
Kafka Mirror Tester: Go and Kubernetes Powered Test Suite for Kafka Replicati...Cloud Native Day Tel Aviv
Inspired by the Jepsen series of database test suites I created kafka-mirror-tester, a cross-Atlantic automated test suite for Kafka mirroring using Golang and Kubernetes. There, I said k8s, need I say more?
Join me to learn how k8s solves database automation tasks and Go drives those tests.
Kubernetes was originally targeted for running large scale web applications.
I/O intensive workload represents a class of high-end applications such as network services, trading applications, database services that require high-speed access to hardware resources and often users specific hardware or CPU features to maximize their performance.
Service meshes are all the buzz in cloud-native world.
How come only yesterday we didn't know such a thing existed and now everybody seems to want one?
If you're already running a microservice-based system or only starting out with one, you may be asking yourself : "Do I also need a mesh?"
In this session we'll try to answer what the mesh is good for, what problem it solves, what new questions it poses.
Devices on the edge are highly varied in hardware and capabilities, even within the same technology space. Knowing that, how do we design an efficient, scalable, and reliable solution for updating the software on these devices, all while minimizing downtime for the user?
Kubernetes, Knative, serverless, cloud databases, authentication APIs, SMS APIs, payment APIs. Building a SaaS product is exciting, and we have so many tools that help build a cloud-native application, but this also introduces so many design choices we should consider.
If you are interested in monitoring, and successfully set up a system (whether home-grown or custom-off-the-shelf) for your own use, there comes a moment when you go from monitoring only the systems you care about, to monitoring systems that other people care about. Monitoring for yourself is all about having the best data for the least effort. Monitoring for others? That's when your job becomes a game of "what just happened" whack-a-mole.
Ever wondered how the K8s scheduler works, and how can you “help” it make the right decision for your application? In this session, we'll cover several different scheduling use-cases in K8s, what scheduling techniques are required in each and when to use them.
10 years ago, we promoted the move from pet systems to faceless hordes of electronic cattle grazing on commodity infrastructure. But as the evolution of the cloud progresses we find that the cattle methodology is no longer sufficient and that cloud native systems resemble some other biological entity…
MySQL shell is the MySQL client of the future. It will help you in your daily operations, whatever they are. It doesn't matter if you are a developer or an administrator, if you want to work with relational or non relational data, if you want to setup or monitor your cluster, if you want to work with SQL language or javascript or python.
Discover how MySQL shell will help you, no matter what you want to do with MySQL!
Cloud Native is more than a tool set. It is a full architecture, a philosophical approach for building applications that take full advantage of cloud computing. Going Cloud Native requires an organization to shift not only its tech stack but also its culture and processes.
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...Cloud Native Day Tel Aviv
As the public, private and consumer sectors rush to the cloud, the main hurdles are not feasibility or sensor/network price.
They are -Complexity of deployment due to inadequate IOT standards, inability to guarantee performance, and a growing fear of the liabilities generated by holding and processing data with privacy aspects.
Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...Cloud Native Day Tel Aviv
Running Highly Available Large Scale Systems is a lot of work. For the past 2.5 years, we've been running 100% serverless on a full production environment, serving customers worldwide. No VMs, no containers, no Kubernetes. Just code.
In this session I will present why we decided to go fully serverless at Torii, how it helped us move faster than our competitors, where did serverless computing worked best and where there's more work to be done.
12 Factor Serverless Applications - Mike Morain, AWS - Cloud Native Day Tel A...Cloud Native Day Tel Aviv
The “Twelve-Factor” application model has come to represent twelve best practices for building modern, cloud-native applications. With guidance on things like configuration, deployment, runtime, and multiple service communication, the Twelve-Factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications. Although Serverless computing and AWS Lambda have changed how application development is done, the “Twelve-Factor” best practices remain relevant and applicable in a Serverless world. In this talk, we’ll apply the “Twelve-Factor” model to Serverless application development with AWS Lambda and Amazon API Gateway and show you how these services enable you to build scalable, low cost, and low administration applications.
Not my problem! Delegating responsibilities to the infrastructure - Yshay Yaa...Cloud Native Day Tel Aviv
When creating a new Microservice you typically need to add a lot of boilerplate to the code, such as logging, metrics, authentication, SSL, secrets/credentials, etc... All this ends up overshadowing the actual logic of the service itself and results in a lot of dependencies and code. Because of this, we at Soluto created a template for the boilerplate, which worked great...
Until we had to upgrade one of the dependencies which resulted in huge effort of code upgrades and deployment across each and every service that uses the template. And that’s besides the fact we needed to make a separate template for each language we used (and over the years, the number of programming languages we use at production increased dramatically).
We needed a way to simplify all this. We wanted to get rid of the boilerplate while maintaining the functions listed above. So we decided to delegate the entire responsibility to the Kubernetes infrastructure. In this lecture, I will do a live coding session and show you how to remove the boilerplate from your code and move it to the infrastructure, and discuss the benefits and limitations of this approach.
Brain in the Cloud: Machine Learning on OpenStack & Kubernetes Done Right - E...Cloud Native Day Tel Aviv
Machine Learning is no doubt the hottest trend in IT nowadays. Deep Neural Network (DNN), a subfield of Machine Learning with mode of operation loosely inspired by the brain, allows us to solve complex problems such as image recognition that has been very difficult to solve using standard programming paradigms. DNN concepts are not new. However, and until recently, applying them in practice could not be realized due to their high computational demands. With the recent development in parallel computing, especially around GPU acceleration and high speed and efficient networking, DNN has become a reality in modern data centers. In this talk we will describe the system requirements to effectively run a machine learning cluster with popular frameworks such as TensorFlow. We will discuss how such a system can be deployed in an OpenStack-based cloud without compromises, enjoying high-performance DNN programming paradigm as well as the benefits of cloud and software-defined data centers.
A stateful application walks into a Kubernetes bar - Arthur Berezin, JovianX ...Cloud Native Day Tel Aviv
Cloud native applications are commonly thought as stateless, horizontally scalable workloads that you can scale-up and down on-demand. Kubernetes, as the commodity cloud native orchestrator, was originally designed for such workloads. A lot has evolved since Kubernetes’ inception, and nowadays many of the stateful applications are migrating to Kubernetes. While not everything is perfect, more and more features are added to support complex stateful use-cases. In this session Arthur will cover the following topics:
- Breakdown of a stateful application
- Planning a stateful application on Kubernetes
- The state of Kubernetes StatefulSets, Persistent Volumes, DNS, Networking, operators and High Availability
- A practical use-case and DEMO of a stateful application with Kubernetes
I want it all: go hybrid - Orit Yaron, Outbrain - Cloud Native Day Tel Aviv 2018Cloud Native Day Tel Aviv
All around you hear people taking a firm stand - whether it is pro-Cloud or against it. Almost like "would you prefer Chocolate or Vanilla ice cream?" Well, I like both! On this talk, I would like to suggest a more inclusive approach, sharing Outbrain journey in the attempt to enjoy both worlds.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
4. 4
Why are we here?
In late 2013, the Rackspace Private Cloud team set out to solve our common
deployment, maintenance, scalability, and stability problems.
5. 5
Distribution packaging of OpenStack
● Out of date packages
● Out of band configuration
● Packages include proprietary patches
● Time to bug resolution is longer than it should
● Broken dependencies
6. 6
Legacy architecture does not scale
● Almost all deployment systems reference an architecture that
suffers from the “controller 1 controller 2” model
● VIP failover for OpenStack supporting services bound to break and
when it does it’ll break spectacularly!
7. 7
What we devised
A source-based installation of OpenStack, built within LXC containers, using a
multi-master architecture orchestrated and deployed via Ansible.
8. 8
Why Ansible?
● Community engagement
● Orchestration
● Almost no code
● Low barrier to entry
● Crazy powerful, stupid simple
9. 9
Why containers?
● LXC ≈ More bare metal
● Compatible with many networking architectures
● Supports an LVM backend
● Stable
10. 10
What is OSAD?
OSAD == OpenStack Ansible Deployment
● Uses LXC containers to isolate components and services
● Deploys OpenStack from upstream sources
● Runs on Ubuntu 14.04
● Built for production
● No proprietary secrete sauce
○ But you could bolt on as much as you want
● Created following the KISS principle
11. 11
● All Ansible tasks and roles target multiple nodes, even if that number is a multiple of one (1)
○ EVERYTHING is tagged!
● Process separation on infrastructure components (controller nodes)
○ Microservice-like, where it makes sense
OSAD architecture
12. 12
● Galera multi-master cluster
● RabbitMQ with mirrored queues and deterministic sorting of the master queues
● Pip Package index build for your environment stored within your environment
OSAD infrastructure components
13. 13
● OSAD does not know about the “all in one” deployment
○ LXC enables the base system to deploy a multi-node cloud even with only one physical node
○ An AIO in our gate job emulates a 32 node cloud
● Neutron with the Linux Bridge agent offer stability and supportability
○ Open vSwitch is feature-full but Linux Bridge “just works”™
OSAD scale
14. 14
Community project
● We support Juno and Icehouse but the code contains Rackspace-isms
● Kilo is our first “community” release of OSAD
● 41 contributors presently in the project
○ Not all Rackers
15. 15
● Deployer experience: Ansible
● Vanilla OpenStack: Source-based installation
● Scalability: Built within LXC containers
● Stability: Obviously!
OSAD and what we’re about
OpenStack is hard. plain and simple, especially in production. People writing configuration management software for OpenStack know that OpenStack is hard but we’re all out there trying to make life easier for everyone in the community.
Old method, to new, what issues did we have, why re-architecture?
What issues did we have with packaging?
Carrying monkey patches etc.
The controller model makes it hard or impossible to scale past 2 controllers and in production under heavy workloads
we’ve found that operators need the ability to scale beyond the two node limit.
If you use the controller model and you have two of them, then you likely have a VIP that fails over between the two nodes
this VIP failover is error prone and makes services like plain jane MySQL and RabbitMQ very unhappy. The controller
model generally does not account for the issues that can be caused when using mirrored queues.
Mention ansible selected os-ad as official openstack deployment for ansible.
* Community, community, community…
* The power of true orchestration and task driven deployments, not a system of run thrice until nice.
* YAML is not code, YAML is easy to read, YAML is not code, YAML is easy to read.
* Everything is SSH, no agent, no CVEs due to agents.
* If the environment is large enough simply set Ansible forks accordingly and go…
* We made the LXC module.
** Pull request from rackspace for use of lxc in ansible natively: https://github.com/ansible/ansible-modules-extras/pull/123
* LXC is almost more bare metal. With LXC we can simulate additional host machines and treat the containers like just the same as we would another physical node.
* LXC is compatible with a lot of networks: veth, vlan, macvlan, and even physical device management.
* LXC can be built in an LVM using a real filesystem that can handle a production workload.
* LXC is rock solid. Container don’t crash under our workload, we’ve had containers up with impressive uptime, though we still treat them like disposable resources.
* OSAD is in stackforge and is gated using the OpenStack development process and model.
* Everything is tested with tempest.
* Containers for process and service separation.
* OpenStack services are installed from upstream sources.
* No proprietary software that you have to buy into.
^ and we have scale using OpenStack as it was intended from the upstream developers.
Our OpenStack deployment includes:
galera, rabbitmq, repository servers, rsyslog, memcached, keystone, glance, nova, neutron, heat, cinder, tempest, swift, horizon
* Ansible tagging allows me to run one logical set of tasks in a given role.
- Within the roles everything is a namespaced, even the tags.
- there are presently 319 tags in master.
* Process and service separation in containers means everything is a “node”.
* In the spirit of all things open source, we use MariaDB + Galera.
* Your own personal PyPi index, local to your deployment is always available to you, but it’s also mirrored at:
- http://rpc-repo.rackspace.com/
- https://mirror.rackspace.com/rackspaceprivatecloud/
* All in One simulates a larger environment than most production clouds.
* We used OVS, it worked, until it didn’t.
- For production we use LinuxBridge and in the future we’ll visit other plugins.
* We have an internally elected PTL at this point, though we’ll have a formal election soon.
* Everything is gated through gerrit.
The community commitment within the project forced us to refactor to make the system more supportable from the perspective of the greater community. That refactor forced us to “keystone-lite” the repo such that it removed all of the Rackspace-isms making the deployment system more generic.
Contributor list
# git log --format='%aN' | sort -u | wc -l
Vanilla OpenStack, in terms of the bits that power all of OpenStack is simpler to use, operate, and understand.
Simple is amazing!
* https://github.com/docker/docker/issues/7229
* https://www.mail-archive.com/aufs-users@lists.sourceforge.net/msg03847.html
* http://www.linuxquestions.org/questions/linux-general-1/which-linux-distros-use-aufs-unionfs-630594/
Cloud components are cattle, spend 30 minutes troubleshooting a broken component and if its not simple to fix kill them when they misbehave.
Key Message: Bring familiarity to the OpenStack ecosystem; focus on Keystone use and role management; provides tight security controls
Key Message: Is a visual demonstration to the new v9.0 architecture; built with a distributed approach in mind
* An Highly Available Production ready build of OpenStack requires a series of servers
* Configuration of components must be without error and must be repeatable