OpenStack Deployments with Chef

51
OpenStack Deployments with Chef OpenStack Conference Spring 2012 Matt Ray [email protected] IRC/Twitter/LP/GitHub: mattray www.opscode.com

description

Chef is an open source configuration management and service integration automation tool that has been integral to a number of large successful OpenStack deployments. This talk will provide a brief introduction to Chef and why it frequently the configuration tool of choice for large deployments and discuss the use of Chef within the OpenStack ecosystem (development, testing, deploying and managing the installation). Chef also provides the ability to manage the instances running on top of Nova through the knife-openstack plugin.

Transcript of OpenStack Deployments with Chef

Page 1: OpenStack Deployments with Chef

OpenStack Deployments with Chef

OpenStack ConferenceSpring 2012

Matt [email protected]

IRC/Twitter/LP/GitHub: mattraywww.opscode.com

Page 2: OpenStack Deployments with Chef

Deploying and Managing OpenStack is not simple.

Page 3: OpenStack Deployments with Chef

Chef makes it easier.

Page 4: OpenStack Deployments with Chef

See Node

Application Server

Page 5: OpenStack Deployments with Chef

See Nodes

Application Server

Application Database

Page 6: OpenStack Deployments with Chef

See Nodes Grow

Application Server

Application Databases

Page 7: OpenStack Deployments with Chef

Application Servers

Application Databases

See Nodes Grow

Page 8: OpenStack Deployments with Chef

Application Servers

Application Databases

Load Balancer

See Nodes Grow

Page 9: OpenStack Deployments with Chef

See Nodes Grow

Application Servers

Application Databases

Load Balancers

Page 10: OpenStack Deployments with Chef

See Nodes Grow

Application Servers

Application Database Cache

Load Balancers

Application Databases

Page 11: OpenStack Deployments with Chef

Tied together with Config

Application Servers

Application Database Cache

Load Balancers

Application Databases

Page 12: OpenStack Deployments with Chef

Infrastructure is a Snowflake

Application Servers

Application Database Cache

Load Balancers

Floating IP?

Application Databases

Page 13: OpenStack Deployments with Chef

Evolving Complexity

Load Balancers

Application Servers

NoSQL

Database Slaves

ApplicationCache

Database Cache

Database

Page 14: OpenStack Deployments with Chef

Complexity Grows Quickly

DC1

DC3

DC2

Page 15: OpenStack Deployments with Chef

http://www.flickr.com/photos/16339684@N00/2681435235/

And it Continues to Evolve

Page 16: OpenStack Deployments with Chef

Chef is Infrastructure as Code

http://www.flickr.com/photos/louisb/4555295187/

• Programmatically provision and configure

• Treat like any other code base

• Reconstruct business from code repository, data backup, and bare metal resources.

Page 17: OpenStack Deployments with Chef

• Chef-Client generates configurations directly on nodes from their run list

• Reduce management complexity through abstraction

• Store the configuration of your programs in version control

http://www.flickr.com/photos/ssoosay/5126146763/

Nodes

Page 18: OpenStack Deployments with Chef

Collections of Resources

• Networking

• Files

• Directories

• Symlinks

• Mounts

• Routes

• Users

• Groups

• Tasks

• Packages

• Software

• Services

• Configurations

• Other Stuffhttp://www.flickr.com/photos/stevekeys/3123167585/

Page 19: OpenStack Deployments with Chef

Declarative Interface to Resources

• Define policy

• Say what, not how

• Pull not Push

http://www.flickr.com/photos/bixentro/2591838509/

Page 20: OpenStack Deployments with Chef

Ruby!

extra_packages = case node['platform'] when "ubuntu","debian" %w{ ruby1.8 ruby1.8-dev rdoc1.8 ri1.8 libopenssl-ruby } endextra_packages.each do |pkg| package pkg do action :install endend

Page 21: OpenStack Deployments with Chef

Recipes and Cookbooks

• Recipes are collections of Resources

• Cookbooks contain recipes, templates, files, custom resources, etc

• Code re-use and modularity

• Hundreds already on Community.opscode.com

http://www.flickr.com/photos/shutterhacks/4474421855/

Page 22: OpenStack Deployments with Chef

http://www.flickr.com/photos/kathycsus/2686772625

• IP addresses

• Hostnames

• FQDNs

• Search for nodes with Roles

• Find configuration data

Search

Page 23: OpenStack Deployments with Chef

pool_members = search("node","role:webserver”)

template "/etc/haproxy/haproxy.cfg" do source "haproxy-app_lb.cfg.erb" owner "root" group "root" mode 0644 variables :pool_members => pool_members.uniq notifies :restart, "service[haproxy]"end

Pass Results to Templates

Page 24: OpenStack Deployments with Chef

# Set up application listeners here.listen application 0.0.0.0:80 balance roundrobin <% @pool_members.each do |member| -%> server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check <% end -%><% if node["haproxy"]["enable_admin"] -%>listen admin 0.0.0.0:22002 mode http stats uri /<% end -%>

Pass Results to Templates

Page 25: OpenStack Deployments with Chef

Jboss App

Memcache

Postgres Slaves

Postgres Master

So when this

NagiosGraphite

Page 26: OpenStack Deployments with Chef

Jboss App

Memcache

Postgres Slaves

Postgres Master

NagiosGraphite

Becomes this

Page 27: OpenStack Deployments with Chef

Jboss App

Memcache

Postgres Slaves

Postgres Master

NagiosGraphite

Updates can be automatic

Page 28: OpenStack Deployments with Chef

NagiosGraphite

Count the resources

Jboss App

Memcache

Postgres Slaves

• Load balancer config

• Nagios host ping

• Nagios host ssh

• Nagios host HTTP

• Nagios host app health

• Graphite CPU

• Graphite Memory

• Graphite Disk

• Graphite SNMP

• Memcache firewall

• Postgres firewall

• Postgres authZ config

• 12+ resource changes for 1 node addition

Page 29: OpenStack Deployments with Chef

Build anything

• Simple internal applications

• Complex external applications

• Workstations

• Hadoop clusters

• IaaS infrastructure

• PaaS infrastructure

• SaaS applications

• Storage systems

• You name it

http://www.flickr.com/photos/hyku/245010680/

Page 30: OpenStack Deployments with Chef

And manage it simply

http://www.flickr.com/photos/helico/404640681/

• Automatically reconfigure everything

• Linux, Windows, Unixes, BSDs

• Load balancers

• Metrics collection systems

• Monitoring systems

• Cloud migrations become trivial

Page 31: OpenStack Deployments with Chef

The Chef Community

• Apache License, Version 2.0

• 675+ Individual contributors

• 125+ Corporate contributors

• Dell, Rackspace, VMware, DreamHost, Joyent, Heroku, RightScale, Deutsche Telekom and many more

• 450+ cookbooks

• http://community.opscode.com

Page 32: OpenStack Deployments with Chef

Resources

openstack-cookbooksopenstack-chefchef-openstack

crowbar

What's Out There?

Page 33: OpenStack Deployments with Chef

Opscode

• Bexar/Cactus, now deprecated

• original source for many other efforts

• Crowbar

• Mercado Libre

• HP

• Apache 2 license

• http://wiki.opscode.com/display/chef/Deploying+OpenStack+with+Chef

• github.com/mattray/openstack-cookbooks

Page 34: OpenStack Deployments with Chef

TryStack

• TryStack.org, NTT & others

• Smokestack testing

• Xen & PostgreSQL

• Apache 2 license

• #trystack on irc.freenode.org & Facebook

• github.com/openstack/openstack-chef

Page 35: OpenStack Deployments with Chef

Rackspace Cloud Builders

• Rackspace, DreamHost, Opscode & others

• KVM & MySQL on Ubuntu 12.04 (others)

• Apache 2 license

• #openstack-chef on irc.freenode.net

• github.com/osops/

• monitoring, logging, operations tools

• github.com/rcbops/chef-cookbooks

Page 36: OpenStack Deployments with Chef

Crowbar

• Datacenter installer from Dell

• Extension of the Chef server

• "Barclamps" contain cookbooks + more

• Dell released under the Apache 2 license

• Dell, enStratus, Opscode & many others

• Mailing list and Skype

• github.com/dellcloudedge/crowbar

Page 37: OpenStack Deployments with Chef

Deploying OpenStack

• Chef ties it all together automatically

• Scaling changes how we deploy

• Interchangeable components

• Configurations shared, supported & documented

• Licensing makes it available to everyone

Page 38: OpenStack Deployments with Chef

knife openstack

Page 39: OpenStack Deployments with Chef

knife openstack

$ knife openstackAvailable openstack subcommands: (for details, knife SUB-COMMAND --help)

** OPENSTACK COMMANDS **knife openstack flavor list (options)knife openstack image list (options)knife openstack server create (options)knife openstack server delete SERVER [SERVER] (options)knife openstack server list (options)

Page 40: OpenStack Deployments with Chef

knife openstack flavor list

$ knife openstack flavor listID Name Virtual CPUs RAM Disk 1 m1.tiny 1 512 MB 0 GB 2 m1.small 1 2048 MB 20 GB 3 m1.medium 2 4096 MB 40 GB 4 m1.large 4 8192 MB 80 GB 5 m1.xlarge 8 16384 MB 160 GB

Page 41: OpenStack Deployments with Chef

knife openstack image list

$ knife openstack image listID Name 13 natty-server-cloudimg-amd64 12 natty-server-cloudimg-amd64-kernel 15 oneiric-server-cloudimg-amd64 14 oneiric-server-cloudimg-amd64-kernel

Page 42: OpenStack Deployments with Chef

knife openstack server create --node-name ko1 --flavor 1 --image 13 -S trystack

knife openstack server create

Page 43: OpenStack Deployments with Chef
Page 44: OpenStack Deployments with Chef

$ ssh -i ~/.ssh/trystack.pem [email protected] authenticity of host '8.21.28.24 (8.21.28.24)' can't be established.RSA key fingerprint is 0c:d8:3e:34:d1:de:c4:ee:5f:bc:b5:89:11:0d:73:e0.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '8.21.28.24' (RSA) to the list of known hosts.Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-13-virtual x86_64)

* Documentation: https://help.ubuntu.com/

System information as of Thu Feb 16 23:43:29 UTC 2012

System load: 0.08 Processes: 63 Usage of /: 40.8% of 1.35GB Users logged in: 0 Memory usage: 6% IP address for eth0: 8.21.28.24 Swap usage: 0%---------------------------------------------------------------------<snip>Get cloud support with Ubuntu Advantage Cloud Guest http://www.ubuntu.com/business/services/cloud

The programs included with the Ubuntu system are free software;the exact distribution terms for each program are described in theindividual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted byapplicable law.

To run a command as administrator (user "root"), use "sudo <command>".See "man sudo_root" for details.

ubuntu@ko1:~$

Page 45: OpenStack Deployments with Chef

Chef for Infrastructure Portability

• knife ec2

• knife rackspace

• knife hp

• knife openstack

• ... and many others

Page 46: OpenStack Deployments with Chef

What's Next?

http://www.flickr.com/photos/felixmorgner/4347750467/

Page 47: OpenStack Deployments with Chef

knife-openstack Roadmap

• http://wiki.opscode.com/display/chef/OpenStack+Bootstrap+Fast+Start+Guide

• Merges & publish on rubygems.org

• Testing with Essex

• tickets.opscode.com/browse/KNIFE_OPENSTACK

Page 48: OpenStack Deployments with Chef

Chef Roadmap

• Chef 0.10.10

• Full Stack installer

• Linux, BSDs, OSX, Solaris (Illumos), Windows

• Chef 11

• Reporting

• Dry Run

Page 49: OpenStack Deployments with Chef

• Additional Hypervisors

• More Databases

• Operations Support

• HA Configuration

• Additional Operating Systems

• Folsom (Quantum, Melange, etc.)

OpenStack Cookbooks Roadmap

Page 50: OpenStack Deployments with Chef

• Collaborate with the Community

• Reference cookbooks for Essex

• OpenStack Quick Start tutorial

• Refresh Deploying OpenStack with Chef

• Knife OpenStack enhancements

Opscode's OpenStack Roadmap