Config mgmt camp 2015
-
Upload
colleenmurphy -
Category
Technology
-
view
138 -
download
2
Transcript of Config mgmt camp 2015
About Me● Background in system administration and
puppet at Portland State University● Puppet Labs module engineer● StackForge puppet core contributor
Colleen Murphy freenode/crinkle twitter/@pdx_krinkle github/cmurphy⚙ ⚙ ⚙
Overview● Intro to OpenStack● Leveraging puppet for OpenStack● What makes puppet awesome at this● Challenges we’re facing as puppet users
What is OpenStack?OpenStack is an open source cloud computing platform.● Public clouds - Amazon competitors● Private clouds - Internal infrastructure,
developer support, QA support
An OpenStack Deployment
CinderBlock Storage
DesignateDNS
TroveDatabase
ZaqarMessaging
ManilaShared Files
HorizonDashboard
TempestQA
GlanceImage
SwiftObject Storage
CeilometerTelemetry
SaharaData Processing
NeutronNetworking
HeatOrchestration
BarbicanKey Mgmt
IronicBare Metal
NovaCompute
KeystoneIdentity
MySQLRabbitMQ
An OpenStack Deployment
CinderBlock Storage
DesignateDNS
TroveDatabase
ZaqarMessaging
ManilaShared Files
HorizonDashboard
TempestQA
GlanceImage
SwiftObject Storage
CeilometerTelemetry
SaharaData Processing
NeutronNetworking
HeatOrchestration
BarbicanKey Mgmt
IronicBare Metal
NovaCompute
KeystoneIdentity
MySQLRabbitMQ
Puppetizing OpenStack
CinderBlock Storage
DesignateDNS
TroveDatabase
ZaqarMessaging
ManilaShared Files
HorizonDashboard
TempestQA
GlanceImage
SwiftObject
Storage
CeilometerTelemetry
SaharaData Processing
NeutronNetworking
HeatOrchestration
BarbicanKey Mgmt
IronicBare Metal
NovaCompute
KeystoneIdentity
MySQLRabbitMQ
Puppetizing OpenStack
CinderBlock Storage
DesignateDNS
TroveDatabase
ZaqarMessaging
ManilaShared Files
HorizonDashboard
TempestQA
GlanceImage
SwiftObject Storage
CeilometerTelemetry
SaharaData Processing
NeutronNetworking
HeatOrchestration
BarbicanKey Mgmt
IronicBare Metal
NovaCompute
KeystoneIdentity
MySQLRabbitMQ
openstacklib
openstack_extras
apache
firewall
epel
corosync
memcached
ntp
apt
Resource Abstraction Layerpackage { 'nova': ensure => installed, name => $package_name,}
file { '/etc/nova/nova.conf': mode => 0640, owner => 'nova', group => 'nova', require => Package['nova'],}
service { 'nova-api': ensure => running, enable => true,}
Resource Abstraction Layerkeystone_tenant { 'services': ensure => present, description => 'Services Tenant', enabled => true,}
neutron_subnet { '10.0.0.0/24': cidr => '10.0.0.0/24', ip_version => '4', enable_dhcp => true, network_name => 'private', tenant_name => 'services', dns_nameservers => [$dns],}
nova_config { 'DEFAULT/default_floating_pool': value => 'private'}
Hiera######## Fixed IPs (controllers)
openstack::controller::address::api: '192.168.11.4'openstack::controller::address::management: '172.16.33.4'openstack::storage::address::api: '192.168.11.5'openstack::storage::address::management: '172.16.33.5'
######## Database
openstack::mysql::root_password: 'spam-gak'openstack::mysql::service_password: 'fuva-wax'openstack::mysql::allowed_hosts: ['localhost', '127.0.0.1', '172.16.33.%']
openstack::mysql::keystone::user: 'keystone'openstack::mysql::keystone::pass: 'fuva-wax'
Hieranode 'control.example.com' { include ::openstack::role::controller}node 'storage.example.com' { include ::openstack::role::storage}node 'network.example.com' { include ::openstack::role::network}node 'compute.example.com' { include ::openstack::role::compute}