OpenNebulaConf 2014 - Practical experiences with OpenNebula for cloudifying a SaaS - Tim Verhoeven
OpenNebula and SaltStack - OpenNebulaConf 2013
-
Upload
databuspro -
Category
Technology
-
view
1.020 -
download
1
Transcript of OpenNebula and SaltStack - OpenNebulaConf 2013
![Page 1: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/1.jpg)
OpenNebula and
SaltStackValentin Bud
CEO
databus.pro | [email protected] | @databuspro
OpenNebulaConfBerlin, Germany, September 25th
#OpenNebulaConf
![Page 2: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/2.jpg)
SaltStackAbout
• The name is the vision
• A different approach to infrastructure management
• Transparent control system
• A simple viable building block
#OpenNebulaConfValentin Bud | @valentinbud#CloudTim
![Page 3: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/3.jpg)
SaltStackStanding on the Shoulders of the Giants
• Python
• 0MQ
• MessagePack
• M2Crypto
#OpenNebulaConfValentin Bud | @valentinbud
![Page 4: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/4.jpg)
SaltStackArchitecture
...
0MQ
MASTER(S)
minion
minion
minion
#OpenNebulaConfValentin Bud | @valentinbud
![Page 5: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/5.jpg)
SaltStackThe Remote Execution Engine
root@salt ~ # salt ‘*’ test.ping
nfs:
True
salt:
True
node01:
True
salt nfs
test.ping
response
0MQ
#OpenNebulaConfValentin Bud | @valentinbud
![Page 6: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/6.jpg)
SaltStackMeet your minions - Grains
root@salt ~ # salt ‘nfs’ grains.items
nfs:
...
kernel: Linux
kernelrelease: 2.6.32-358.18.1.el6.x86_64
localhost: nfs master: salt
mem_total: 1877
nodename: nfs
num_cpus: 2
num_gpus: 1
os: CentOS
os_family: RedHat
oscodename: Final
osfullname: CentOS
...
#OpenNebulaConfValentin Bud | @valentinbud
![Page 7: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/7.jpg)
SaltStackGrains - Tag your minions
root@salt ~ # salt ‘salt’ grains.setval role opennebula-frontend
salt:
role: opennebula-frontend
root@salt ~ # salt ‘salt’ grains.item role
salt:
role:
opennebula-frontend
#OpenNebulaConfValentin Bud | @valentinbud
![Page 8: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/8.jpg)
SaltStackTarget your Minions
GLOBBING
root@salt ~ # salt -G 'web*' test.ping
REGULAR EXPRESSIONS
root@salt ~ # salt -E 'web1-(prod|devel)' test.ping
LISTS
root@salt ~ # salt -L 'web1,web2,web3' test.ping
GRAINS
root@salt ~ # salt -G '@os:CentOS' test.ping
#OpenNebulaConfValentin Bud | @valentinbud
![Page 9: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/9.jpg)
OpenNebula and SaltStackOpenNebulaConf Demo Cloud
salt
frontend
node01
salt
nfs
Services Networkprivate
virtual
machine
network
#OpenNebulaConfValentin Bud | @valentinbud
![Page 10: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/10.jpg)
SaltStackThe State System
• The Configuration Management component
• Already available with a basic setup
• Powerful, fast, lightweight system
#OpenNebulaConfValentin Bud | @valentinbud
![Page 11: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/11.jpg)
opennebula-server StateInstall the OpenNebula Server
opennebula-server/init.sls:
opennebula-server:
pkg:
- installed
service:
- running
- require:
- pkg: opennebula-server
#OpenNebulaConfValentin Bud | @valentinbud
![Page 12: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/12.jpg)
The Anatomy of a StateIT IS ALL JUST DATA!
opennebula-server/init.sls:
opennebula-server:
pkg:
- installed
service:
- running
- require:
- pkg: opennebula-server
ID DECLARATION
STATE DECLARATION
STATE ARGUMENTS
#OpenNebulaConfValentin Bud | @valentinbud
![Page 13: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/13.jpg)
opennebula-sunstone StateBeyond a single State File
opennebula-server/init.sls:
opennebula-server:
pkg:
- installed
service:
- running
- require:
- pkg: opennebula-server
opennebula-sunstone/init.sls:
include:
- opennebula-server
opennebula-sunstone:
pkg:
- installed
service:
- running
- require:
- service: opennebula-server
#OpenNebulaConfValentin Bud | @valentinbud
![Page 14: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/14.jpg)
State ExecutionBehind the scenes
salt minion
state.sls opennebula-server
response
root@salt ~ # salt ‘minion’ state.sls opennebula-server
1
parse
and
execute
2
3
0MQ
#OpenNebulaConfValentin Bud | @valentinbud
![Page 15: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/15.jpg)
SaltStack The Highstate
root@salt ~ # salt ‘*’ state.highstate
states/top.sls
base:
‘frontend’:
- opennebula-server
- opennebula-frontend
#OpenNebulaConfValentin Bud | @valentinbud
![Page 16: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/16.jpg)
SaltStack The Render System
• State data is just that - data
• It does not need to be represented in YAML
• State files can be rendered from any medium
• Modular system
#OpenNebulaConfValentin Bud | @valentinbud
![Page 17: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/17.jpg)
SaltStackBe a Ninja with Jinja2
libvirt/init.sls:
libvirt:
pkg:
- installed
{% if grains[‘os’] == ‘Debian’ %}
- name: libvirt-bin
{% elif grains[‘os’] == ‘CentOS’ %}
- name: libvirt
{% endif %}
#OpenNebulaConfValentin Bud | @valentinbud
![Page 18: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/18.jpg)
State ExecutionBehind the scenes with Jinja2
salt minion
state.sls libvirt
response
root@salt ~ # salt ‘minion’ state.sls opennebula-server
1
parse
execute
2
4
render
3
0MQ
#OpenNebulaConfValentin Bud | @valentinbud
![Page 19: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/19.jpg)
SaltStackThe Pillar Interface
• Generate/store data for specific minions
• Highly sensitive data
• Minion configuration
• Variables
• Arbitrary data
#OpenNebulaConfValentin Bud | @valentinbud
![Page 20: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/20.jpg)
OpenNebula oneadmin PasswordStored in Pillar
pillar/opennebula.sls:
opennebula:
oneadmin:
password: SecurePassword
state/oneadmin.sls:
oneadmin_password:
cmd:
- run
- name: oneuser passwd 0 {{ pillar[‘opennebula’][‘oneadmin’][‘password’] }}
#OpenNebulaConfValentin Bud | @valentinbud
![Page 21: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/21.jpg)
OpenNebula Node CommunicationTOP SECRET
frontend node
START VM
VM STARTED
NEEDS:
SSH password-less communication Distribute Public Key to Nodes
#OpenNebulaConfValentin Bud | @valentinbud
![Page 22: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/22.jpg)
SaltStackThe Mine
node
mine
mine.send
oneadmin_public_key.put
1
mine.get2
/var/lib/one/.ssh/authorized_keys
3
frontend:
oneadmin_public_key: ssh-rsa ...
#OpenNebulaConfValentin Bud | @valentinbud
![Page 23: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/23.jpg)
SaltStackThe Mine in States
state/oneadmin_ssh_auth.sls:
oneadmin_ssh_auth:
ssh_auth:
- present
- user: oneadmin
- name: {{ salt['mine.get']('frontend', 'oneadmin_public_key.get') }}
#OpenNebulaConfValentin Bud | @valentinbud
![Page 24: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/24.jpg)
SaltStackPeer Communication
• Allow minion to “talk” to each other
• Chatting done via Master
• Must be enabled on the Master
• Live data from other minions!
#OpenNebulaConfValentin Bud | @valentinbud
![Page 25: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/25.jpg)
OpenNebula Node UpCreate it on the Frontend
salt node
state.sls opennebula-node-kvm
communicate frontend to
create node
1
configure
node2
4
3
frontend
create
node
#OpenNebulaConfValentin Bud | @valentinbud
![Page 26: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/26.jpg)
Bootstrap OpenNebula Demo Cloud
The SaltStack Overstate
overstate
all
network
nfs-server
storage
frontend
frontend
nodes
nodes
1
2
3
4
5
6
7
8
#OpenNebulaConfValentin Bud | @valentinbud
![Page 27: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/27.jpg)
Conclusions
• Two simple tools together = POWER
• Salt is fast
• Both are easy to use
• Salt can morph and grow together with your needs
2
#OpenNebulaConfValentin Bud | @valentinbud
![Page 28: OpenNebula and SaltStack - OpenNebulaConf 2013](https://reader033.fdocuments.in/reader033/viewer/2022052522/554f8ec6b4c905435d8b4f7a/html5/thumbnails/28.jpg)
databus.pro
@