Operate with an openstack deployment by code

download Operate with an openstack deployment by code

of 22

  • date post

    09-Feb-2017
  • Category

    Technology

  • view

    131
  • download

    2

Embed Size (px)

Transcript of Operate with an openstack deployment by code

  • Operate with an Openstack deployment by code (using Openstack4J).

    28th October 2016, OpsCon Florence

    Alessandro Martellone @a_martellone

  • Hello!I am Alessandro Martellone Senior Software Engineer@Wurth Phoenix.Technical Advisor@Elastico.Trentino Cloud Computing Meetup Organizer.Italian Red Cross volunteer. Husband and father.I love soccer and the 4-3-3 module.

  • Summary

    What Openstack is and what it is not. Openstack architecture. The anatomy of an OpenStack component Openstacks APIs. Openstack SDKs. A view on Openstack4j. Conclusion a future prospects.

    OpsCon Conference - Florence, 28/10/2016

  • What is Openstack?

    It is an open source cloud operating system that provides a versatile platform for computing, storage and networking resources across bare metal, virtual machines and containers.

    OpsCon Conference - Florence, 28/10/2016

  • What is Openstack?

    A family of related open source (60+) projects which aim to provide comprehensive cloud services.

    6 core services:

    and optional services:

    and many more

    OpsCon Conference - Florence, 28/10/2016

  • What it is not

    An hypervisor (but it supports several of them). A VMWare replacement. A single distribution. A storage or network platform.

    OpsCon Conference - Florence, 28/10/2016

  • A powerful and configurable integration engine where its components are accessible by APIs.

    OpsCon Conference - Florence, 28/10/2016

  • Have a look to OpenStack by Horizon

    OpsCon Conference - Florence, 28/10/2016

  • OpenStack architecture

    This picture has been added just for scaring the audience :)

    OpsCon Conference - Florence, 28/10/2016

  • Typical component architecture

    Component

    API (extensions,plugins, backends)E.g. for authentication we can use a DB or LDAP; for networking OpenVSwitch or vendorss plugin

    DB

    Messages queue

    One or more agents (drivers)

    One or more internal modules

    Horizon, CLI, external tool Keystone

    HTTP

    AMQP

    SQL

    Third party

    E.g. computing (hypervisors), block storage (iSCSI, GlusterFS, vendors driver)

    OpsCon Conference - Florence, 28/10/2016

  • OpenStack API documentation

    Networking http://developer.openstack.org/api-ref/networking/v2/

    Compute http://developer.openstack.org/api-ref/compute/ Identity

    http://developer.openstack.org/api-ref/identity/v3/ Image http://developer.openstack.org/api-ref/image/v2/ Block storage

    http://developer.openstack.org/api-ref/block-storage/v3/

    .

    OpsCon Conference - Florence, 28/10/2016

    http://developer.openstack.org/api-ref/networking/v2/http://developer.openstack.org/api-ref/networking/v2/http://developer.openstack.org/api-ref/networking/v2/http://developer.openstack.org/api-ref/compute/http://developer.openstack.org/api-ref/compute/http://developer.openstack.org/api-ref/identity/v3/http://developer.openstack.org/api-ref/identity/v3/http://developer.openstack.org/api-ref/image/v2/http://developer.openstack.org/api-ref/image/v2/http://developer.openstack.org/api-ref/block-storage/v3/http://developer.openstack.org/api-ref/block-storage/v3/http://developer.openstack.org/api-ref/block-storage/v3/

  • OpenStack SDKs

    There are several SDKs available: Python

    Java C, C++ Go .NET PHP Android NodeJS ...

    OpsCon Conference - Florence, 28/10/2016

  • Openstack4J

    ApacheJClouds: a multi clouds sdk (http://jclouds.apache.org/) Openstack4J: a solution focused on Openstack.

    It supports main services Keystone, Nova, Neutron, Cinder, Glance, Swift

    Licensed under the Apache 2.0 License. We can manage it by Maven. Supported APIs:

    Identity (Keystone) V2, Identity (Keystone) V3, Compute (Nova), Network (Neutron), Images (Glance), Images (Glance) V2, Block Storage (Cinder), Object Storage (Swift), Telemetry (Ceilometer), Orchestration (Heat), Data Processing (Sahara), Database as a Service (Trove).

    OpsCon Conference - Florence, 28/10/2016

    http://jclouds.apache.org/

  • Interact with an Openstack platform by Openstack4J - Live demo

    What we need A running Openstack deployment

    Devstack: https://github.com/openstack-dev/devstack A public cloud: https://ops.elastx.net/

    Elastx is a Swedish cloud provider. They provide an Openstack IaaS and JElastic PaaS solutions.

    A Java IDE: Eclipse Download the latest Openstack4J library or add a dependency by

    Maven (preferred) http://www.openstack4j.com/learn/getting-started

    The example code for this demo is available at: https://github.com/amartellone/os4j-demo

    OpsCon Conference - Florence, 28/10/2016

    https://github.com/openstack-dev/devstackhttps://ops.elastx.net/http://www.openstack4j.com/learn/getting-startedhttp://www.openstack4j.com/learn/getting-startedhttps://github.com/amartellone/os4j-demohttps://github.com/amartellone/os4j-demo

  • Terminology

    Instance = virtual machine = VM Project = Tenant Launch instance = create a new VM Terminate instance = delete the VM (CAUTION: we

    cannot undo the action) Pause instance: the state of the VM is stored in RAM Authentication and token management

    In exchange for a set of authentication credentials, the Identity service generates tokens. A token represents the authenticated identity of a user and, optionally, grants authorization on a specific project or domain (scoped token).

    OpsCon Conference - Florence, 28/10/2016

  • What you should know prior to create a VM

    To each VM are related several elements a user key pair: each key pair has two parts, the public and

    the private key. The public key is maintained within our Keystone server

    and when you use the private key contained in your local .pem file to connect it creates an authorized session.

    Note: Using cloud-init we can inject options to the VM image. E.g. Ubuntu #cloud-configpassword: mypwdchpasswd: { expire: False }ssh_pwauth: True

    OpsCon Conference - Florence, 28/10/2016

  • Access & Security

    Access to your instances is controlled by security groups which are a collection of inbound (ingress) and outbound (egress) rules about which sources, protocols and ports a server can send/receive traffic from. No traffic can be received by a server unless a security group rule explicitly allows it.

    OpsCon Conference - Florence, 28/10/2016

  • Floating IPs

    Each instance has a private, fixed IP address and can also have a public, or floating IP address. Private IP addresses are used for communication between instances, and public addresses are used for communication with networks outside the cloud, including the Internet.

    The floating IP is implemented by DNAT the NAT router modifies the IP

    address of the destination in IP packet headers.

    OpsCon Conference - Florence, 28/10/2016

  • Demo Live The example code for this demo is available at: https://github.com/amartellone/os4j-demo

    OpsCon Conference - Florence, 28/10/2016

    https://github.com/amartellone/os4j-demohttps://github.com/amartellone/os4j-demo

  • Conclusions

    Interact with an Openstack cloud instance in an easy way. Being able to create a powerful programmable infrastructure. Could be useful to integrate in a CI/CD pipeline. Simplify the integration and monitoring of different systems. Develop a custom cloud manager tool.

    Open source + APIs + SDKs = Enjoy it!

    OpsCon Conference - Florence, 28/10/2016

  • this is a journey, not a destination. Go incrementally. Break your system apart piece by piece...change is inevitable. Embrace it.

    Sam Newman - Building microservices , OReilly

    OpsCon Conference - Florence, 28/10/2016

  • Thanks!Any questions?You can find me at @a_martellone & alessandro@elastico.co

    OpsCon Conference - Florence, 28/10/2016