Vagrant, Ansible, and OpenStack on your laptop

27
Vagrant, Ansible and OpenStack on your laptop Lorin Hochstein Nimbis Services ail: [email protected] itter: lhochstein

description

Intro to Ansible for automating OpenStack deployments and Vagrant for testing them

Transcript of Vagrant, Ansible, and OpenStack on your laptop

Page 1: Vagrant, Ansible, and OpenStack on your laptop

Vagrant, Ansible and OpenStack on your laptop

Lorin HochsteinNimbis Services

Email: [email protected]: lhochstein

Page 2: Vagrant, Ansible, and OpenStack on your laptop

Setting up OpenStack for production is complex and error-prone

2012-08-04 12:31:56 INFO nova.rpc.common [-] Reconnecting to AMQP server on localhost:56722012-08-04 12:31:56 ERROR nova.rpc.common [-] AMQP server on localhost:5672 is unreachable: [Errno 111] ECONNREFUSED. Trying again in 30 seconds.2012-08-04 12:31:56 TRACE nova.rpc.common Traceback (most recent call last):2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/nova/rpc/impl_kombu.py", line 446, in reconnect2012-08-04 12:31:56 TRACE nova.rpc.common self._connect()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/nova/rpc/impl_kombu.py", line 423, in _connect2012-08-04 12:31:56 TRACE nova.rpc.common self.connection.connect()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 154, in connect2012-08-04 12:31:56 TRACE nova.rpc.common return self.connection2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 560, in connection2012-08-04 12:31:56 TRACE nova.rpc.common self._connection = self._establish_connection()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 521, in _establish_connection2012-08-04 12:31:56 TRACE nova.rpc.common conn = self.transport.establish_connection()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/transport/pyamqplib.py", line 255, in establish_connection2012-08-04 12:31:56 TRACE nova.rpc.common connect_timeout=conninfo.connect_timeout)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/transport/pyamqplib.py", line 52, in __init__2012-08-04 12:31:56 TRACE nova.rpc.common super(Connection, self).__init__(*args, **kwargs)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/amqplib/client_0_8/connection.py", line 129, in __init__2012-08-04 12:31:56 TRACE nova.rpc.common self.transport = create_transport(host, connect_timeout, ssl)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/amqplib/client_0_8/transport.py", line 281, in create_transport2012-08-04 12:31:56 TRACE nova.rpc.common return TCPTransport(host, connect_timeout)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/amqplib/client_0_8/transport.py", line 85, in __init__2012-08-04 12:31:56 TRACE nova.rpc.common raise socket.error, msg2012-08-04 12:31:56 TRACE nova.rpc.common error: [Errno 111] ECONNREFUSED

Page 3: Vagrant, Ansible, and OpenStack on your laptop

You're looking for better ways to do deployment

Page 4: Vagrant, Ansible, and OpenStack on your laptop

Shell scripts are painful, Puppet & Chef have steep learning curves

if [[ $EUID -eq 0 ]]; then ROOTSLEEP=${ROOTSLEEP:-10} echo "You are running this script as root." echo "In $ROOTSLEEP seconds, we will create a user 'stack' and run as that user" sleep $ROOTSLEEP

# since this script runs as a normal user, we need to give that user # ability to run sudo if [[ "$os_PACKAGE" = "deb" ]]; then dpkg -l sudo || apt_get update && install_package sudo else rpm -qa | grep sudo || install_package sudo fi if ! getent passwd stack >/dev/null; then echo "Creating a user called stack" useradd -U -s /bin/bash -d $DEST -m stack fi

Source: devstack/stack.sh

Page 5: Vagrant, Ansible, and OpenStack on your laptop

You want an easy way to write & debug deployment scripts

Page 6: Vagrant, Ansible, and OpenStack on your laptop

Use Ansible to write OpenStack deployment scripts, Vagrant to test them inside of VMs

Page 7: Vagrant, Ansible, and OpenStack on your laptop

Ansible big idea: very simple syntax, SSH for communication

Page 8: Vagrant, Ansible, and OpenStack on your laptop

Example Ansible play: install ntp---- hosts: controller tasks: - name: ensure ntp packages is installed action: apt pkg=ntp

- name: ensure ntp.conf file is present action: copy src=files/ntp.conf dest=/etc/ntp.conf owner=root group=root mode=0644

- name: ensure ntp service is restarted action: service name=ntp state=restarted

Page 9: Vagrant, Ansible, and OpenStack on your laptop

Specify hosts in an inventory file[controller]192.168.206.130

[compute]192.168.206.131192.168.206.132192.168.206.133192.168.206.134

Page 10: Vagrant, Ansible, and OpenStack on your laptop

Run the playbook$ ansible-playbook ntp.yamlPLAY [controller] *********************

GATHERING FACTS ********************* ok: [192.168.206.130]

TASK: [ensure ntp packages is installed] ********************* ok: [192.168.206.130]

TASK: [ensure ntp.conf file is present] ********************* ok: [192.168.206.130]

TASK: [ensure ntp service is restarted] ********************* ok: [192.168.206.130]

PLAY RECAP ********************* 192.168.206.130 : ok=4 changed=3 unreachable=0 failed=0

Page 11: Vagrant, Ansible, and OpenStack on your laptop

What did Ansible just do?

1. Made SSH connections to remote host2. Copied over Python modules and arguments

parsed from playbook file3. Executed modules on remote machine

Page 12: Vagrant, Ansible, and OpenStack on your laptop

Can run a single action usingansible command

$ ansible controller –m apt –a "pkg=ntp"

192.168.206.130 | success >> { "changed": false, "item": "", "module": "apt"}

Page 13: Vagrant, Ansible, and OpenStack on your laptop

Ansible scripts are idempotent: can run multiple times safely

$ ansible-playbook ntp.yamlPLAY [controller] *********************

GATHERING FACTS ********************* ok: [192.168.206.130]

TASK: [ensure ntp packages is installed] ********************* ok: [192.168.206.130]

TASK: [ensure ntp.conf file is present] ********************* ok: [192.168.206.130]

TASK: [ensure ntp service is restarted] ********************* ok: [192.168.206.130]

PLAY RECAP ********************* 192.168.206.130 : ok=4 changed=1 unreachable=0 failed=0

Page 14: Vagrant, Ansible, and OpenStack on your laptop

Use handlers if action should only occur on a state change

---- hosts: controller tasks: - name: ensure glance database is present action: mysql_db name=glance notify: - version glance database

handlers: - name: version glance database action: command glance-manage version_control 0

Page 15: Vagrant, Ansible, and OpenStack on your laptop

Use templates to substitute variables in config file

keystone.conf:[DEFAULT]public_port = 5000admin_port = 35357admin_token = {{ admin_token }}

keystone.yaml:hosts: controllervars: admin_token: 012345SECRET99TOKEN012345tasks: - name: ensure keystone config script is present action: template src=keystone.conf dest=/etc/keystone/ keystone.conf owner=root group=root mode=0644

Page 16: Vagrant, Ansible, and OpenStack on your laptop

Ansible supports multiple modules, can also do arbitrary shell commands

• apt & yum packages• Stop/start/restart services• users & groups• Add SSH public keys• MySQL & PostgreSQL users & databases• VMs managed by libvirt• Git checkouts

Page 17: Vagrant, Ansible, and OpenStack on your laptop

Vagrant big idea: redistributable VMs, run with config files & commands

Page 18: Vagrant, Ansible, and OpenStack on your laptop

Import a new virtual machine(Ubuntu 12.04 64-bit)

$ vagrant box add precise64 http://files.vagrantup.com/ precise64.box

Page 19: Vagrant, Ansible, and OpenStack on your laptop

Make a Vagrantfile

Vagrant::Config.run do |config|config.vm.box = "precise64"

end

Vagrant can also generate this for you: “vagrant init precise64”

Page 20: Vagrant, Ansible, and OpenStack on your laptop

Boot it and connect to it$ vagrant up[default] Importing base box 'precise64'...[default] Matching MAC address for NAT networking...[default] Clearing any previously set forwarded ports...[default] Fixed port collision for 22 => 2222. Now on port 2200.[default] Forwarding ports...[default] -- 22 => 2200 (adapter 1)[default] Creating shared folders metadata...[default] Clearing any previously set network interfaces...[default] Booting VM...[default] Waiting for VM to boot. This can take a few minutes.[default] VM booted and ready for use![default] Mounting shared folders...[default] -- v-root: /vagrant

$ vagrant sshWelcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic x86_64)

* Documentation: https://help.ubuntu.com/Welcome to your Vagrant-built virtual machine.Last login: Thu Jun 7 00:49:30 2012 from 10.0.2.2vagrant@precise64:~$

Page 21: Vagrant, Ansible, and OpenStack on your laptop

Boot multi-VMs: configure IPs, memory, hostname

Vagrant::Config.run do |config|

config.vm.box = "precise64” config.vm.define :controller do |controller_config| controller_config.vm.network :hostonly, "192.168.206.130" controller_config.vm.host_name = "controller" end

config.vm.define :compute1 do |compute1_config| compute1_config.vm.network :hostonly, "192.168.206.131" compute1_config.vm.host_name = "compute1" compute1_config.vm.customize ["modifyvm", :id,

"--memory", 1024] end

end

Page 22: Vagrant, Ansible, and OpenStack on your laptop

Openstack-ansible: Ansible scripts for OpenStack Compute

Links to OpenStackInstall & Deploy Guide

Page 23: Vagrant, Ansible, and OpenStack on your laptop

Config: controller, one compute host, QEMU, FlatDHCP

controller compute1

eth1 eth1

eth2 eth2eth0eth0

NAT NAT

192.168.206.*

.130 .131

192.168.100.*

.130 .131

Page 24: Vagrant, Ansible, and OpenStack on your laptop

Vagrantfile describes this setupVagrant::Config.run do |config|

config.vm.box = "precise64"

config.vm.define :controller do |controller_config| controller_config.vm.network :hostonly, "192.168.206.130” controller_config.vm.host_name = "controller" end

config.vm.define :compute1 do |compute1_config| compute1_config.vm.network :hostonly, "192.168.206.131” compute1_config.vm.host_name = "compute1" compute1_config.vm.customize ["modifyvm", :id, "--memory", 1024] compute1_config.vm.customize ["modifyvm", :id, "--nicpromisc3",

"allow-all"] endend

Page 25: Vagrant, Ansible, and OpenStack on your laptop

If all goes well…$ make all. . .-------------------------------------+--------------------------------------+| Property | Value |+-------------------------------------+--------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-SRV-ATTR:host | None || OS-EXT-SRV-ATTR:hypervisor_hostname | None || OS-EXT-SRV-ATTR:instance_name | instance-00000001 || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || accessIPv4 | || accessIPv6 | || adminPass | CJ8NNNa4dc6f || config_drive | || created | 2012-08-09T02:51:14Z || flavor | m1.tiny || hostId | || id | 8e9238b8-208d-46a8-8f66-c40660abacff || image | cirros-0.3.0-x86_64 || key_name | mykey || metadata | {} || name | cirros || progress | 0 || status | BUILD || tenant_id | 6f29ce771aba46f29f53e178e3b02e66 || updated | 2012-08-09T02:51:14Z || user_id | ad809727c0a748c9ad12834b6f24b3a1 |+-------------------------------------+--------------------------------------+

Page 26: Vagrant, Ansible, and OpenStack on your laptop

Links

• Vagrantfile & Ansible playbooks for OpenStack:http://github.com/lorin/openstack-ansible• Ansible: http://ansible.github.com• Vagrant: http://vagrantup.com • Ansible playbook examples:

https://github.com/ansible/ansible/tree/devel/examples/playbooks

• Vagrant boxes: http://vagrantbox.es