![Page 1: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/1.jpg)
Puppet + OpenstackMichael Chapman
![Page 2: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/2.jpg)
OpenStack has two major organisations on github:
openstack
stackforge
![Page 3: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/3.jpg)
The openstack organisation contains all of the code for the official projects - nova,
neutron, docs etc.
These are projects that have gone through the official community graduation process
and are part of the integrated release.
![Page 4: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/4.jpg)
The stackforge organisation on the other hand has very low requirements in order to
have a repository added. This accommodates things that are related to Openstack an official repository around
which communities can form.
![Page 5: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/5.jpg)
This is where the community puppet modules are located.
https://github.com/stackforge/puppet-*
![Page 6: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/6.jpg)
Today I’m going to make a 2 node OpenStack cluster in vagrant using these
modules + other puppet modules.
I’m not starting from nothing, because there’s a bit of boilerplate that’s tedious to
write but necessary.
![Page 7: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/7.jpg)
1. Vagrantfile
We have two nodes defined. Each is going to run a bash script, and then run puppet.
Both nodes have 3 network interfaces defined.
![Page 8: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/8.jpg)
192.168.242.0/24 deploy
10.2.4.0/24 public
10.4.4.0/24 internal
control compute
VM VM
nova
keystoneglanceneutron
neutronnova
mysqlrabbitmq
ovslibvirtqemu
ovs
![Page 9: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/9.jpg)
2. Bash script
I use an idempotent bash script that prepares nodes to run puppet. (Can be
safely run multiple times)
install and configure [proxy, repo, puppet, fqdn]
![Page 10: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/10.jpg)
Turn off the firewall.
Let’s not deal with that today.
OpenStack is going to add its own rules to iptables so be careful of doing this in a non-
destructive way.
![Page 11: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/11.jpg)
3. Hiera
I use a very simple hiera.yaml for this tutorial, but my prod one is a lot deeper.
Use facts to separate your data out.hostname, role, environment etc.
![Page 12: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/12.jpg)
We’re going to do something along the lines of ‘nodeless puppet’, where we define our
roles as a list of classes in hiera.
Profiles are handy where you need more logic for sub-choices, eg I ‘want neutron with
plugin X’, but we won’t need them.
![Page 13: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/13.jpg)
4. Site.pp
Our base site manifest is going to determine its role based on hostname, and then load
the classes to include by looking up that key from hiera.
![Page 14: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/14.jpg)
Also has a resource to make sure the kernel is always the latest.
I’ll talk about this later.
![Page 15: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/15.jpg)
5. Puppetfile
This is used along with librarian-puppet to install modules from github.
![Page 16: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/16.jpg)
Use Puppetfile to install:
puppet-* from stackforgepuppetlabs-mysql
puppetlabs-rabbitmqpuppetlabs-stdlib
puppet-openstack_extras from gh/aptirapuppet-vswitch from gh/aptira
![Page 17: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/17.jpg)
I’m using the Aptira forks to get a couple of patches that are under review, but not yet
merged.
![Page 18: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/18.jpg)
What are our roles?
![Page 19: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/19.jpg)
Compute: runs hypervisor
Control: runs everything else.
![Page 20: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/20.jpg)
Need to set up our repos:
openstack_extras::repo::redhat::redhat
This is currently under review upstream but should be the default for juno. Use aptira
repo at: https://github.com/aptira/puppet-openstack_extras
![Page 21: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/21.jpg)
openstack_extras::repo::redhat::redhat::repo_hash: 'CentOS-Base': 'descr': 'CentOS-$releasever - Base' 'baseurl': "%{hiera('yum_base_mirror')}/$releasever/os/$basearch/" 'CentOS-Updates': 'descr': 'CentOS-$releasever - Updates' 'baseurl': "%{hiera('yum_base_mirror')}/$releasever/updates/$basearch/" 'CentOS-Extras': 'descr': 'CentOS-$releasever - Extras' 'baseurl': "%{hiera('yum_base_mirror')}/$releasever/extras/$basearch/" 'epel': 'descr': 'Extra Packages for Enterprise Linux 6 - $basearch' 'baseurl': "%{hiera('yum_epel_mirror')}/$releasever/$basearch/" 'gpgkey': 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6' 'failovermethod': 'priority'openstack_extras::repo::redhat::redhat::gpgkey_hash: '/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6': 'source': 'puppet:///modules/openstack_extras/RPM-GPG-KEY-EPEL-6'
![Page 22: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/22.jpg)
Interpolation
control_internal: 10.4.4.10
keystone::database_connection: “mysql://keystone:key_pass@%{hiera(‘control_internal’)}/keystone”
![Page 23: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/23.jpg)
Start with mysql
mysql::server
![Page 24: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/24.jpg)
Add keystone to control
keystonekeystone::roles::adminkeystone::db::mysql
![Page 25: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/25.jpg)
auth creds:
openstack::auth_file
![Page 26: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/26.jpg)
Add glance to control node
glance::apiglance::registryglance::backend::fileglance::db::mysqlglance::keystone::auth
![Page 27: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/27.jpg)
Rabbit for nova, neutron
There’s a wrapper provided in the nova module.
nova::rabbitmq
Horrible anti-pattern. Don’t do this in your own modules.
![Page 28: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/28.jpg)
Add nova to control node
novanova::apinova::schedulernova::network::neutronnova::conductornova::db::mysqlnova::keystone::auth
![Page 29: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/29.jpg)
neutronneutron::serverneutron::server::notificationsneutron::agents::metadataneutron::agents::dhcpneutron::agents::ml2::ovsneutron::plugins::ml2neutron::db::mysqlneutron::keystone::auth
Add neutron
![Page 30: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/30.jpg)
We should be able to interact with the cloud now, even though there aren’t any
hypervisors.
![Page 31: How to build your own OpenStack distro using Puppet OpenStack](https://reader035.vdocument.in/reader035/viewer/2022062313/5575c997d8b42a312a8b50ad/html5/thumbnails/31.jpg)
Compute node
novanova::computenova::compute::libvirtnova::compute::neutronnova::network::neutronneutronneutron::plugins::ml2neutron::agents::ml2::ovs