saltconf14 - yazz atlas, hp cloud - installing openstack using saltstack
DESCRIPTION
OpenStack is an open source implementation of cloud computing, potentially at very large scale. However, it has many moving parts and is complex to operate. SaltStack appears to provide scalable and secure orchestration for OpenStack. But like all powerful solutions to complex problems, a great deal of the useful know-how has to be discovered by actual practice and hard-won experience. This session will share the inside knowledge gained through practical experience.TRANSCRIPT
Yazz D. Atlas Advanced Technology Group P r inc ip le Eng ine e r, H ew let t Pac kard Januar y 2 9 , 2 014
INSTALLING OPENSTACK USING SALTSTACK
© Copyright 2014 Hewlett-Packard Development Company, L.P.
¡ I’ve been poking at Linux servers back in late 90’s ¡ Actively trying to replace myself with small scripts.
§ Bash § Cfengine § Puppet § Capistrano § Chef § Salt
WHO IS THIS GUY?
© Copyright 2014 Hewlett-Packard Development Company, L.P.
¡ You might have tried DevStack to try OpenStack. ¡ You have setup a Salt Master before. ¡ You want to see how I solved some of my headaches
using Salt. ¡ You are want something answered. ¡ The other rooms were full and this one has an open
power outlet.
WHY ARE YOU HERE?
© Copyright 2014 Hewlett-Packard Development Company, L.P.
¡ /etc/keystone ¡ /etc/nova ¡ /etc/glance ¡ /etc/swift ¡ /etc/????
THINGS CHANGE.
© Copyright 2014 Hewlett-Packard Development Company, L.P.
¡ Look beyond your current infrastructure. ¡ Think about how others have deployed OpenStack. ¡ Make the decision early to keep secrets out of your repos.
NOW WHAT?
© Copyright 2014 Hewlett-Packard Development Company, L.P.
SALT-MASTER FILE_ROOTS
file_roots: base: - /srv/salt/state/formulae - /srv/salt/state/base dbaas_ae1_az1: - /srv/salt/state/dbaas_ae1_az1 dbaas_ae1_az2: - /srv/salt/state/dbaas_ae1_az2 dbaas_ae1_az3: - /srv/salt/state/dbaas_ae1_az3
© Copyright 2014 Hewlett-Packard Development Company, L.P.
SALT-MASTER PILLAR_ROOTS
pillar_roots: base: - /srv/salt/pillar/base dbaas_ae1_az1: - /srv/salt/pillar/dbaas_ae1_az1 dbaas_ae1_az2: - /srv/salt/pillar/dbaas_ae1_az2 dbaas_ae1_az3: - /srv/salt/pillar/dbaas_ae1_az3
© Copyright 2014 Hewlett-Packard Development Company, L.P.
PILLAR TOP.SLS base: '*': - users - groups - headers - openstack - secrets dbaas_ae1_az1: 'ps-ae1az1-db*': - endpoints-ae1az1-v1 - secrets-ae1az1-v1 dbaas_ae1_az2: 'ps-ae1az2-db*': - endpoints-ae1az2-v1 - secrets-ae1az2-v1
The top.sls is actually a symbolic link to the file top-ae1.sls
openstack.sls is a symbolic link to openstack-ae1.sls
These are links too but slightly different
© Copyright 2014 Hewlett-Packard Development Company, L.P.
/srv/salt/pil lar/dbaas_ae1_az1/endpoints-ae1az1-v1.sls -> . ./base/endpoints-ae1az1-v1.sls /srv/salt/pil lar/dbaas_ae1_az1/secrets-ae1az1-v1.sls -> . ./base/secrets-ae1az1-v1.sls /srv/salt/pil lar/dbaas_ae1_az2/endpoints-ae1az2-v1.sls -> . ./base/endpoints-ae1az2-v1.sls /srv/salt/pil lar/dbaas_ae1_az2/secrets-ae1az2-v1.sls -> . ./base/secrets-ae1az2-v1.sls
PILLAR ENVIRONMENTS
It is much easier to diff two or more files than it is to search one long file.
© Copyright 2014 Hewlett-Packard Development Company, L.P.
PILLAR ENVIRONMENTS
© Copyright 2014 Hewlett-Packard Development Company, L.P.
STATES TOP.SLS base: '*': - users - packages - grains dbaas_ae1_az1: 'ps-ae1az1-*': - datadog - dbaas_networking 'ps-ae1az1-dbcpu*': - openstack.memcached - openstack.haproxy - openstack.nova-compute 'ps-ae1az1-dbhead0002*': - openstack.memcached - openstack.haproxy - openstack.keystone - openstack.glance - openstack.nova-controller
Notice there is nothing here about
the MySQL DB
No RabbitMQ either
© Copyright 2014 Hewlett-Packard Development Company, L.P.
¡ If you only plan to run it only once you most likely don’t need it in your top.sls
¡ Installing RabbitMQ ¡ Installing MySQL DB ¡ Creating your OpenStack API Endpoints ¡ Creating your OpenStack users ¡ Modifying the MySQL DB ¡ Create a one-off state directory for one off .sls ¡ Use unique names for your .sls fi les ¡ <project>-<ticket number>.sls ¡ Prevent executions on the wrong host ¡ Use simple lock files and or grain values to prevent second runs
LEAVE IT OUT OF THE TOP.SLS
© Copyright 2014 Hewlett-Packard Development Company, L.P.
¡ What new features are out there ¡ Check in on IRC and ask questions ¡ Hangout and answer some questions ¡ Are you alone in your company working with Salt?
STILL LEARNING
© Copyright 2014 Hewlett-Packard Development Company, L.P.
STILL LEARNING
© Copyright 2014 Hewlett-Packard Development Company, L.P.
“Ancora imparo’ (I am still learning.) (At age 87 in 1562)”
- Michelangelo
¡ https://github.com/EntropyWorks/salt-openstack ¡ The “formula” branch eventually will replace the “master” ¡ [email protected] ¡ @EntropyWorks ¡ (I should have used the HP ppt templates...)
SHOW AND TELL
© Copyright 2014 Hewlett-Packard Development Company, L.P.