use case: cloudstack and ansible
TRANSCRIPT
![Page 1: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/1.jpg)
Use case: Cloudstack + Ansible
November, 21th 2017Sebastian BretschneiderCloud Infrastructure Architect
5/18
/201
7©
201
7 ite
llige
nce
clas
sific
atio
n: p
ublic
| v
ersi
on:
1.1
![Page 2: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/2.jpg)
https://twitter.com/se_bre
https://www.linkedin.com/in/sebastian-bretschneider-030a72124
https://github.com/se-bre
About Me
2
§ Sebastian Bretschneider
§ Since 2011 System Engineer at BIT.Group GmbH – member of intelligence group
§ Cloudstack
§ Ansible
§ Ceph
§ Linux
§ InfrastructureCloudStack Berlin & Dresden, Germanyhttps://www.meetup.com/german-CloudStack-user-groupAnsible Dresden, Germanyhttps://www.meetup.com/Ansible-Dresden
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 3: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/3.jpg)
Overview BIT.Group GmbH – member of itelligence group
3
§ 350+ employees in Dresden, Bautzen, Hanover and Shanghai
§ SAP Consulting, Development and Support
§ SAP partner and service provider for SAP SE
IT Consulting
DevelopmentCloud IT Infrastructure Management
SAP BASIS
SAP Solution ManagerApplication Lifecycle Management
International
BIT Service Desk
SAP Service & Support
ITIL SAP HANA
Workshops
IT Service Management
SAP partner
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 4: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/4.jpg)
§ Since June 2016 BIT.Group GmbH officially part of itelligence and NTT DATA Group
§ Know-how, flexibility and internationality as part of NTT DATA network
§ Together internationally leading full IT service provider with:
BIT.Group GmbH as part of itelligence / NTT DATA Group
4
3.500+ active SAP customers
Locations in 40+ countries
$1,5 billion in SAP revenue worldwide
Over 9.000 SAP experts worldwide
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 5: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/5.jpg)
Content
1. Challenge
2. Environment
3. Ansible
4. Examples
5. Parts
6. Big Picture
7. Results
5/18
/201
7©
201
7 ite
llige
nce
clas
sific
atio
n: p
ublic
5
![Page 6: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/6.jpg)
Challenge
§ User friendly interface with all sub-services
§ All operations changeable by admins
§ Make cloud–consistent configuration
§ Use open source
§ Scalability
§ Modular design
§ Simple
6
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 7: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/7.jpg)
Environment
7
§ Hypervisor
§ KVM
§ Automation
§ Ansible§ Storage
§ Ceph
§ NFS
§ Network
§ VLAN
§ Shared networks
§ Isolated networks
§ IT.Cloud
§ Portal
§ Ansible Daemon
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 8: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/8.jpg)
What is Ansible
8
Simple
§ Get productive quickly§ Human readable
automation§ No special coding skills
required§ Tasks executed in order
Powerful
§ Orchestrate the app lifecycle
§ App deployment§ Configuration
management§ Workflow orchestration
Agentless
§ Predictable, reliable and secure
§ Agentless architecture§ Use Open SSH & WinRM§ No agents to exploit or
update
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 9: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/9.jpg)
Ansible Modules
9
§ Cloudstack Modules§ cs_facts – Gather facts on instances
§ cs_firewall – Manages firewall rules
§ cs_ip_address – Manages public IP address associations
§ cs_volume – Manages volumes
§ …
§ cs_domain
§ cs_cluster
§ …
§ 42 Cloudstack modules overall (November 2017)
§ Development/Improvements by BIT.Group
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 10: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/10.jpg)
Get it working
10
§ Python module§ pip install cs
§ apt-get install python-cs
§ Credentials File§ .cloudstack.ini home directory
§ CLOUDSTACK_CONFIG environment variable pointing to .ini file
§ Cloudstack.ini working directory
§ cloudstack.ini[cloudstack] # global or region – passed by arg api_region
endpoint = https://cloudstack-management.server/client/api
key = api key
secret = api secret
Timeout = 60
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 11: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/11.jpg)
Workflow
11
cs_instance
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 12: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/12.jpg)
Workflow
12
build
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 13: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/13.jpg)
Workflow
13
configure
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 14: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/14.jpg)
Examples: CloudStack VM
14
§ Playbook§ hosts: localhost
roles:
- cs-vm
§ Role: tasks/main.yml§ block:
- include: tasks/create_vm.yml
- include: tasks/add_ansible_host.yml
- include: tasks/ssh_key_rollout.yml
when: vm_action == „create“
[ … ]
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 15: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/15.jpg)
Examples: CloudStack VM
15
§ create_vm.yml§ name: Creating Virtual Machine
local_action:
module: cs_instance
name: "{{ vm_name }}"template: "{{ os_template }}"hypervisor: "{{ cs_hypervisor }}"project: "{{ cs_project }}"zone: "{{ cs_zone }}"service_offering: "{{ cs_service_offering }}"networks: "{{ cs_networks }}"domain: "{{ cs_domain }}"tags:
- { key: CostCenter, value: "{{ vm_costcenter }}" }
state: started
register: cs_vm #get information about VM e.g. root password
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 16: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/16.jpg)
Examples: Port Forwarding
16
§ add_portforwarding.yml§ name: Forwarding Ports in CloudStack
local_action:module: cs_portforwarddomain: "{{ cs_domain }}"project: "{{ cs_project }}"ip_address: "{{ cs_public_ipv4 }}"vm: "{{ vm_name }}"public_port: "{{ public_port }}"public_end_port: "{{ public_end_port }}"private_port: "{{ private_port }}"private_end_port: "{{ private_end_port }}"protocol: "{{ proto }}"open_firewall: "{{ open_firewall }}"state: present
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 17: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/17.jpg)
Parts
17
§ Portal
§ Communication with Services § User/Customer Interface§ API
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 18: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/18.jpg)
Parts
18
§ Daemon
§ playbook handling – list, run, run command, read metadata
§ job handling – overview (running jobs), status, notify (Portal)
§ statistics – failed, queue, running, abort
§ job scheduling – reschedule failed, delay, cron
§ REST API via HTTPS
§ json response
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 19: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/19.jpg)
All together
19
Portal Cloudstack
Ansible + Daemon
VMs
write
read
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
![Page 20: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/20.jpg)
Use Case
20
§ Results§ UI with integrated Services
§ CloudStack
§ Automation
§ User / Role Management
§ Tickets, Monitoring, Backup, …
© 2
017
itelli
genc
ecl
assi
ficat
ion:
pub
lic5/
18/2
017
§ Write Operations with Ansible only§ Modular Design
§ OpenSource
§ API§ Scalable
![Page 21: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/21.jpg)
Contact Sebastian BretschneiderCloud Infrastucture ArchitectT +49 3591 [email protected]
BIT.Group GmbH – member of itelligence group
We make the most of SAP® solutions!
Questions?`
5/18
/201
7©
201
7 ite
llige
nce
clas
sific
atio
n: p
ublic
| a
utho
r: S
ebas
tian
Bret
schn
eide
r |
vers
ion:
1.1
![Page 22: Use case: CloudStack and Ansible](https://reader034.vdocument.in/reader034/viewer/2022051504/5a647db77f8b9a5d568b490b/html5/thumbnails/22.jpg)
11/2
9/17
© 2
017
itelli
genc
e
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of itelligence AG. The information contained herein may be changed without prior notice.
Some software products marketed by itelligence AG and its distributors contain proprietary software components of other software vendors. All product and service names mentioned and associated logos displayed are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary.
The information in this document is proprietary to itelligence. This document is a preliminary version and not subject to your license agreement or any other agreement with itelligence. This document contains only intended strategies, developments and product functionalities and is not intended to be binding upon itelligence to any particular course of business, product strategy, and/or development. itelligence assumes no responsibility for errors or omissions in this document. itelligence does not warrant the accuracy or completeness of the information, text, graphics, links, or other items contained within this material. This document is provided without a warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, or non-infringement.
itelligence shall have no liability for damages of any kind including without limitation direct, special, indirect, or consequential damages that may result from the use of these materials. This limitation shall not apply in cases of intent or gross negligence.
The statutory liability for personal injury and defective products is not affected. itelligence has no control over the information that you may access through the use of hot links contained in these materials and does not endorse your use of third-party Web pages nor provide any warranty whatsoever relating to third-party Web pages.
Copyright itelligence AG - All rights reserved