SlideShare uma empresa Scribd logo

Deploying OpenStack with Ansible

Transferir como PPTX, PDF
Kevin Carter
Kevin Carter

Deploying OpenStack with ansible. Made possible by the OS-Ansible-Deployment project https://github.com/stackforge/os-ansible-deployment

Tecnologia
1 de 38
Created by: Kevin Carter & Curtis Collicutt OS-Ansible-Deployment Deploying OpenStack with Ansible presentation > osad <<EOP 1
www.rackspace.com 2 Who am I? Kevin Carter ● Developer at the Rackspace Private Cloud ● Open source activist ● Cloud operations junkie ● Python aficionado ● Recovering rubyist ● Beer lover ● Soccer fanatic
www.rackspace.com 3 Who am I? Curtis Collicutt ● Lead OpenStack Engineer @ AURO ● Information Security ● Storage systems ● How do computers even? ● Films
4www.rackspace.com @robertcathey Cloud infra is hard. OpenStack is cloud infra. OpenStack is hard. This is news, apparently. “ ”
www.rackspace.com 5 OSAD and what we’re about ● Deployer Experience ● Vanilla OpenStack ● Scalability ● Stability
www.rackspace.com 6 Why are we here? In late 2013, the Rackspace Private Cloud team set out to solve our common deployment, maintenance, scalability, and stability problems.
www.rackspace.com 7 Distribution packaging of OpenStack ● Out of date packages ● Out of band configuration ● Packages include proprietary patches ● Time to bug resolution is longer than it should ● Broken dependencies
www.rackspace.com 8 Available deployment tooling ● Maybe, sometimes, sorta, eventually “consistent”, kinda? ● Upgrades difficult or impossible ● Steep learning curve
www.rackspace.com 9 Legacy architecture does not scale ● Almost all deployment systems reference an architecture that suffers from the “controller 1 controller 2” model ● VIP failover for OpenStack supporting services bound to break and when it does it’ll break spectacularly!
www.rackspace.com 10 What we devised A source-based installation of OpenStack, built within LXC containers, using a multi-master architecture orchestrated and deployed via Ansible.
www.rackspace.com 11 Why Ansible? ● Community engagement ● Orchestration ● Almost no code ● Low barrier to entry ● Crazy powerful, stupid simple
www.rackspace.com 12 Why containers? ● LXC ≈ More bare metal ● Compatible with many networking architectures ● Supports an LVM backend ● Stable
www.rackspace.com 13 What is OSAD? OSAD == OpenStack Ansible Deployment ● Uses LXC containers to isolate components and services ● Deploys OpenStack from upstream sources ● Runs on Ubuntu 14.04 ● Built for production ● No proprietary secrete sauce ○ But you could bolt on as much as you want ● Created following the KISS principle
www.rackspace.com 14 ● All Ansible tasks and roles target multiple nodes, even if that number is a multiple of one (1) ○ EVERYTHING is tagged! ● Process separation on infrastructure components (controller nodes) ○ Microservice-like, where it makes sense OSAD architecture
www.rackspace.com 15 ● Galera multi-master cluster ● RabbitMQ with mirrored queues and deterministic sorting of the master queues ● “Cheese shop” index build for your environment stored within your environment OSAD infrastructure components
www.rackspace.com 16 ● OSAD does not know about the “all in one” deployment ○ LXC enables the base system to deploy a multi-node cloud even with only one physical node ○ An AIO in our gate job emulates a 32 node cloud ● Neutron with the Linux Bridge agent offer stability and supportability ○ Open vSwitch is feature-full but Linux Bridge “just works”™ OSAD scale
www.rackspace.com 17 Community project ● We support Juno and Icehouse but the code contains Rackspace-isms ● Kilo is our first “community” release of OSAD ● 41 contributors presently in the project ○ Not all Rackers
www.rackspace.com 18 Community project We take our role within the community seriously! # Lines of change between Juno and Kilo git diff --stat juno kilo 1158 files changed, 39061 insertions(+), 81368 deletions(-)
www.rackspace.com 19 ● Deployer experience: Ansible ● Vanilla OpenStack: Source-based installation ● Scalability: Built within LXC containers ● Stability: Obviously! OSAD and what we’re about
www.rackspace.com 20 OSAD configuration ● OSAD configuration is your window into inventory ○ lives in /etc/openstack_deploy ● Dynamic inventory generated via config ● Compatible with Ansible static inventory ● Execution made simple using the openstack-ansible wrapper.
www.rackspace.com 21 OSAD deployment # Change to the playbooks directory cd /opt/os-ansible-deployment/playbooks # Open your favorite terminal multiplexer tmux new -s osad-deployment # Do all the things! openstack-ansible setup-everything.yml Go get coffee|food|beer, this will take a minute.
www.rackspace.com 22 What an OpenStack deployment looks like with OSAD Diagram not built to scale. Derived from an All in One Installation.
www.rackspace.com 23 OSAD adding a compute node # Execute run limited to the nova_compute group openstack-ansible setup-everything.yml --limit nova_compute compute_hosts: compute1: ip: 172.29.236.201 compute2: ip: 172.29.236.202 compute3: ip: 172.29.236.203 compute4: ip: 172.29.236.204 compute5: ip: 172.29.236.205 EDIT: /etc/openstack_deploy/openstack_user_config.yml
www.rackspace.com 24 OSAD adding an infrastructure node # Execute the setup with a limit on the infra groups we’re adding openstack-ansible setup-everything.yml --limit os-infra_all, shared-infra_all, identity_all shared-infra_hosts: infra1: ip: 172.29.236.101 os-infra_hosts: infra1: ip: 172.29.236.101 identity_hosts: infra1: ip: 172.29.236.101 EDIT: /etc/openstack_deploy/openstack_user_config.yml
www.rackspace.com 25 OSAD reconfiguring all of neutron # Execute a run limited to neutron_all openstack-ansible setup-everything.yml --limit neutron_all global_overrides: provider_networks: - network: container_bridge: "br-vxlan" container_type: "veth" container_interface: "eth10" ip_from_q: "tunnel" type: "vxlan" range: "1:1000" net_name: "vxlan" group_binds: - neutron_linuxbridge_agent EDIT: /etc/openstack_deploy/conf.d/neutron_networks.yml
www.rackspace.com 26 ● AURO - Public OpenStack Cloud ● Compute, Volume, Swift, Heat, Neutron ● Canadian data residency, ownership ● Vancouver region, Toronto up next AURO - OpenStack
www.rackspace.com 27 ● Not using as much as we’d like ● Mostly the infrastructure components ○ Rabbit, Galera, Memcached, etc ● Absolutely invaluable as an example ● Will continue to bring in more OSAD components as we operate over time ● Team somewhat new to config mgmt AURO & OSAD - What we are using
www.rackspace.com 28 ● Great example of: o Using Ansible o Deploying OpenStack o Testing - All in one, use of OpenStack infra ● Already supports Kilo ● Packaging and deploying OpenStack (ie. not using OS packages - Python Wheels very cool) ● Segregation of services AURO & OSAD - What we like
www.rackspace.com 29 ● Public cloud ● Midonet ● Different HA Model ● Billing ● Support Model ○ Multiple tiers of internal support AURO - Differences from OSAD
www.rackspace.com 30 ● Not to restart services in same run as changes o Need to control restarts in HA manner, rolling ● Every task tagged ● Continuously run (from Ansible Tower and/or Jenkins) ● Installing once is easy, operating forever is hard ● Ansible to help manage many small changes faster ● People don’t ssh into servers, only Ansible AURO - Ansible Guiding Principles
www.rackspace.com 31 ● Easy to use mostly idempotent modules then run a command or shell task and make a mess of it ● changed_when: False is too easy to stumble with ● Multiple environments ● Being able to run one-time commands across all systems is as powerful as it is dangerous $ ansible -a reboot all AURO - Ansible Struggles
www.rackspace.com 32 ● Deploy OpenStack from source ● Segregation of services ● More monitoring ● Ansible callback plugins are useful ● Learn more from OpenStack testing infra ● Need a couple modules o Midonet o Swift AURO - Near term improvements
www.rackspace.com 33 ● Be “Pluggable?” (What does that even mean?) o Neutron network - eg. Midonet o HA model - eg. ECMP/BGP load balancing ● Balancing community roles and playbooks with custom requirements ● Learn how to consume OSAD properly AURO - OSAD Comments/Ideas/Questions
www.rackspace.com ● Secrets (eg. Hashicorp Vault, KeyWhiz) ● Continuous integration...err integration ● Caching (Ansible has Redis, other ideas?) ● What is the “future” of config mgmt? Must be more than just pkg/config/start/bootstrap ● Change request workflow 34 AURO - Configuration Management Future
www.rackspace.com 35 ● Increase community participation in OSAD ○ Community members wanted! ○ Pull requests welcome :) ● Build out the operational modules found within the upstream ● Modular Dynamic inventory ● etc . . . Where does Ansible and OpenStack go from here?
www.rackspace.com 36 Q & A Twitter: @cloudnull IRC: cloudnull Email: kevin.carter@rackspace.com Twitter: @ccollicutt IRC: serverascode Email: curtis.collicutt@auro.io
37www.rackspace.com OSAD makes OpenStack™ NOSAD“ ”
www.rackspace.com Thank You! EOP 38

Recomendados

Simple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleSimple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleJean-Philippe Evrard
 
OpenStack-Ansible Project Update
OpenStack-Ansible Project UpdateOpenStack-Ansible Project Update
OpenStack-Ansible Project UpdateJesse Pretorius
 
Openstack ansible
Openstack ansibleOpenstack ansible
Openstack ansibleGeorge Paraskevas
 
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...Cloud Native Day Tel Aviv
 
Mirantis v OpenStack Ansible Dawn of Production
Mirantis v OpenStack Ansible Dawn of ProductionMirantis v OpenStack Ansible Dawn of Production
Mirantis v OpenStack Ansible Dawn of ProductionTeK Charnsilp Chinprasert
 
OpenStack-Ansible Security
OpenStack-Ansible SecurityOpenStack-Ansible Security
OpenStack-Ansible SecurityMajor Hayden
 
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStackContainers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStackOpenStack
 
Openstack components as containerized microservices
Openstack components as containerized microservicesOpenstack components as containerized microservices
Openstack components as containerized microservicesMiguel Zuniga
 

Recomendados

Simple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleSimple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleJean-Philippe Evrard
 
OpenStack-Ansible Project Update
OpenStack-Ansible Project UpdateOpenStack-Ansible Project Update
OpenStack-Ansible Project UpdateJesse Pretorius
 
Openstack ansible
Openstack ansibleOpenstack ansible
Openstack ansibleGeorge Paraskevas
 
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...
Andy McCrae, Rackspace - Using Ansible to Deploy and Automate OpenStack, Open...Cloud Native Day Tel Aviv
 
Mirantis v OpenStack Ansible Dawn of Production
Mirantis v OpenStack Ansible Dawn of ProductionMirantis v OpenStack Ansible Dawn of Production
Mirantis v OpenStack Ansible Dawn of ProductionTeK Charnsilp Chinprasert
 
OpenStack-Ansible Security
OpenStack-Ansible SecurityOpenStack-Ansible Security
OpenStack-Ansible SecurityMajor Hayden
 
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStackContainers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack
Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStackOpenStack
 
Openstack components as containerized microservices
Openstack components as containerized microservicesOpenstack components as containerized microservices
Openstack components as containerized microservicesMiguel Zuniga
 
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...OpenStack
 
Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleMajor Hayden
 
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleJirayut Nimsaeng
 
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red HatOpenStack
 
Devstack On Demand
Devstack On DemandDevstack On Demand
Devstack On DemandBarak Merimovich
 
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaCisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaVikram G Hosakote
 
Openstack devops challenges
Openstack devops challenges Openstack devops challenges
Openstack devops challenges openstackindia
 
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...OpenStack
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesAnil Bidari ( CEO , Cloud Enabled)
 
Kolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfKolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfMichal Rostecki
 
Build a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerBuild a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerK Rain Leander
 
Deploying openstack using ansible
Deploying openstack using ansibleDeploying openstack using ansible
Deploying openstack using ansibleopenstackindia
 
Copr HD OpenStack Day India
Copr HD OpenStack Day IndiaCopr HD OpenStack Day India
Copr HD OpenStack Day Indiaopenstackindia
 
kolla
kollakolla
kollaAndrew Widddersheim
 
Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationopenstackindia
 
Automating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelAutomating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelTomasz Zen Napierala
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stackopenstackindia
 
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...Vietnam Open Infrastructure User Group
 
TripleO
TripleO TripleO
TripleOKiran Murari
 
OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017Stacy Véronneau
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkJérôme Petazzoni
 

Mais conteúdo relacionado

Mais procurados

How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...OpenStack
 
Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleMajor Hayden
 
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleJirayut Nimsaeng
 
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red HatOpenStack
 
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaCisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaVikram G Hosakote
 
Openstack devops challenges
Openstack devops challenges Openstack devops challenges
Openstack devops challenges openstackindia
 
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...OpenStack
 
Kolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfKolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfMichal Rostecki
 
Build a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerBuild a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerK Rain Leander
 
Deploying openstack using ansible
Deploying openstack using ansibleDeploying openstack using ansible
Deploying openstack using ansibleopenstackindia
 
Copr HD OpenStack Day India
Copr HD OpenStack Day IndiaCopr HD OpenStack Day India
Copr HD OpenStack Day Indiaopenstackindia
 
Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationopenstackindia
 
Automating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelAutomating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelTomasz Zen Napierala
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stackopenstackindia
 
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...Vietnam Open Infrastructure User Group
 

Mais procurados (20)

How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
How to deliver High Performance OpenStack Cloud: Christoph Dwertmann, Vault S...
 
Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-Ansible
 
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, RackspaceOpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack Ansible
 
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat
 
Devstack On Demand
Devstack On DemandDevstack On Demand
Devstack On Demand
 
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack KollaCisco UCS loves Kubernetes, Docker and OpenStack Kolla
Cisco UCS loves Kubernetes, Docker and OpenStack Kolla
 
Openstack devops challenges
Openstack devops challenges Openstack devops challenges
Openstack devops challenges
 
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
Simplifying OpenStack Networks with Routing on the Host: Gerard Chami + Scott...
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
 
Kolla - containerizing the cloud itself
Kolla - containerizing the cloud itselfKolla - containerizing the cloud itself
Kolla - containerizing the cloud itself
 
Build a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-managerBuild a Basic Cloud Using RDO-manager
Build a Basic Cloud Using RDO-manager
 
Deploying openstack using ansible
Deploying openstack using ansibleDeploying openstack using ansible
Deploying openstack using ansible
 
Copr HD OpenStack Day India
Copr HD OpenStack Day IndiaCopr HD OpenStack Day India
Copr HD OpenStack Day India
 
kolla
kollakolla
kolla
 
Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world application
 
Automating OpenStack Deployment with Fuel
Automating OpenStack Deployment with FuelAutomating OpenStack Deployment with Fuel
Automating OpenStack Deployment with Fuel
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stack
 
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
OpenStack QA Tooling & How to use it for Production Cloud Testing | Ghanshyam...
 
TripleO
TripleO TripleO
TripleO
 

Semelhante a Deploying OpenStack with Ansible

OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017Stacy Véronneau
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkJérôme Petazzoni
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Sean Dague
 
Thinking inside the box (shared)
Thinking inside the box (shared)Thinking inside the box (shared)
Thinking inside the box (shared)Joe Brockmeier
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xrkr10
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Dave Holland
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremTo Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremCloudOps2005
 
Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017Stacy Véronneau
 
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...Elos Technologies s.r.o.
 
OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017Stacy Véronneau
 
The elastic stack on docker
The elastic stack on dockerThe elastic stack on docker
The elastic stack on dockerSmartWave
 
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniWorkshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniTheFamily
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionJérôme Petazzoni
 
Scalable Spark deployment using Kubernetes
Scalable Spark deployment using KubernetesScalable Spark deployment using Kubernetes
Scalable Spark deployment using Kubernetesdatamantra
 
VASCAN - Docker and Security
VASCAN - Docker and SecurityVASCAN - Docker and Security
VASCAN - Docker and SecurityMichael Irwin
 
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes][BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]Wong Hoi Sing Edison
 
CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH Ceph Community
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyJérôme Petazzoni
 
OpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylightOpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylightSyed Moneeb
 

Semelhante a Deploying OpenStack with Ansible (20)

OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015
 
Thinking inside the box (shared)
Thinking inside the box (shared)Thinking inside the box (shared)
Thinking inside the box (shared)
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremTo Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
 
Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017Montreal OpenStack Q2 MeetUp - May 30th 2017
Montreal OpenStack Q2 MeetUp - May 30th 2017
 
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
Red Hat Cloud Infrastructure Conference 2013 - Presentation about OpenStack ...
 
OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017
 
The elastic stack on docker
The elastic stack on dockerThe elastic stack on docker
The elastic stack on docker
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniWorkshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
 
Scalable Spark deployment using Kubernetes
Scalable Spark deployment using KubernetesScalable Spark deployment using Kubernetes
Scalable Spark deployment using Kubernetes
 
VASCAN - Docker and Security
VASCAN - Docker and SecurityVASCAN - Docker and Security
VASCAN - Docker and Security
 
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes][BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
 
CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH CEPH DAY BERLIN - WHAT'S NEW IN CEPH
CEPH DAY BERLIN - WHAT'S NEW IN CEPH
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
 
OpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylightOpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylight
 

Último

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Último (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Deploying OpenStack with Ansible

  • 1. Created by: Kevin Carter & Curtis Collicutt OS-Ansible-Deployment Deploying OpenStack with Ansible presentation > osad <<EOP 1
  • 2. www.rackspace.com 2 Who am I? Kevin Carter ● Developer at the Rackspace Private Cloud ● Open source activist ● Cloud operations junkie ● Python aficionado ● Recovering rubyist ● Beer lover ● Soccer fanatic
  • 3. www.rackspace.com 3 Who am I? Curtis Collicutt ● Lead OpenStack Engineer @ AURO ● Information Security ● Storage systems ● How do computers even? ● Films
  • 4. 4www.rackspace.com @robertcathey Cloud infra is hard. OpenStack is cloud infra. OpenStack is hard. This is news, apparently. “ ”
  • 5. www.rackspace.com 5 OSAD and what we’re about ● Deployer Experience ● Vanilla OpenStack ● Scalability ● Stability
  • 6. www.rackspace.com 6 Why are we here? In late 2013, the Rackspace Private Cloud team set out to solve our common deployment, maintenance, scalability, and stability problems.
  • 7. www.rackspace.com 7 Distribution packaging of OpenStack ● Out of date packages ● Out of band configuration ● Packages include proprietary patches ● Time to bug resolution is longer than it should ● Broken dependencies
  • 8. www.rackspace.com 8 Available deployment tooling ● Maybe, sometimes, sorta, eventually “consistent”, kinda? ● Upgrades difficult or impossible ● Steep learning curve
  • 9. www.rackspace.com 9 Legacy architecture does not scale ● Almost all deployment systems reference an architecture that suffers from the “controller 1 controller 2” model ● VIP failover for OpenStack supporting services bound to break and when it does it’ll break spectacularly!
  • 10. www.rackspace.com 10 What we devised A source-based installation of OpenStack, built within LXC containers, using a multi-master architecture orchestrated and deployed via Ansible.
  • 11. www.rackspace.com 11 Why Ansible? ● Community engagement ● Orchestration ● Almost no code ● Low barrier to entry ● Crazy powerful, stupid simple
  • 12. www.rackspace.com 12 Why containers? ● LXC ≈ More bare metal ● Compatible with many networking architectures ● Supports an LVM backend ● Stable
  • 13. www.rackspace.com 13 What is OSAD? OSAD == OpenStack Ansible Deployment ● Uses LXC containers to isolate components and services ● Deploys OpenStack from upstream sources ● Runs on Ubuntu 14.04 ● Built for production ● No proprietary secrete sauce ○ But you could bolt on as much as you want ● Created following the KISS principle
  • 14. www.rackspace.com 14 ● All Ansible tasks and roles target multiple nodes, even if that number is a multiple of one (1) ○ EVERYTHING is tagged! ● Process separation on infrastructure components (controller nodes) ○ Microservice-like, where it makes sense OSAD architecture
  • 15. www.rackspace.com 15 ● Galera multi-master cluster ● RabbitMQ with mirrored queues and deterministic sorting of the master queues ● “Cheese shop” index build for your environment stored within your environment OSAD infrastructure components
  • 16. www.rackspace.com 16 ● OSAD does not know about the “all in one” deployment ○ LXC enables the base system to deploy a multi-node cloud even with only one physical node ○ An AIO in our gate job emulates a 32 node cloud ● Neutron with the Linux Bridge agent offer stability and supportability ○ Open vSwitch is feature-full but Linux Bridge “just works”™ OSAD scale
  • 17. www.rackspace.com 17 Community project ● We support Juno and Icehouse but the code contains Rackspace-isms ● Kilo is our first “community” release of OSAD ● 41 contributors presently in the project ○ Not all Rackers
  • 18. www.rackspace.com 18 Community project We take our role within the community seriously! # Lines of change between Juno and Kilo git diff --stat juno kilo 1158 files changed, 39061 insertions(+), 81368 deletions(-)
  • 19. www.rackspace.com 19 ● Deployer experience: Ansible ● Vanilla OpenStack: Source-based installation ● Scalability: Built within LXC containers ● Stability: Obviously! OSAD and what we’re about
  • 20. www.rackspace.com 20 OSAD configuration ● OSAD configuration is your window into inventory ○ lives in /etc/openstack_deploy ● Dynamic inventory generated via config ● Compatible with Ansible static inventory ● Execution made simple using the openstack-ansible wrapper.
  • 21. www.rackspace.com 21 OSAD deployment # Change to the playbooks directory cd /opt/os-ansible-deployment/playbooks # Open your favorite terminal multiplexer tmux new -s osad-deployment # Do all the things! openstack-ansible setup-everything.yml Go get coffee|food|beer, this will take a minute.
  • 22. www.rackspace.com 22 What an OpenStack deployment looks like with OSAD Diagram not built to scale. Derived from an All in One Installation.
  • 23. www.rackspace.com 23 OSAD adding a compute node # Execute run limited to the nova_compute group openstack-ansible setup-everything.yml --limit nova_compute compute_hosts: compute1: ip: 172.29.236.201 compute2: ip: 172.29.236.202 compute3: ip: 172.29.236.203 compute4: ip: 172.29.236.204 compute5: ip: 172.29.236.205 EDIT: /etc/openstack_deploy/openstack_user_config.yml
  • 24. www.rackspace.com 24 OSAD adding an infrastructure node # Execute the setup with a limit on the infra groups we’re adding openstack-ansible setup-everything.yml --limit os-infra_all, shared-infra_all, identity_all shared-infra_hosts: infra1: ip: 172.29.236.101 os-infra_hosts: infra1: ip: 172.29.236.101 identity_hosts: infra1: ip: 172.29.236.101 EDIT: /etc/openstack_deploy/openstack_user_config.yml
  • 25. www.rackspace.com 25 OSAD reconfiguring all of neutron # Execute a run limited to neutron_all openstack-ansible setup-everything.yml --limit neutron_all global_overrides: provider_networks: - network: container_bridge: "br-vxlan" container_type: "veth" container_interface: "eth10" ip_from_q: "tunnel" type: "vxlan" range: "1:1000" net_name: "vxlan" group_binds: - neutron_linuxbridge_agent EDIT: /etc/openstack_deploy/conf.d/neutron_networks.yml
  • 26. www.rackspace.com 26 ● AURO - Public OpenStack Cloud ● Compute, Volume, Swift, Heat, Neutron ● Canadian data residency, ownership ● Vancouver region, Toronto up next AURO - OpenStack
  • 27. www.rackspace.com 27 ● Not using as much as we’d like ● Mostly the infrastructure components ○ Rabbit, Galera, Memcached, etc ● Absolutely invaluable as an example ● Will continue to bring in more OSAD components as we operate over time ● Team somewhat new to config mgmt AURO & OSAD - What we are using
  • 28. www.rackspace.com 28 ● Great example of: o Using Ansible o Deploying OpenStack o Testing - All in one, use of OpenStack infra ● Already supports Kilo ● Packaging and deploying OpenStack (ie. not using OS packages - Python Wheels very cool) ● Segregation of services AURO & OSAD - What we like
  • 29. www.rackspace.com 29 ● Public cloud ● Midonet ● Different HA Model ● Billing ● Support Model ○ Multiple tiers of internal support AURO - Differences from OSAD
  • 30. www.rackspace.com 30 ● Not to restart services in same run as changes o Need to control restarts in HA manner, rolling ● Every task tagged ● Continuously run (from Ansible Tower and/or Jenkins) ● Installing once is easy, operating forever is hard ● Ansible to help manage many small changes faster ● People don’t ssh into servers, only Ansible AURO - Ansible Guiding Principles
  • 31. www.rackspace.com 31 ● Easy to use mostly idempotent modules then run a command or shell task and make a mess of it ● changed_when: False is too easy to stumble with ● Multiple environments ● Being able to run one-time commands across all systems is as powerful as it is dangerous $ ansible -a reboot all AURO - Ansible Struggles
  • 32. www.rackspace.com 32 ● Deploy OpenStack from source ● Segregation of services ● More monitoring ● Ansible callback plugins are useful ● Learn more from OpenStack testing infra ● Need a couple modules o Midonet o Swift AURO - Near term improvements
  • 33. www.rackspace.com 33 ● Be “Pluggable?” (What does that even mean?) o Neutron network - eg. Midonet o HA model - eg. ECMP/BGP load balancing ● Balancing community roles and playbooks with custom requirements ● Learn how to consume OSAD properly AURO - OSAD Comments/Ideas/Questions
  • 34. www.rackspace.com ● Secrets (eg. Hashicorp Vault, KeyWhiz) ● Continuous integration...err integration ● Caching (Ansible has Redis, other ideas?) ● What is the “future” of config mgmt? Must be more than just pkg/config/start/bootstrap ● Change request workflow 34 AURO - Configuration Management Future
  • 35. www.rackspace.com 35 ● Increase community participation in OSAD ○ Community members wanted! ○ Pull requests welcome :) ● Build out the operational modules found within the upstream ● Modular Dynamic inventory ● etc . . . Where does Ansible and OpenStack go from here?
  • 36. www.rackspace.com 36 Q & A Twitter: @cloudnull IRC: cloudnull Email: kevin.carter@rackspace.com Twitter: @ccollicutt IRC: serverascode Email: curtis.collicutt@auro.io

Notas do Editor

  1. OpenStack is hard. plain and simple. Now I’m here to talk about how Ansible makes Operating and Deploying OpenStack clouds easier it by no means makes it simple. I have no magic pixie dust that makes OpenStack simple. Deployers that claim to have a scalable production ready OpenStack cloud in > 10 minutes are on crack. People writing configuration management software for OpenStack know that OpenStack is hard but we’re all out there trying to make life easier for everyone in the community.
  2. Talk about why I’m here presenting about Ansible and OpenStack Where did we come from? - Rackspace Private Cloud has been here a while. I’d go as far as saying we were the first. Don’t call it a comeback we’ve been here for years. Packaging OpenStack sucks, say why.
  3. Talk about why I’m here presenting about Ansible and OpenStack Where did we come from? - Rackspace Private Cloud has been here a while. I’d go as far as saying we were the first. Don’t call it a comeback we’ve been here for years. Packaging OpenStack sucks, say why.
  4. RCBOPS chef was a good example of the “run thrice” philosophy. - Stackforge chef cookbooks is not much better Upgrading required a lot of retool for ever release, even if it's a point release. If you're using Puppet or Chef you’re learning a “DSL” which is more like a language than a task driven system. Additionally when coming from the greater OpenStack community telling people that they need to learn Ruby or some variant there of is a hard sell.
  5. The controller model makes it hard or impossible to scale past 2 controllers and in production under heavy workloads we’ve found that operators need the ability to scale beyond the two node limit. If you use the controller model and you have two of them, then you likely have a VIP that fails over between the two nodes this VIP failover is error prone and makes services like plain jane MySQL and RabbitMQ very unhappy. The controller model generally does not account for the issues that can be caused when using mirrored queues.
  6. Talk about why I’m here presenting about Ansible and OpenStack Where did we come from? - Rackspace Private Cloud has been here a while. I’d go as far as saying we were the first. Don’t call it a comeback we’ve been here for years. Packaging OpenStack sucks, say why.
  7. * Community, community, community… * The power of true orchestration and task driven deployments, not a system of run thrice until nice. * YAML is not code, YAML is easy to read, YAML is not code, YAML is easy to read. * Everything is SSH, no agent, no CVEs due to agents. * If the environment is large enough simply set Ansible forks accordingly and go… * We made the LXC module. ** Pull request from rackspace for use of lxc in ansible natively: https://github.com/ansible/ansible-modules-extras/pull/123
  8. * LXC is almost more bare metal. With LXC we can simulate additional host machines and treat the containers like just the same as we would another physical node. * LXC is compatible with a lot of networks: veth, vlan, macvlan, and even physical device management. * LXC can be built in an LVM using a real filesystem that can handle a production workload. * LXC is rock solid. Container don’t crash under our workload, we’ve had containers up with impressive uptime, though we still treat them like disposable resources.
  9. * OSAD is in stackforge and is gated using the OpenStack development process and model. * Everything is tested with tempest. * Containers for process and service separation. * OpenStack services are installed from upstream sources. * No proprietary software that you have to buy into. ^ and we have scale using OpenStack as it was intended from the upstream developers. Our OpenStack deployment includes: galera, rabbitmq, repository servers, rsyslog, memcached, keystone, glance, nova, neutron, heat, cinder, tempest, swift, horizon
  10. * Ansible tagging allows me to run one logical set of tasks in a given role. - Within the roles everything is a namespaced, even the tags. - there are presently 319 tags in master. * Process and service separation in containers means everything is a “node”.
  11. * In the spirit of all things open source, we use MariaDB + Galera. * Your own personal PyPi index, local to your deployment is always available to you, but it’s also mirrored at: - http://rpc-repo.rackspace.com/ - https://mirror.rackspace.com/rackspaceprivatecloud/
  12. * All in One simulates a larger environment than most production clouds. * We used OVS, it worked, until it didn’t. - For production we use LinuxBridge and in the future we’ll visit other plugins.
  13. * We have an internally elected PTL at this point, though we’ll have a formal election soon. * Everything is gated through gerrit. The community commitment within the project forced us to refactor to make the system more supportable from the perspective of the greater community. That refactor forced us to “keystone-lite” the repo such that it removed all of the Rackspace-isms making the deployment system more generic. Contributor list # git log --format='%aN' | sort -u | wc -l
  14. The community commitment within the project forced us to refactor to make the system more supportable from the perspective of the greater community. That refactor forced us to “keystone-lite” the repo such that it removed all of the Rackspace-isms making the deployment system more generic. * We have an internally elected PTL (me) at this point, though we’ll have a formal election soon. * Everything is gated through gerrit. * When we committed to stackforge we excised cruft and deployment decisions that only benefited the Rackspace Private Cloud * We made the decision to follow Ansible best practices to the letter where we could. Total lines of content in juno which includes all the things within the repo. # find . -type f -exec grep -v -e '^#' -e '^$' {} \; | wc -l 77391 Total lines of content in master which includes all the things within the repo. # find . -type f -exec grep -v -e '^#' -e '^$' {} \; | wc -l 37045 Lines of YAML no comments no new lines in master # find . -type f -name '*.yml' -exec grep -v -e '^#' -e '^$' {} \; | wc -l 9881
  15. Vanilla OpenStack, in terms of the bits that power all of OpenStack is simpler to use, operate, and understand. Simple is amazing! * https://github.com/docker/docker/issues/7229 * https://www.mail-archive.com/aufs-users@lists.sourceforge.net/msg03847.html * http://www.linuxquestions.org/questions/linux-general-1/which-linux-distros-use-aufs-unionfs-630594/ Cloud components are cattle, spend 30 minutes troubleshooting a broken component and if its not simple to fix kill them when they misbehave.
  16. This is what a basic openstack_user_config.yml file looks like. * It’s easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  17. ascii diagram of stack.
  18. This is what a basic openstack_user_config.yml file looks like. * Its easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  19. This is what a basic openstack_user_config.yml file looks like. * Its easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  20. This is what a basic openstack_user_config.yml file looks like. * Its easy to get started * the config is simple to understand * can become as complex as you want it. The basic openstack_user_config.yml file is essentially your entry point into Ansible inventory.
  21. Thanks to Kevin and the OpenStack Ansible Deployment team, all the people who have contributed. As usual we are standing on the shoulders of giants, from OSAD to Ansible to OpenStack to Linux and more I’m not used to speaking in front of this many people, so forgive my mistakes AURO - one of the few OpenStack public clouds in Canada, we have a lot of work ahead of us with with such a great community we can get the job done Canadian data residency and ownership is important to many of our customers Fairly stock OpenStack other than using Midonet
  22. We started our second generation deployment while the OSAD team was working on moving from Juno to Kilo and removing “raxisms”, we had to get started and that has caused us not to use as much of OSAD as we would like We definitely have some thinking and learning to do in terms of creating a process and workflow to consume OSAD and to integrate our particular infrastructure choices When we upgrade from Juno to Kilo we will bring in much more of OSAD, if not all We have a lot of work to do in terms of getting our organization up to speed and into a more “devopsy” style of working Having full, working config files is a tremendous help to anyone deploying OpenStack
  23. We like the emphasis on testing, that is the only way we will be able to continuously improve our deployment, the only way we will be able to operate a cloud over a long period of time We need to get off of our dependency on the os packages, we will deploy from source using OSAD’s methodology We really want to be part of the Ansible, Openstack, and OSAD community, we are committed to giving back where we can, low on resources at the moment though Segregation of services is important to us
  24. Public cloud is in many ways quite different than private cloud We have multiple tiers of support and need to ensure they have the tools to do their job but also keep segregation of duties We have to bill people, will be implementing stacktach, currently our own internal system
  25. I think one of the most powerful things about ansible is the ability to use it to operate openstack over time, not just initial deployment
  26. These are things that I personally struggle with and are not necessarily issues with Ansible or OSAD; have to watch I don’t shoot myself in the foot so to speak Ansible’s power and flexibility are...very powerful, almost too powerful in some cases
  27. I wrote a quick callback plugin to send a notification to slack when a playbook causes changes or fails
  28. I think it’s good that we are a public cloud and want to use OSAD Mostly we just need to figure out how to use as much as OSAD as possible while still having a unique environment Though almost all OpenStack deployments are unique
  29. I do struggle with secrets and variables in Ansible If we need to do ITIL like things, how do we do that with config mgmt? Ansible as the “execution engine” for change mgmt, “continuous improvement” CONCLUSION: Basically we consume as much of OSAD as we can, add our custom requirements and account for differences, then wrap that all in monitoring, continuous integration and change management Again thanks to the community, we have a lot of work to do for AURO and a lot of learning to do and changes to implement Thanks to all the people writing modules too
  30. Talk about where Ansible and OpenStack go from here. modules commits upstream improving ansible issues we’ve faced