840 likes | 1.49k Views
Deploying Openstack with Tripleo. Tom Howley, Dublin, May 2014. OpenStack ® Professional Services. We’re hiring… Linux System Engineers (Galway) – all levels Architects, System I ntegrators (Dublin) hp.com/jobs search for OpenStack Ireland
E N D
Deploying Openstack with Tripleo Tom Howley, Dublin, May 2014
OpenStack® Professional Services We’re hiring… Linux System Engineers (Galway) – all levels Architects, System Integrators (Dublin) hp.com/jobssearch for OpenStack Ireland Or contact our Recruiting lead: james.houlder@hp.com
Introductions • Tom Howley • Member of the Helion CloudOS Core Engineering team • Member of the HP Cloud Cinder/Bock Engineering team • Member of the IAAS Shared Services / High Availability team
I hope to cover • HP Helion Public Cloud Deployment • Motivation for Tripleo • Tripleo Overview • Diskimage Builder • os-collect/refresh/apply-configsuite • Heat and Heat templates • The Developer Experience • Current Challenges + Future Work (Openstack Atlanta Update)
We used Chef for HP Public Cloud See http://wiki.opscode.com/display/chef/Home Download + Apply Cookbook Recipes Git Repo Chef Server Node 1 Node 2 Cookbooks, Roles, Environments, Data bags, Node Settings Pull/Push Chef files Node 3 Node 4 Management Desktop: git + knife
Chef Recipe Role Node Resource Install RabbitMQ RMQ recipe Configure users, vhosts… host-0001 RabbitMQ HA Server Install pacemaker HA recipe Write corosync conf file
Some limitations of Chef • Single-node view • Ok, there are environments – just a global set of attributes • Tend to think in node roles • Lacks orchestration • Not easy to describe inter-node dependencies • Required for install and upgrades (ideally of the rolling variety) • Tendency towards snowflakes • No facility for roll-back • Does not do baremetal install • Common set of cookbooks/recipes upstream? • Stackforge Chef repo: AT&T, IBM, Rackspace + others • but other repos do exist
Who in their right mind would use Openstack to deploy Openstack? And where does this gratuitous recursion end?
Enter Tripleo From https://wiki.openstack.org/wiki/TripleO#TripleO_-_OpenStack_on_OpenStack • “TripleO is a program aimed at installing, upgrading and operating OpenStack clouds using OpenStack's own cloud facilities as the foundations - building on nova, neutron and heat to automate fleet management at datacentre scale (and scaling down to as few as 2 machines).”
Tripleo Breakdown of Deployment Lifecycle Provisioning Software Configuration State Orchestration Nova-BM/ Ironic diskimage -builder os-apply -config os-refresh -config Heat MaaS Juju Crowbar Crowbar ~~~ Chef ~~~ Razor ~~~ Puppet ~~~ Manual Install Stand-alone Chef, Puppet, etc
Tripleo Deployment • Heat stack defines the cluster • Heat drives the Nova API to deliver images to machines • Virtual machines in developer test • Bare metal Nova for CI/CD and production deployment
Diskimage Builder Golden Images Images created independent of deploy with Internet access Encapsulate a known good set of software Excludes configuration and persistent state • these are placed on a separate state partition • / is then mounted read-only Deploy never needs Internet access Equivalent of packages at cluster level • Golden image per node type Configuration occurs at install (for invariants) or deploy time (for local config)
Undercloud vs. Overcloud Nova cannot reliably run two different hypervisors in one cloud today So we run two+ clouds:→ the undercloud, a bare metal cloud that runs on, and owns, all the hardware → the overcloud, a regular VM based cloud running as a tenant on the bare metal cloud OpenStack (KVM) OpenStack (KVM) OpenStack (Bare metal)
We have cloud for users to create VMs bm = baremetal node
So lets see Tripleo in action And I don’t mean a demo!
Tripleo Deploy Flow - Image build Build the seed image
Tripleo Deploy Flow - Image build Build undercloud and overcloud images
Tripleo Deploy Flow - Seed Launch the Seed
Tripleo Deploy Flow - Undercloud Upload undercloud image to Glance on seed
Tripleo Deploy Flow - Undercloud Launch undercloud heat stack via heat engine on seed
Tripleo Deploy Flow - Undercloud Heat launches the undercloud node
Tripleo Deploy Flow - Undercloud Transfer undercloud image over iscsi connection
Tripleo Deploy Flow - Undercloud Reboot undercloud, os-collect reads configuration meta-data
Tripleo Deploy Flow - Undercloud Undercloudos-refresh/os-apply configures + launches services
Tripleo Deploy Flow - Overcloud Upload overcloud images to Glance on undercloud
Tripleo Deploy Flow - Overcloud Launch overcloud heat stack via heat engine on undercloud
Tripleo Deploy Flow - Overcloud Heat launches the overcloud nodes via Nova/Ironic API
Tripleo Deploy Flow - Overcloud Transfer overcloud images over iscsi connection
Tripleo Deploy Flow - Overcloud Reboot overcloud nodes, os-collect reads configuration meta-data
Tripleo Deploy Flow - Overcloud Overcloud os-refresh/os-apply configures + launches services
We now have a working cloud for users! User creates a VM in our cloud
We now have a working cloud for users! and another one….
Tripleo Components Quick review of DIB, os-collect/apply/refresh-config and Heat
Diskimage Builder • An image build proceeds through a set of hooks: pre-install.d, install.d, etc. • An image build is parameterised by including elements • Each element includes one or more hook files: install.d/20-rabbitmq-server • Which are simple executable files (typically bash, some python) • Elements can depend on other elements • Handle multiple OS's by either conditional code or abstracting out a common interface e.g. install-packages replaces yum/apt calls. • Most things get cached in ~/.cache/image-create
Diskimage Builder tripleo-image-elements • apache2 fedora-rdo-icehouse keepalived nova pypi-openstack • bm-dnsmasq fedora-rdo-icehouse-repository keystone nova-apiqpidd • boot-stack geardmariadb nova-baremetalrabbitmq-server • ceilometer glance mariadb-dev nova-compute remove-serial-console • ceilometer-agent-central haproxymemcached nova-ironic salt-master • ceilometer-agent-compute heat mysql nova-kvm salt-minion • ceilometer-agent-notification heat-apimysql-common novnc seed-stack-config • ceilometer-api heat-cfntoolsmysql-devntpsnmpd • ceilometer-collector heat-engine mysql-mariadb-compatopenstack-clients stackuser • check_mk-agent horizon mysql-migration openstack-db swift • cinder hosts nagios3 openstack-ssl swift-proxy • cinder-apiicinga-core network-utilsos-apply-config swift-storage • cinder-lioicinga-web neutron os-collect-configsysctl • cinder-tgt __init__.py neutron-dhcp-agent os-refresh-config tempest • cinder-volume iptables neutron-network-node os-svc-install tripleo-cd • common-venv ironic neutron-openvswitch-agent pip-and-virtualenvtripleo-heat-templates • debian-mirror ironic-api neutron-ovs-cleanup pip-manifest tripleo-staging • devstack ironic-conductor neutron-server postfix tuskar • diskimage-builder jenkinsnfs-server pypi-mirror use-ephemeral
Diskimage Builder Anatomy of an element
Diskimage Builder To create an image using dib tool • disk-image-create -a $(IMAGE_ARCH) -o $(IMAGE_NAME) $(IMAGE_ELEMENTS) • disk-image-create -a i386 -o $TRIPLEO_ROOT/overcloud-compute ubuntu nova-compute nova-kvm neutron-openvswitch-agent os-collect-configdhcp-all-interfaces
os-apply-config mustache = logic-less templates, snippet of cinder.conf sample: • [DEFAULT] • {{#cinder.verbose}} • verbose={{cinder.verbose}} • {{/cinder.verbose}} • {{#cinder.debug}} • # Print debugging output (set logging level to DEBUG instead • # of default WARNING level). (boolean value) • debug={{cinder.debug}} • {{/cinder.debug}} • auth_strategy= keystone • sql_connection={{cinder.db}} • ….
os-apply-config This input hash: • { • “cinder”: { • “verbose”: False, • “debug”: True, • “db”: “mysql://cinder:mypassword@10.0.0.5/cinder” • }
os-apply-config Produces this cinder.conf • [DEFAULT] • verbose=False • # Print debugging output (set logging level to DEBUG instead • # of default WARNING level). (boolean value) • debug=True • auth_strategy= keystone • sql_connection=mysql://cinder:mypassword@10.0.0.5/cinder • ….