Date post: | 15-Jan-2015 |
Category: |
Technology |
Upload: | lorin-hochstein |
View: | 6,667 times |
Download: | 1 times |
Vagrant, Ansible and OpenStack on your laptop
Lorin HochsteinNimbis Services
Email: [email protected]: lhochstein
Setting up OpenStack for production is complex and error-prone
2012-08-04 12:31:56 INFO nova.rpc.common [-] Reconnecting to AMQP server on localhost:56722012-08-04 12:31:56 ERROR nova.rpc.common [-] AMQP server on localhost:5672 is unreachable: [Errno 111] ECONNREFUSED. Trying again in 30 seconds.2012-08-04 12:31:56 TRACE nova.rpc.common Traceback (most recent call last):2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/nova/rpc/impl_kombu.py", line 446, in reconnect2012-08-04 12:31:56 TRACE nova.rpc.common self._connect()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/nova/rpc/impl_kombu.py", line 423, in _connect2012-08-04 12:31:56 TRACE nova.rpc.common self.connection.connect()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 154, in connect2012-08-04 12:31:56 TRACE nova.rpc.common return self.connection2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 560, in connection2012-08-04 12:31:56 TRACE nova.rpc.common self._connection = self._establish_connection()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/connection.py", line 521, in _establish_connection2012-08-04 12:31:56 TRACE nova.rpc.common conn = self.transport.establish_connection()2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/transport/pyamqplib.py", line 255, in establish_connection2012-08-04 12:31:56 TRACE nova.rpc.common connect_timeout=conninfo.connect_timeout)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/kombu/transport/pyamqplib.py", line 52, in __init__2012-08-04 12:31:56 TRACE nova.rpc.common super(Connection, self).__init__(*args, **kwargs)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/amqplib/client_0_8/connection.py", line 129, in __init__2012-08-04 12:31:56 TRACE nova.rpc.common self.transport = create_transport(host, connect_timeout, ssl)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/amqplib/client_0_8/transport.py", line 281, in create_transport2012-08-04 12:31:56 TRACE nova.rpc.common return TCPTransport(host, connect_timeout)2012-08-04 12:31:56 TRACE nova.rpc.common File "/usr/lib/python2.7/dist-packages/amqplib/client_0_8/transport.py", line 85, in __init__2012-08-04 12:31:56 TRACE nova.rpc.common raise socket.error, msg2012-08-04 12:31:56 TRACE nova.rpc.common error: [Errno 111] ECONNREFUSED
You're looking for better ways to do deployment
Shell scripts are painful, Puppet & Chef have steep learning curves
if [[ $EUID -eq 0 ]]; then ROOTSLEEP=${ROOTSLEEP:-10} echo "You are running this script as root." echo "In $ROOTSLEEP seconds, we will create a user 'stack' and run as that user" sleep $ROOTSLEEP
# since this script runs as a normal user, we need to give that user # ability to run sudo if [[ "$os_PACKAGE" = "deb" ]]; then dpkg -l sudo || apt_get update && install_package sudo else rpm -qa | grep sudo || install_package sudo fi if ! getent passwd stack >/dev/null; then echo "Creating a user called stack" useradd -U -s /bin/bash -d $DEST -m stack fi
Source: devstack/stack.sh
You want an easy way to write & debug deployment scripts
Use Ansible to write OpenStack deployment scripts, Vagrant to test them inside of VMs
Ansible big idea: very simple syntax, SSH for communication
Example Ansible play: install ntp---- hosts: controller tasks: - name: ensure ntp packages is installed action: apt pkg=ntp
- name: ensure ntp.conf file is present action: copy src=files/ntp.conf dest=/etc/ntp.conf owner=root group=root mode=0644
- name: ensure ntp service is restarted action: service name=ntp state=restarted
Specify hosts in an inventory file[controller]192.168.206.130
[compute]192.168.206.131192.168.206.132192.168.206.133192.168.206.134
Run the playbook$ ansible-playbook ntp.yamlPLAY [controller] *********************
GATHERING FACTS ********************* ok: [192.168.206.130]
TASK: [ensure ntp packages is installed] ********************* ok: [192.168.206.130]
TASK: [ensure ntp.conf file is present] ********************* ok: [192.168.206.130]
TASK: [ensure ntp service is restarted] ********************* ok: [192.168.206.130]
PLAY RECAP ********************* 192.168.206.130 : ok=4 changed=3 unreachable=0 failed=0
What did Ansible just do?
1. Made SSH connections to remote host2. Copied over Python modules and arguments
parsed from playbook file3. Executed modules on remote machine
Can run a single action usingansible command
$ ansible controller –m apt –a "pkg=ntp"
192.168.206.130 | success >> { "changed": false, "item": "", "module": "apt"}
Ansible scripts are idempotent: can run multiple times safely
$ ansible-playbook ntp.yamlPLAY [controller] *********************
GATHERING FACTS ********************* ok: [192.168.206.130]
TASK: [ensure ntp packages is installed] ********************* ok: [192.168.206.130]
TASK: [ensure ntp.conf file is present] ********************* ok: [192.168.206.130]
TASK: [ensure ntp service is restarted] ********************* ok: [192.168.206.130]
PLAY RECAP ********************* 192.168.206.130 : ok=4 changed=1 unreachable=0 failed=0
Use handlers if action should only occur on a state change
---- hosts: controller tasks: - name: ensure glance database is present action: mysql_db name=glance notify: - version glance database
handlers: - name: version glance database action: command glance-manage version_control 0
Use templates to substitute variables in config file
keystone.conf:[DEFAULT]public_port = 5000admin_port = 35357admin_token = {{ admin_token }}
keystone.yaml:hosts: controllervars: admin_token: 012345SECRET99TOKEN012345tasks: - name: ensure keystone config script is present action: template src=keystone.conf dest=/etc/keystone/ keystone.conf owner=root group=root mode=0644
Ansible supports multiple modules, can also do arbitrary shell commands
• apt & yum packages• Stop/start/restart services• users & groups• Add SSH public keys• MySQL & PostgreSQL users & databases• VMs managed by libvirt• Git checkouts
Vagrant big idea: redistributable VMs, run with config files & commands
Import a new virtual machine(Ubuntu 12.04 64-bit)
$ vagrant box add precise64 http://files.vagrantup.com/ precise64.box
Make a Vagrantfile
Vagrant::Config.run do |config|config.vm.box = "precise64"
end
Vagrant can also generate this for you: “vagrant init precise64”
Boot it and connect to it$ vagrant up[default] Importing base box 'precise64'...[default] Matching MAC address for NAT networking...[default] Clearing any previously set forwarded ports...[default] Fixed port collision for 22 => 2222. Now on port 2200.[default] Forwarding ports...[default] -- 22 => 2200 (adapter 1)[default] Creating shared folders metadata...[default] Clearing any previously set network interfaces...[default] Booting VM...[default] Waiting for VM to boot. This can take a few minutes.[default] VM booted and ready for use![default] Mounting shared folders...[default] -- v-root: /vagrant
$ vagrant sshWelcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic x86_64)
* Documentation: https://help.ubuntu.com/Welcome to your Vagrant-built virtual machine.Last login: Thu Jun 7 00:49:30 2012 from 10.0.2.2vagrant@precise64:~$
Boot multi-VMs: configure IPs, memory, hostname
Vagrant::Config.run do |config|
config.vm.box = "precise64” config.vm.define :controller do |controller_config| controller_config.vm.network :hostonly, "192.168.206.130" controller_config.vm.host_name = "controller" end
config.vm.define :compute1 do |compute1_config| compute1_config.vm.network :hostonly, "192.168.206.131" compute1_config.vm.host_name = "compute1" compute1_config.vm.customize ["modifyvm", :id,
"--memory", 1024] end
end
Openstack-ansible: Ansible scripts for OpenStack Compute
Links to OpenStackInstall & Deploy Guide
Config: controller, one compute host, QEMU, FlatDHCP
controller compute1
eth1 eth1
eth2 eth2eth0eth0
NAT NAT
192.168.206.*
.130 .131
192.168.100.*
.130 .131
Vagrantfile describes this setupVagrant::Config.run do |config|
config.vm.box = "precise64"
config.vm.define :controller do |controller_config| controller_config.vm.network :hostonly, "192.168.206.130” controller_config.vm.host_name = "controller" end
config.vm.define :compute1 do |compute1_config| compute1_config.vm.network :hostonly, "192.168.206.131” compute1_config.vm.host_name = "compute1" compute1_config.vm.customize ["modifyvm", :id, "--memory", 1024] compute1_config.vm.customize ["modifyvm", :id, "--nicpromisc3",
"allow-all"] endend
If all goes well…$ make all. . .-------------------------------------+--------------------------------------+| Property | Value |+-------------------------------------+--------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-SRV-ATTR:host | None || OS-EXT-SRV-ATTR:hypervisor_hostname | None || OS-EXT-SRV-ATTR:instance_name | instance-00000001 || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || accessIPv4 | || accessIPv6 | || adminPass | CJ8NNNa4dc6f || config_drive | || created | 2012-08-09T02:51:14Z || flavor | m1.tiny || hostId | || id | 8e9238b8-208d-46a8-8f66-c40660abacff || image | cirros-0.3.0-x86_64 || key_name | mykey || metadata | {} || name | cirros || progress | 0 || status | BUILD || tenant_id | 6f29ce771aba46f29f53e178e3b02e66 || updated | 2012-08-09T02:51:14Z || user_id | ad809727c0a748c9ad12834b6f24b3a1 |+-------------------------------------+--------------------------------------+
Links
• Vagrantfile & Ansible playbooks for OpenStack:http://github.com/lorin/openstack-ansible• Ansible: http://ansible.github.com• Vagrant: http://vagrantup.com • Ansible playbook examples:
https://github.com/ansible/ansible/tree/devel/examples/playbooks
• Vagrant boxes: http://vagrantbox.es
Image sources• http://vagrantup.com• http://ansible.github.com • http://openstack.org • http://en.wikipedia.org/wiki/File:Rack001.jpg • http://en.wikipedia.org/wiki/File:Easy_button.JPG • http://hezik.nl/enable-ssh-server-on-backtrack-5-r2/