Download - Salt conf 2014-installing-openstack-using-saltstack-v02

Yazz D. Atlas Advanced Technology Group P r inc ip le Eng ine e r, H ew let t Pac kard Januar y 2 9 , 2 014

INSTALLING OPENSTACK USING SALTSTACK

© Copyright 2014 Hewlett-Packard Development Company, L.P.

¡  I’ve been poking at Linux servers back in late 90’s ¡  Actively trying to replace myself with small scripts.

§  Bash §  Cfengine §  Puppet §  Capistrano §  Chef §  Salt

WHO IS THIS GUY?


¡  You might have tried DevStack to try OpenStack. ¡  You have setup a Salt Master before. ¡  You want to see how I solved some of my headaches

using Salt. ¡  You are want something answered. ¡  The other rooms were full and this one has an open

power outlet.

WHY ARE YOU HERE?


¡  /etc/keystone ¡  /etc/nova ¡  /etc/glance ¡  /etc/swift ¡  /etc/????

THINGS CHANGE.


¡  Look beyond your current infrastructure. ¡  Think about how others have deployed OpenStack. ¡ Make the decision early to keep secrets out of your repos.

NOW WHAT?


SALT-MASTER FILE_ROOTS

file_roots: base: - /srv/salt/state/formulae - /srv/salt/state/base dbaas_ae1_az1: - /srv/salt/state/dbaas_ae1_az1 dbaas_ae1_az2: - /srv/salt/state/dbaas_ae1_az2 dbaas_ae1_az3: - /srv/salt/state/dbaas_ae1_az3


SALT-MASTER PILLAR_ROOTS

pillar_roots: base: - /srv/salt/pillar/base dbaas_ae1_az1: - /srv/salt/pillar/dbaas_ae1_az1 dbaas_ae1_az2: - /srv/salt/pillar/dbaas_ae1_az2 dbaas_ae1_az3: - /srv/salt/pillar/dbaas_ae1_az3


PILLAR TOP.SLS base: '*': - users - groups - headers - openstack - secrets dbaas_ae1_az1: 'ps-ae1az1-db*': - endpoints-ae1az1-v1 - secrets-ae1az1-v1 dbaas_ae1_az2: 'ps-ae1az2-db*': - endpoints-ae1az2-v1 - secrets-ae1az2-v1

The top.sls is actually a symbolic link to the file top-ae1.sls

openstack.sls is a symbolic link to openstack-ae1.sls

These are links too but slightly different


/srv/salt/pil lar/dbaas_ae1_az1/endpoints-ae1az1-v1.sls -> . ./base/endpoints-ae1az1-v1.sls /srv/salt/pil lar/dbaas_ae1_az1/secrets-ae1az1-v1.sls -> . ./base/secrets-ae1az1-v1.sls /srv/salt/pil lar/dbaas_ae1_az2/endpoints-ae1az2-v1.sls -> . ./base/endpoints-ae1az2-v1.sls /srv/salt/pil lar/dbaas_ae1_az2/secrets-ae1az2-v1.sls -> . ./base/secrets-ae1az2-v1.sls

PILLAR ENVIRONMENTS

It is much easier to diff two or more files than it is to search one long file.


PILLAR ENVIRONMENTS


STATES TOP.SLS base: '*': - users - packages - grains dbaas_ae1_az1: 'ps-ae1az1-*': - datadog - dbaas_networking 'ps-ae1az1-dbcpu*': - openstack.memcached - openstack.haproxy - openstack.nova-compute 'ps-ae1az1-dbhead0002*': - openstack.memcached - openstack.haproxy - openstack.keystone - openstack.glance - openstack.nova-controller

Notice there is nothing here about

the MySQL DB

No RabbitMQ either


¡  If you only plan to run it only once you most likely don’t need it in your top.sls

¡  Installing RabbitMQ ¡  Installing MySQL DB ¡  Creating your OpenStack API Endpoints ¡  Creating your OpenStack users ¡  Modifying the MySQL DB ¡  Create a one-off state directory for one off .sls ¡  Use unique names for your .sls fi les ¡  <project>-<ticket number>.sls ¡  Prevent executions on the wrong host ¡  Use simple lock files and or grain values to prevent second runs

LEAVE IT OUT OF THE TOP.SLS


¡ What new features are out there ¡  Check in on IRC and ask questions ¡  Hangout and answer some questions ¡  Are you alone in your company working with Salt?

STILL LEARNING


STILL LEARNING


“Ancora imparo’ (I am still learning.) (At age 87 in 1562)”

- Michelangelo

¡  https://github.com/EntropyWorks/salt-openstack ¡  The “formula” branch eventually will replace the “master” ¡  [email protected] ¡ @EntropyWorks ¡  (I should have used the HP ppt templates...)

SHOW AND TELL
