Chef for OpenStack - OpenStack Fall 2012 Summit

Chef for OpenStack

Matt Ray
matt@opscode.com
IRC/Twitter/GitHub: mattray
www.opscode.com/openstack

Deploying and Managing
OpenStack is not simple.

See Node

Application Server

See Nodes

Application Server

Application Database

See Nodes Grow

Application Server

Application Databases

See Nodes Grow

Application Servers


See Nodes Grow

Load Balancer

Application Servers


See Nodes Grow

Load Balancers

Application Servers


See Nodes Grow

Load Balancers

Application Servers

Application Database Cache


Tied together with Config

Load Balancers

Application Servers



Infrastructure is a Snowflake

Load Balancers

Application Servers


Floating IP?


Evolving Complexity

Load Balancers
ApplicationCache

Application Servers
NoSQL Database Cache

Database Slaves

Database

Complexity Grows Quickly
DC2

DC1

DC3

And it Continues to Evolve

Tell me about
Chef!

http://www.ﬂickr.com/photos/16339684@N00/2681435235/

Chef is Infrastructure as Code

• Programmatically
provision and configure
• Treat like any other code
base
• Reconstruct business from
code repository, data
backup, and bare metal
resources.

http://www.ﬂickr.com/photos/louisb/4555295187/

Nodes
• Chef-Client generates
configurations directly
on nodes from their
run list
• Reduce management
complexity through
abstraction
• Store the configuration
of your programs in
version control

http://www.flickr.com/photos/ssoosay/5126146763/

Collections of Resources

• Networking • Routes
• Users
• Files • Groups
• Directories • Tasks
• Symlinks • Packages
• Mounts • Software
• Services
• Configurations
• Other Stuff
http://www.ﬂickr.com/photos/stevekeys/3123167585/

Declarative Interface to Resources

• Define policy
• Say what, not how
• Pull not Push

http://www.ﬂickr.com/photos/bixentro/2591838509/

Recipes and Cookbooks

• Recipes are collections of
Resources
• Cookbooks contain
recipes, templates, files,
custom resources, etc
• Code re-use and
modularity
• Hundreds already on
Community.opscode.com

http://www.flickr.com/photos/shutterhacks/4474421855/

Ruby!
extra_packages = case node['platform']
when "ubuntu","debian"
%w{
ruby1.8
ruby1.8-dev
rdoc1.8
ri1.8
libopenssl-ruby
}
end
extra_packages.each do |pkg|
package pkg do
action :install
end
end

Search

• Search for nodes
with Roles
• Find configuration
data

• IP addresses
• Hostnames
• FQDNs

http://www.ﬂickr.com/photos/kathycsus/2686772625

Pass Results to Templates

pool_members = search("node","role:webserver”)

template "/etc/haproxy/haproxy.cfg" do
source "haproxy-app_lb.cfg.erb"
owner "root"
group "root"
mode 0644
variables :pool_members => pool_members.uniq
notifies :restart, "service[haproxy]"
end

Pass Results to Templates

# Set up application listeners here.
listen application 0.0.0.0:80
balance roundrobin
<% @pool_members.each do |member| -%>
server <%= member[:hostname] %> <%= member[:ipaddress] %>:> weight 1 maxconn 1 check
<% end -%>
<% if node["haproxy"]["enable_admin"] -%>
listen admin 0.0.0.0:22002
mode http
stats uri /
<% end -%>

So when this

Graphite Nagios

Jboss App

Memcache

Postgres Slaves

Postgres Master

Becomes this

Graphite Nagios

Jboss App

Memcache

Postgres Slaves

Postgres Master

Updates can be automatic

Graphite Nagios

Jboss App

Memcache

Postgres Slaves

Postgres Master

Count the resources
• Load balancer config
Graphite Nagios • Nagios host ping
• Nagios host ssh
Jboss App • Nagios host HTTP
• Nagios host app health
Memcache • Graphite CPU
• Graphite Memory
Postgres Slaves • Graphite Disk
• Graphite SNMP
• Memcache firewall
• 12+ resource changes for 1 node addition • Postgres firewall
Postgres authZ config

Build anything

• Simple internal applications
• Complex external applications
• Workstations
• Hadoop clusters
• IaaS infrastructure
• PaaS infrastructure
• SaaS applications
• Storage systems
• You name it
http://www.ﬂickr.com/photos/hyku/245010680/

And manage it simply
• Automatically
reconfigure
everything
• Linux, Windows,
Unixes, BSDs
• Load balancers
• Metrics collection
systems
• Monitoring systems
• Cloud migrations
become trivial
http://www.ﬂickr.com/photos/helico/404640681/

The Chef Community

• Apache License, Version 2.0
• 900+ Individual contributors
• 160+ Corporate contributors
• HP, Dell, Rackspace, VMware, Calxeda,
SUSE and many more
• 600+ cookbooks
• http://community.opscode.com

What's Out There?

Chef for OpenStack
Resources

Chef for OpenStack: Why

• Community for the automated deployment
and management of OpenStack
• Reduce fragmentation and encourage
collaboration
• Deploying OpenStack is not "secret sauce"
• Project not a product
• Apache 2 license

Chef for OpenStack: What

• Chef Repository for Deploying OpenStack
• Documentation for Chef for OpenStack
• Cookbooks
• Keystone
• Glance
• Nova
• Horizon
• Swift
• Knife OpenStack

Chef for OpenStack: Where

• opscode.com/openstack
• groups.google.com/group/opscode-chef-
openstack
• #openstack-chef on irc.freenode.net
• github.com/opscode/openstack-chef-repo
• github.com/mattray/openstack-chef-docs
• github.com/opscode-cookbooks/
• keystone, glance, nova, horizon, swift
• github.com/opscode/knife-openstack

Rackspace Private Cloud: Alamo

• Initial fork of current cookbooks
• github.com/rcbops/chef-cookbooks
• www.rackspace.com/cloud/private/

Chef for OpenStack: When

• Essex is working
• KVM
• Ubuntu 12.04
• Folsom has already started
• LXC
• Red Hat
• Grizzly and forward

Chef for OpenStack: How

github.com/mattray/openstack-chef-docs

Deploying OpenStack

• Chef ties it all together automatically
• Scaling changes how we deploy
• Interchangeable components
• Configurations shared, supported &
documented
• Licensing makes it available to everyone

knife openstack

$ knife openstack
Available openstack subcommands: (for details, knife SUB-
COMMAND --help)

** OPENSTACK COMMANDS **
knife openstack flavor list (options)
knife openstack image list (options)
knife openstack server create (options)
knife openstack server delete SERVER [SERVER] (options)
knife openstack server list (options)

knife openstack flavor list

$ knife openstack flavor list
ID Name Virtual CPUs RAM Disk
1 m1.tiny 1 512 MB 0 GB
2 m1.small 2 2048 MB 20 GB
3 m1.medium 2 4096 MB 40 GB
4 m1.large 2 8192 MB 80 GB
5 m1.xlarge 4 16384 MB 160 GB

knife openstack image list

$ knife openstack image list
ID Name
13 natty-server-cloudimg-amd64
12 natty-server-cloudimg-amd64-kernel
15 oneiric-server-cloudimg-amd64
14 oneiric-server-cloudimg-amd64-kernel

knife openstack server create

knife openstack server create --node-name ko1 --flavor 1 --image 13 -S trystack

Chef for OpenStack - OpenStack Fall 2012 Summit

$ ssh -i ~/.ssh/trystack.pem ubuntu@8.21.28.24
The authenticity of host '8.21.28.24 (8.21.28.24)' can't be established.
RSA key fingerprint is 0c:d8:3e:34:d1:de:c4:ee:5f:bc:b5:89:11:0d:73:e0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '8.21.28.24' (RSA) to the list of known hosts.
Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-13-virtual x86_64)

* Documentation: https://help.ubuntu.com/

System information as of Thu Feb 16 23:43:29 UTC 2012

System load: 0.08 Processes: 63
Usage of /: 40.8% of 1.35GB Users logged in: 0
Memory usage: 6% IP address for eth0: 8.21.28.24
Swap usage: 0%
---------------------------------------------------------------------
<snip>
Get cloud support with Ubuntu Advantage Cloud Guest
http://www.ubuntu.com/business/services/cloud

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@ko1:~$

Chef for Infrastructure Portability

• knife openstack
• knife hp
• knife rackspace
• knife ec2
• ... and many others

Chef for OpenStack Roadmap

• Documentation
• Hypervisors (LXC, Hyper-V)
• Databases (PostgreSQL)
• Operating Systems (RHEL, Debian, SUSE)
• HA Configurations
• Quantum (pluggable)
• Cinder (pluggable)
• Community Events (NYC Nov 13)

Chef for OpenStack Ecosystem

• Cookbooks reusable outside of OpenStack
• TestKitchen
• Librarian
• Spiceweasel
• pxe_dust
• knife-rackspace/hp/dreamhost
• Crowbar

Chef for OpenStack TL;DL

• Opscode.com/openstack
• Project, not a product
• Lots of contributors with real
deployments
• Essex works, Folsom started
• Features driven by demand
(show up for what you want)
• Documentation with examples

Thanks!

Matt Ray
matt@opscode.com
IRC/Twitter/GitHub: mattray
www.opscode.com/openstack

Chef for OpenStack - OpenStack Fall 2012 Summit

More Related Content

What's hot (20)

Viewers also liked (11)

Similar to Chef for OpenStack - OpenStack Fall 2012 Summit (20)

More from Matt Ray (20)

Recently uploaded (20)

Chef for OpenStack - OpenStack Fall 2012 Summit