In a joint meetup with the Sydney Puppet User Group, Michael will demonstrate how to build an OpenStack distro from scratch using the community OpenStack Puppet modules. In an interactive session with the audience, we’re going to pick a Linux distro, use the roles + profiles pattern, use Hiera to populate data, and build up a complete OpenStack cluster inside VMs running the OpenStack Identity, Image, Compute and Networking services. Although there are vendor tools available that can assist with this process, such as Fuel, Cisco OpenStack Installer and Aptira's own Stacktira, understanding how the modules fit together will allow an operator to easily add their own customisations to the any of these systems.
Michael has been working in the cloud computing space, both in a research and enterprise context for several years, with OpenStack production experience stretching all the way back to the third release, 'Cactus'. He leads the Aptira software engineering team in developing deployment and operations tools for OpenStack. Michael is a maintainer of and a driving force behind the most widely used OpenStack deployment tool set, Puppet-OpenStack. He holds a Bachelor of Software Engineering with Honours from Australian National University and is regularly invited back to his alma mater to guest lecture.
2. OpenStack has two major organisations on
github:
openstack
stackforge
3. The openstack organisation contains all of
the code for the official projects - nova,
neutron, docs etc.
These are projects that have gone through
the official community graduation process
and are part of the integrated release.
4. The stackforge organisation on the other
hand has very low requirements in order to
have a repository added. This
accommodates things that are related to
Openstack an official repository around
which communities can form.
5. This is where the community puppet
modules are located.
https://github.com/stackforge/puppet-*
6. Today I’m going to make a 2 node
OpenStack cluster in vagrant using these
modules + other puppet modules.
I’m not starting from nothing, because
there’s a bit of boilerplate that’s tedious to
write but necessary.
7. 1. Vagrantfile
We have two nodes defined. Each is going
to run a bash script, and then run puppet.
Both nodes have 3 network interfaces
defined.
8. 192.168.242.0/24
deploy
10.2.4.0/24
public
10.4.4.0/24
internal
VM VM
keystone
glance
neutron
nova
qemu
libvirt
ovs
neutron
nova
mysql
rabbitmq
ovs
control compute
9. 2. Bash script
I use an idempotent bash script that
prepares nodes to run puppet. (Can be
safely run multiple times)
install and configure [proxy, repo, puppet,
fqdn]
10. Turn off the firewall.
Let’s not deal with that today.
OpenStack is going to add its own rules to
iptables so be careful of doing this in a non-destructive
way.
11. 3. Hiera
I use a very simple hiera.yaml for this
tutorial, but my prod one is a lot deeper.
Use facts to separate your data out.
hostname, role, environment etc.
12. We’re going to do something along the lines
of ‘nodeless puppet’, where we define our
roles as a list of classes in hiera.
Profiles are handy where you need more
logic for sub-choices, eg I ‘want neutron with
plugin X’, but we won’t need them.
13. 4. Site.pp
Our base site manifest is going to determine
its role based on hostname, and then load
the classes to include by looking up that key
from hiera.
14. Also has a resource to make sure the kernel
is always the latest.
I’ll talk about this later.
15. 5. Puppetfile
This is used along with librarian-puppet to
install modules from github.
16. Use Puppetfile to install:
puppet-* from stackforge
puppetlabs-mysql
puppetlabs-rabbitmq
puppetlabs-stdlib
puppet-openstack_extras from gh/aptira
puppet-vswitch from gh/aptira
17. I’m using the Aptira forks to get a couple of
patches that are under review, but not yet
merged.
20. Need to set up our repos:
openstack_extras::repo::redhat::redhat
This is currently under review upstream but
should be the default for juno. Use aptira
repo at: https://github.com/aptira/puppet-openstack_
extras