The Whole Stack

Custom OpenStack with environments with Chef
and omnibus-openstack


ChefConf 2014

Craig Tracey / @craig_tracey

Who?

Chef for OpenStack

Some History

Rackspace Private Cloud

AT&T, Chef, Dell, HP, HubSpot, IBM, Korea Telecom, Rackspace, Suse, AT&T, and many, many more.

Stackforge May 2013
https://github.com/stackforge

Chef for OpenStack

10 Service Cookbooks (and growing)

3 Reference Cookbooks

Highly Composable

LWRP's

Continuous Integration Pipeline

Chef for OpenStack Support

Grizzly, Havana, and now Icehouse

OS's: Ubuntu 12.04, SLES 11, and RHEL6

Messaging: Rabbit and Qpid

Databases: MySQL, DB2, Postgres

"Hypervisors": KVM, LXC, QEMU, ESX, Hyper-V

Networking: Neutron and Nova Networking

Block Storage: LVM and NetApp

Too Many Moving Parts

Controlling Your Own Destiny

(or at least your product roadmap)

Omnibus-OpenStack

a configurable full-stack packaging framework for OpenStack

How does it work?

wraps the omnibus we all know and love (v3.0.0)

configurable by way of a YAML manifest

builds all known system-level dependencies

a virtualenv for every declared OpenStack project

Build Support

  • continuous integration
  • Vagrant w/inline shell
  • OpenStack Heat



https://github.com/craigtracey/omnibus-openstack-build

Sample Configuration

ctracey@laptop:~/src/omnibus-openstack-build$ cat openstack-config.yml
---
keystone:
  version: 'stable/havana'
  source:
    git: 'https://github.com/openstack/keystone.git'
glance:
  version: 'stable/havana'
  source:
    git: 'https://github.com/openstack/glance.git'
...

# These will all build the default 'master'
keystoneclient:
  source:
    git: 'https://github.com/openstack/python-keystoneclient.git'
glanceclient:
  source:
    git: 'https://github.com/openstack/python-glanceclient.git'

Usage

ctracey@laptop:$ bundle install
...
ctracey@laptop:$ bundle exec omnibus-openstack help build
Commands:
  omnibus-openstack build  m, --manifest=MANIFEST  # Build us some OpenStack
  omnibus-openstack build help [COMMAND]           # Describe subcommands or one specific subcommand

Options:
  n, [--name=NAME]                  # Package name
  i, [--install-path=INSTALL_PATH]  # Install path
  d, [--description=DESCRIPTION]    # Package description
  v, [--version=VERSION]            # Version for the resulting artifacts
  c, [--cachedir=CACHEDIR]          # Directory to cache build elements to.
                                    # Default: .cache

ctracey@laptop:$ bundle exec omnibus-openstack build -m openstack-config.yml
...

I Have A Package, Now What?

  • wrapper cookbook
  • no stackforge cookbook dependencies
  • upstart and update-alternatives



https://github.com/craigtracey/cookbook-openstack-omnibus

Simple

...
  config.vm.provision "chef_solo" do |chef|
    chef.add_recipe "recipe[apt::default]"
    chef.add_recipe "recipe[omnibus-openstack-reference::default]"
    chef.add_recipe "recipe[openstack-omnibus::default]"
    chef.add_recipe "recipe[openstack-identity::server]"
    chef.add_recipe "recipe[openstack-image::api]"

    chef.json = {
      "mysql" => {
        "bind_address" => "0.0.0.0",
        "server_debian_password" => "password",
        "server_root_password" => "password",
        "server_repl_password" => "password"
      },
      "openstack" => {
        "developer_mode" => true,
        "memcached_servers" => [],

        "omnibus" => {
          "enabled_services" => %w(identity image.glance-api)
        }
      },
      "omnibus-openstack-reference" => {
        "apt_repo_url" => "#{ENV['OMNIBUS_APT_REPO']}",
        "apt_key_server" => "#{ENV['OMNIBUS_APT_KEY_SERVER']}",
        "apt_key" => "#{ENV['OMNIBUS_APT_KEY']}"
      }
    }
  end
...

Simple

...
[2014-04-17T01:40:34+00:00] INFO: Chef Run complete in 975.393518569 seconds
[2014-04-17T01:40:34+00:00] INFO: Running report handlers
[2014-04-17T01:40:34+00:00] INFO: Report handlers complete
ctracey@ctracey-desktop:~/omnibus-cookbook-reference$ vagrant ssh
Welcome to Ubuntu 12.04.2 LTS (GNU/Linux 3.5.0-23-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

118 packages can be updated.
58 updates are security updates.

Last login: Thu Apr 17 03:16:45 2014 from 10.0.2.2
vagrant@ubuntu-12:~$ status keystone
keystone start/running, process 19736
vagrant@ubuntu-12:~$ status glance-api
glance-api start/running, process 19654
vagrant@ubuntu-12:~$

https://github.com/craigtracey/cookbook-openstack-omnibus-reference

What still needs to be done?

Extended platform support

Better documentation

TESTING!!! TESTING!!! TESTING!!!

Benefits

service isolation

custom versioning

insulation from upstream

CD enablement

cross-platform (read: no lock-in)

configuration management agnostic

Possible Downsides

insulation from upstream

some projects have very tight system-level dependencies

need to keep current

Lessons Learned

adhere to omnibus principles

fork

ship all bits everywhere

Where Next?

locked pip dependencies

additional build options

nightly/blessed builds

containerization

autodiscovery of services

Help?

Freenode #openstack-chef

Mailing List: http://bit.ly/1hQj52N

Weekly Hangout: 11AM Eastern Mondays

References

this deck: http://bit.ly/QrKXyv
omnibus-openstack: http://bit.ly/1hQgAgW
omnibus-openstack-build: http://bit.ly/1itIT3A

Cookbooks

chef for openstack: http://bit.ly/QrK9JQ
cookbook-openstack-omnibus: http://bit.ly/1hZ9Vel
cookbook-openstack-omnibus-reference: http://bit.ly/1r2TVO6

thanks

"make more awesome"