Just one-shade-of-openstack
1 like•197 views
This document discusses using the Shade library to simplify working with OpenStack. It begins with an introduction to OpenStack and its architecture. It then demonstrates how to quickly get started with Shade by connecting to clouds and listing servers. The document shows how to access OpenStack resources as objects and dictionaries, and generate reports with Pandas. It also discusses implementing Ansible modules with Shade to provision and manage projects across multiple OpenStack clouds. The document encourages contributing to Shade by implementing missing methods and writing functional tests.
![Shade Quickstart - 1/3
$ pip install shade # Install Shade
$ vim clouds.yml # Store credentials
$ ipython # Run (i)python
import shade
# Connect to the first cloud
mycloud = shade.operator_cloud(cloud='mycloud')
# List virtual servers
servers = mycloud.list_servers()
# List server names
[x.name for x in servers]
[
u'os3-node1',
u'os3-master0',
u'os3-master1',
...
]
# clouds.yml is the credential file
identity_api_version: '3.0'
clouds:
# Insert here your credentials.
mycloud:
verify: true # or false
auth:
username: admin
password: secret
auth_url: 'https://mycloud.com/v3'
project_name: 'admin'
domain_id: 'default'
interface: public](https://image.slidesharecdn.com/just-one-shade-of-openstack-170511142901/85/Just-one-shade-of-openstack-15-320.jpg)
![Shade Quickstart - 2/3
import shade
# Connect to the first cloud
site_a = shade.operator_cloud(cloud='mycloud')
# Connect to the second cloud
site_b = shade.operator_cloud(cloud=rackspace)
get_servers=lambda site: {x.name: x
for x in site.list_servers() }
# List virtual servers
servers_a = get_servers(site_a)
servers_b = get_servers(site_b)
# Check servers not highly available.
set(servers_a.keys()) - set(servers_b.keys())
# Get doppelgangers ip ;)
for k,v in servers_a.items():
v.doppelganger_ip = servers_b[k].interface_ip
# Add many clouds to your config
#
# Known cloud providers can be
# referenced via eg. "profile: rackspace"
identity_api_version: '3.0'
clouds:
mycloud:
...
rackspace:
auth:
cloud: rackspace
project_id: 275610
username: openstack
password: xyzpdq!lazydog
region_name: DFW,ORD,IAD
interface: internal](https://image.slidesharecdn.com/just-one-shade-of-openstack-170511142901/85/Just-one-shade-of-openstack-16-320.jpg)
![Some more Shade - 1/2
# You can access every entry as an
object
server.image
{u'id': u'42c26768-0edf-...'}
# or as a dict (eg for complex attrsa)
server['OS-SRV-USG:launched_at']
u'2017-02-18T09:42:19.000000'
# Shade retains custom properties
# in the properties attribute
server.properties # a dict!
{
'OS-EXT-AZ:availability_zone':
u'nova',
'OS-EXT-STS:power_state': 1,
...
}
# The model.rst document,
# describes shade entries
Server = dict(
location=Location(),
id=str(),
name=str(),
image=dict() or str(),
flavor=dict(),
volumes=list(), # Volume
interface_ip=str(),
...
)](https://image.slidesharecdn.com/just-one-shade-of-openstack-170511142901/85/Just-one-shade-of-openstack-18-320.jpg)
![Some more Shade - 2/2
# Pandas creates wonderful reports
import pandas as pd
# Get your data
servers_a = cloud_a.list_servers()
servers_b = cloud_c.list_servers()
all_servers = servers_a + servers_b
# dump them into a pandas.DataFrame
df = pd.DataFrame(data=all_servers)
report = df[['name', 'status',
'cloud', 'interface_ip']]
# then to Excel
writer = ExcelWriter('cloud.xlsx')
report.to_excel(writer,'servers')
writer.save()
#
# The report outcome!
#
name status cloud interface_ip
0 os3-node1 ACTIVE mycloud
10.168.176.124
1 os3-master0 ACTIVE mycloud
10.168.176.125
...
8 os3-master0 ACTIVE rackspace
172.23.176.125
9 os3-master2 ACTIVE rackspace
172.23.176.123](https://image.slidesharecdn.com/just-one-shade-of-openstack-170511142901/85/Just-one-shade-of-openstack-19-320.jpg)
Just one-shade-of-openstack
- 1. Just one Shade of OpenStack Cloud applications are simple!
- 2. Who? What? Why? Roberto Polli - Solutions Architect @ par-tec.it. Loves writing in C, Java and Python. RHC{E,VA}, MySQL|MongoDB Certified DBA. Par-Tec – Proud sponsor of this talk ;) provides expertise in IT Infrastructure & Services and Business Intelligence solutions + Vertical Applications for the financial market. Contributes to various FLOSS. Manage OpenStack with python Shade library to simplify automation.
- 3. Agenda ⬝ Intro to OpenStack ⬝ The day I met Shade (Quickstart) ⬝ Building the cloud ⬝ Shade in Ansible Modules ⬝ A contribution story
- 4. OpenStack is Programmable Infrastructure Programmable Infrastructure made open - Amazon Web Services like (IaaS) - Deploy Virtual {Machines,Network,...} on the internet - REST interface API Specs + python implementation Industry backed (Red Hat, Rackspace, HP, Cisco, Oracle, ..)
- 6. OpenStack Workflows Web Interface API Endpoint Queues Datastores
- 7. OpenStack but... what's a Stack? Virtualized infrastructure made of multiple components: - load balancers - web servers - networks and routers - datastores - ...
- 8. OpenStack but... what's a Stack?
- 9. Deploy OpenStack Applications - CLIent API $ openstack server create --image centos-7 --flavor m1.tiny web-1 $ openstack network create my-dmz $ openstack subnet create --network my-dmz ... $ openstack volume create --size 50 my-disk $ openstack server add volume web-1 my-disk https://docs.openstack.org/user-guide/cli-cheat-sheet.html
- 10. Deploy OpenStack Applications: Heat Templates Heat is the Orchestration component. - group resources into a HOT - Heat Orchestration Template - reuse them Stacks can be updated and deleted, Heat takes care of them. You can compose templates specifying a filename or an URI Stacks are *persistent* heat_template_version: 2016-04-08 description: > A Template is a yaml file describing resources and getting parameters in input. parameters: service_name: type: string ... resources: web-1: type: OS::Nova::Server properties: name: { get_param: service_name } ... network: type: https://git.it/network_template.yaml properties: ...
- 11. Deploy OpenStack Applications: Heat Templates
- 12. Deploy OpenStack Applications: Ansible OpenStack Modules - more flexible than HOT - removing a stack won't remove created resources - requires an external orchestrator - can invoke heat (eg. for testing HOTs) HOT Quota is planned only in Ocata. Older versions can't do it - name: Yes, you can hosts: localhost ... tasks: - name: Create and configure os_project: state: present name: a_project description: with Ansible domain: default enabled: true wait: yes -name: Create a user os_user: name="joe" default_project="a_project" -name: Manage ACL os_user_role: user: joe role: admin project: a_project
- 13. Meet Shade I was working with various OpenStack projects when at EP16 in Bilbao I followed a training on Cloud Applications Goals: - simplify openstack usage - manage multiple openstack clouds - more interaction JOIN EUROPYTHON 2017
- 14. OpenStack Applications Use Shade directly: - flexibility - custom workflow Apache libcloud: - multi-cloud - more generic
- 15. Shade Quickstart - 1/3 $ pip install shade # Install Shade $ vim clouds.yml # Store credentials $ ipython # Run (i)python import shade # Connect to the first cloud mycloud = shade.operator_cloud(cloud='mycloud') # List virtual servers servers = mycloud.list_servers() # List server names [x.name for x in servers] [ u'os3-node1', u'os3-master0', u'os3-master1', ... ] # clouds.yml is the credential file identity_api_version: '3.0' clouds: # Insert here your credentials. mycloud: verify: true # or false auth: username: admin password: secret auth_url: 'https://mycloud.com/v3' project_name: 'admin' domain_id: 'default' interface: public
- 16. Shade Quickstart - 2/3 import shade # Connect to the first cloud site_a = shade.operator_cloud(cloud='mycloud') # Connect to the second cloud site_b = shade.operator_cloud(cloud=rackspace) get_servers=lambda site: {x.name: x for x in site.list_servers() } # List virtual servers servers_a = get_servers(site_a) servers_b = get_servers(site_b) # Check servers not highly available. set(servers_a.keys()) - set(servers_b.keys()) # Get doppelgangers ip ;) for k,v in servers_a.items(): v.doppelganger_ip = servers_b[k].interface_ip # Add many clouds to your config # # Known cloud providers can be # referenced via eg. "profile: rackspace" identity_api_version: '3.0' clouds: mycloud: ... rackspace: auth: cloud: rackspace project_id: 275610 username: openstack password: xyzpdq!lazydog region_name: DFW,ORD,IAD interface: internal
- 17. Shade Quickstart - 3/3 # Use logging for troubleshooting issues, eventually dumping to a file. import shade import logging logging.basicConfig(level=logging.DEBUG, filename="client.log") shade.simple_logging(debug=100, http_debug=0) # Trace python-requests logging here or with http_debug=1 import httplib as http_client http_client.HTTPConnection.debuglevel = 1 requests_log=logging.getLogger("requests.packages.urllib3") requests_log.setLevel(logging.DEBUG) requests_log.propagate = True # Cloud configs are read with os-client-config mycloud = shade.operator_cloud(cloud='mycloud')
- 18. Some more Shade - 1/2 # You can access every entry as an object server.image {u'id': u'42c26768-0edf-...'} # or as a dict (eg for complex attrsa) server['OS-SRV-USG:launched_at'] u'2017-02-18T09:42:19.000000' # Shade retains custom properties # in the properties attribute server.properties # a dict! { 'OS-EXT-AZ:availability_zone': u'nova', 'OS-EXT-STS:power_state': 1, ... } # The model.rst document, # describes shade entries Server = dict( location=Location(), id=str(), name=str(), image=dict() or str(), flavor=dict(), volumes=list(), # Volume interface_ip=str(), ... )
- 19. Some more Shade - 2/2 # Pandas creates wonderful reports import pandas as pd # Get your data servers_a = cloud_a.list_servers() servers_b = cloud_c.list_servers() all_servers = servers_a + servers_b # dump them into a pandas.DataFrame df = pd.DataFrame(data=all_servers) report = df[['name', 'status', 'cloud', 'interface_ip']] # then to Excel writer = ExcelWriter('cloud.xlsx') report.to_excel(writer,'servers') writer.save() # # The report outcome! # name status cloud interface_ip 0 os3-node1 ACTIVE mycloud 10.168.176.124 1 os3-master0 ACTIVE mycloud 10.168.176.125 ... 8 os3-master0 ACTIVE rackspace 172.23.176.125 9 os3-master2 ACTIVE rackspace 172.23.176.123
- 20. Shade and Ansible Provisioning projects on a multi-datacenter OpenStack Create projects with Heat: - the project remains as a stack - accidental removal risk - can't manage quotas & co with HOT* - update a quota may trigger a full stack-update "Projects represent the base unit of ownership in OpenStack, in that all resources in OpenStack should be owned by a specific project." docs.openstack.org
- 21. Implement an Ansible module with Shade Many policies for creating and updating OpenStack objects Testing/checking differences between expected and actual settings Trigger custom actions depending on os_project status # developing the os_project_access module # grant access on various resources to # a given project - name: ansible provisioning a project os_project_access: ... resource_type: nova_flavor resource_name: x1.medium project_id: 0000-ffff-0000 - name: with iterations os_project_access: resource_type: cinder_volume_type state: "{{item.state}}" resource_name: "{{item.name}}" project_id: 000-fff-000 with_items: - {name: "sas", state: present } - {name: "ssd", state: absent }
- 22. Writing Ansible Modules PLEASE, DO NOT write complex modules accessing directly {nova,cinder,..}-api
- 23. Writing Ansible modules # Implement a general workflow! resource = _get_resource(resource_name_or_id) allowed_projects = _get_resource_access(resource_id) # get acls if state == 'present': _add_resource_access(resource_id, target_project_id) elif state == 'absent' and target_project_id in allowed_projects: _remove_resource_access(resource_id, target_project_id)
- 24. Contributing to Shade # Implement missing methods in shade if resource_type == 'nova_flavor': _get_resource = cloud.get_flavor _list_resource_access = cloud.list_flavor_access # <- write this! _add_resource_access = cloud.add_flavor_access # <- write this! _remove_resource_access = cloud.remove_flavor_access # <- write this! ... elif resource_type == 'your_resource_type': def __not_general_enough_to_be_in_shade(resource_id): # <- if patch refused ;) ... _list_resource_access = __not_general_enough_to_be_in_shade else: raise NotImplementedError("Resource %r not implemented" % resource_type)
- 25. Contributing to Shade ⬝ Join #openstack-shade on irc ⬝ Sign Up https://launchpad.net/openstack ⬝ Install git-review ⬝ Write functional tests ⬝ Install devstack and test there before submitting for review
- 26. Contributing to Shade Check your progresses and give feedback on other's patches https://review.openstack.org/#/q/is:watched is:open
- 27. The Hardest Part Where is my git-review password? No, it's not your account one ;) 1 2