SlideShare a Scribd company logo

SCALE 2011 Deploying OpenStack with Chef

Matt Ray
Matt Ray

The document discusses the automated deployment of OpenStack using Chef, highlighting OpenStack's mission to create a scalable open-source cloud platform and its core principles of modularity and community engagement. It details the configuration management capabilities of Chef, including recipes and roles used for managing resources on server nodes and the process of deploying OpenStack in various environments. Additionally, the document mentions the importance of community contributions and ongoing development efforts to enhance OpenStack features and deployment scenarios.

Technology
1 of 76
Downloaded 229 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
Automated Deployment of OpenStack with Chef SCALE 9x February 25-27, 2011
Introductions Matt Ray Senior Technical Evangelist matt@opscode.com @mattray GitHub:mattray
What is OpenStack?
Founders operate at massive scale NASA
OpenStack: The Mission "To produce the ubiquitous Open Source cloud computing platform that will meet the needs of public and private cloud providers regardless of size, by being simple to implement and massively scalable."
OpenStack Founding Principles Apache 2.0 license (OSI), open development process Open design process, 2x year public Design Summits Publicly available open source code repositories Open community processes documented and transparent Commitment to drive and adopt open standards Modular design for deployment flexibility via APIs
Community with Broad Support
Software to provision virtual machines on standard hardware at massive scale OpenStack Compute creating open source software to build public and private clouds Software to reliably store billions of objects distributed across standard hardware OpenStack Object Storage
OpenStack Compute Key Features ReST-based API Asynchronous eventually consistent communication Horizontally and massively scalable Hypervisor agnostic: support for Xen ,XenServer, Hyper-V, KVM, UML and ESX is coming Hardware agnostic: standard hardware, RAID not required
User Manager Cloud Controller: Global state of system, talks to LDAP, OpenStack Object Storage, and node/storage workers through a queue ATAoE / iSCSI API: Receives HTTP requests, converts commands to/from API format, and sends requests to cloud controller Host Machines: workers that spawn instances Glance: HTTP + OpenStack Object OpenStack Compute Storage for server images
Hardware Requirements OpenStack is designed to run on industry standard hardware, with flexible configurations Compute x86 Server (Hardware Virt. recommended) Storage flexible (Local, SAN, NAS) Object Storage x86 Server (other architectures possible) Do not deploy with RAID (can use controller for cache)
Why is OpenStack important? Open eliminates vendor lock-in Working together, we all go faster Freedom to federate, or move between clouds
What is Chef?
Chef enables Infrastructure as Code Manage configuration as idempotent Resources. Put them together in Recipes. Track it like Source Code. Configure your servers.
At a High Level A library for configuration management A configuration management system A systems integration platform An API for your entire Infrastructure
Fully automated Infrastructure
Principles Idempotent Data-driven Sane defaults Hackability TMTOWTDI
Open Source and Community Apache licensed Large and active community Over 280 individual contributors (60+ corporate) Community is Important!
SCALE 2011 Deploying OpenStack with Chef
How does it Work?
How does it Work? Magic!
How does it Work? Magic! (no really)
Chef Client runs on your System
Chef Client runs on your System ohai!
Clients talk to the Chef Server
The Opscode Platform is a hosted Chef Server
We call each system you configure a Node
Nodes have Attributes { "kernel": { "machine": "x86_64", "name": "Darwin", Kernel info! "os": "Darwin", "version": "Darwin Kernel Version 10.4.0: Fri Apr 23 18:28:53 PDT 2010; root:xnu-1504.7.4~1/RELEASE_I386", }, "release": "10.4.0" Platform info! "platform_version": "10.6.4", "platform": "mac_os_x", "platform_build": "10F569", "domain": "local", "os": "darwin", "current_user": "mray", "ohai_time": 1278602661.60043, "os_version": "10.4.0", Hostname and IP! "uptime": "18 days 17 hours 49 minutes 18 seconds", "ipaddress": "10.13.37.116", "hostname": "morbo", "fqdn": "morbomorbo.local", "uptime_seconds": 1619358 }
Nodes have a Run List What Roles and Recipes to Apply in Order
Nodes have Roles
Nodes have Roles webserver, database, monitoring, etc.
Roles have a Run List What Roles and Recipes to Apply in Order
name "webserver" description "Systems that serve HTTP traffic" run_list( "role[base]", Can include "recipe[apache2]", other roles! "recipe[apache2::mod_ssl]" ) default_attributes( "apache" => { "listen_ports" => [ "80", "443" ] } ) override_attributes( "apache" => { "max_children" => "50" } ) 33
Chef manages Resources on Nodes
Resources ‣ Have a type package "apache2" do version "2.2.11-2ubuntu2.6" action :install ‣ Have a name end template "/etc/apache2/apache2.conf" do ‣ Have parameters source "apache2.conf.erb" owner "root" ‣ Take action to put the group "root" mode 0644 resource in the action :create declared state end Declare a description of the state a part of the node should be in
Resources take action through Providers
Recipes are lists of Resources
Recipes 1 package "apache2" do version "2.2.11-2ubuntu2.6" action :install end Evaluate and apply template "/etc/apache2/apache2.conf" do Resources in the order source "apache2.conf.erb" owner "root" they appear group "root" mode 0644 action :create2 end
Order Matters
Recipes are just Ruby! extra_packages = case node[:platform] when "ubuntu","debian" %w{ ruby1.8 ruby1.8-dev rdoc1.8 ri1.8 libopenssl-ruby } end extra_packages.each do |pkg| package pkg do action :install end end
Cookbooks are packages for Recipes
Cookbooks Distributable cookbooks.opscode.com Infrastructure as Code Versioned
Cookbooks Recipes Files Templates Attributes Metadata
Data bags store arbitrary data
A user data bag item... % knife data bag show users mray { "comment": "Matt Ray", "groups": "sysadmin", "ssh_keys": "ssh-rsa SUPERSEKRATS mray@morbo", "files": { ".bashrc": { "mode": "0644", "source": "dot-bashrc" }, ".emacs": { "mode": "0644", "source": "dot-emacs" } }, "id": "mray", "uid": 7004, "shell": "/usr/bin/bash" }
Environments manage versioned infrastructure
Command-line API utility, Knife http://www.flickr.com/photos/myklroventine/3474391066/ Copyright © 2011 Opscode, Inc - All Rights Reserved 47
Search $ knife search node 'platform:ubuntu' ‣ CLI or in Ruby search(:node, ‘platform:centos’) ‣ Nodes are searchable $ knife search role 'max_children:50' ‣ Roles are searchable search(:role, ‘max_children:50’) ‣ Recipes are $ knife search node ‘role:webserver’ searchable search(:node, ‘role:webserver’) ‣ Data bags are $ knife users ‘shell:/bin/bash’ searchable search (:users, ‘group:sysadmins’)
SCALE 2011 Deploying OpenStack with Chef
HOW TO: Turn Racks of Standard Hardware Into a Cloud with OpenStack
What Works Today?
Compute (Nova) Single machine installation ‣ MySQL, RabbitMQ, OpenLDAP ‣ Nova-(api|scheduler|network|objectstore|compute) ‣ Role: nova-single-machine-install Multi-machine ‣ Role: nova-multi-controller (1) ‣ Role: nova-multi-compute (N)
Role: nova-single-machine-install name "nova-single-machine-install" description "Installs everything required to run Nova on a single machine" run_list( "recipe[apt]", "recipe[nova::mysql]", "recipe[nova::openldap]", "recipe[nova::rabbit]", "recipe[nova::common]", "recipe[nova::api]", "recipe[nova::scheduler]", "recipe[nova::network]", "recipe[nova::objectstore]", "recipe[nova::compute]", "recipe[nova::setup]", "recipe[nova::creds]", "recipe[nova::finalize]" )
Role: nova-multi-controller name "nova-multi-controller" description "Installs requirements to run the Controller node in a Nova cluster" run_list( "recipe[apt]", "recipe[nova::mysql]", "recipe[nova::openldap]", "recipe[nova::rabbit]", "recipe[nova::common]", "recipe[nova::api]", "recipe[nova::objectstore]", "recipe[nova::compute]", "recipe[nova::setup]", "recipe[nova::creds]", "recipe[nova::finalize]" )
Role: nova-multi-compute name "nova-multi-compute" description "Installs requirements to run a Compute node in a Nova cluster" run_list( "recipe[apt]", "recipe[nova::network]", "recipe[nova::compute]", )
Starting with a provisioned server ‣ Ubuntu 10.10 (preseed) ‣ openssh-server ‣ virtual-machine-host knife bootstrap crushinator.localdomain ~/.ssh/id_rsa -x mray --sudo -d ubuntu10.04-gems
Installation ‣ Cookbooks uploaded $ $ knife cookbook upload -a knife cookbook list $ rake roles ‣ Roles uploaded $ knife role list $ knife node list ‣ Nodes ready
AMIs name "nova-ami-urls" description "Feed in a list URLs for AMIs to download" default_attributes( "nova" => { "images" => ["http://192.168.11.7/ubuntu1010-UEC-localuser-image.tar.gz”] } ) $ knife role from file roles/nova-ami-urls.rb ‣ Use an existing AMI ‣ Update URL to your own
Assign the Roles $ knife node run_list add crushinator.localdomain "role[nova-ami- urls]" { "run_list": [ "role[nova-ami-urls]" ] } $ knife node run_list add crushinator.localdomain "role[nova-single- machine-install]" { "run_list": [ "role[nova-ami-urls]" "role[nova-single-machine-install]", ] }
chef-client mray@ubuntu1010:~$ sudo chef-client [Fri, 25 Feb 2011 11:52:59 -0800] INFO: Starting Chef Run (Version 0.9.12) ... [Fri, 25 Feb 2011 11:56:05 -0800] INFO: Chef Run complete in 5.911955 seconds [Fri, 25 Feb 2011 11:56:05 -0800] INFO: cleaning the checksum cache [Fri, 25 Feb 2011 11:56:05 -0800] INFO: Running report handlers [Fri, 25 Feb 2011 11:56:05 -0800] INFO: Report handlers complete
sudo su - nova nova@$ nova-manage service list h00-26-6c-f4-1e-a0 nova-scheduler enabled :-) 2011-02-25 18:30:45 h00-26-6c-f4-1e-a0 nova-network enabled :-) 2011-02-25 18:30:48 h00-26-6c-f4-1e-a0 nova-compute enabled :-) 2011-02-25 18:30:50 nova@$ euca-describe-images IMAGE! ami-90hgmwai!nova_amis/maverick-server-uec-amd64-vmlinuz- virtual.manifest.xml! admin! available! private i386!kernel! true! IMAGE! ami-h8wh0j17!nova_amis/maverick-server-uec- amd64.img.manifest.xml!admin! untarring!private i386!machine ! ami-90hgmwai! nova@$ euca-run-instances ami-h8wh0j17 -k mykey -t m1.tiny RESERVATION! r-uur39109! admin! default INSTANCE! i-00000001! ami-h8wh0j17!! ! scheduling! mykey (admin, None)! 0! ! m1.tiny! 2011-02-25 18:34:01! nknown zone!! u
sudo su - nova (page 2) nova@$ euca-describe-instances RESERVATION! r-uur39109! admin! default INSTANCE! i-00000001! ami-h8wh0j17!10.0.0.2! 10.0.0.2! running ! mykey (admin, h00-26-6c-f4-1e-a0)! 0! ! m1.tiny! 2011-02-25 18:34:01! nova! nova@$ ssh -i mykey.priv ubuntu@10.0.0.2 The authenticity of host '10.0.0.2 (10.0.0.2)' can't be established. RSA key fingerprint is 91:21:ef:5d:33:17:24:cb:f6:65:dd:27:1d:1c: 50:ad. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.0.0.2' (RSA) to the list of known hosts.
The Moment of Truth Linux i-00000001 2.6.35-24-virtual #42-Ubuntu SMP Thu Dec 2 05:15:26 UTC 2010 x86_64 GNU/Linux Ubuntu 10.10 Welcome to Ubuntu! <SNIP> See "man sudo_root" for details. ubuntu@i-00000001:~$
How Did We Get Here?
Forked from Anso Labs’ Cookbooks Bootstrapped by Opscode Chef Solo/Vagrant installs for Developers http://github.com/ansolabs/openstack-cookbooks
Who’s involved so far?
What’s Next?
Nova needed enhancements Happy Path-only! KVM-only MySQL-only Flat DHCP network-only Swift and Glance integration More Roles
Dashboard Graphical interface for managing instantiation of AMIs Django application dashboard.rb recipe already exists in nova cookbook
Knife ‣ Nova has same API as Amazon ‣ knife ec2 server create ‘role[base]’ -I ~/.ssh/my.pem -x ubuntu -G default -i ami-a403f6xd -f m1.micro ‣ Fog reportedly supports OpenStack already ‣ Simply need to pass URL of nova-api server and credentials ‣ http://tickets.opscode.com/browse/CHEF-1757 ‣ knife openstack server create ‘role[base]’ -I ~/.ssh/my.pem -x ubuntu -G default -i ami-a403f6xd -f m1.micro
Object Storage (Swift) ‣ Recipes originated from Anso Labs’ repository ‣ https://github.com/ansolabs/openstack-cookbooks ‣ Included in the ‘bexar’ branch ‣ Untested so far
Image Registry (Glance) ‣ Recipes originated from Anso Labs’ repository ‣ https://github.com/ansolabs/openstack-cookbooks ‣ Included in the ‘bexar’ branch ‣ Untested so far
Scaling changes how we deploy OpenStack!
Deployment Scenarios ‣ Single machine is relatively simple ‣ Controller + Compute nodes is a known quantity for small installations ‣ Nova + Swift + Glance in large installations ‣ Services separated and HA configurations supported ‣ Documentation and Chef Roles will be the solution
Cactus, Diablo, ... Development continues... Branches for each stable release Design Summit in April Design Summit in the Fall
Get Involved! https://github.com/mattray/openstack-cookbooks/tree/bexar http://lists.openstack.org http://lists.opscode.com #chef on irc.freenode.net #openstack on irc.freenode.net matt@opscode.com jordan@openstack.com

More Related Content

What's hot (20)

PDF
Startup Containers in Lightning Speed with Lazy Image Distribution
Kohei Tokunaga
 
PDF
Rootless Containers & Unresolved issues
Akihiro Suda
 
PPTX
Usernetes: Kubernetes as a non-root user
Akihiro Suda
 
PDF
DockerとKubernetesをかけめぐる
Kohei Tokunaga
 
PDF
[DockerCon 2019] Hardening Docker daemon with Rootless mode
Akihiro Suda
 
PDF
P2P Container Image Distribution on IPFS With containerd and nerdctl
Kohei Tokunaga
 
PDF
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...
Akihiro Suda
 
PDF
Rootless Kubernetes
Akihiro Suda
 
PPTX
Secure container: Kata container and gVisor
Ching-Hsuan Yen
 
PDF
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
Akihiro Suda
 
PDF
App container rkt
Xiaofeng Guo
 
PPTX
KVM and docker LXC Benchmarking with OpenStack
Boden Russell
 
PDF
The State of Rootless Containers
Akihiro Suda
 
PDF
Build and Run Containers With Lazy Pulling - Adoption status of containerd St...
Kohei Tokunaga
 
ODP
Docker engine - Indroduc
Al Gifari
 
PDF
containerdの概要と最近の機能
Kohei Tokunaga
 
PDF
Docker - container and lightweight virtualization
Sim Janghoon
 
PPTX
Java applications containerized and deployed
Anthony Dahanne
 
PDF
Comparing Next-Generation Container Image Building Tools
Akihiro Suda
 
PDF
[KubeCon EU 2020] containerd Deep Dive
Akihiro Suda
 
Startup Containers in Lightning Speed with Lazy Image Distribution
Kohei Tokunaga
 
Rootless Containers & Unresolved issues
Akihiro Suda
 
Usernetes: Kubernetes as a non-root user
Akihiro Suda
 
DockerとKubernetesをかけめぐる
Kohei Tokunaga
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
Akihiro Suda
 
P2P Container Image Distribution on IPFS With containerd and nerdctl
Kohei Tokunaga
 
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...
Akihiro Suda
 
Rootless Kubernetes
Akihiro Suda
 
Secure container: Kata container and gVisor
Ching-Hsuan Yen
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
Akihiro Suda
 
App container rkt
Xiaofeng Guo
 
KVM and docker LXC Benchmarking with OpenStack
Boden Russell
 
The State of Rootless Containers
Akihiro Suda
 
Build and Run Containers With Lazy Pulling - Adoption status of containerd St...
Kohei Tokunaga
 
Docker engine - Indroduc
Al Gifari
 
containerdの概要と最近の機能
Kohei Tokunaga
 
Docker - container and lightweight virtualization
Sim Janghoon
 
Java applications containerized and deployed
Anthony Dahanne
 
Comparing Next-Generation Container Image Building Tools
Akihiro Suda
 
[KubeCon EU 2020] containerd Deep Dive
Akihiro Suda
 

Similar to SCALE 2011 Deploying OpenStack with Chef (20)

PDF
TXLF: Automated Deployment of OpenStack with Chef
Matt Ray
 
PDF
Chef for OpenStack December 2012
Matt Ray
 
PDF
Kubernetes for the PHP developer
Paul Czarkowski
 
PPTX
Baylisa - Dive Into OpenStack
Jesse Andrews
 
PDF
Deploying OpenStack with Chef
Matt Ray
 
PPT
Develop with linux containers and docker
Fabio Fumarola
 
PPT
2 Linux Container and Docker
Fabio Fumarola
 
PDF
Velocity 2011 Chef OpenStack Workshop
Chef Software, Inc.
 
PPT
Linux containers and docker
Fabio Fumarola
 
PDF
Chef For OpenStack Overview
OpenStack Foundation
 
PDF
A DevOps guide to Kubernetes
Paul Czarkowski
 
PPTX
Drupal In The Cloud
Bret Piatt
 
KEY
Whirr dev-up-puppetconf2011
Puppet
 
PDF
Bhushan m dev_ops_engr_31june
Bhushan Mahajan
 
PPTX
Docker - Demo on PHP Application deployment
Arun prasath
 
PDF
Dockers zero to hero
Nicolas De Loof
 
PDF
Serverless forwardjs
Upkar Lidder
 
PDF
Bare Metal to OpenStack with Razor and Chef
Matt Ray
 
PPT
OpenStack Winfest2011
Open Stack
 
PDF
Omaha (Google Update) server
Dmitry Lyfar
 
TXLF: Automated Deployment of OpenStack with Chef
Matt Ray
 
Chef for OpenStack December 2012
Matt Ray
 
Kubernetes for the PHP developer
Paul Czarkowski
 
Baylisa - Dive Into OpenStack
Jesse Andrews
 
Deploying OpenStack with Chef
Matt Ray
 
Develop with linux containers and docker
Fabio Fumarola
 
2 Linux Container and Docker
Fabio Fumarola
 
Velocity 2011 Chef OpenStack Workshop
Chef Software, Inc.
 
Linux containers and docker
Fabio Fumarola
 
Chef For OpenStack Overview
OpenStack Foundation
 
A DevOps guide to Kubernetes
Paul Czarkowski
 
Drupal In The Cloud
Bret Piatt
 
Whirr dev-up-puppetconf2011
Puppet
 
Bhushan m dev_ops_engr_31june
Bhushan Mahajan
 
Docker - Demo on PHP Application deployment
Arun prasath
 
Dockers zero to hero
Nicolas De Loof
 
Serverless forwardjs
Upkar Lidder
 
Bare Metal to OpenStack with Razor and Chef
Matt Ray
 
OpenStack Winfest2011
Open Stack
 
Omaha (Google Update) server
Dmitry Lyfar
 
Ad

More from Matt Ray (20)

PDF
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Matt Ray
 
PDF
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
Matt Ray
 
PDF
SCaLE 20X: Kubernetes Cloud Cost Monitoring with OpenCost & Optimization Stra...
Matt Ray
 
PDF
HashiTalks 2020 - Chef Tools & Terraform: Better Together
Matt Ray
 
PDF
EmacsConf 2019: Interactive Remote Debugging and Development with TRAMP Mode
Matt Ray
 
PDF
Wellington DevOps: Bringing Your Applications into the Future with Habitat
Matt Ray
 
PDF
DevOps Days Singapore 2018 Ignite - Bringing Your Applications into the Futur...
Matt Ray
 
PDF
Cloud Expo Asia 20181010 - Bringing Your Applications into the Future with Ha...
Matt Ray
 
PDF
Compliance as Code Everywhere
Matt Ray
 
PDF
DevOpsDays Jakarta: State of DevOps 2018
Matt Ray
 
PDF
DevOps Talks Melbourne 2018: Whales, Cats and Kubernetes
Matt Ray
 
PDF
Infrastructure and Compliance Delight with Chef Automate
Matt Ray
 
PDF
Cooking Up Windows with Chef Automate
Matt Ray
 
PDF
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
Matt Ray
 
PDF
DevOpsDays Singapore Habitat Ignite
Matt Ray
 
PDF
Chef Automate - Azure Sydney User Group
Matt Ray
 
PDF
Automating Compliance with InSpec - AWS North Sydney
Matt Ray
 
PDF
Automating Applications with Habitat - Sydney Cloud Native Meetup
Matt Ray
 
PDF
Automating AWS Compliance with InSpec
Matt Ray
 
PDF
Chef Automate - Infracoders Canberra August 8, 2017
Matt Ray
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Matt Ray
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
Matt Ray
 
SCaLE 20X: Kubernetes Cloud Cost Monitoring with OpenCost & Optimization Stra...
Matt Ray
 
HashiTalks 2020 - Chef Tools & Terraform: Better Together
Matt Ray
 
EmacsConf 2019: Interactive Remote Debugging and Development with TRAMP Mode
Matt Ray
 
Wellington DevOps: Bringing Your Applications into the Future with Habitat
Matt Ray
 
DevOps Days Singapore 2018 Ignite - Bringing Your Applications into the Futur...
Matt Ray
 
Cloud Expo Asia 20181010 - Bringing Your Applications into the Future with Ha...
Matt Ray
 
Compliance as Code Everywhere
Matt Ray
 
DevOpsDays Jakarta: State of DevOps 2018
Matt Ray
 
DevOps Talks Melbourne 2018: Whales, Cats and Kubernetes
Matt Ray
 
Infrastructure and Compliance Delight with Chef Automate
Matt Ray
 
Cooking Up Windows with Chef Automate
Matt Ray
 
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
Matt Ray
 
DevOpsDays Singapore Habitat Ignite
Matt Ray
 
Chef Automate - Azure Sydney User Group
Matt Ray
 
Automating Compliance with InSpec - AWS North Sydney
Matt Ray
 
Automating Applications with Habitat - Sydney Cloud Native Meetup
Matt Ray
 
Automating AWS Compliance with InSpec
Matt Ray
 
Chef Automate - Infracoders Canberra August 8, 2017
Matt Ray
 
Ad

Recently uploaded (20)

PDF
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
PPTX
Seamless Tech Experiences Showcasing Cross-Platform App Design.pptx
presentifyai
 
DOCX
Python coding for beginners !! Start now!#
Rajni Bhardwaj Grover
 
PDF
Transcript: Book industry state of the nation 2025 - Tech Forum 2025
BookNet Canada
 
PDF
NLJUG Speaker academy 2025 - first session
Bert Jan Schrijver
 
PDF
UiPath DevConnect 2025: Agentic Automation Community User Group Meeting
DianaGray10
 
PDF
“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...
Edge AI and Vision Alliance
 
PDF
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
PDF
UPDF - AI PDF Editor & Converter Key Features
DealFuel
 
PDF
Book industry state of the nation 2025 - Tech Forum 2025
BookNet Canada
 
PDF
Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...
Safe Software
 
PPTX
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
PPTX
Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptx
presentifyai
 
PPTX
Mastering ODC + Okta Configuration - Chennai OSUG
HathiMaryA
 
PDF
Mastering Financial Management in Direct Selling
Epixel MLM Software
 
PDF
Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdf
Emily Achieng
 
PDF
How do you fast track Agentic automation use cases discovery?
DianaGray10
 
PDF
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
PPTX
Agentforce World Tour Toronto '25 - MCP with MuleSoft
Alexandra N. Martinez
 
PDF
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
Seamless Tech Experiences Showcasing Cross-Platform App Design.pptx
presentifyai
 
Python coding for beginners !! Start now!#
Rajni Bhardwaj Grover
 
Transcript: Book industry state of the nation 2025 - Tech Forum 2025
BookNet Canada
 
NLJUG Speaker academy 2025 - first session
Bert Jan Schrijver
 
UiPath DevConnect 2025: Agentic Automation Community User Group Meeting
DianaGray10
 
“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...
Edge AI and Vision Alliance
 
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
UPDF - AI PDF Editor & Converter Key Features
DealFuel
 
Book industry state of the nation 2025 - Tech Forum 2025
BookNet Canada
 
Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...
Safe Software
 
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptx
presentifyai
 
Mastering ODC + Okta Configuration - Chennai OSUG
HathiMaryA
 
Mastering Financial Management in Direct Selling
Epixel MLM Software
 
Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdf
Emily Achieng
 
How do you fast track Agentic automation use cases discovery?
DianaGray10
 
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
Agentforce World Tour Toronto '25 - MCP with MuleSoft
Alexandra N. Martinez
 
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 

SCALE 2011 Deploying OpenStack with Chef

  • 1. Automated Deployment of OpenStack with Chef SCALE 9x February 25-27, 2011
  • 2. Introductions Matt Ray Senior Technical Evangelist [email protected] @mattray GitHub:mattray
  • 5. OpenStack: The Mission "To produce the ubiquitous Open Source cloud computing platform that will meet the needs of public and private cloud providers regardless of size, by being simple to implement and massively scalable."
  • 6. OpenStack Founding Principles Apache 2.0 license (OSI), open development process Open design process, 2x year public Design Summits Publicly available open source code repositories Open community processes documented and transparent Commitment to drive and adopt open standards Modular design for deployment flexibility via APIs
  • 8. Software to provision virtual machines on standard hardware at massive scale OpenStack Compute creating open source software to build public and private clouds Software to reliably store billions of objects distributed across standard hardware OpenStack Object Storage
  • 9. OpenStack Compute Key Features ReST-based API Asynchronous eventually consistent communication Horizontally and massively scalable Hypervisor agnostic: support for Xen ,XenServer, Hyper-V, KVM, UML and ESX is coming Hardware agnostic: standard hardware, RAID not required
  • 10. User Manager Cloud Controller: Global state of system, talks to LDAP, OpenStack Object Storage, and node/storage workers through a queue ATAoE / iSCSI API: Receives HTTP requests, converts commands to/from API format, and sends requests to cloud controller Host Machines: workers that spawn instances Glance: HTTP + OpenStack Object OpenStack Compute Storage for server images
  • 11. Hardware Requirements OpenStack is designed to run on industry standard hardware, with flexible configurations Compute x86 Server (Hardware Virt. recommended) Storage flexible (Local, SAN, NAS) Object Storage x86 Server (other architectures possible) Do not deploy with RAID (can use controller for cache)
  • 12. Why is OpenStack important? Open eliminates vendor lock-in Working together, we all go faster Freedom to federate, or move between clouds
  • 14. Chef enables Infrastructure as Code Manage configuration as idempotent Resources. Put them together in Recipes. Track it like Source Code. Configure your servers.
  • 15. At a High Level A library for configuration management A configuration management system A systems integration platform An API for your entire Infrastructure
  • 17. Principles Idempotent Data-driven Sane defaults Hackability TMTOWTDI
  • 18. Open Source and Community Apache licensed Large and active community Over 280 individual contributors (60+ corporate) Community is Important!
  • 20. How does it Work?
  • 21. How does it Work? Magic!
  • 22. How does it Work? Magic! (no really)
  • 23. Chef Client runs on your System
  • 24. Chef Client runs on your System ohai!
  • 25. Clients talk to the Chef Server
  • 26. The Opscode Platform is a hosted Chef Server
  • 27. We call each system you configure a Node
  • 28. Nodes have Attributes { "kernel": { "machine": "x86_64", "name": "Darwin", Kernel info! "os": "Darwin", "version": "Darwin Kernel Version 10.4.0: Fri Apr 23 18:28:53 PDT 2010; root:xnu-1504.7.4~1/RELEASE_I386", }, "release": "10.4.0" Platform info! "platform_version": "10.6.4", "platform": "mac_os_x", "platform_build": "10F569", "domain": "local", "os": "darwin", "current_user": "mray", "ohai_time": 1278602661.60043, "os_version": "10.4.0", Hostname and IP! "uptime": "18 days 17 hours 49 minutes 18 seconds", "ipaddress": "10.13.37.116", "hostname": "morbo", "fqdn": "morbomorbo.local", "uptime_seconds": 1619358 }
  • 29. Nodes have a Run List What Roles and Recipes to Apply in Order
  • 31. Nodes have Roles webserver, database, monitoring, etc.
  • 32. Roles have a Run List What Roles and Recipes to Apply in Order
  • 33. name "webserver" description "Systems that serve HTTP traffic" run_list( "role[base]", Can include "recipe[apache2]", other roles! "recipe[apache2::mod_ssl]" ) default_attributes( "apache" => { "listen_ports" => [ "80", "443" ] } ) override_attributes( "apache" => { "max_children" => "50" } ) 33
  • 35. Resources ‣ Have a type package "apache2" do version "2.2.11-2ubuntu2.6" action :install ‣ Have a name end template "/etc/apache2/apache2.conf" do ‣ Have parameters source "apache2.conf.erb" owner "root" ‣ Take action to put the group "root" mode 0644 resource in the action :create declared state end Declare a description of the state a part of the node should be in
  • 36. Resources take action through Providers
  • 37. Recipes are lists of Resources
  • 38. Recipes 1 package "apache2" do version "2.2.11-2ubuntu2.6" action :install end Evaluate and apply template "/etc/apache2/apache2.conf" do Resources in the order source "apache2.conf.erb" owner "root" they appear group "root" mode 0644 action :create2 end
  • 40. Recipes are just Ruby! extra_packages = case node[:platform] when "ubuntu","debian" %w{ ruby1.8 ruby1.8-dev rdoc1.8 ri1.8 libopenssl-ruby } end extra_packages.each do |pkg| package pkg do action :install end end
  • 42. Cookbooks Distributable cookbooks.opscode.com Infrastructure as Code Versioned
  • 43. Cookbooks Recipes Files Templates Attributes Metadata
  • 44. Data bags store arbitrary data
  • 45. A user data bag item... % knife data bag show users mray { "comment": "Matt Ray", "groups": "sysadmin", "ssh_keys": "ssh-rsa SUPERSEKRATS mray@morbo", "files": { ".bashrc": { "mode": "0644", "source": "dot-bashrc" }, ".emacs": { "mode": "0644", "source": "dot-emacs" } }, "id": "mray", "uid": 7004, "shell": "/usr/bin/bash" }
  • 47. Command-line API utility, Knife http://www.flickr.com/photos/myklroventine/3474391066/ Copyright © 2011 Opscode, Inc - All Rights Reserved 47
  • 48. Search $ knife search node 'platform:ubuntu' ‣ CLI or in Ruby search(:node, ‘platform:centos’) ‣ Nodes are searchable $ knife search role 'max_children:50' ‣ Roles are searchable search(:role, ‘max_children:50’) ‣ Recipes are $ knife search node ‘role:webserver’ searchable search(:node, ‘role:webserver’) ‣ Data bags are $ knife users ‘shell:/bin/bash’ searchable search (:users, ‘group:sysadmins’)
  • 50. HOW TO: Turn Racks of Standard Hardware Into a Cloud with OpenStack
  • 52. Compute (Nova) Single machine installation ‣ MySQL, RabbitMQ, OpenLDAP ‣ Nova-(api|scheduler|network|objectstore|compute) ‣ Role: nova-single-machine-install Multi-machine ‣ Role: nova-multi-controller (1) ‣ Role: nova-multi-compute (N)
  • 53. Role: nova-single-machine-install name "nova-single-machine-install" description "Installs everything required to run Nova on a single machine" run_list( "recipe[apt]", "recipe[nova::mysql]", "recipe[nova::openldap]", "recipe[nova::rabbit]", "recipe[nova::common]", "recipe[nova::api]", "recipe[nova::scheduler]", "recipe[nova::network]", "recipe[nova::objectstore]", "recipe[nova::compute]", "recipe[nova::setup]", "recipe[nova::creds]", "recipe[nova::finalize]" )
  • 54. Role: nova-multi-controller name "nova-multi-controller" description "Installs requirements to run the Controller node in a Nova cluster" run_list( "recipe[apt]", "recipe[nova::mysql]", "recipe[nova::openldap]", "recipe[nova::rabbit]", "recipe[nova::common]", "recipe[nova::api]", "recipe[nova::objectstore]", "recipe[nova::compute]", "recipe[nova::setup]", "recipe[nova::creds]", "recipe[nova::finalize]" )
  • 55. Role: nova-multi-compute name "nova-multi-compute" description "Installs requirements to run a Compute node in a Nova cluster" run_list( "recipe[apt]", "recipe[nova::network]", "recipe[nova::compute]", )
  • 56. Starting with a provisioned server ‣ Ubuntu 10.10 (preseed) ‣ openssh-server ‣ virtual-machine-host knife bootstrap crushinator.localdomain ~/.ssh/id_rsa -x mray --sudo -d ubuntu10.04-gems
  • 57. Installation ‣ Cookbooks uploaded $ $ knife cookbook upload -a knife cookbook list $ rake roles ‣ Roles uploaded $ knife role list $ knife node list ‣ Nodes ready
  • 58. AMIs name "nova-ami-urls" description "Feed in a list URLs for AMIs to download" default_attributes( "nova" => { "images" => ["http://192.168.11.7/ubuntu1010-UEC-localuser-image.tar.gz”] } ) $ knife role from file roles/nova-ami-urls.rb ‣ Use an existing AMI ‣ Update URL to your own
  • 59. Assign the Roles $ knife node run_list add crushinator.localdomain "role[nova-ami- urls]" { "run_list": [ "role[nova-ami-urls]" ] } $ knife node run_list add crushinator.localdomain "role[nova-single- machine-install]" { "run_list": [ "role[nova-ami-urls]" "role[nova-single-machine-install]", ] }
  • 60. chef-client mray@ubuntu1010:~$ sudo chef-client [Fri, 25 Feb 2011 11:52:59 -0800] INFO: Starting Chef Run (Version 0.9.12) ... [Fri, 25 Feb 2011 11:56:05 -0800] INFO: Chef Run complete in 5.911955 seconds [Fri, 25 Feb 2011 11:56:05 -0800] INFO: cleaning the checksum cache [Fri, 25 Feb 2011 11:56:05 -0800] INFO: Running report handlers [Fri, 25 Feb 2011 11:56:05 -0800] INFO: Report handlers complete
  • 61. sudo su - nova nova@$ nova-manage service list h00-26-6c-f4-1e-a0 nova-scheduler enabled :-) 2011-02-25 18:30:45 h00-26-6c-f4-1e-a0 nova-network enabled :-) 2011-02-25 18:30:48 h00-26-6c-f4-1e-a0 nova-compute enabled :-) 2011-02-25 18:30:50 nova@$ euca-describe-images IMAGE! ami-90hgmwai!nova_amis/maverick-server-uec-amd64-vmlinuz- virtual.manifest.xml! admin! available! private i386!kernel! true! IMAGE! ami-h8wh0j17!nova_amis/maverick-server-uec- amd64.img.manifest.xml!admin! untarring!private i386!machine ! ami-90hgmwai! nova@$ euca-run-instances ami-h8wh0j17 -k mykey -t m1.tiny RESERVATION! r-uur39109! admin! default INSTANCE! i-00000001! ami-h8wh0j17!! ! scheduling! mykey (admin, None)! 0! ! m1.tiny! 2011-02-25 18:34:01! nknown zone!! u
  • 62. sudo su - nova (page 2) nova@$ euca-describe-instances RESERVATION! r-uur39109! admin! default INSTANCE! i-00000001! ami-h8wh0j17!10.0.0.2! 10.0.0.2! running ! mykey (admin, h00-26-6c-f4-1e-a0)! 0! ! m1.tiny! 2011-02-25 18:34:01! nova! nova@$ ssh -i mykey.priv [email protected] The authenticity of host '10.0.0.2 (10.0.0.2)' can't be established. RSA key fingerprint is 91:21:ef:5d:33:17:24:cb:f6:65:dd:27:1d:1c: 50:ad. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.0.0.2' (RSA) to the list of known hosts.
  • 63. The Moment of Truth Linux i-00000001 2.6.35-24-virtual #42-Ubuntu SMP Thu Dec 2 05:15:26 UTC 2010 x86_64 GNU/Linux Ubuntu 10.10 Welcome to Ubuntu! <SNIP> See "man sudo_root" for details. ubuntu@i-00000001:~$
  • 64. How Did We Get Here?
  • 65. Forked from Anso Labs’ Cookbooks Bootstrapped by Opscode Chef Solo/Vagrant installs for Developers http://github.com/ansolabs/openstack-cookbooks
  • 68. Nova needed enhancements Happy Path-only! KVM-only MySQL-only Flat DHCP network-only Swift and Glance integration More Roles
  • 69. Dashboard Graphical interface for managing instantiation of AMIs Django application dashboard.rb recipe already exists in nova cookbook
  • 70. Knife ‣ Nova has same API as Amazon ‣ knife ec2 server create ‘role[base]’ -I ~/.ssh/my.pem -x ubuntu -G default -i ami-a403f6xd -f m1.micro ‣ Fog reportedly supports OpenStack already ‣ Simply need to pass URL of nova-api server and credentials ‣ http://tickets.opscode.com/browse/CHEF-1757 ‣ knife openstack server create ‘role[base]’ -I ~/.ssh/my.pem -x ubuntu -G default -i ami-a403f6xd -f m1.micro
  • 71. Object Storage (Swift) ‣ Recipes originated from Anso Labs’ repository ‣ https://github.com/ansolabs/openstack-cookbooks ‣ Included in the ‘bexar’ branch ‣ Untested so far
  • 72. Image Registry (Glance) ‣ Recipes originated from Anso Labs’ repository ‣ https://github.com/ansolabs/openstack-cookbooks ‣ Included in the ‘bexar’ branch ‣ Untested so far
  • 73. Scaling changes how we deploy OpenStack!
  • 74. Deployment Scenarios ‣ Single machine is relatively simple ‣ Controller + Compute nodes is a known quantity for small installations ‣ Nova + Swift + Glance in large installations ‣ Services separated and HA configurations supported ‣ Documentation and Chef Roles will be the solution
  • 75. Cactus, Diablo, ... Development continues... Branches for each stable release Design Summit in April Design Summit in the Fall
  • 76. Get Involved! https://github.com/mattray/openstack-cookbooks/tree/bexar http://lists.openstack.org http://lists.opscode.com #chef on irc.freenode.net #openstack on irc.freenode.net [email protected] [email protected]