In a joint effort Jannis Rake-Revelant, Jürgen Brüder, and myself Edmund Haselwanter had a look at several what we call “Openstack Lifecycle Management tools”.
This time Jürgen Brüder did most of the work, so thanks for sharing your findings :-)
Stackforge provides an open-source repository to setup Openstack with Chef. You can deploy it with a Chef-Server or simply by using Chef-Zero.
It currently includes all OpenStack core projects: Compute, Dashboard, Identity, Image, Network, Object Storage, Block Storage, Telemetry and Orchestration.
Stackforge also comes with a couple of Vagrantfiles that can be used to create a multi-node test deployment from scratch. This way, you also won’t need a Chef Server for deployment.
The following Git repository contains good documentation about using Stackforge: https://github.com/stackforge/openstack-chef-repo/tree/stable/icehouse
It also contains example configuration files for environments and roles.
Vagrant can be installed on nearly all operating systems. We will be using Mac OS X for this example.
If you are on Mac OS X, you’ll need to install Xcode Command Line Tools from https://developer.apple.com/downloads/
To ensure a proper working deployment, we recommend using the ChefDK for installing all needed Gem dependencies. This will also install Berkshelf etc.
Just follow this link a download the version that fits your OS. Then install it: http://downloads.getchef.com/chef-dk/
Install the latest VirtualBox for your operating system: https://www.virtualbox.org/wiki/Downloads
Then install the latest version of Vagrant: https://www.vagrantup.com/downloads
To make the Vagrantfiles work, we need three additonal plugins for Vagrant. Open a terminal window and run these commands:
Now install the Omnibus, Chef-Zero and Berkshelf Vagrant plugin like this (order!)
vagrant plugin install vagrant-berkshelf vagrant plugin install vagrant-chef-zero vagrant plugin install vagrant-omnibus
Please make sure to stick to the installation-order as listed above. Some plugins can have issues if installed in the wrong order.
Check the three plugins are really installed
vagrant plugin list
Here is what we got back:
vagrant-berkshelf (3.0.1) vagrant-chef-zero (0.7.1) vagrant-login (1.0.1, system) vagrant-omnibus (1.4.1) vagrant-share (1.1.2, system)
Clone the Stackforge openstack-chef-repo into your home directory:
git clone -b stable/icehouse https://github.com/stackforge/openstack-chef-repo
Navigate into the created directory and rename the Vagrantfile-multi-neutron to Vagrantfile
mv Vagrantfile-multi-neutron Vagrantfile
Now install all gems and cookbooks that are needed
bundle install berks install
Now you can simply run this command to let Vagrant provision two VMs for you:
vagrant up /ubuntu1204/
One will be an all-in-one node, the second one will be an additional compute node.
If you run into any problems with Vagrant try setting:
export VAGRANT_LOG=debug
Also make sure that the Vagrant Plugins are compatible to each other. They are developed on independent release schedules and a new version of a plugin might not work with an older version of the other plugins.
You can now login at the URL of the first VM. Use the username admin and the password admin for this. If you navigate to Admin -> System Panel -> Host Aggregates you should see both nodes listed.
To be able to create a production ready bare-metal deployment without Vagrant, we need to understand what Vagrant is doing to deploy Openstack on VMs.
Vagrant uses two VMs with each having 2 CPUs and 2048MB memory. It also adds two promiscuous interfaces to each VM and allows all frames through.
Each machine will need access to two private networks. Vagrant is configuring this for each VM. The additional Compute node will have only these two networks configured:
# Vagrantfile excerpt ubuntu1204comp1.vm.network "private_network", ip: "192.168.3.61" ubuntu1204comp1.vm.network "private_network", ip: "172.16.10.61"
Additionally, the Controller/Compute node will have three ports forwarded. Here the configuration of the Controller/Compute node:
# Vagrantfile excerpt ubuntu1204cont.vm.network "forwarded_port", guest: 443, host: 8443 # dashboard-ssl ubuntu1204cont.vm.network "forwarded_port", guest: 8773, host: 8773 # compute-ec2-api ubuntu1204cont.vm.network "forwarded_port", guest: 8774, host: 8774 # compute-api ubuntu1204cont.vm.network "private_network", ip: "192.168.3.60" ubuntu1204cont.vm.network "private_network", ip: "172.16.10.60"
Vagrant is using Chef-Zero to setup the deployment. This means, that there is no actual Chef-Server necessary. This is a good approach for small deployments. It will also install all needed Chef dependencies (e.g. Berkshelf) on the VM with an omnibus installer.
During its run it will upload all needed cookbooks, all Openstack projects (Nova, Swift etc.) are available as a Chef cookbook, to Chef-Zero. On a bare machine you would run:
# Install Chef-Omnibus curl -L https://www.opscode.com/chef/install.sh | bash # Checkout Stackforge repo git clone -b stable/icehouse https://github.com/stackforge/openstack-chef-repo cd openstack-chef-repo # Installing Berkshelf gem and cookbooks /opt/chef/embedded/bin/gem install berkshelf --no-ri --no-rdoc /opt/chef/embedded/bin/berks vendor ./cookbooks
The environment provides an overall configuration for our deployment. It can tell each VM where to look for specific services, which network interface to use for what etc. Stackforge comes with a number of predefined environments. For a production deployment we recommend to write your own.
We will modify one of the provided environments to fit our scenario better. Here you can see the environment that we will be using:
{ "name": "vagrant-multi-neutron", "description": "Environment used in testing the upstream cookbooks and reference Chef repository with vagrant. To be used with the Vagrantfile-multi-neutron vagrantfile. Defines the necessary attributes for a working mutltinode (1 controller/n computes) openstack deployment, using neutron (with gre tunnels between hosts) for the networking component.", "cookbook_versions": {}, "json_class": "Chef::Environment", "chef_type": "environment", "default_attributes": {}, "override_attributes": { "mysql": { "allow_remote_root": true, "root_network_acl": ["%"] }, "openstack": { "developer_mode": true, "identity": { "bind_interface": "eth1" }, "endpoints": { "host": "192.168.3.60", "mq": { "host": "192.168.3.60", "bind_interface": "eth1" }, "db": { "host": "192.168.3.60", "bind_interface": "eth1" }, "network": { "debug": "True", "dhcp": { "enable_isolated_metadata": "True" }, "metadata": { "nova_metadata_ip": "192.168.3.60" }, "openvswitch": { "tunnel_id_ranges": "1:1000", "enable_tunneling": "True", "tenant_network_type": "gre", "local_ip_interface": "eth2" }, "api": { "bind_interface": "eth1" } }, "image": { "api": { "bind_interface": "eth1" }, "registry": { "bind_interface": "eth1" }, "image_upload": true, "upload_images": [ "cirros", "ubuntu" ], "upload_image": { "ubuntu": "http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img", "cirros": "https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img" } }, "compute": { "xvpvnc_proxy": { "bind_interface": "eth1" }, "novnc_proxy": { "bind_interface": "eth1" }, "libvirt": { "virt_type": "qemu" }, "network": { "public_interface": "eth1", "service_type": "neutron" }, "config": { "ram_allocation_ratio": 5 } } } } } }
You can create your the environment file under /openstack-chef-repo/environments/. The filename will needs to be vagrant-multi-neutron.json.
Each machine gets it’s own runlist. The runlist defines which roles or recipes are being used on that machine.
Here a listing of the run_list of each machine:
# Controller/Compute node role[os-compute-single-controller-no-network] recipe[openstack-network::identity_registration] role[os-network-openvswitch] role[os-network-dhcp-agent] role[os-network-metadata-agent] role[os-network-server] # Compute node role[os-compute-worker] recipe[apt::cacher-client]
If you would want to add a role to a machine manually, you can do this with this command:
knife node run_list add NODE_NAME -z 'role[NAME_OF_ROLE]'
After everything is configured, Vagrant runs the Chef-Client on each VM. This will install everything that is needed and will create running deployment. This would be an equivalent command to run this manually:
# Assuming you have a my-deployment.json inside the environments directory
chef-client -z -E my-deployment
Interested in Cloud or Chef Trainings? Have a look at our Commandemy Trainings page. Need help migrating to the cloud? Check out Infralovers.
comments powered by Disqus