cloudops cloudstack days, austin april 2015
TRANSCRIPT
cloudops.com @cloudops_
Cloud-Init and CloudStack
April 16, 2015
Pierre-Luc Dion @pdion891 pdion891
cloudops.com @cloudops_
Introduction to Cloud-Init
What’s the current capability of it in CloudStack
Some usage examples
Agenda
cloudops.com @cloudops_
Let’s learn more about us.
About Us
cloudops.com @cloudops_ Page
About Us
4
“Since 2005, CloudOps has enabled hundreds of enterprises and web-based companies to build their business in the cloud.”
We provide private, public and hybrid cloud solutions for businesses seeking scalability and for enterprises making their move to the cloud. Our best-in-class cloud architecture allows companies to confidently, securely, and reliably achieve new levels of business performance.
cloudops.com @cloudops_ Page
About cloud.ca
5
“cloud.ca is a self-service utility IaaS platform designed for applications, workspaces and data.”
CloudOps operates cloud.ca a Canadian cloud service for businesses requiring that all or some of their data remain in Canada for reasons of complicance, performance, cost or privacy.
cloudops.com @cloudops_ Page
CloudMC
6
CloudMC is a multi-cloud services management and orchestration software that supports Apache CloudStack
CloudOps has built its own proprietary cloud services “CloudMC” front end software for cloud service providers (used by cloud.ca) and enterprises looking to offer hybrid IaaS. It supports Apache Cloudstack based private clouds and public clouds, and we are building support for large utility clouds such as AWS.
cloudops.com @cloudops_
What is it? Cloud-Init
cloudops.com @cloudops_ Page
Cloud-Init
8
Collection of tools to initialize Virtual Machine at is first boot.
● Python based ● Started by Scott Moser ● Backed by Canonical ● Widely used by public cloud
providers (AWS, Azure, rackspace) ● Provide easy access to meta-data
exposed by the cloud provider
cloudops.com @cloudops_ Page
Operating System Supported
9
- CentOS / RHEL - Ubuntu - OpenSuse - Debian - CoreOS - Others?
cloudops.com @cloudops_ Page
Out of the Box
10
Per instance: • Generate new SSH server keys • Refresh /dev/urandom • Set hostname and domain • Disable ssh access from root (force close) • Configure “ubuntu” ssh access
Your scripts: /var/lib/cloud/scripts /per-boot /per-instance /per-once
cloudops.com @cloudops_ Page
Basic Usage of Cloud-Init
11
1. Create user “cloud-user” 2. password set to “cloud-user” 3. sshkey apply to root and “cloud-user” 4. enable sudo
/etc/cloud/cloud.cfg system_info: default_user: name: cloud-‐user sudo: ["ALL=(ALL) NOPASSWD:ALL"] gecos: Generic cloud user
Configuration thru YAML file
cloudops.com @cloudops_ Page
bzr branch lp:cloud-‐init
cd cloud-‐init
cd packages ./bddeb -‐-‐init-‐system systemd -‐-‐python2
bzr branch lp:cloud-‐init
cd cloud-‐init
python setup.py build
python setup.py install
Quick and dirty
12
0.7.7 .deb package
from the upstream
cloudops.com @cloudops_
And CloudStack in this story?
cloudops.com @cloudops_
What information is retrieved?
cloudops.com @cloudops_ Page
meta-data from VR
15
● Random user password generated by CloudStack
● user SSH public key ● VM meta-data ● user-data: user define text
meta-data: ● service-offering ● availability-zone ● local-ipv4 ● local-hostname ● public-ipv4 ● public-hostname ● instance-id
Documentation ref: http://goo.gl/HzbKM7
cloudops.com @cloudops_ Page
VR urls
16
http://{VR-IP}/latest/meta-data/{metadata-type} http://10.10.0.1/latest/meta-data/availability-zone http://{VR-IP}/latest/user-data http://10.10.0.1/latest/user-data
cloudops.com @cloudops_ Page 17
user-data methods
GET
POST ● base64 encoded string ● limited to 32KB string ● POST payload contain all
params.
● base64 encoded string ● limited to 2KB string
cloudops.com @cloudops_
What can I do with user-data?
cloudops.com @cloudops_ Page
Deploy RabbitMQ into a Virtual-Machine
19
#cloud-‐config package: - rabbitmq-server runcmd: - echo "wait for rabbitmq-server to start" - sleep 10 - export HOME=/var/lib/rabbitmq - rabbitmq-plugins enable rabbitmq_management - service rabbitmq-server restart
cloudops.com @cloudops_ Page
CloudStack simulator on CoreOS
20
#cloud-config coreos: units: - name: simulator.service command: start content: | [Unit] Description=Cloudstack Simulator After=docker.service Requires=docker.service [Service] TimeoutStartSec=0 ExecStartPre=-/usr/bin/docker kill cloudstack ExecStartPre=-/usr/bin/docker rm cloudstack ExecStartPre=/usr/bin/docker pull cloudstack/simulator ExecStart=/usr/bin/docker run -d --name cloudstack -p 80:8080 cloudstack/simulator:4.5 [Install] WantedBy=multi-user.target
cloudops.com @cloudops_ Page
user-data as bash script
21
#!/bin/bash yum upgrade -‐y shutdown -‐r now
cloudops.com @cloudops_ Page
http POST?
22
POST /client/api HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Jersey/2.13 (HttpUrlConnection 1.7.0_67) Cache-Control: no-cache Pragma: no-cache Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive Content-Length: 551 Host: coe-cs01-dev1.lab.local:8080 apiKey=WQJoN8bX05jrb5_1MOrfAAbCqF8Ym3IgPMTliQK142oGlnqHGx2mL49GFpPcTbEn7diSGYHSqv6R-zCLGELRsQ&command=deployVirtualMachine&name=i-orgadmin-E47&networkIds=4485b91d-c772-414a-a3dd-d973aebe841b&response=json&serviceofferingId=d2415ca3-9552-44c5-a097-0404c19dc513&templateId=4cdeea05-ae6e-49e8-8385-00502d29e55c&userdata=IyEvYmluL2Jhc2gKc3VkbyBzdSAtCnl1bSB1cGRhdGUKeXVtIGluc3RhbGwgbmdpbngKc2VydmljZSBuZ2lueCBzdGFydA%3D%3D&zoneId=2c62ab1e-eef9-4aa3-8626-faf37d65c5ea&signature=%2BMc2GpfnP7Ie82BoVi6Bst/FA7w%3D
cloudops.com @cloudops_
Cloud-Init + CloudStack
cloudops.com @cloudops_
State of the Doc
cloudops.com @cloudops_ Page
State of the Doc
25
cloudops.com @cloudops_ Page
Datasource: CloudStack
26
/etc/cloud/cloud.cfg.d/99_cloudstack.cfg
datasource:
CloudStack: {}
None: {}
datasource_list:
-‐ CloudStack
cloudops.com @cloudops_ Page
deploy VM with CloudMonkey
27
deploy virtualmachine keypair=user1 name=rabbit01 displayname=rabbitmq-‐server serviceofferingid=52814243-‐b91f-‐4514-‐b556-‐37d7a3bebfb1 networkids=71080f3e-‐9a57-‐488a-‐b070-‐30155e2c8328 zoneid=c1509f9c-‐c230-‐4c6c-‐b2b4-‐303c59988553 templateid=e8582a77-‐9f76-‐4fe4-‐9af3-‐c3a8e9523687 userdata=I2Nsb3VkLWNvbmZpZw0KcGFja2FnZV91cGdyYWRlOiB0cnVlDQo=
#cloud-‐config package_upgrade: true
Base64 encoded string:
cloudops.com @cloudops_ Page
Useful testing tricks
28
CloudMonkey
update virtualmachine id=afbc1c41-‐92a0-‐4b6f-‐b562-‐5e6d63e24721 userdata=I2Nsb3VkLWNvbmZpZw0KcGFja2FnZV91cGdyYWRlOiB0cnVlDQo= restore virtualmachine virtualmachineid=afbc1c41-‐92a0-‐4b6f-‐b562-‐5e6d63e24721
cloudops.com @cloudops_ Page
Please login as the user "cloud-user" rather than the user "root".
29
/etc/ssh/sshd_config Match User root ForceCommand cat /etc/issue.root ForceCommand exit
SSH as root auto logout when using Password
cloudops.com @cloudops_
Few issues :-(
cloudops.com @cloudops_ Page
URL trailing slash
31
CLOUDSTACK-7405
● Using cloudstack older than 4.4.1 require cloud-init 0.7.5+
● Latest ACS ( 4.4.2+), older cloud-
init work (0.6.5)
cloudops.com @cloudops_ Page
change SSHkey for VM user
32
resetSSHKeyForVirtualMachine CloudStack can change SSHkey on the VR, but not considered by cloud-init at reboot
https://bugs.launchpad.net/cloud-init/+bug/1440265
cloudops.com @cloudops_ Page
change password for VM user
33
resetPasswordForVirtualMachine CloudStack can reset password on the VR, but not considered by cloud-init at reboot
https://bugs.launchpad.net/cloud-init/+bug/1440263 • Potential fix posted on 2015-04-15
cloudops.com @cloudops_ Page
Recent updates
34
● Cloud-Init upstream support password. cloud-init-0.7.7 ○ resetPasswordForVirtualMachine still not working
● CloudStack documentation now include Cloud-Init
● Documentation Pull request submit to Cloud-Init upstream
cloudops.com @cloudops_
Alternatives
cloudops.com @cloudops_ Page
cloud-set-guest-sshkey.in cloud-set-guest-password.in
https://github.com/fifthecho/CloudStack-Template init-scripts using Ansible
36
CloudStack default init-scripts
!=Cloud-Init
cloudops.com @cloudops_ Page
References
37
● openvm.eu templates: http://www.openvm.eu/ ● Cloud-Init documentation:
https://cloudinit.readthedocs.org/en/latest/ ● CloudStack documentation: goo.gl/HzbKM7
● CoreOS: goo.gl/HktCJT
cloudops.com @cloudops_
DEMO
cloudops.com @cloudops_
Questions?
cloudops.com @cloudops_
Thank you!