foreman-and-puppet-for-openstack-audo-deployment
TRANSCRIPT
![Page 1: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/1.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 1
Foreman&Puppet Integrated Solution for OpenStack Auto DeploymentYating YangFeb 10 2015
![Page 2: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/2.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Agenda• Foreman&Puppet Solution for OpenStack deployment introduction (20min )
• Foreman introduction (30min )
• Puppet introduction (Optionnal : 10min)
• Q&A (10min)
![Page 3: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/3.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
OpenStack Deployment Tools Overviewhttp://www.chenshake.com/openstack-deployment-tool-summary/
• Fuel ( Mirantis )• Devstack
• Crowbar
• Cobbler
• RDO
• Packstack
• TripleO
![Page 4: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/4.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Foreman & Puppet
Network
Controller
ComputeCompute
ComputeCompute
Network
Controller
ComputeCompute
ComputeCompute
Ironic
VMVM
VMVM
Baremetal
Foreman&Puppet Solution Architecture
OpenStack#1 OpenStack#2
![Page 5: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/5.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
OpenStack Auto Deployment ProcessForeman Server
(include Puppet Master +PXE server)
Bare Metal #1
Ubuntu14.04 #1 with Puppet agent
Control Node
Bare Metal #2
Ubuntu14.04 #2 with Puppet agent
Computer Node
Bare Metal #3
Ubuntu14.04 #3 with Puppet agent
Network Node
Bare Metal #4
Ubuntu14.04 #4 with Puppet agent
Ironic Node
PXE
Puppet
PXE PXE PXE
PuppetPuppetPuppet
![Page 6: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/6.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
PXE for Ubuntu installation
![Page 7: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/7.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Foreman GUI Config Process fore Bare Metal Installation
Foreman GUI
Add Preseed Templates
Add Partition Template
Add Ubuntu 14.04 OS
Add a Domain
Ubuntu 14.04 Bare Metal Add a Host Add 2
Subnet
CIMC (change BIOS boot from PXE, Reboot)
CIMC (change BIOS boot from HardDisk, Reboot)
![Page 8: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/8.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Add Preseed Provisioning Templates
![Page 9: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/9.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Add a Partition Tables
![Page 10: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/10.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Add a New Operation systems
![Page 11: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/11.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Add Subnets
![Page 12: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/12.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Add a Domains
![Page 13: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/13.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Add a new Host
![Page 14: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/14.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
![Page 15: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/15.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Puppet Setting for OpenStack Deployment
Puppet OpenStack
Module Install
common.yaml configuration
site.pp configuration
OpenStack auto
Deployment Start
Puppet OpenStack
Module InstaComputer
Network
ControlWait 2 hours , Installation is
done
![Page 16: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/16.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
• The puppetlabs-openstack module is used to deploy a multi-node, all-in-one, or swift-only installation of OpenStack.
• Install puppet module
puppet module install puppetlabs-openstack
or git clone https://github.com/puppetlabs/puppetlabs-openstack.git
Puppet OpenStack Module Install
![Page 17: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/17.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Puppet OpenStack Version
![Page 18: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/18.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Each node needs a minimum of two network interfaces, and up to four. The network interfaces are divided into two groups.
• Public interfaces: API network.
External network.
• Internal interfaces: Management network.
Data network.
OpenStack Network Design
![Page 19: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/19.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
openstack::region: 'openstack’
######## Networks
openstack::network::api: '10.74.116.0/24'
openstack::network::external: '10.74.116.0/24'
openstack::network::management: '10.74.15.0/24'
openstack::network::data: '10.74.15.0/24’
openstack::network::external::ippool::start: 10.74.116.165
openstack::network::external::ippool::end: 10.74.116.168
openstack::network::external::gateway: 10.74.116.1
openstack::network::external::dns: 64.104.123.144
]
common.yaml sample######## Private Neutron Network
openstack::network::neutron::private: '10.0.0.0/24'
######## Fixed IPs (controllers)
openstack::controller::address::api: '10.74.116.163'openstack::controller::address::management: '10.74.15.85'openstack::storage::address::api: '10.74.116.163'openstack::storage::address::management: '10.74.15.85'
######## Database
openstack::mysql::root_password: 'spam-gak'openstack::mysql::service_password: 'fuva-wax'openstack::mysql::allowed_hosts: ['localhost', '127.0.0.1', '10.74.15.%’
… …
![Page 20: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/20.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
node 'control' {
include ::openstack::role::controller
}
node 'network' {
include ::openstack::role::network
}
node 'compute' {
include ::openstack::role::compute
}
Site.pp sample
![Page 21: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/21.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
OpenStack ServicesController Node
nova-apinova-certnova-conductornova-consoleauthnova-novncproxynova-schedulerkeystoneneutron-serverglance-apiglance-registrydashboard
MySQL ServerRabbitMQ ServerNTP
Network Node Compute Node Ironic Node
neutron-dhcp-agentneutron-l3-agentneutron-metadata-agentneutron-ovs-cleanupneutron-plugin-openvswitch-agent
RabbitMQ ClientNTP
nova-computeneutron-ovs-cleanupneutron-plugin-openvswitch-agent
RabbitMQ ClientNTPHypervisor + libvirt
MySQL Clienttftp-hpaopenipmiNTP
ironic-apiironic-conductor
![Page 22: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/22.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 22
Foreman TOIYating YangFeb 10 2015
![Page 23: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/23.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Foreman is a complete lifecycle management tool for physical and virtual servers.
Foreman is an open source tool that can help with the management of servers, by providing an easy way to interact with Puppet (or Chef) to automate tasks and application deployment.
Foreman provides a robust web user interface, API, and CLI which can be used to provision, configure, and monitor your servers.
What is Foreman
![Page 24: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/24.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Foreman Architecture
![Page 25: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/25.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Smart Proxies• The Smart Proxy is a project which provides a restful API to various sub-systems
• DHCP - ISC DHCP and MS DHCP Servers
• DNS - Bind and MS DNS Servers
• TFTP - any UNIX based tftp server
• Puppet - Any Puppet server from 0.24.x
• Puppet CA - Manage certificate signing, cleaning and autosign on a Puppet CA server
• Realm - Manage host registration to a realm (e.g. FreeIPA)
![Page 26: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/26.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Foreman installer• A lot of options
• Interactive installation: -I
• Enables/disables stuff
• Creates a puppet tree skeleton
![Page 27: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/27.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Foreman GUI
![Page 28: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/28.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Provisioning• Bare metal and virtual machine
• Install any distribution
• Configure almost everything
• Decentralized (control remote TFTP, DNS, DHCP)
• ERB Scripting
![Page 29: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/29.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Automation• Trigger Puppet runs
• Advanced use: parameters,…
• History of changes
• ENC ( External Node Classifiers ) is optional
![Page 30: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/30.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Reporting• Visualize changes
• See the full logs
• View the facts
![Page 31: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/31.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Providers• Libvirt
• EC2
• OpenStack
• Google Compute Engine
• oVirt
• VMWare
![Page 32: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/32.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Features of providers• Depending on the provider
• Unattended installation
• Image-based install
• Power management
• Console (noVNC)
![Page 33: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/33.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
Operation System• CentOS/RHEL
• Fedora
• Ubuntu/Debian
• Suse
• Solaris
![Page 34: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/34.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
![Page 35: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/35.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Puppet Certificate• Puppet-ca proxy
• Takes care of signing certificates
• Trigger first puppet run
• Run first puppet run in loop (before reboot)
![Page 36: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/36.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
Puppet reports• Very detailed
• History
• Host Configuration Status
• Overview of the last reports
![Page 37: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/37.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Host groups• Default provisioning parameters
• Puppet classes
• Network configuration
![Page 38: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/38.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Hammer• Command line to foreman
• Scripting
• Automation
• Without browser (e.g no http(s) access)
![Page 39: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/39.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Scaling up• Multiple Puppet Masters
• Multiple Smart Proxies
• Foreman talks with the CA
• Multiple compute resources
![Page 40: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/40.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Foreman plugin• Foreman plugins are implemented as gems
• RPM Installations
• Debian Installations
• Gems Installations
![Page 41: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/41.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Conclusion• From small labs to larger environments
• Interactions with RESTful API
• Complete puppet management
• Bare Metal and virtual machines
![Page 42: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/42.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 42
Puppet TOIYating YangFeb 10 2015
![Page 43: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/43.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
• Puppet is a configuration management system that allows you to define the state of your IT infrastructure, then automatically enforces the correct state.
• Fact colletction
• Catalog compilation
• Enforcement
• Report
• Report sharing
What is Puppet?
![Page 44: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/44.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Puppet Master/Agent Mode
![Page 45: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/45.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
• stackforge/puppet-ceph
• stackforge/puppet-cinder
• stackforge/puppet-designate
• stackforge/puppet-glance
• stackforge/puppet-heat
• stackforge/puppet-horizon
• stackforge/puppet-ironic
• stackforge/puppet-keystone
• stackforge/puppet-manila
• stackforge/puppet-neutron
• stackforge/puppet-nova
• stackforge/puppet-openstack
• stackforge/puppet-sahara
• stackforge/puppet-swift
• stackforge/puppet-tempest
• stackforge/puppet-trove
• stackforge/puppet-tuskar
• stackforge/puppet-vswitch
• stackforge/puppet-openstacklib
• stackforge/puppet-openstack-specs
• stackforge/puppet-openstack_extras
Puppet OpenStack Modules
![Page 46: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/46.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Puppet OpenStack Version
![Page 47: Foreman-and-Puppet-for-Openstack-Audo-Deployment](https://reader036.vdocuments.us/reader036/viewer/2022062515/55c8bf74bb61ebac388b4683/html5/thumbnails/47.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47