openstack @ workday - ci/cd
TRANSCRIPT
OpenStack @ Workday
Introductions
Imtiaz Chowdhury------Senior Software Engineer@imtiazc
Edgar Magana, PhD------Cloud Operations ArchitectNeutron Core@emaganap
Outline Operations Challenges Architecture Overview CI – Pipeline CI – Environments
– Desktop– Virtual Machines (OOO)– Bare-Metal
Summary Q & A
Ops Challenges: Automation
Idempotent
Scalable
Secure– SSL on End Points– SSL on RabbitMQ– SSL on MySQL– IPTables
Stable
Production Readiness– Logging– Monitoring
Bonded physical interfaces per server
Multi-tenant
One network per tenant with contrail policy groups enforcement
CI - CD
OpenStack @ Workday
CI/CD @ Workday for OpenStack
How it started: Prototype #1
Controller Compute Tempest
Build once and reuse
SDN
NOTE: https://github.com/openstack/openstack-chef-repo
Rally
Drivers for Containers
Lightweight – many containers on a single VM
Re-usable – Build once and deploy
Shareable –share common components (Chef server, Tempest etc.)
Chef Development Framework
Host (Fedora 20) Virtual Machine
DN
S
LDA
P
Controller Compute TempestSDN
Docker Engine
Iteration #1: With Neutron
Development Workflow
Development Workflow
Iteration #2: (OpenContrail)
Development Environment - Network Diagram
Building CI/CD on OpenStack and OpenContrail
OpenStack @ Workday Environments
CI on Virtual Machines (OoO)–Reproducible disposable test environment
integrated with Workday’s Jenkins/Gerrit build pipeline.
–Runs on OpenStack Icehouse–Ruby Fog Library
CI Environment on Virtual Machines Workflow
1 2
3
4
5
6
OoO - CI Workflow
Jenkins Openstack Controller
Git repo
Chef
Launch Chef Server
Fetch Chef artifacts
Create OS controllerSDN, ComputeTempest
Controll
er
SDN
Com
pute
Tempest
Run Chef Clients
Run Tempest
Road to production
Dev• Build and test
Virtual
• Create Gerrit review• VM CI passes
Bare Metal
• Promote cookbooks to production
Key Take Away
It took a number of iterations Docker on Vagrant proved to be a very powerful
Chef development environment– Rapid development and prototyping– Containers are very lightweight– You can share container images across teams
Increased development agility by building CI on Openstack
Predictable deployment outcome
How it all started..
Build Openstack cloud with community cookbooks and packages Started with openstack-chef, a community project Realized its limitations Consistent and repeatable environment for developers, operations Share common components Test framework Continuous integration framework
NOTE: https://github.com/openstack/openstack-chef-repo