OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
-
Upload
saltstack -
Category
Technology
-
view
482 -
download
3
description
Transcript of SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
![Page 1: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/1.jpg)
Deploying OpenStack MarconiCreating Parallel Universes with SaltStack
Oz Akan, Cloud Engineering Manager, Rackspace
![Page 2: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/2.jpg)
Outline
•Marconi•Why SaltStack?•Universe | Environment•Salt Concepts•Framework•Summary
![Page 3: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/3.jpg)
Marconi
![Page 4: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/4.jpg)
Marconi
Marconi
Message Queue
![Page 5: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/5.jpg)
Marconi
6data centers
![Page 6: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/6.jpg)
Marconi
360servers
![Page 7: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/7.jpg)
Marconi
5 Billion
transactions per day
![Page 8: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/8.jpg)
Marconi
…butsomething more
remarkable
![Page 9: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/9.jpg)
Marconi
load balancersweb servers
catalog databasesqueues databases
zenoss masterzenoss collectors
graylog serverselastic search servers
bastionsusage tracking workers
usage tracking databases
![Page 10: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/10.jpg)
Marconi
from nothing
![Page 11: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/11.jpg)
Marconi
![Page 12: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/12.jpg)
Marconi
45 minutesfrom nothing to web
scale
![Page 13: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/13.jpg)
Why Salt?
![Page 14: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/14.jpg)
Challenges
human mitsakes
![Page 15: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/15.jpg)
Challenges
scaleof web
![Page 16: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/16.jpg)
Challenges
sc li gdynamism
a n
![Page 17: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/17.jpg)
Challenges
environmentsmultip
le
environments
![Page 18: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/18.jpg)
Universe | Environment
![Page 19: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/19.jpg)
Universe | Environment
laws | rulesdefined by
![Page 20: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/20.jpg)
Salt Concepts
![Page 21: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/21.jpg)
Salt Concepts
grainon minions
![Page 22: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/22.jpg)
Salt Concepts
pillaron master
![Page 23: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/23.jpg)
Salt Concepts
environmentmaps to a folder
![Page 24: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/24.jpg)
Salt Concepts
directory overlayfor states and
pillar
![Page 25: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/25.jpg)
Directory Overlay Example
file_roots: prod: - /srv/salt/prod - /srv/salt/base
![Page 26: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/26.jpg)
Salt Concepts
minequery minions
![Page 27: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/27.jpg)
Salt Concepts
mapfor salt-cloud
![Page 28: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/28.jpg)
Salt Concepts
overstatemore
orchestration
![Page 29: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/29.jpg)
Salt Concepts / overstate exampleset-mongodb_server:
match: 'G@environment_id:marconi-prod-ord and G@roles:mongodb_server'
sls:
- mongodb_server
require:
- set-firewall
set-mongodb_replica:
match: 'G@environment_id:marconi-prod-ord and G@roles:mongodb_server and G@mongodb_role:primary'
sls:
- mongodb_server.replica
require:
- set-mongodb_server
![Page 30: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/30.jpg)
Framework
![Page 31: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/31.jpg)
Framework
roleis many things
![Page 32: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/32.jpg)
Framework / role
grainrole: web_server
![Page 33: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/33.jpg)
Framework / role
formulasif..else in db_servermongodb
![Page 34: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/34.jpg)
Framework / role / formulas example
# queues_server/init.sls
{% if 'roles' in grains and 'queues_server' in grains['roles'] %}
include:
- marconi
- memcached
- queues_server.kernel
- queues_server.install
{% endif %}
![Page 35: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/35.jpg)
Framework / role
minionspillar
![Page 36: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/36.jpg)
Framework / role / minions example
# pillar/minions.sls
minions:
cdb1a-cqp-ord:
roles:
- mongodb_server
attributes:
mongodb_replica_set: catalog-rs1
mongodb_role: primary
db_type: catalog
…
web4a-cqp-ord:
roles:
- queues_server
attributes:
mongodb_replica_set: catalog-rs1
queues_api: queue
![Page 37: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/37.jpg)
Framework / role
devicespillar
![Page 38: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/38.jpg)
Framework / role / devices example
# pillar/devices.sls
devices:
load_balancers:
text: 'cloud load balancers'
addresses:
- 10.183.250.0/23
marconi-endpoint:
text: 'marconi ORD endpoint'
fqdn: ord.queues.api.rackspacecloud.com
protocol: https
address: 192.237.142.76
…
graylog_lb:
text: 'graylog load balancer'
fqdn: log.marconi-graylog.com
![Page 39: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/39.jpg)
Framework / role
networkspillar
![Page 40: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/40.jpg)
Framework / role / networks example
# pillar/networks.slsnetworks: vpn-all: text: ’vpn networks' addresses: - '10.1.2.3/22' - '10.2.3.4/24’
… salt-master: text: 'salt master servers' addresses: - '10.178.129.47/32' - '162.200.150.120/32'
![Page 41: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/41.jpg)
Framework / role
roles pillarsections per formula
![Page 42: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/42.jpg)
Framework / role / pillar example
# pillar/roles.sls
roles:
role:
text:
attributes:
flags:
clients:
minions:
networks:
devices
![Page 43: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/43.jpg)
Framework / role / pillar example
# pillar/roles.sls
roles:
mongodb_server:
text: 'marconi mongodb database server’
attributes:
- mongodb_replica_set
- mongodb_role
- db_type
flags:
- mongodb_replica_set_configured
![Page 44: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/44.jpg)
Framework / role / pillar example
# pillar/roles.sls
roles:
mongodb_server:
clients:
minions:
-
roles: ['bastion_server']
protocols:
-
name: tcp
ports: ['22']
states: ['NEW','ESTABLISHED']
text: 'ssh access'
![Page 45: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/45.jpg)
Framework / role / pillar example
# pillar/roles.sls
roles:
mongodb_server:
clients:
minions:
-
roles: ['queues_server','mongodb_server','memcached_server','bastion_server']
protocols:
-
name: icmp
types: ['0','8']
text: 'ping access'
![Page 46: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/46.jpg)
Framework / role / pillar example
# pillar/roles.sls
roles:
mongodb_server:
clients:
networks:
-
name: vpn-all
protocols:
-
name: icmp
types: ['0','8']
text: 'ping access from zenoss server'
![Page 47: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/47.jpg)
Framework / role / pillar example
# pillar/roles.sls
roles:
web_server:
clients:
devices
-
name: load_balancers
protocols:
-
name: tcp
ports: ['443']
text: 'http access from lb to server'
states: ['NEW','ESTABLISHED','RELATED']
![Page 48: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/48.jpg)
Framework
environmentis many things
![Page 49: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/49.jpg)
Framework / environment
• project• purpose• location
set of grains
![Page 50: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/50.jpg)
Framework / environment
environment_idproject-purpose-
location
![Page 51: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/51.jpg)
Framework / environment
/etc/salt/masterfile_roots,
pillar_roots
![Page 52: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/52.jpg)
Framework / environment example
file_roots:
base:
- /srv/salt/marconi/base
marconi-prod-lon:
- /srv/salt/marconi/prod-lon
- /srv/salt/marconi/base
marconi-test-lon:
- /srv/salt/marconi/test-lon
- /srv/salt/marconi/base
pillar_roots:
base:
- /srv/salt/marconi/base/pillar
marconi-prod-lon:
- /srv/salt/marconi/prod-lon/pillar
- /srv/salt/marconi/base/pillar
marconi-test-lon:
- /srv/salt/marconi/test-lon/pillar
- /srv/salt/marconi/base/pillar
![Page 53: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/53.jpg)
Framework / environment example
# folder layoutroot@salt1a:/srv/salt/marconi# ls -1
base
prev-ord
prod-dfw
prod-hkg
prod-iad
prod-lon
prod-ord
prod-syd
test-ord
…
![Page 54: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/54.jpg)
Framework
mine in formulas
![Page 55: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/55.jpg)
Framework / mine
firewalljinja template
![Page 56: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/56.jpg)
Framework / mine / firewall {%- if 'scope' in minion %}
{%- if minion.scope == 'project' %}
{%- for key, value in salt['mine.get']('project:' + grains['project'], 'grains.items', expr_form='grain').items() %}
{%- if role in value['roles'] %}
-A INPUT -s {{ key }} -j {{ role|upper }}
…
{%- elif minion.scope == 'environment_id' %}
{%- for key, value in salt['mine.get']('environment_id:' + grains['environment_id'], 'grains.items', expr_form='grain').items() %}
{%- if role in value['roles'] %}
-A INPUT -s {{ key }} -j {{ role|upper }}
…
![Page 57: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/57.jpg)
Framework / mine
hostsjinja template
![Page 58: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/58.jpg)
Framework / mine / hosts{%- for key, value in salt['mine.get']('environment_id:' + grains['environment_id'], 'grains.items', expr_form='grain').items() %}
{{ value['id'] }}:
host:
- present
- ip: {{ salt['mine.get'](value['id'], 'network.ip_addrs').values()[0][0] }}
{%- endfor %}
![Page 59: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/59.jpg)
Framework / mine / zenoss hosts{%- if 'roles' in grains and 'zenoss_server' in grains['roles'] %}
{%- for key, value in salt['mine.get']('roles:zenoss_server', 'grains.items', expr_form='grain').items() %}
{%- if value['project'] == pillar['project'] %}
host_{{ value['id'] }}:
host:
- present
- name: {{ value['id'] }}
- ip: {{ salt['mine.get'](value['id'], 'network.ip_addrs').values()[0][1] }}
{%- endif %}
{%- endfor %}
{%- endif %}
![Page 60: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/60.jpg)
Summary
•grains• mark minions (project, purpose, location, role)
•pillar• to define global rules per role
•salt-mine • to be able to query minions in the environment
•environments and directory overlay
![Page 61: SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack](https://reader037.fdocuments.net/reader037/viewer/2022102621/554f8eafb4c905435d8b4f6d/html5/thumbnails/61.jpg)
Multiple Environments
Q&A