foreman-and-puppet-for-openstack-audo-deployment

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 1

Foreman&Puppet Integrated Solution for OpenStack Auto DeploymentYating YangFeb 10 2015

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

Agenda• Foreman&Puppet Solution for OpenStack deployment introduction (20min )

• Foreman introduction (30min )

• Puppet introduction (Optionnal ： 10min)

• Q&A (10min)


OpenStack Deployment Tools Overviewhttp://www.chenshake.com/openstack-deployment-tool-summary/

• Fuel （ Mirantis ）• Devstack

• Crowbar

• Cobbler

• RDO

• Packstack

• TripleO


Foreman & Puppet

Network

Controller

ComputeCompute

ComputeCompute

Network

Controller

ComputeCompute

ComputeCompute

Ironic

VMVM

VMVM

Baremetal

Foreman&Puppet Solution Architecture

OpenStack#1 OpenStack#2


OpenStack Auto Deployment ProcessForeman Server

(include Puppet Master +PXE server)

Bare Metal #1

Ubuntu14.04 #1 with Puppet agent

Control Node

Bare Metal #2


Computer Node

Bare Metal #3


Network Node

Bare Metal #4


Ironic Node

PXE

Puppet

PXE PXE PXE

PuppetPuppetPuppet


PXE for Ubuntu installation


Foreman GUI Config Process fore Bare Metal Installation

Foreman GUI

Add Preseed Templates

Add Partition Template

Add Ubuntu 14.04 OS

Add a Domain

Ubuntu 14.04 Bare Metal Add a Host Add 2

Subnet

CIMC (change BIOS boot from PXE, Reboot)

CIMC (change BIOS boot from HardDisk, Reboot)


Add Preseed Provisioning Templates


Add a Partition Tables


Add a New Operation systems


Add Subnets


Add a Domains


Add a new Host


Puppet Setting for OpenStack Deployment

Puppet OpenStack

Module Install

common.yaml configuration

site.pp configuration

OpenStack auto

Deployment Start

Puppet OpenStack

Module InstaComputer

Network

ControlWait 2 hours ， Installation is

done


• The puppetlabs-openstack module is used to deploy a multi-node, all-in-one, or swift-only installation of OpenStack.

• Install puppet module

puppet module install puppetlabs-openstack

or git clone https://github.com/puppetlabs/puppetlabs-openstack.git

Puppet OpenStack Module Install


Puppet OpenStack Version


Each node needs a minimum of two network interfaces, and up to four. The network interfaces are divided into two groups.

• Public interfaces: API network.

External network.

• Internal interfaces: Management network.

Data network.

OpenStack Network Design


openstack::region: 'openstack’

######## Networks

openstack::network::api: '10.74.116.0/24'

openstack::network::external: '10.74.116.0/24'

openstack::network::management: '10.74.15.0/24'

openstack::network::data: '10.74.15.0/24’

openstack::network::external::ippool::start: 10.74.116.165

openstack::network::external::ippool::end: 10.74.116.168

openstack::network::external::gateway: 10.74.116.1

openstack::network::external::dns: 64.104.123.144

]

common.yaml sample######## Private Neutron Network

openstack::network::neutron::private: '10.0.0.0/24'

######## Fixed IPs (controllers)

openstack::controller::address::api: '10.74.116.163'openstack::controller::address::management: '10.74.15.85'openstack::storage::address::api: '10.74.116.163'openstack::storage::address::management: '10.74.15.85'

######## Database

openstack::mysql::root_password: 'spam-gak'openstack::mysql::service_password: 'fuva-wax'openstack::mysql::allowed_hosts: ['localhost', '127.0.0.1', '10.74.15.%’

… …


node 'control' {

include ::openstack::role::controller

}

node 'network' {

include ::openstack::role::network

}

node 'compute' {

include ::openstack::role::compute

}

Site.pp sample


OpenStack ServicesController Node

nova-apinova-certnova-conductornova-consoleauthnova-novncproxynova-schedulerkeystoneneutron-serverglance-apiglance-registrydashboard

MySQL ServerRabbitMQ ServerNTP

Network Node Compute Node Ironic Node

neutron-dhcp-agentneutron-l3-agentneutron-metadata-agentneutron-ovs-cleanupneutron-plugin-openvswitch-agent

RabbitMQ ClientNTP

nova-computeneutron-ovs-cleanupneutron-plugin-openvswitch-agent

RabbitMQ ClientNTPHypervisor + libvirt

MySQL Clienttftp-hpaopenipmiNTP

ironic-apiironic-conductor


Foreman TOIYating YangFeb 10 2015


Foreman is a complete lifecycle management tool for physical and virtual servers.

Foreman is an open source tool that can help with the management of servers, by providing an easy way to interact with Puppet (or Chef) to automate tasks and application deployment.

Foreman provides a robust web user interface, API, and CLI which can be used to provision, configure, and monitor your servers.

What is Foreman


Foreman Architecture


Smart Proxies• The Smart Proxy is a project which provides a restful API to various sub-systems

• DHCP - ISC DHCP and MS DHCP Servers

• DNS - Bind and MS DNS Servers

• TFTP - any UNIX based tftp server

• Puppet - Any Puppet server from 0.24.x

• Puppet CA - Manage certificate signing, cleaning and autosign on a Puppet CA server

• Realm - Manage host registration to a realm (e.g. FreeIPA)

http://theforeman.org/manuals/1.7/index.html%234.3.3ISCDHCP

http://theforeman.org/manuals/1.7/index.html%234.3.4MSDHCP

http://theforeman.org/manuals/1.7/index.html%234.3.5BIND

http://theforeman.org/manuals/1.7/index.html%234.3.6GSS-TSIGDNS

http://theforeman.org/manuals/1.7/index.html%234.3.7TFTP

http://theforeman.org/manuals/1.7/index.html%234.3.11FreeIPARealm


Foreman installer• A lot of options

• Interactive installation: -I

• Enables/disables stuff

• Creates a puppet tree skeleton


Foreman GUI


Provisioning• Bare metal and virtual machine

• Install any distribution

• Configure almost everything

• Decentralized (control remote TFTP, DNS, DHCP)

• ERB Scripting


Automation• Trigger Puppet runs

• Advanced use: parameters,…

• History of changes

• ENC ( External Node Classifiers ) is optional


Reporting• Visualize changes

• See the full logs

• View the facts


Providers• Libvirt

• EC2

• OpenStack

• Google Compute Engine

• oVirt

• VMWare


Features of providers• Depending on the provider

• Unattended installation

• Image-based install

• Power management

• Console (noVNC)


Operation System• CentOS/RHEL

• Fedora

• Ubuntu/Debian

• Suse

• Solaris


Puppet Certificate• Puppet-ca proxy

• Takes care of signing certificates

• Trigger first puppet run

• Run first puppet run in loop (before reboot)


Puppet reports• Very detailed

• History

• Host Configuration Status

• Overview of the last reports


Host groups• Default provisioning parameters

• Puppet classes

• Network configuration


Hammer• Command line to foreman

• Scripting

• Automation

• Without browser (e.g no http(s) access)


Scaling up• Multiple Puppet Masters

• Multiple Smart Proxies

• Foreman talks with the CA

• Multiple compute resources


Foreman plugin• Foreman plugins are implemented as gems

• RPM Installations

• Debian Installations

• Gems Installations

http://guides.rubygems.org/what-is-a-gem/


Conclusion• From small labs to larger environments

• Interactions with RESTful API

• Complete puppet management

• Bare Metal and virtual machines


Puppet TOIYating YangFeb 10 2015


• Puppet is a configuration management system that allows you to define the state of your IT infrastructure, then automatically enforces the correct state.

• Fact colletction

• Catalog compilation

• Enforcement

• Report

• Report sharing

What is Puppet?


Puppet Master/Agent Mode


• stackforge/puppet-ceph

• stackforge/puppet-cinder

• stackforge/puppet-designate

• stackforge/puppet-glance

• stackforge/puppet-heat

• stackforge/puppet-horizon

• stackforge/puppet-ironic

• stackforge/puppet-keystone

• stackforge/puppet-manila

• stackforge/puppet-neutron

• stackforge/puppet-nova

• stackforge/puppet-openstack

• stackforge/puppet-sahara

• stackforge/puppet-swift

• stackforge/puppet-tempest

• stackforge/puppet-trove

• stackforge/puppet-tuskar

• stackforge/puppet-vswitch

• stackforge/puppet-openstacklib

• stackforge/puppet-openstack-specs

• stackforge/puppet-openstack_extras

Puppet OpenStack Modules

https://github.com/stackforge/puppet-ceph

https://github.com/stackforge/puppet-cinder

https://github.com/stackforge/puppet-designate

https://github.com/stackforge/puppet-glance

https://github.com/stackforge/puppet-heat

https://github.com/stackforge/puppet-horizon

https://github.com/stackforge/puppet-ironic

https://github.com/stackforge/puppet-keystone

https://github.com/stackforge/puppet-manila

https://github.com/stackforge/puppet-manila

https://github.com/stackforge/puppet-neutron

https://github.com/stackforge/puppet-nova

https://github.com/stackforge/puppet-openstack

https://github.com/stackforge/puppet-openstack

https://github.com/stackforge/puppet-sahara

https://github.com/stackforge/puppet-swift

https://github.com/stackforge/puppet-tempest

https://github.com/stackforge/puppet-trove

https://github.com/stackforge/puppet-tuskar

https://github.com/stackforge/puppet-vswitch

https://github.com/stackforge/puppet-vswitch

https://github.com/stackforge/puppet-openstacklib

https://github.com/stackforge/puppet-openstack-specs

https://github.com/stackforge/puppet-openstack_extras


Puppet OpenStack Version

foreman-and-puppet-for-openstack-audo-deployment

Documents

cisco confidential

cisco andor

puppet module puppet

network interfaces

puppetlabsopenstack

installation of openstack

api network

management network