rcbops / chef-cookbooks Tomokazu HIRAI ( @jedipunkz )
: ( ) ID : jedipunkz : http://jedipunkz.github.io : OpenStack : R&D, : KDDI FF14: jedi master on Alexander
osops-utils ( Chef ) rcbops-cookbooks Havana rcbops-cookbooks Swift
* Chef * Chef
Chef Chef-Server knife WorkStation Node (1) : cookbooks, roles, data_bag, environments (2) : node bootstrap (3) : cookbooks, roles chef-client,
rcbops/chef-cookbooks
rcbops/chef-cookbooks #1 rackspace Private Cloud OpenCenter Chef : * *, HA
rcbops/chef-cookbooks #2 OpenCenter Chef Cookbooks github Apache
osops-utils
Chef Chef
osops-utils #1 * Cookbooks * * rcbops-cookbooks Cookbooks include https://github.com/rcbops-cookbooks/osops-utils
osops-utils #2 Attributes Environments 1 Environment OpenStack 1!! snip "override_attributes": { "package_component": "havana", "osops_networks": { "management": "10.200.10.0/24", "public": "10.200.17.0/24", "nova": "10.200.10.0/24" }, snip
osops-utils #3 Recipe hosts = search(:node, chef_environment:#{node.chef_environment}")! environment snip hosts.each do host Chef::Log.info("osops-utils/autoetchosts: checking (#{host})") begin ip = ::Chef::Recipe::IPManagement.get_ip_for_net("management", host) stra = String.new("#{ip} #{host["fqdn"]} #{host["hostname"]}\n") hfile << stra rescue Chef::Log.info( "osops-utils/autoetchosts: skipping node (#{ip}) because" + " it doesn't have a network assigned yet") end end host IP
osops-utils #4 Chef::Recipe::IPManagement get_ip_for_net!!!!! # network number associated with this network net = IPAddr.new(node[ osops_networks"][network]) environment # loop thru node's interfaces and look at addresses node["network"]["interfaces"].each do interface # ohai interfaces chef node NW I/F Chef::Log.debug("#{ourname} examining interface #{interface[0]}") if interface[1].has_key?("addresses") then # loop thru each address on this interface interface[1]["addresses"].each do k, v if v["family"] == "inet6" or (v["family"] == "inet" and v["prefixlen"]!= "32") then addr=ipaddr.new(k) if net.include?(addr) Chef::Log.debug(ourname + " ===> using #{addr}") return k # found it else Chef::Log.debug(ourname + " - ignoring #{addr}") end I/F IP
osops-utils #4 ohai "network": { "interfaces": { "lo": { "mtu": "16436", "flags": [ "LOOPBACK", "UP", "LOWER_UP" ], snip "eth0": { "type": "eth",. snip "10.200.9.100": { "family": "inet", "prefixlen": "24", "netmask": "255.255.255.0", "broadcast": "10.200.9.255", "scope": "Global" }, snip
osops-utils #5 * role, recipe + environmnet osops_search query = "#{query_type}s:#{search_string} AND chef_environment:#{current_node.chef_environment}" debug("osops_search query: #{query}") result, _, _ = Chef::Search::Query.new.search(:node, query) * get_ip_for_net IP
osops-utils #6 * environment Roles/Recipe Chef * IP get_ip_for_net I/F Chef
rcbops-cookbooks Havana
rcbops-cookbooks Havana controller network network compute compute workstation external public management * 4 * public : API * external : * guest : * management : * public, external * controller : 2 nics, network : 4 nics, compute : 3nics * controller * network, agent * compute * workstation chef-repo, management guest
rcbops-cookbooks Havana #2 % git clone https://github.com/rcbops/chef-cookbooks.git % cd chef-cookbooks % git checkout -b v4.2.0 refs/tags/v4.2.0 % #.chef Chef % git submodule init % git submodule sync % git submodule update % knife cookbook upload -o cookbooks -a % knife role from file roles/*.rb
rcbops-cookbooks Havana #3 { "name": "havana-neutron", "description": "", "cookbook_versions": { }, "json_class": "Chef::Environment", "chef_type": "environment", "default_attributes": { }, "override_attributes": { "package_component": "havana", "osops_networks": { "management": "10.200.10.0/24", "public": "10.200.9.0/24", "nova": "10.200.10.0/24" }, snip * http://jedipunkz.github.io/blog/2013/11/17/openstack-havana-chef-deploy/
rcbops-cookbooks Havana #4 % knife environment from file \ environments/havana-neutron.json
rcbops-cookbooks Havana #5 controller! % knife bootstrap <controller_ipaddr> -N <controller_name> \ -r 'role[single-controller]','role[cinder-volume]' \ -E havana-neutron -x <username> sudo! network! % knife bootstrap <network_ipaddr> -N <network_name> \ -r 'role[single-network-node]','recipe[nova-network::neutron-l3-agent]' \ -E neutron-havana -x <username> sudo! compute! % knife bootstrap <compute_ipaddr> -N <compute_name> \ -r 'role[single-compute]' \ -E havana-neutron -x <username> --sudo
rcbops-cookbooks Havana #6 % sudo ovs-vsctl add-port br-eth1 eth1 % sudo ovs-vsctl add-port br-ex eth3 % sudo ovs-vsctl add-port br-eth1 eth1
rcbops-cookbooks Havana #6
rcbops-cookboooks Swift
rcbops-cookbooks Swift #1 load balancer proxy network chef server chef workstation swift-manage swift-proxy01 swift-proxy02 storage network swift-storage01 swift-storage02 swift-storage03 swift-account01 swift-account02 swift-account03 * swift-storage, account /dev/sdb * swift-mange git <- Rings * proxy01,02 haproxy, keepalived LB, VRRP
rcbops-cookbooks Swift #2 Cookbooks Chef % git clone https://github.com/rcbops/chef-cookbooks.git % cd chef-cookbooks % git checkout -b v4.1.2 refs/tags/v4.1.2 % git submodule init % git submodule sync % git submodule update % knife cookbook upload -o cookbook -a % knife role from file role/*.rb
rcbops-cookbooks Swift #3 Environment json { "name": "swift", "description": "", "cookbook_versions": { }, "json_class": "Chef::Environment", "chef_type": "environment", "default_attributes": { }, "override_attributes": { "package_component": "grizzly", "osops_networks": { "management": "10.200.9.0/24", "public": "10.200.9.0/24", "nova": "10.200.9.0/24", "swift": "10.200.9.0/24" },
rcbops-cookbooks Swift #4 Environment json % knife environment from file environments/swift.json
rcbops-cookbooks Swift #6 swift-manage knife bootstrap % knife bootstrap <manage_ip_addr> -N swift-manage -r \ role[base]','role[mysql-master]','role[keystone]','role[swift-management-server]' -E swift --sudo -x thirai swift-proxynn % knife bootstrap <proxy01_ip_addr> -N swift-proxy01 -r \ role[base]","role[swift-proxy-server]",'role[swift-setup]','role[openstack-ha]' -E swift --sudo -x thirai % knife bootstrap <proxy02_ip_addr> -N swift-proxy02 -r \ role[base]","role[swift-proxy-server]",'role[openstack-ha]' -E swift --sudo -x thirai swift-storagenn % knife bootstrap <storage01_ip_addr> -N swift-storage01 -r \ role[base],'role[swift-object-server]' -E swift --sudo -x thirai % knife bootstrap <storage02_ip_addr> -N swift-storage02 -r \ role[base]','role[swift-object-server]' -E swift --sudo -x thirai % knife bootstrap <storage03_ip_addr> -N swift-storage03 -r \ role[base]','role[swift-object-server]' -E swift --sudo -x thirai swift-accountnn % knife bootstrap <account01_ip_addr> -N swift-account01 -r \ role[base]','role[swift-account-server]','role[swift-container-server]' -E swift --sudo -x thirai % knife bootstrap <account02_ip_addr> -N swift-account02 -r \ role[base]','role[swift-account-server]','role[swift-container-server]' -E swift --sudo -x thirai % knife bootstrap <account03_ip_addr> -N swift-account03 -r \ role[base]','role[swift-account-server]','role[swift-container-server]' -E swift --sudo -x thirai
rcbops-cookbooks Swift #7 Roles HA Swift % knife bootstrap <ip_swift-proxy01> -N swift-proxy01 -r 'role[ha-swift-controller1]' -E swift-ha --sudo -x jedipunkz % knife bootstrap <ip_swift-proxy02> -N swift-proxy02 -r 'role[ha-swift-controller2]' -E swift-ha --sudo -x jedipunkz * haproxy * keepalived VRRP * MySQL HA
rcbops-cookbooks Swift #8 zone % knife exec -E "nodes.find(:name => 'swift-storage01') { n n.set['swift']['zone'] = '1'; n.save }" % knife exec -E "nodes.find(:name => 'swift-account01') { n n.set['swift']['zone'] = '1'; n.save }" % knife exec -E "nodes.find(:name => 'swift-storage02') { n n.set['swift']['zone'] = '2'; n.save }" % knife exec -E "nodes.find(:name => 'swift-account02') { n n.set['swift']['zone'] = '2'; n.save }" % knife exec -E "nodes.find(:name => 'swift-storage03') { n n.set['swift']['zone'] = '3'; n.save }" % knife exec -E "nodes.find(:name => 'swift-account03') { n n.set['swift']['zone'] = '3'; n.save }"
rcbops-cookbooks Swift #9 disk % knife exec -E \ 'search(:node,"role:swift-object-server OR \ role:swift-account-server \ OR role:swift-container-server") \ { n puts "#{n.name}"; \ begin; n[:swift][:state][:devs].each do d \ puts "\tdevice #{d[1]["device"]}"; \ end; rescue; puts \ "no candidate drives found"; end; }' swift-storage02 device sdb1 swift-storage03 device sdb1 swift-account01 device sdb1 swift-account02 device sdb1 swift-account03 device sdb1 swift-storage01 device sdb1
rcbops-cookbooks Swift #10 rings git chef-client rings swift-manage% sudo chef-client swift-manage% sudo ${EDITOR} /etc/swift/ring-workspace/generage-rings.sh swift-manage% sudo /etc/swift/ring-workspace/generate-rings.sh rings git push swift-manage# cd /etc/swift/ring-workspace/rings swift-manage# git add account.builder container.builder object.builder swift-manage# git add account.ring.gz container.ring.gz object.ring.gz swift-manage# git commit -m "initial commit" swift-manage# git push
rcbops-cookbooks Swift #11 chef-client swift-proxy01# chef-client swift-proxy02# chef-client swift-storage01# chef-client swift-storage02# chef-client swift-storage03# chef-client swift-account01# chef-client swift-account02# chef-client swift-account03# chef-client rings pull swift
Havana OpenStack http://jedipunkz.github.io/blog/2013/11/17/openstack-havana-chef-deploy/ Swift http://jedipunkz.github.io/blog/2013/10/27/swift-chef/ Swift (HA ) http://jedipunkz.github.io/blog/2013/07/26/swift-ha-chef-deploy/