Overview

• OpenStack Overview
• Dev Process Overview
• Devstack Install

Anti-overview

• In Depth OpenStack Tutorial
• Tutorial on chef/puppet/juju/cfengine/salt
• Endorsement of any of the above
• End-user Cloud Tutorial

Getting Started With Devstack

• devstack.org
• Annotated shell script which installs devstack in a VM
• NOT FOR PRODUCTION USE
• For developers to test stuff

Installing a Cloud using Devstack

• Get an Ubuntu Precise Server Image
Don't do this yet

sudo apt-get install git
git clone git://github.com/openstack-dev/devstack.git
cd devstack; ./stack.sh

Step One

• Get an Ubuntu Precise Image

• NOT YOUR LAPTOP

• NOT YOUR LAPTOP

• NOT YOUR LAPTOP

Get devstack

git clone git://github.com/openstack-dev/devstack.git
cd devstack

# to run essex:
git checkout stable/essex

Customizing Devstack

• localrc

FIXED_RANGE=10.1.0.0/24
FIXED_NETWORK_SIZE=256

• Look in stackrc and stack.sh for other options

Fix Swap

• Notice the lack of swap!

sudo umount /mnt
sudo mkswap /dev/vdb
sudo swapon /dev/vdb

Run devstack

./stack.sh

And now we wait

OpenStack Overview

• Software to run a cloud
• Made up of several (growing) projects
• Open Source

Projects

• keystone (identity service)
• nova (compute)
• glance (image service)
• swift (object storge)
• quantum (network service)
• cinder (volume)
• horizon (dashboard)

Libraries

• python-keystoneclient
• python-novaclient
• python-glanceclient
• python-swiftclient
• python-quantumclient
• python-cinderclient
• python-openstackclient

Tools

• tempest
• git-review
• devstack
• devstack-gate
• openstack.nose_plugin
• openstack-ci-puppet
• pbr
• zuul

Release Management

• Time Based Releases
• Six Month Cadence
  • Tied to Ubuntu Releases
• Design summits each cycle
• Continuously Open Trunk
  • Develop directly on master
• One Month Milestone Releases
• Post-release Stable Branches
• Previous stable: diablo
• Current stable: essex
• Current devel: folsom
• Next devel: grizzly

Who is Running It?

• Rackspace
  • Cloud Files == swift
  • Cloud Servers (beta) == nova
• HP
• hpcloud in Private Beta (diablo)
• trystack (diablo)
• AT&T (diablo)
• Cern
• Mercado Libre

ALSO

• Cisco
• Citrix
• NTT
• Piston
• Nebula
• Nicira
• RedHat
• Canonical

Development Process Overview

• Highly Automated
• Developer Run
• Democratic Structure
• Virtual/Online

Vision

• Consistent Tooling
• Consistent Process
• Consistent Product
• Multiplier Effect

Consistent Tooling

• Minimize meta-development
• Process divergence == wasted developer time
• Lowers onboarding time
• Consolidate tool development
• Minimize project-specific weird build crud

Development Infrastructure Systems

• Gerrit (code review, git) http://review.openstack.org
• Jenkins (CI, automation) http://jenkins.openstack.org
  • pre-merge testing
  • post-merge testing
  • post-merge artifact management
• Zuul (build triggering) http://zuul.openstack.org/zuul/status
• Launchpad (bugs, blueprints, releases, SSO) http://launchpad.net/openstack
• Blog Aggregator http://planet.openstack.org
• Pastebin http://paste.openstack.org
• Etherpad http://etherpad.openstack.org

Environment

• Ubuntu
• Python
  • pep8 standards
  • openstack.common
• virtualenv/pip/tox
• IRC (#openstack-dev, #openstack-meeting)
• devstack
• gated trunk based on master

Gated Trunk

• Ensures Code Quality
• Protects developers
  • Devs always start from working code
• Protects tree
  • Bad code doesn't land
• Egalitarian
  • Process is the same for everyone
  • Process is transparent
  • Process is automated

Everything Is Automated

Process Flow

• Code is written and locally tested in a virtualenv
• Code is submitted for code review to gerrit
• Code is peer-reviewed
• Code is accepted or rejected by core team
• Code is run through pre-merge automated checks
• Code is merged or rejected
• Code is run through post-merge automated checks

Gerrit

• Developed by Google for Android
• Stand-alone patch review system
• Integration points: hooks, JSON queries, event-stream
• Extensible review categories, default: Verified, Code-Review

Pre-merge Check

Approved Reviews

Types of Jenkins Gerrit Triggers

• Patchset uploaded
• Change merged
• Comment added (review state)

OpenID SSO Integration

Bug Integration - Gerrit

Bug Integration - Launchpad

Blueprints - Gerrit

Blueprints - Launchpad

Blueprints - Gerrit Topics

Git Review

• External Git subcommand - pip/apt/yum
• Developers can easily incorporate code review into git workflow
• Zero-configuration
• Can be used for any project, being adopted by other projects

corvus@shiprock:~/rs/github/quantum$ git commit -a
[new-versionpy ddf1dce] Base version.py on glance.
 3 files changed, 28 insertions(+), 107 deletions(-)
 delete mode 100644 version.py

corvus@shiprock:~/rs/github/quantum$ git review
remote: Resolving deltas:   0% (0/3)
remote: 
remote: New Changes:
remote:   https://review.openstack.org/3072
remote: 
To ssh://[email protected]:29418/openstack/quantum.git
 * [new branch]      HEAD -> refs/for/master/bug/916018

Types of Tests

• Unit tests
• Test the code of a single project
• Functional tests
  • Can be run on real or virtual servers
  • Test the service of a single project
  • Easy for developers to run
• Integration tests
  • May be able to run on virtual servers, should run on real servers
  • Usually harder for a developer to run

Virtual Integration Tests

Devstack: https://github.com/openstack-dev/devstack

Easy for developers to recreate locally

On each commit:

• Provision Cloud Server (surprisingly HARD!)
• Run devstack to install code
• On success - delete server
• On failure:
• Keep Server
• Install developer's ssh key
• Give the server to the developer for 24H

Getting Started With Developing

http://www.linuxjedi.co.uk/2012/03/real-way-to-start-hacking-on-openstack.html

• Get a launchpad account
• Upload your SSH key to Launchpad
• Sign the CLA: wiki/HowToContribute
• Join the ~openstack-cla team on Launchpad
• One time only:

    git config --global user.name "Firstname Lastname"
    git config --global user.email "[email protected]" 
    

• Install git review

Add your blog to OpenStack Planet

git clone git://github.com/openstack/openstack-planet.git
cd openstack-planet
# edit planet.ini
# add your image
git add images/yourusername.png
git add planet.ini
git commit
git review

tox

• Manages python virtualenvs
• Runs multiple python versions

Doing something more useful

git clone git://github.com/openstack/nova.git
# do things, now, to test it:
tox
# it's perfect - submit!
git commit
git review

Now We Have a Cloud!

• What are all of the different parts of it again?

Keystone

• Identity/Authentication Service
• Service Catalog

Keystone: Authentication

• Authentication
• Pluggable:
  • ldap
  • pam
  • sql

Keystone: Service Catalog

• curl https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/tokens

"serviceCatalog": [
    {
     "name": "Identity",
      "type": "identity",
      "endpoints": [{
        "publicURL": "https:\/\/region-a.geo-1.identity.hpcloudsvc.com:35357\/v2.0\/",
     ....
    {
     "name": "Image Management",
     "type": "image",
     "endpoints": [{
        "tenantId": "74682717556353",
        "publicURL": "https:\/\/glance2.uswest.hpcloud.net:9292\/v1.0",

Nova

• API
• Scheduler
• Compute
• Network
• Volume
• messaging RabbitMQ, zeroMQ
• database sqlalchemy: MySQL, PostGres, whatever

Nova API

• OpenStack
• ec2

Nova Compute

• Compute Service
• Pluggable
• Virt Layer
  • libvirt/kvm
  • xen
  • openvz
  • hyperv
  • baremetal

Nova Network

• Hard bit :)
• Provides/configures network to guests
• • flat
  • flatdhcp
  • vlan
• Quantum
• Floating IP Extension

Nova Volume

• LVM to iscsi mapping
• cinder

Glance

• Image Registry
• Image Store

Now What?

• sudo apt-get remove python-keyring
• Services running in screen rejoin-stack.sh
• Run tests exercise.sh
• Horizon running on port 80 on localhost
• devstack puts credentials in localrc, openrc does useful things. Get them with

  source openrc
  

screen refresher

• C-a " windowlist
• C-a 0 select window 0
• C-a n next window
• C-a p previous window

Client Access

• pip install python-${PROJECT}client
• Environment:
  • OS_USERNAME
  • OS_PASSWORD
  • OS_AUTH_URL
  • OS_TENANT_NAME
  • OS_REGION_NAME

debug info

export NOVACLIENT_DEBUG=1

Images in Glance

glance image-list

Save the UUID you want in a var called IMAGE_ID

Security Groups (extension)

• Control what ports are open

SECGROUP=test_secgroup
nova secgroup-create $SECGROUP "$SECGROUP description"
nova secgroup-add-rule $SECGROUP icmp -1 -1 0.0.0.0/0
nova secgroup-add-rule $SECGROUP tcp 22 22 0.0.0.0/0

Keypairs (extension)

• ssh credentials for logging in

KEY_NAME=test2_key
KEY_FILE=key.pem
nova keypair-add $KEY_NAME > $KEY_FILE

Flavors

nova flavor-list

+----+-----------+-----------+------+-----------+------+-------+-------------+
| ID |    Name   | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor |
+----+-----------+-----------+------+-----------+------+-------+-------------+
| 1  | m1.tiny   | 512       | 0    | 0         |      | 1     | 1.0         |
| 2  | m1.small  | 2048      | 10   | 20        |      | 1     | 1.0         |
| 3  | m1.medium | 4096      | 10   | 40        |      | 2     | 1.0         |
| 4  | m1.large  | 8192      | 10   | 80        |      | 4     | 1.0         |
| 5  | m1.xlarge | 16384     | 10   | 160       |      | 8     | 1.0         |
+----+-----------+-----------+------+-----------+------+-------+-------------+

Save the flavor id as FLAVOR_ID

Boot an Instance

• Returns the UUID of the server
• Using the values saved previously:

  nova boot --flavor $FLAVOR_ID --image $IMAGE_ID --security_groups=$SECGROUP \
            --key_name $KEY_NAME $INSTANCE_NAME
  nova list
  

  Save the UUID returned as VM_UUID

Add an IP

nova floating-ip-create
nova floating-ip-list
nova add-floating-ip $VM_UUID $FLOATING_IP

Volumes

DEVICE=/dev/vdb
VOL_NAME=test_volume
nova volume-create --display_name=$VOL_NAME 1
nova volume-list
nova volume-attach $INSTANCE_NAME $VOLUME_ID $DEVICE

Hacking Code

• Repos in /opt/stack
• Installed via python setup.py develop

Simulated Production

Great! Now how about a real deployment

Bare Metal Process

Each test:

• PXE boot
• Install Ubuntu
• Install OpenStack
• Run test suite

Test Process Improved

One time (Orchestra driven):

• PXE boot
• Install Ubuntu
• Install OpenStack dependencies
• Snapshot LVM volume

Each test:

• Kexec boot into LVM snapshot
• Install OpenStack
• Run test suite

Cobbler

• Written by RedHat
• PXE/net-install
• Pluggable power management support (impi, drac, ilo ...)
• Manage dns/dhcp/tftp - or use others
• Templated kickstart or preseed files

Ubuntu Orchestra

• cobbler
• squid
• dnsmasq
• nagios
• rsyslog
• cloud-init

Walkthrough

• https://github.com/openstack/openstack-ci-puppet
• https://github.com/openstack/openstack-ci-puppet/tree/master/modules/orchestra

Install Orchestra

• apt-get install ubuntu-orchestra-server ipmitool
• (install will download ubuntu install images and import them)

Configure dnsmasq

• Edit dhcp options in /etc/cobbler/dnsmasq.template
• Add "dhcp-ignore=tag:!known"
• Insert network range

Cloud Init Script

• Ubuntu Orchestra pre-seed files
• In the preseed/late_command, use snippets
• Run a cloud-init script to bootstrap puppet or chef

Add Profile

cobbler profile add \
--name=natty-x86_64-ostest \
--parent=natty-x86_64 \
--kickstart=/var/lib/cobbler/kickstarts/openstack.preseed \
--kopts="priority=critical locale=en_US"

Add machines manually

For each machine

cobbler system add \
--name=baremetal1 \
--hostname=baremetal1 \
--profile=natty-x86_64-ostest \
--mac=00:11:22:33:44:55 \
--power-type=ipmitool \
--power-user=IPMI_USERNAME \
--power-pass=IPMI_PASS \
--power-address=IPMI_IP_ADDR \
--ip-address=SYSTEM_IP_ADDRESS \
--subnet=SYSTEM_SUBNET \
--kopts="netcfg/choose_interface=auto netcfg/dhcp_timeout=60 auto=true
priority=critical"

Adding systems automatically

cobbler-enlist

d-i preseed/early_command string anna-install cobbler-enlist-udeb
d-i cobbler-enlist/cobbler-server-address http://IP/cobbler_api
d-i cobbler-enlist/cobbler-server-username cobbler
d-i cobbler-enlist/cobbler-server-password password
d-i cobbler-enlist/host-name some-host
d-i cobbler-enlist/host-profile 
d-i cobbler-enlist/warning-note note

Reinstall a machine

cobbler sync
cobbler system edit --netboot-enabled=Y --name=baremetal1
cobbler system reboot --name=baremetal1

Thanks!

Slides are available at https://github.com/openstack-ci/publications in the tutorial folder.