OpenStack Enabling DevOps Shannon McFarland - Principal Engineer @eyepv6 Agenda
• Introduction
• DevOps
• OpenStack
• Virtualisation • CICD Pipeline
• Orchestration
• Conclusion What is DevOps?
• Practice that emphasises the Dev / collaboration between developers, QA QA and Technical Operations SW Eng
• As much an organisational as it is DevOps technical
• Focused on automating the build, test and deployment of software
• Aims to release better tested software more frequently Technology Operations • Blurs the line between traditional developers and IT Operations OpenStack
• OpenSource platform for cloud computing that controls large pools of compute, storage and networking OpenStack
• Provides APIs to all features and functionality • Compute (Nova) • Storage – Cinder (block), Swift (Object), Glance (images) • Networking (Neutron) • Includes complex concepts – firewalls, VPN, etc. • Supports many flavors of networking – VLAN, VXLAN, provider networks, etc. • Floating IP to map private IP space to public
• Encourages DevOps model but doesn’t require it Why Virtualisation?
Traditional approach:
• Group of developers start coding on their laptops
• Transition to a HW that has been allocated at project start and may or may not match requirements
• Long lead time to get new/different hardware
• Hardware upgrade and updates are cumbersome and slow
• Low utilisation on dedicated hardware (5-15% is common) Virtualisation allows allocation of physical hardware to multiple projects Virtualisation using OpenStack
IT Team Development Team
• Deploys an OpenStack cloud • Get authorised to use cloud
• Focuses on deploying standard • Starts new VMs as necessary hardware and enforcing policy (typically start by using GUI, quickly migrate to using APIs)
• Focuses on delivering enhanced functionality, not filling out paperwork Virtualisation using OpenStack
Once IT cloud is in place:
• Encourages experimentation via less commitment to hardware
• Offloads both teams – developers don’t spend time configuring hardware, IT focuses on overall utilisation of standardised hardware
• Next step is automation • Encouraging development to automate makes it easier to enforce policy as it decreases their work & increases consistency • Automation progresses into continuous deployment –> on commit, software is deployed and tested resulting in instantaneous feedback Continuous Integration • RCS: Subversion, Mercurial, CVS, Bazaar, Perforce, ClearCase, Revision etc.. Code Control Code Repo • Code Review: Gerrit, Git Review Tool pull request, Phabricator, Barkeep, Gitlab, etc.. System (Gerrit/Git pull request) (GitHub) • Code Repo: GitHub, BitBucket, BitKeeper, Gitorious, etc..
• Integration Server: Artifact Creation Jenkins/Hudson, Zuul, Integration CloudBees, Go, Maven, Artifact Rep Mgr Test Jobs etc.. (rpmbuild/Jenkins/etc) Server (Tempest/Rally/etc) • Test Jobs: Tempest, Rally, puppet-rspec, tox, Deployment etc..
Jobs Continuous • Artifacts: rpmbuild, Jenkins, Artifactory, Deployment Apache Archiva, etc.. *See notes for logo credits CI/CD Pipeline to Increase Velocity
• Every commit triggers a build (automated, nothing manual)
• Every build is automatically tested
• Responsible people are notified when things fail
• Everyone sees what’s happening CI/CD Principles
• The process must be repeatable and reliable
• Automate everything (devops!)
• If something is painful or difficult or large, do it more often and break it down into smaller jobs
• Everything is in source control
• Done means “released”
• Build quality in (reviews and automated testing)
• Everyone has responsibility for the release process CI/CD on OpenStack
• OpenStack can provide the basis for a CI/CD system
• Cleanly supports dynamic allocation and build of system
• Good cloud application – on commit, new infra is spun up that is a scaled version of the target environment, software is deployed and automatically tested; results reported back to standard dashboard
• Target scale can be anything from small to very large, with high degree of confidence in final deployment
• There’s still a problem: how do you orchestrate the bring up of multiple VMs with complex networking? Automating Deployment of Applications (Heat)
• Challenge: How do I orchestrate the deployment of a complex application? • Solution: OpenStack Heat • Template based description of applications • Can deploy multiple composite cloud applications • Templates describe servers (VMs), floating IPs, security groups, storage, users, etc. • Templates also describe relationships between resources (volume X is connected to server Y) • Easy to read (text files), easy to audit for compliance heat_template_version: 2015-10-15 Heat Template parameters: image: type: string description: Name of image to use for servers default: ecb42067-f5f5-4a9c-888f-0559fdf6c11b • JSON/YAML flavor: type: string • Parameters description: Flavor to use for servers default: Demo private_net_name: • Resources type: string description: Name of private network to be created default: test_net private_net_cidr: type: string description: Private network address (CIDR notation) default: 10.10.30.0/24 . . . resources: private_net: type: OS::Neutron::Net properties: name: { get_param: private_net_name } private_subnet: type: OS::Neutron::Subnet properties: network: { get_resource: private_net } cidr: { get_param: private_net_cidr } Conclusion
• OpenStack provides a solid platform for hosting applications
• OpenStack provides APIs to access the infrastructure, encouraging DevOps practices
• CI/CD on OpenStack is a natural fit (and encourages good practices)
• OpenStack Heat can be used to describe and deploy entire applications – especially powerful when tied to other automation tools such as Ansible
• OpenStack can be a great basis for DevOps practices Q & A Complete Your Online Session Evaluation Give us your feedback and receive a Cisco 2016 T-Shirt by completing the Overall Event Survey and 5 Session Evaluations. – Directly from your mobile device on the Cisco Live Mobile App – By visiting the Cisco Live Mobile Site http://showcase.genie-connect.com/ciscolivemelbourne2016/ – Visit any Cisco Live Internet Station located throughout the venue Learn online with Cisco Live! T-Shirts can be collected Friday 11 March Visit us online after the conference for full access to session videos and at Registration presentations. www.CiscoLiveAPAC.com Thank you