heat up your stack
TRANSCRIPT
Heat up your StackRico LinChief OpenStack Technologist, inwinSTACK
IRC: ricolin #[email protected]@ricolintw
Your HA OpenStack Architecture
Deploy Compute
Storage
Controller
HA
OpenStack
imageflavor
userrole
Port instance
Trove
Sahara
MuranoMagnum
keypairsubnet
networksecurity group
Project
load balance
container volumeFloating IP
volumealarm
imageflavor
userrole
Port instance
Trove
Sahara
MuranoMagnum
keypairsubnet
networksecurity group
Project
load balance
container volumeFloating IP
volumealarm
A Mess
But You Didn’t Know, It’s Happening...
Making It Right and Making It Fast!
imageflavor
userrole
Port instance
Trove
Sahara
MuranoMagnum
keypairsubnet
networksecurity group
Project
load balance
container volumeFloating IP
volumealarm
User Image Flavor Role Alarm Vloume
Port
Network
ContainerFloating
IP
Subnet
Load balance
Keypair
Security group
Instance
Vloume
Magnum
Trove
Sahara
Murano
ProjectUse Heat Resource to Redefine Old Resource
Create Stack for Default Resource Set
heat_template_version: 2015-04-30resources: image_for_cloudos: type: OS::Glance::Image properties: … image_for_ubuntu: type: OS::Glance::Image properties: … image_for_win7: type: OS::Glance::Image properties: …
Stack: images
Image Image
Image
Create Stack for Authorization Topology
Stack: Authorization
ProjectProject Role
Role User UserUser
Stack: Network_TopologyRouter
Create Stack for Network Topology
Network NetworkSubnet SubnetPort Port
Create Stack for Instance Topology
Stack: InstanceServerVolumeKeypair
Murano Magnum Trove
Sceurity GroupFloating IPLBaas
imageflavor
userrole
Port instance
Trove
Sahara
MuranoMagnum
keypairsubnet
networksecurity group
Project
load balance
container volumeFloating IP
volumealarm
User Image Flavor Role Alarm Vloume
Port
Network
ContainerFloating
IP
Subnet
Load balance
Keypair
Security group
Instance
Vloume
Magnum
Trove
Sahara
Murano
Project
Stack: NetworkTopology
Stack: Instance
Container
Authentication Image
security group
volume
Flavor Alarm volume
AuthorizationEverything Transform
to
Stack
Example: Create Instance
1 Operation8 Operations VS
Stack
port
Instance
security group
Volume
keypair
imagefloating IP
LBaas
Operations You Give, Mistake You’ll Make.
The More
imageflavor
userrole
Port instance
Trove
Sahara
MuranoMagnum
keypairsubnet
networksecurity group
Project
load balance
container volumeFloating IP
volumealarm
How many operations to draw this structure?!
Migration do
Happens...
Withdraw entire resources set by dependency
StackStack
StackStack
No Zombie Resources
StackStack
Stack
Same Resources Structure
StackStack
StackStack
New
Resources Structure on Horizon
Stack
Stack is Updatable
Stack
Get file from others, make control flow clean
type: OS::Heat::SoftwareConfig config:
get_file: script.sh
Stack
Script.sh
type: OS::Neutron::FloatingIP
depends_on: port_A
Set Dependency cross Resourcess
Stack
StackGet Resource Info Direct From Another Resource
type: OS::Nova::Server properties:
flavor: {
get_resource: flavor}
user_data: {
get_attr: [boot_config, config]}
type: Database_node.yaml properties: role: ...
network: ... flavor: ... image: ...
Nested Stack Make Management Easy
Stack
Stack
Whereare
Applications?
config: type: OS::Heat::SoftwareConfig group: ansible config: get_file: applicaton_deploy_flow.ansible deployment: ... server: ...
Application in Heat
Stack for Application
Image Server SoftwareConfigSoftwareDeployment ControlS
criptScript
server: type: OS::Nova::Server user_data_format: SOFTWARE_CONFIGconfig: ... deployment: ...
Application in Heat
Stack for Application
Image Server SoftwareConfig
SoftwareDeployment ControlScriptScript
deployment: type: OS::Heat::SoftwareDeployment config: get_resource: config server: get_resource: server config: … server: ...
Application in Heat
Stack for Application
Image Server SoftwareConfig
Script SoftwareDeployment ControlScript
Use cases - Ceph
Stack: Ceph
Image Server SoftwareConfig
SoftwareDeployment
Cephansible control scriptMe Too!
Ceph Ansiblescript
Hi, I pull from Ceph-ansible repo
Use cases - Ceph
Stack: Ceph
Image Server SoftwareConfig
SoftwareDeployment
Cephansible control script
Hi, Server!
Here is SoftwareConfig for you, and with parameter
(role= ceph-monitor)Go knock yourself out!!!
Ceph Ansiblescript
Use cases - ?
Stack
Image Server SoftwareConfig
?Ansiblescript SoftwareDeployment
?Ansible control script Ansible
Puppet
ScriptSalt
Kubelet
Cfn-initDocker-compose
Example: Application Deployment
1 Operation11 + ? Operations VS
Stack
Write config
Run Ansible port
Instance
security group
Volume
keypair
imagefloating IP
LBaas
Collect information for other instance
SoftwareConfig Flow
Image
script
Heat-engine
Nova
Server
os-collect-configos-refresh-configheat-configansible-hookansible-playbookAnsible files
os-apply-config
Clouds are noisy - servers fail to come up, or die when the underlying hypervisor crashes or suffers a power failure. Heat should be resilient and allow concurrent operations on any sized stack.
convergence_engine = True
Template Heat-API AMQP
Heat-engine
DB
Original Design
Ideal Design
Template Heat-API AMQP
Heat-engineAMQPDB
Hey worker this is resource, go create it!!
Worker
Observer
Current Convergency Design
Current Convergency Design
Template Heat-API AMQP
Heat-engine
AMQP(engine_worker)
Worker
DB
Where isObserver?
How it Interact between
Convergence Workers?
Traversal Graph
SyncPointA
SyncPointC
(C,A) => (requirer, required)
SyncPointB
(C,B)
SyncPointD
(D,C)
leaves
StackSyncPoint
*traversal_id*stack_id*entity_id*is_updateinput_dataatomic_key
Shall We Trace?
1. create_stack(): Parse template, Create Stack, Validate Stack, and Check Convergence status
Template Heat-API
Heat-engineHeat-engine
AMQP
Heat-engine
AMQP(engine_worker)
Heat-engine
WorkerWorker
Worker
Worker
DB
Stack
2. converge_stack(): Clear previous traversal sync_point on stack (if any)
Heat-engineHeat-engine
Heat-engine
AMQP(engine_worker)
Heat-engine
SyncPoint
Stack
DB
WorkerWorker
Worker
Worker
AMQPTemplate Heat-API
leaves
3. _converge_create_or_update():Create dependency and sync_point for traversal
Heat-engine
AMQP(engine_worker)
WorkerWorker
Worker
Worker
C
D
BA
SyncPoint
Stack
DB
4. check_resoruce():Load resource, check current_traversal is equal to stack’s current_traversal.
Also check timeout or finish
leaves
AMQP(engine_worker)
WorkerWorker
Worker
Worker
A
C
D
BA
SyncPoint
Stack
DB
5. _do_check_resoruce():Try to update or create resource, replace if upadate failed,
clearup from convergence if can’t get the lock
WorkerA
C
D
BA
SyncPoint
Stack
DB
leaves
6. check_resoruce_update():Create or update convergence base on action is initial or not
WorkerA
C
D
BA
SyncPoint
Stack
DB
leaves
7. create_convergence(): Create resource by invoking scheduler: TaskRunner
WorkerA
C
D
BA
SyncPoint
Stack
DB
leaves
8. create(): Handle resource create failure
WorkerA
C
D
BA
SyncPoint
Stack
DB
leaves
9. handle_create():Create resource
Worker
C
D
BA
SyncPoint
StackA
DB
leaves
5-9, 4. check_resoruce():Load next resource, check current_traversal is equal to stack’s current_traversal.
Go execute and check timeout or finish.
AMQP(engine_worker)
WorkerWorker
Worker
Worker
B
C
D
B
SyncPoint
StackA
DB
leaves
5-9, 4. check_resoruce():Load next resource, check current_traversal is equal to stack’s current_traversal.
Go execute and check timeout or finish.
AMQP(engine_worker)
WorkerWorker
Worker
Worker
C
DSyncPoint
StackA
CB
DB
leaves
5-9, 4. check_resoruce():Load next resource, check current_traversal is equal to stack’s current_traversal.
Go execute and check timeout or finish.
AMQP(engine_worker)
WorkerWorker
Worker
Worker
DSyncPoint
StackA
DDB
BC
leaves
3. _converge_create_or_update():Mark completed and purge Database
Heat-engine
AMQP(engine_worker)
WorkerSyncPoint
StackA
DB
BCD
WorkerWorkerWorker
So What Happens If Conflict?
Another Stcak Update Request Join?Stack SyncPoint will show which Stack traversal is current.
AMQP(engine_worker)Worker
Worker
C
DSyncPoint
Stack_a
AC
B
DB
Stack_aA
Hey, wrong traversal ID here!!
Me!?
leaves
Example: Mass Application Deployment
1 Operation
<20 Min.
> 50 Operations
>100 Min.VS
Stack
Heat Fleet’s sessions● inwinSTACK- Heat Up Your Stack - Deep Dive to Heat, Learn How to
Orchestrate Your Cloud - Wednesday, 11:15am● User/ops session for summit - Wednesday, 3:40pm● Extending OpenStack Heat to Orchestrate Security Policies and Network
Function Service Chains - Thursday, 9:50am● Why Reinvent the Wheel? - Using Murano, Heat, Container Clustering and
Ceilometer to Provide Auto--scaling and Enforce Self-Healing Best Practices in Applications - Thursday, 11:00am
● Heat, Cloud-init & Cloud-config: OpenStack Orchestration Deep Dive, Hands-On Lab - Thursday, 4:30pm
Q&A