Heat - OnBoardingOnBoarding, OpenStack Summit SydneyRico Lin@EasyStack irc: ricolin

November 2017

Thank you for your commitsZane Bitter, Rabi Mishra, Huang Tianhua, Rico Lin, Thomas Herve, Crag Wolfe, Peter Razumovsky, shizhihui, doantungbk, liyi, Steve Baker, Mehdi Abaakouk, hongbin, Miguel Caballer, chenaidong, Kanagaraj Manickam, shangxdy, Giulio Fidente, Steven Hardy, James Slagle, Dan Prince, Saju Madhavan, Alex Schultz, ChangBo Guo(gcb), Namrata, Andreas Jaeger, M V P Nitesh, Juan Antonio Osorio Robles, Emilien Macchi, Norbert Illes, Mathieu Velten, ioggstream, Botond Zoltán, Jason Dunsmore, Bence Romsics, Monty Taylor, anusreea, Jiří Stránský, Mohammed Naser, Colleen Murphy, Tuan, Matthew Edmonds, Van Hung Pham, Antonio Di Tommaso, Bob Haddleton, Tomasz Trębski, Stefan Nica, Aaron DH, Jeremy Liu, Spyros Trigazis, Matthew Treinish, Sahdev Zala, David Toth, praveen, ShangXiao, Eric Brown, Stephen Finucane, Saravanan KR, Chason, Kien Nguyen, Praveen Yalagandula, Bogdan Dobrelya, Paul Bourke, futangw, Peng Yuan, PanFengyun, Mocan Cosmin, David Moreau Simard, Kazunori Shinohara, Deepak Mourya, Spencer Yu, wenbin luo, Amy Fong, Lajos Katona, Kazunori Shinohara, Jan Provaznik, gengchc, Jesse Pretorius, Eduardo Patrocinio, Gábor Antal, Ihar Hrachyshka, Shunli Zhou, Joe Borg, Rajat Sharma, abdul nizamuddin, Alfredo Moralejo, AnantPatil

Thank you for your reviewsRico Lin, Huang Tianhua, Zane Bitter, Rabi Mishra, Thomas Herve, Kanagaraj Manickam, Steven Hardy, Sergey Kraynev, Bob Haddleton, Sahdev Zala, Jason Dunsmore, Qiming Teng, Kien Nguyen, Steve Baker, Ethan Lynn, Peter Razumovsky, Hieu LE, Nguyen Van Trung, Dai Dang Van, Spencer Yu, Lajos Katona, liyi, Nam, wang zhiming, Bence Romsics, Zhaokun Fu, Ngo Quoc Cuong, Martin André, Crag Wolfe, Lujin Luo, Tuan, Mohankumar, zhubingbing, Yong Sheng Gong, James Slagle, Tovin Seven, Shunli Zhou, Bob Fournier, Vitaliy Nogin, Kazunori Shinohara, Tony Breeds, Andreas Jaeger, Yushiro FURUKAWA, hongbin, Luca Lorenzetto, Juan Antonio Osorio Robles, Jiří Stránský, Sven mark, Totti, ShangXiao, Randall Burt, Deepak Mourya, Alexandra Settle, Marios Andreou, wanghongtaozz, Zhong Shengping, Roy Cheng, Allain Legacy, Akhil jain, Giulio Fidente, Akihiro Motoki, Eric Brown, Alvaro Lopez, Chason, Vu Cong Tuan, Flavio Percoco Premoli, Istvan Imre, Dan Prince, Nguyen Hung Phuong, Kashif Siddiqui, Trinath Somanchi, ChangBo Guo(gcb), Ben Nemec, doantungbk, sudhir agarwal, Drago, chenaidong, Mohammed Naser, Bernard Cafarelli, Tomas Sedovic, Emilien Macchi, Radoslaw Smigielski, Norbert Illes, Harald Jensås, Leon Zhang, Tao Li, sunjiazz, Tomasz Trębski, liumk, shangxdy, shaofeng cheng, Jeremy Liu, John Fulton, Bruce Benjamin, praveen, Jacek Tomasiak, Luis Tomas Bolivar, chenyingnan, Brad P. Crochet, ZouHuiying, srinivas_tadepalli, ioggstream, Viktor Varga, Attila Darazs, Cindia-blue, Cuong Nguyen, yangjidong, Jaewoo Park, Javier Peña, Billy Olsen, witek, Ian Y. Choi, Tin Lam, Luke Hinds, Michele Baldessari, Julia Varlamova, Haïkel Guémar, soumiyajit, Madhuri Kumari, Saad Zaher, Alan Pevec, Gordon Chung, Bharath Thiruveedula, Nguyen Phuong An, Rajat Sharma, qin.jiang, Miguel Caballer, Dmitry Tantsur, stoneliu, Reedip Banerjee, howard lee, Anant Patil

Your Help Is Desired!

Ideas + blueprints/bugs + specs/patches + reviews

= Super !!!

How to contributeReview http://bit.ly/2y75vGiBlueprints https://blueprints.launchpad.net/heatBugs https://bugs.launchpad.net/heatDocuments https://docs.openstack.org/heat/latest/Feedback or Provide ideas = irc: ricolin #heat or rico.lin.guanyu@gmail.com

Team meeting time Wednesday 13:00 UTC #heat (meeting wiki and archive)

● Heat● Python-heatclient● Heat-agents● Heat-templates● Heat-specs● Heat-cfnclient● Heat-cfntools● Heat-translator● Tosca-parser● Repos that on the way

○ Heat dashboard○ Heat tempest plugin

● Also a lot of projects that relative

Heat repos

Starting Point: heat/engine/service.pyConvergence: `if stack.convergence`

rpc => converge_stack() ===> check_resource() ===> Resource.handle_X()[____engine_node__] [___________worker_node________________]

worker1 workerN

amqp

engine1 engineN

Stack

worker2

depends on

Stack2

Stack

Stack2openstack stack create

resource maintain[resource plugin guide]class Cluster(resource.Resource): support_status = support.SupportStatus(version='9.0.0') default_client_name = 'magnum' entity = 'clusters' ATTRIBUTES = (API_ADDRESS_ATTR,...) = ('api_address',...) attributes_schema = {...} PROPERTIES = (NAME, ...) = ('name', ...) properties_schema = {...} def translation_rules(self, props): ... def _resolve_attribute(self, name): ... def handle_( ) create/update/snapshot/delete/adopt/suspend/restore/ export/abandon/resume/singal/X_cancel/snapshot_delete/check (): ... def check_X_complete(...): … def parse_live_resource_data(self, resource_properties, resource_data):def resource_mapping(): return {'OS::Magnum::Cluster': Cluster}

In heatopenstack stack event list <stack> <resource>openstack stack resource list -n <nested-depth>

And if it is a bug:Please help out with report a bug!

As for those stack that stuck while testing, try to:delete stack > delete child stack > delete actual resource + abandon stack

if you like to use pdb in heat engine serviceset config num_engine_workers=1

stack debug

stack debug

Run software config config: type: OS::Heat::SoftwareConfig properties: group: ansible inputs: - name: foo - name: bar outputs: - name: result config: get_file: config-scripts/example-ansible-template.ansible

server: type: OS::Nova::Server properties: image: {get_param: image} flavor: {get_param: flavor} key_name: {get_param: key_name} security_groups: - {get_resource: the_sg} user_data_format: SOFTWARE_CONFIG

other_deployment: type: OS::Heat::SoftwareDeployment properties: config: get_resource: config server: get_resource: server input_values: foo: fu bar: barmy actions: - CREATE - UPDATE - SUSPEND - RESUME

Heat container agents [sample in repo]

Software Deploy

Nova Server

What you can install with● heat-config-ansible● heat-config-apply-config● heat-config-cfn-init● heat-config-chef● heat-config-docker-cmd● heat-config-docker-compose● heat-config-hiera● heat-config-json-file● heat-config-kubelet● heat-config-puppet● heat-config-salt● heat-config-script

And you can customize your own hook

os-collect-config

os-refresh-config

os-apply-config

kubelet-hook$ kubelet

Webserverdone

config-notify

Signal

● CCFN_SIGNAL● TEMP_URL_SIGNAL● NO_SIGNAL● HEAT_SIGNAL● ZAQAR_SIGNAL

Dockers

Software Config

Heat container agents [sample in repo] config: type: OS::Heat::SoftwareConfig properties: group: script outputs: - name: result config: { get_file: example-script.sh }

deployment: type: OS::Heat::SoftwareDeployment properties: config: { get_resource: config } server: { get_resource: server }

start_container_agent: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: ./start-container-agent2.sh}

server: type: OS::Nova::Server properties: image: {get_param: image} flavor: {get_param: flavor} key_name: {get_param: key_name} networks: - network: {get_param: private_net} security_groups: - {get_resource: the_sg} user_data_format: SOFTWARE_CONFIG user_data: {get_attr: [start_container_agent, config]}

#!/bin/bashset -ux# heat-docker-agent servicecat <<EOF > /etc/systemd/system/heat-container-agent.service[Unit]Description=Heat Container AgentAfter=docker.serviceRequires=docker.service[Service]TimeoutSec=5minRestartSec=5minUser=rootRestart=on-failureExecStartPre=-/usr/bin/docker rm -f heat-container-agentExecStartPre=-/usr/bin/docker pull docker.io/rico/heat-container-agentExecStart=/usr/bin/docker run --name heat-container-agent \\--privileged \\--net=host \\-v /run/systemd:/run/systemd \\-v /etc/sysconfig:/etc/sysconfig \\-v /etc/systemd/system:/etc/systemd/system \\-v /var/lib/heat-cfntools:/var/lib/heat-cfntools \\-v /var/lib/cloud:/var/lib/cloud \\-v /tmp:/tmp \\-v /etc/hosts:/etc/hosts \\docker.io/rico/heat-container-agentExecStop=/usr/bin/docker stop heat-container-agent[Install]WantedBy=multi-user.targetEOF# enable and start heat-container-agentchmod 0640 /etc/systemd/system/heat-container-agent.service/usr/bin/systemctl enable heat-container-agent.service/usr/bin/systemctl start --no-block heat-container-agent.service

software config debugIn heatopenstack software deployment show <deployment_id> --longopenstack stack event list <stack> <resource>

In instancesudo service os-collect-config stopsudo os-collect-config --force --one-time --debug

If all seems complete but no signal back, try to check signal server or switch to a stable signalserver:

type: OS::Nova::Server properties: ... software_config_transport: ZAQAR_MESSAGE

deployment: type: OS::Heat::SoftwareDeployment properties: … signal_transport: ZAQAR_SIGNAL

software config debug

Auto Healing

XXX::Server

XXX::Signal XXX::Alarm

XXX::Workflow

Signal

Meter

Trigger

XXX::AutoScaling

How you metering?

How you handle signal?

How you trigger a fix job

What's meter to

you?

Fix

Auto Healing server: type: OS::Nova::Server properties: ...

alarm_queue: type: OS::Zaqar::Queue

error_event_alarm: type: OS::Aodh::EventAlarm properties: event_type: compute.instance.update query: - field: traits.instance_id value: {get_resource: server} op: eq - field: traits.state value: error op: eq alarm_queues: - {get_resource: alarm_queue}

alarm_subscription: type: OS::Zaqar::MistralTrigger properties: queue_name: {get_resource: alarm_queue} workflow_id: {get_resource: autoheal} input: stack_id: {get_param: "OS::stack_id"} root_stack_id: if: - is_standalone - {get_param: "OS::stack_id"} - {get_param: "root_stack_id"}

autoheal: type: OS::Mistral::Workflow properties: description: > Mark a server as unhealthy and commence a stack update

to replace it. input: stack_id: root_stack_id: type: direct tasks: - name: resources_mark_unhealthy action: list_join: - ' ' - - heat.resources_mark_unhealthy - stack_id=<% $.stack_id %> - resource_name=<%

env().notification.body.reason_data.event.traits.where($[0] = 'instance_id').select($[2]).first() %>

- mark_unhealthy=true - resource_status_reason='Marked by alarm' on_success: - stacks_update - name: stacks_update action: heat.stacks_update stack_id=<% $.root_stack_id

%> existing=true

External resource custom_app_rsrc: type: OS::Mistral::ExternalResource properties: actions: create: { get_resource: wf_app_create } update: { get_resource: wf_app_update } suspend: { get_resource: wf_app_suspend } resume: { get_resource: wf_app_resume } delete: { get_resource: wf_app_delete } input: {..., 'stack_id': {get_param: "OS::stack_id"}}

wf_app_create: type: OS::Mistral::Workflow properties: type: direct tasks: - name: run_ssh action: std.ssh cmd='kubectl create -f https://k8s.io/docs/tasks/run-application/deployment.yaml' host=<% $.get_output._info.outputs[0].output_value %> username=<% $.user %> password=<% $.password %> input: {'user': {get_param: user}, 'password': {get_param: password}, 'stack_id': {get_param: "OS::stack_id"}}

...

create

update

suspend

resume

delete

OpenStack stack %(Action)s

update"

custom_app_rsrc

Debug External resource

network1

Ways for your applications to integrate with heat

Stack

network1

volume1

volume2

volume3

instance1

instance2

instance3

app_master.ansible

app.ansible app.ansible

create

create

create

create Build

Build

Build

DeployDeploy

Deploy

volume1 volume2 volume3

instance1 instance2 instance3

software deploymentmaster software deployment slaves

software config

Stack

@OpenStack

Q&AThank you!

openstack openstack OpenStackFoundation