Salt Virt for Linux Containers and Virtualization Management

Matthew Williams matthew@flowroute.com

• Enterprise Class VoIP Provider!• Manage about 100 minions… and growing!• Adopted Salt in 2013

Salt and Virtualization

• Two Unique Systems!• virt: Virtualization via libvirt (e.g., KVM, VMware)!• lxc: Linux Containers

virt

virt

• virt execution module!• create, destroy, start, stop VMs!• obtain information about VMs!

• virt runner!• orchestrate deployment of VMs!• pre-accept minion keys for VMs

Preparing the Host

• Host system with libvirt and python-libvirt installed!• Network bridge configured (On Ubuntu libvirt-bin

package does this for you)!• default nic profile in pillar

or minion config:virt.nic:! default:! eth0:! bridge: virbr0! model: virtio

Preparing an Image

• A base VM image is needed.!• May be built with vmbuilder:

vmbuilder kvm ubuntu --suite precise --flavour virtual - \!--dest test_img --ppa saltstack --addpkg salt-minion

• Preinstall salt-minion if possible!• Most cloud-ready images will also work

Creating VMs

salt-run virt.init test 1 256 salt://test_img.qcow nic=default

• selects the least loaded hyper (based on memory)!• caches and clones the image!• installs salt-minion (if needed)!• configures the minion and pre signs its key!• starts the VM

Managing VMs

salt-run virt.pause test!salt-run virt.resume test

• pause and resume

• power off and restartsalt-run virt.force_off test!salt-run virt.start test

salt-run virt.reset test

Managing VMs

salt-run virt.purge test

• delete forever

Documentation

http:/docs.saltstack.com/topics/tutorials/cloud_controller.html!!http://docs.saltstack.com/ref/runners/all/salt.runners.virt.html

lxc: Linux Containers

lxc

• lxc execution module!• create, destroy, start, stop containers!• obtain information about containers!

• lxc runner (develop branch only)!• orchestrate deployment of containers!• pre-accept minion keys for containers

Linux Containers

• Kernel containment features are utilized, including:!• Namespaces (ipc, uts, mount, pid, network and user)!• Chroots!• cgroups!

• More like a virtual environment than a virtual machine

More Info: www.linuxcontainers.org

Preparing the Host

• Install the lxc package and ensure the service is running

lxc:! pkg:! - installed! service:! - running! - require:! - pkg: lxc

Preparing the Host

• configure lxc.nic and lxc.profile in pillar (or minion config)

lxc.nic:! default:! eth0:! link: lxcbr0! type: veth!!lxc.profile:! ubuntu:! template: ubuntu! backing: lvm! vgname: lxc! size: 1G

The LXC Runner

salt-run lxc.init name host=minion_id [cpuset=cgroups_cpuset] \ [cpushare=cgroups_cpushare] [memory=cgroups_memory] \ [nic=nic_profile] [profile=lxc_profile] \ [nic_opts=nic_opts] [start=(true|false)] \ [seed=(true|false)] [install=(true|false)] \ [config=minion_config]

Creating a Container

salt-run lxc.init test host=host_minion \! profile=ubuntu memory=256

• Utilizes the ubuntu lxc template (many are available)!- Pulls an ubuntu image, if needed, and caches it!

• Installs salt-minion and pre-seeds config and keys!• Starts the container

Managing Containers

salt-run lxc.freeze test!salt-run lxc.unfreeze test

• freeze and unfreeze

• power off and restartsalt-run lxc.stop test!salt-run lxc.start test

Managing Containers

salt-run lxc.purge test

• delete forever

Documentation

http://docs.saltstack.com/ref/runners/all/salt.runners.lxc.html!!http://docs.saltstack.com/ref/modules/all/salt.modules.lxc.html

We’re Hiring

flowroute.com/jobs

Questions?

irc:mgw matthew@flowroute.com

www.github.com/mgwilliams