Wednesday, November 13, 2013

OpenNebula Puppet Module

Within my actual project we implemented OpenNebula on CentOS.
The big picture is a self service where developers can startup virtual machines by themselves.

The team that worked on the OpenNebula implementation is heavily using automation for many tasks. Therefore we decided to also automate the OpenNebula installation and configuration using Puppet.



First we were looking for available solution and found the puppetlabs OpenNebula module made by Ken Barber.
During PuppetConf 2013 in San Francisco I talked to Ken and he recommended to rewrite the module from scratch.

Within a couple of days we had a first version of the module finished for internal use only.
(We still had lots of project specific stuff within the module.)
Two weeks later we the module was ready to be made public as Open Source.

The module can now be found on GitHub:
- ePost Development GitHub account
- my fork (this repo has the vtype and ntype available)

The module can be used for a node (compute_node) and the OpenNebula management system (oned).
All configuration is either using defaults (manifests/params.pp) or can be fetched from hiera.

We tried to keep the stuff very modular.
One may choose whether he wants
  • choose virtualization option for a copute node,
  • choose network option for a compute node,
  • compute node and/or OpenNebula management,
  • sunstone or cli only,
  • apache or webrick as sunstone webserver,
  • ldap as authentication backend,
  • sqlite or mysql as data backend.

Module usage inside Puppet:

1. compute node only (using kvm and 802.1Q):

class { 'one': }

1.a compute node only (using xen3 and ebtables)

class { 'one':
    vtype => 'xen3',
    ntype => 'ebtables',
}


2. OpenNebula management cli only:

class { 'one':
    node => false,
    oned => true,
}

3. OpenNebula management with Sunstone:

class { 'one':
    node => false,
    oned => true,
    sunstone => true,
}

4. Compute Node with OpenNebula Management and Sunstone, using MySQL backend and LDAP authentication:

class { 'one':
    node => true,
    oned => true,
    sunstone => true,
    ldap => true,
    backend => 'mysql',
}

We are still working on corosync/pacemaker HA setup and we are looking forward to also integrate Oneflow and Onegate.

Update: add information regarding compute node virtualization and network type.