Openstack and Chef - chef-boneyard/chef-summit-2014 GitHub Wiki

Location

Thursday, Metropolitan, 1430

Convener

JJ Ashgar

Participants

Summary of Discussions

Does knife work for consumers of Openstack? - 1.0.0 is working now, had issues between public and private clusters Scope of using knife - should knife be used to create Volumes? YES that would be super awesome. Do you want to have chef-client set that up? Do we want an openstack-client cookbook with LWRPs? LWRPs that hook into fog? Yes - people would like that as a thing. It would be cool to use metal to spin up all the things. Use prior art by Rackspace to create an openstack-client cookbook with the LWRPs, perhaps. It is a challenge to maintain tests and stuff due to the 6 month release cycle, there's no 'good' reference architecture/docs. What would be really helpful is documentation regarding the roles in the cookbook and how they roll up, also figuring out. UNTANGLE THE DEPENDENCIES!!!! Let's have some reference implementation documentation.

Where does HA fit in the Openstack world now that Rackspace is not supporting it? Something about load balancers - I don't 100% understand the topic :(

Chef will not be a vendor of Openstack, Chef will not support Openstack itself, but we will support knife, reference arch, and partner relations and stuff. Nobody is currently selling chef+openstack.

Openstack + Test Kitchen would be awesome as a thing for people. People who do use it love it currently. Keystone, Lance, Nova together would be an awesome reference implementation for using TK.

There no way for people to test their immutables - use Tri-stack? (What is this?)

Supporting various releases of Openstack? We are actively looking for people to become core reviewers. Every change has to through gerrit, there's a document about it, it's a process - you can learn it. Go to the wiki - docs.getchef.com/openstack - how to contribute.

ssl termination in the UI layer? it may or may not be implemented at current time - should be implemented at the load balancer layer. Some folks are implementing this with the apache cookbook and a databag for certs.

Is anyone using openstack in prod using chef to spin everything up? Oh yeah. Some people used Matt's repo to get it to work, but may not be 100% awesome with Icehouse. Singlestack cookbook with Icehouse is solid tho (metal based). There is another repo from Ashley(?) which has the ability to deploy from source (master).

How to deal with production networking? It is... complex - but can be simple if the use case is simple. Start with Nova network or Neutron network. Where does chef 'stop' in terms of management of networking vs letting Openstack itself manage it. Basically - talk to the community - see how others have done it and see what other folks experiences were. Ask people who have you use case. The underlying hypervisor networks work with Chef, but having the actual floating IPs, use Openstack (if that fits your use case).

The biggest lesson - have a forklift strategy to upgrade!

Where is chef-metal on Openstack? The Fog driver works great with chef-metal-fog. Maybe a heat and cloudformation driver at some point in the future.

What will we do now? What needs to happen next?

  • jj will make updates to the roles to describe what they actually do and need
  • make a reference arch based on the simple TK scenario

Chef Community Guidelines

⚠️ **GitHub.com Fallback** ⚠️