Automation in AgileCLOUD With Chef

Introduction

Chef is a configuration management tool that streamlines the task of configuring and maintaining infrastructure by automating the provisioning of machines and software configurations. It promotes the concept of Infrastructure as code. This write-up describes how the Chef toolset can be integrated with the INAP Cloud to automate provisioning of servers and cloud resources.

Usage of Chef with INAP AgileCLOUD assumes that the operator or customer has an INAP Agile account and has access to the INAP cloud APIs.

Initial Setup

Please refer to the following knowledge base article for an initial setup of your Agile environment.

Setup A Workstation

To setup a workstation to be used for editing Chef scripts and invoke AgileCLOUD APIs, follow the steps below and refer to the diagram:

chef-image-1

  • Use a workstation with a Linux or Linux like shell for CLI (Linux, Unix, Mac OSX).
  • Use a local or an external editor to edit Chef recipes and config files (Notepad++, Vim, etc).

Install OpenStack clients: nova, glance and other clients:

sudo apt-get update
sudo apt-get upgrade

### install Nova client:
apt-get install python-novaclient
###install Glance client:
apt-get install python-glanceclient

Create the nova-openrc.sh file in the “home” directory with the content below:

#command to create the file from CLI: cat > nova-openrc.sh

#user_name and password created in customer portal at initial setup
export OS_USERNAME=api-5456712xxxxx
export OS_PASSWORD=a98262529aa005ae205411xxxxxx
export OS_TENANT_NAME=inap-81xx
export OS_AUTH_URL=https://identity.api.cloud.iweb.com/v2.0
export OS_REGION_NAME=nyj01

Source the file with the following command:

source nova-openrc.sh

Test NGAC API access with installed clients:

#Display CLI to use:
nova list
nova image-list
nova flavor-list
nova endpoints
glance image-list

Create a key pair if not done before. This allow access to instances created automatically.

#Generate an SSH key
ssh-keygen -t rsa

#Generate a keypair and register them with nova
nova keypair-add mykey > /root/.ssh/mykey.pem
cd /root/.ssh ; chmod 600 mykey.pem
nova keypair-list

Login to an existing or a newly created cloud instance:

nova list

#use the IP address of the images just created in the SSH command below:
ssh -i /root/.ssh/mykey.pem root@172.27.xxx.xxx

#change the password if needed so password authentication is possible.
passwd

Installing and Using Chef

This example uses Chef solo to highlight the steps and parameters used with INAP cloud. Similar steps can be used for a distributed system at a larger scale.

Steps to set up Chef toolset:

Install Chef Solo

Install Chef-solo:
curl -L https://www.opscode.com/chef/install.sh | bash

Install the chef-repo and create the knife.rb resource file

### install the chef-repo and create the knife.rb file:
wget http://github.com/opscode/chef-repo/tarball/master
tar -zxf master
mv chef-chef-repo-605eeda chef-repo
rm master

cd chef-repo
mkdir .chef
echo “cookbook_path [ ‘/root/chef-repo/cookbooks’ ]” > .chef/knife.rb

Install knife OpenStack and related dependencies

### Install knife openstack: start with ruby-dev, and dependencies
apt-get install ruby-dev
apt-get -y install build-essential zlib1g-dev libssl-dev libreadline6-dev libyaml-dev
apt-get -y update
apt-get install ruby2.0

/opt/chef/embedded/bin/gem install knife-openstack

Update .chef/knife.rb file with the following content:
>>>
cookbook_path [ ‘/root/chef-repo/cookbooks’ ]
# Knife OpenStack plugin setup
knife[:openstack_auth_url] = “#{ENV[‘OS_AUTH_URL’]}/tokens”
knife[:openstack_username] = “#{ENV[‘OS_USERNAME’]}”
knife[:openstack_password] = “#{ENV[‘OS_PASSWORD’]}”
knife[:openstack_tenant] = “#{ENV[‘OS_TENANT_NAME’]}”
knife[:openstack_region] = “#{ENV[‘OS_REGION_NAME’]}”

Use the “knife openstack” command line to invoke recipes and provision resources

### testing knife openstack

cd /root/chef-repo/.chef
knife openstack image list
knife openstack flavor list
knife openstack server list
knife openstack server show 98835d86-82de-4701-929d-efdb86b42c12 #server-Id
knife openstack network list

### create a server with specified name, image, and networks to attach to ###
### replace image-ID and network IDs and key-pair with the IDs in your account:

knife openstack server create -N newTestLK.nyj01.internap.com -f A1.1 -I b59cb88a-fa5d-41f8-adae-720d38c2cd09 –network-ids 99e9d4d0-87e4-4e85-897b-0dcc5f7c97eb,5febcc68-e3f6-40b4-b619-eb12e4e5c1ce –bootstrap-network inap-8184-LAN3056 –openstack-ssh-key-id mykey

knife openstack server list

### ssh to the new instance using nova key-pair then change the password
ssh -i /root/.ssh/mykey.pem root@172.27.58.235
passwd

knife openstack server delete [instance-ID] ### e.g.854aa5cb-4260-421e-a507-67b2bd44517b

Tools and Links

Customer portal: https://account.internap.com/
Horizon portal: https://horizon.internap.com/
API Endpoint: https://identity.api.cloud.iweb.com/v2.0
Getting Started with INAP OpenStack:  http://kb.internap.com/cloud/getting-started-with-openstack/