Deploying Instances on COPC (metacloud) with Ansible

I wanted to show a quick example of how to deploy an instance on Cisco OpenStack Private Cloud (COPC or Cisco OPC or MetaCloud) with Ansible.  Since COPC is just a fully engineered and operated distribution of OpenStack from Cisco, this blog is also applicable to normal OpenStack environments.

I’m a big fan of Ansible because everything is agentless.  I also think the team has done a phenomenal job on the docs.  We’ll be using the nova compute docs here.  I don’t have to install anything on the instances to be able to do it and I can just run it from my laptop with minimal dependencies.  Here’s how I do it with CoreOS.

1.  Get Credentials

On COPC, you can navigate to your project and download the OpenStack RC File.  This is done from the ACCESS & SECURITY tab and then clicking on the API Access tab on the right.

COPC-Access&SecurityOnce you download this file, you put it in your ~/ directory.  I use a Mac so I just added the contents to my ~/.bash_profile.sh file. It looks like this:

Now, we’re ready to role.

2. Ansible Setup

I covered Ansible in previous posts.  So I’m going to assume you already have it.  Let’s create a few directories and files.  I put all my stuff in the ~/Code directory and then under the projects directory.  I then make sure everything in this directory belongs to some sort of git repo.  Some of those are on github (like this one) and others are in a private gitlab, or a private github repository.

./ansible.cfg

This file will have our info for where our inventory is.

This will be global settings for our environment.  We tell it not to use cowsay, but you can if you want.  Its kind of cute.  You may not have it installed.  We also tell it to use the contents of the inventory directory (which we’re going to create) to go to our hosts.

host_key_checking tells it that when we access a new server, not to worry if we’ve never seen the host before and attach to it anyway.  Finally, our remote user is core as this is the default user for the coreos instance that I’m using.

./inventory/hosts

We create a directory called inventory and add the file hosts.  We then add our one machine (our localhost!)  The contents looks like this:

You’ll notice here I also added which python I wanted to use, just in case I had other versions on the system.  This might be good too if you were using virtual environments.

./vars/copc_vars.yml

This is where we put the specifics of what we want deployed.  In our case we need to define the following:

The security group ‘default’ in my project, as seen from the dashboard actually includes port 22.  This is important so that I can ssh into it after its provisioned and do more things.

I imported my coreos image from the CoreOS OpenStack image website.  After importing it in from the dashboard, I clicked on the image to see the image ID:

Screen Shot 2015-05-01 at 2.50.42 PM   The floating IP pool is nova, I got that from looking at the dashboard as well.

Finally, the keypair is one I generated beforehand and downloaded into my server so I can log into it afterwards.

copc-one.yml

This file is our playbook.  It will provision a server.  Let’s look at the contents:

The great thing about this script is that none of the secrets are put into it.  Using the environment variables that we did by sourcing the ~/.project-openrc.sh file we are able to run the code perfectly.

Everything here is pretty self explanatory in that we are just passing in variables to the nova_compute task to bring up a new instance.  The name will be demo-server and everything else we’ve defined.  If the instance is already up, Ansible won’t go and try to provision a new one.  Its looking for demo-server, if he’s there, he won’t touch him.

3. Run the Playbook

We’re now watch the output on the dashboard and you can see it will spawn up.

Screen Shot 2015-05-01 at 3.19.13 PM

 

The next step is to make it so we can run Ansible playbooks on this host.  The problem right now is that coreos is just a stripped down barebones OS.  So there is no Python!  We’ll have to add a cloud init script or do something else to make this work.  I’ll save that for another post.  But if you were using Ubuntu or RedHat, you’d be good to go at this point.

Code

All the code in this is available at github here.