Ansible Openstack collections - HackMD

<style> .reveal { font-size: 29px; } </style> # Openstack Ansible collections slides: https://hackmd.io/@sshnaidm/openstack-ansible-collections-presentation-alldfg --- ## Who am I? - ![Linux](https://i.imgur.com/hhhOpD7.png =40x) Sagi (Sergey) Shnaidman - ![Red Hat](https://i.imgur.com/qVBaoUL.png =40x) Red Hat, Israel - ![Openstack](https://i.imgur.com/NZpZ9tb.png =40x) Openstack - ![TripleO](https://i.imgur.com/x3xlWsn.png =40x) TripleO CI - :heart: Areas of interest: ![clouds](https://i.imgur.com/sdCZcXP.png =40x) clouds, ![Podman](https://i.imgur.com/hkkAdZJ.png =40x) Podman, ![Ansible](https://i.imgur.com/zcddoss.png =40x) Ansible, ![Kubernetes](https://i.imgur.com/IwhpXZc.png =60x) Kubernetes --- ### Ansible Openstack modules history - Based on [shade](https://docs.openstack.org/shade/latest/) Python module before Rocky release. - From Rocky using [Openstack SDK](https://docs.openstack.org/openstacksdk/latest/) for calls. - Was located in [cloud modules](https://docs.ansible.com/ansible/2.9/modules/list_of_cloud_modules.html#openstack) in Ansible repository before 2.10 --- ### Ansible Openstack modules now - After the Big Split in Ansible (from 2.10) moved to [Openstack Ansible collections repository](https://opendev.org/openstack/ansible-collections-openstack) under [Openstack Gerrit](https://review.opendev.org/#/q/project:openstack/ansible-collections-openstack) - Branchless, releases based, published to [Ansible Galaxy `openstack.cloud`](https://galaxy.ansible.com/openstack/cloud) namespace. - Support management of Openstack clouds from Queens (*tested*). - Possible to use from Ansible version 2.8 as collections. --- ### Collection purpose and goals - Management of Openstack cloud resources. - Keep infrastructure as a code. Playbook example of server launch: ```yaml - name: Start an Openstack VM hosts: localhost tasks: - name: Launch an instance openstack.cloud.server: name: "{{ vm_name}}" state: present cloud: "{{ cloud }}" region_name: "{{ region }}" image: "{{ image }}" flavor_ram: "{{ ram }}" ``` ---  ### Which modules do we have? - **Compute** - for servers, flavors, keys management. - **Network** - networking and security, including DNS and LB. - **Storage** - images, block storage, object storage, snapshots. - **Administration** (Keystone): - Users - Projects - Roles - etc.. - **Ironic/Baremetal** - baremetal hosts provisioning, introspection and info. - Other - Container Orchestration Engine (COE) - Heat stacks - Quota - etc.. --- ### Sources and install ### Development * Modules are developed in: * Openstack Gerrit patches: https://review.opendev.org/q/project:openstack/ansible-collections-openstack * Sources: https://opendev.org/openstack/ansible-collections-openstack * Bugs, issues, RFEs are in Storyboard: https://storyboard.openstack.org/#!/project/openstack/ansible-collections-openstack * In Bugzilla for downstream: [**Product**: Red Hat OpenStack **Component**: ansible-collections-openstack ](https://bugzilla.redhat.com/buglist.cgi?bug_status=__open__&bug_status=__closed__&component=ansible-collections-openstack&list_id=11886903&product=Red%20Hat%20OpenStack&query_format=advanced) --- ### Installation *Dependencies: Openstack SDK* Simple install: ```bash pip install --user openstacksdk ansible ansible-galaxy collection install openstack.cloud ``` Alternative ways: ```bash dnf install ansible-collections-openstack ``` Installation path: `/usr/share/ansible/collections`. - **Upstream**: [Fedora package](https://src.fedoraproject.org/rpms/ansible-collections-openstack), [RDO CentOS package](http://mirror.centos.org/centos/8/cloud/x86_64/openstack-train/Packages/a/) - **Downstream**: packages from OSP version 16.1 --- ### Usage and Support - Supported for one customer as a support exception. - Going on process of certifying for [Automation Hub](https://cloud.redhat.com/) and support. - Used by operators to manage Openstack clouds - TripleO/OSPD usage: - Keystone modules for users and projects management - Ironic modules for baremetal nodes management and introspection ---  ### Anatomy of the module **Ansible docs part:** ```python DOCUMENTATION = ''' ... module: server_info... ''' EXAMPLES = ''' ... ''' RETURN = ''' ... ''' ``` **`OpenStackModule` inherited class:** ```python from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule class ServerInfoModule(OpenStackModule): deprecated_names = ('os_server_info', 'openstack.cloud.os_server_info') argument_spec = dict( server=dict(required=False), detailed=dict(required=False, type='bool', default=False), # other arguments for a module ) ``` **Module specific `run` function:** ```python def run(self): kwargs = self.check_versioned( detailed=self.params['detailed'], filters=self.params['filters'], all_projects=self.params['all_projects'] ) if self.params['server']: kwargs['name_or_id'] = self.params['server'] openstack_servers = self.conn.search_servers(**kwargs) self.exit(changed=False, openstack_servers=openstack_servers) ``` **Module call:** ```python def main(): module = ServerInfoModule() module() if __name__ == '__main__': main() ``` ---  ### Module generation Module generation script in repository: ```bash ansible localhost -c local -m template \ -a "src=module_template.py.j2 dest=my_module.py" \ -e @module_template_vars.yaml ``` For a specific info module: ```bash ansible localhost -c local -m template \ -a "src=module_info_template.py.j2 dest=my_module_info.py" \ -e @module_template_vars.yaml ``` When `module_template_vars.yaml` looks like: ```yaml module_name: server_manage author_name: 'Happy Ansible User' author_mail: dontwriteme@example.com module_short_description: "Doing something very useful" module_long_description: "Here is the place to release your inner writer" check_mode_support: True # good practice to support check_mode: # https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html#check-mode-dry-run module_returns_example: image: description: Image inspection results for the image that was pulled, pushed, or built. returned: always # or 'success' in case of success only type: dict sample: Image Name: Sample Image Image ID: e6471d00796a13de8142c15d7ad3a44f Nested: images list: - data 1 - image 1234 boolean_1: True options: optional_string: description: - This variable is set for having string argument, for example 'action' type: str required: true default: "my_lovely_action" choices: - allowed_option1 - allowed_option1 ``` --- ### Retrospectives and roadmaps PTG (Openstack Project Gathering) - Apr 2021 - [Etherpad](https://etherpad.opendev.org/p/xena-ptg-os-ansible-collections), [summary](http://lists.openstack.org/pipermail/openstack-discuss/2021-April/022112.html). - Oct 2020 - [Etherpad](https://etherpad.opendev.org/p/os-ansible-wallaby-ptg), [summary](http://lists.openstack.org/pipermail/openstack-discuss/2020-October/018436.html) - June 2020 - [Etherpad](https://etherpad.opendev.org/p/victoria-ptg-os-ansible-modules) ### Next to do * Moving all modules to inherit from OpenstackModule class for better management. * Auto-updating documentation. * Adding *example* roles which would help operators to use modules more efficiently (like Terraform modules) * Fetching SDK logs for executed tasks * [current modules development status](https://hackmd.io/vAoow7AoT9ymRYA5J9gNdQ?view) - Add more testing --- ### How to contribute - [Fix issues in Storyboard](https://storyboard.openstack.org/#!/project/openstack/ansible-collections-openstack)  - Discover not implemented features in Ansible modules, report them  - Implement those features  - Create tests for modules  --- ### Some cool usages of Openstack Ansible modules - **Transible** - Convert existing cloud configuration to ansible playbooks - https://github.com/sshnaidm/transible - ```bash ./transible.py --os-cloud my-cloud-name ``` - **os-migrate** - https://github.com/os-migrate/os-migrate - Openstack cloud data migration - **Bifrost** - https://docs.openstack.org/bifrost/latest/ - Standalone Ironic Baremetal service - provisioning baremetal hosts --- Thanks for watching!