OpenStack works ... so now what?

Monty Taylor

twitter: @e_monty

Who am I?

Distinguished Technologist

HP Cloud

Who am I?

Technical Committee

Foundation Board of Directors

Developer Infrastructure Core Team

What are we going to talk about?

  • OpenStack
  • My application
  • Your applications

As an application developer,
I want to deploy and run an application on the internet
so that my customers all over the world can consume it.

As an application developer,
I want to deploy the application across multiple clouds
so that my service survives issues in any one of them.


I'm doing it myself as we speak

10-20k VMs per-day

3 (soon to be 6) clouds

Only using OpenStack APIs

OpenStack Infra

Tooling, Automation and CI for OpenStack Project

2000 Developers

Gated Commits

Every commit is fully integration tested (twice) before landing

Each Test Runs on a Single Use Cloud Slave

This is that "cloud scale out" part

1.7 Million Test Jobs in the last 6 Months

15 Million Tests in a month

18 Terabytes of Log Data in six months

We have no servers

It all runs across HP and Rackspace Public Clouds.




  • Traditional 'Enterprise' Java Application
  • Single Nova VM, Cinder Volume
  • Scale out farm of git replicas

Fun Numbers

  • 2500 changes every week
  • 15000 change revisions every week
  • 10,000 new changes every 42 days


  • Cloud Native
  • Purpose built in Python
  • Keeps a pool of ready to go nodes
  • Multi-cloud
  • Fully elastic - responds to demand

OpenStack Works!

What next?

Make it easier

Basic things you want to do

Get (make/fetch/find) a base image

Upload it to each cloud

Boot a VM on one or more of the clouds

Ensure it's on the Internet

We've made this harder than it should be

Get a base image

OpenStack diskimage-builder


Download pre-built image from Ubuntu/RedHat/SuSE

Problem: hypervisor image file format

  • Rackspace uses VHD
  • HP uses qcow2
  • DreamHost uses RAW

Problem: image API version

  • HP uses v1
  • vexxhost uses v2

Good news! We made a plan for this at the summit

Problem: image task vs. PUT

swift upload --object-name local-image-filename images image-name
glance task-create
   --input='{"import_from": "images/image-name",
             "image_properties" : {"name": "My Image Name"}}'
glance image-create --name=image-name --file=local-image-filename

Problem: Ensure it's on the Internet

  • Cloud has externally routable IP from neutron (RunAbove, OVH)
  • Cloud has externally routable IP neutron AND supports optional private tenant networks (vexxhost)
  • Cloud has private tenant network provided by neutron and requires floating IP (HP, Dreamhost)
  • Cloud only has private tenant network provided by nova-network and requires floating-ip for external routing (auro)
  • Cloud has externally routable IP from neutron but no neutron APIs (Rackspace)

Maybe in code ...

def get_server_external_ipv4(cloud, server):
    if cloud.has_service('network'):
            server_ports = cloud.search_ports(
            ext_nets = cloud.search_networks(filters={'router:external': True})
        except NeutronClientException as e:
            pass  # fall through
            for net in ext_nets:
                for port in server_ports:
                    if net['id'] == port['network_id']:
                        for ip in port['fixed_ips']:
                            if _utils.is_ipv4(ip['ip_address']):
                                return ip['ip_address']
    ext_ip = get_server_ip(server, key_name='public')
    if ext_ip is not None:
        return ext_ip
    for interfaces in server.addresses.values():
        for interface in interfaces:
            if _utils.is_ipv4(interface['addr']) and \
                return interface['addr']
    return None

I think we can do better than that

What am I doing about it?


A library to handle config information for openstack clients

Tracks differences in vendors that can't be discovered

In use in python-openstackclient and ansible



    profile: hp
      password: XXXXXXXXXXXXX
    region_name: region-b.geo-1
    profile: dreamhost
      username: montay6
      project_name: dhc2111978
      password: XXXXXXXXXXXXX
    region_name: RegionOne


A library to wrap business logic around client libraries

cloud.create_image('image-name', filename='image-filename.qcow2')
cloud.create_server('my-server', image='immage-name', auto_ip=True)

In use in Infra Nodepool and ansible


Brand new modules, based on shade

Coming in 2.0 release

- os_keypair:
    cloud: hp-mordred
    name: mordred
    public_key_file: ~/.ssh/
- os_image:
    cloud: hp-mordred
    name: Monty Ubuntu
    file: ubuntu.vhd
- os_server:
    cloud: hp-mordred
    name: my-server
    flavor_ram: 1024
    image: Monty Ubuntu


multi-cloud support

- os_keypair:
    cloud: "{{ item }"
    name: mordred
    public_key_file: ~/.ssh/
    - vexxhost
    - rackspace
    - mordred-hp
    - ovh

What should we do about it?

  • Get back to basics
  • shade existence is a bug
  • Make some decisions about divergences in the basic levels
  • Take a stand even if one of our product managers disagrees
  • Ensure that simple things are simple

Thank you!

twitter: @e_monty