<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Andrew --<br>
<br>
Thanks for your comments. I'm going to start with a screenshot for
context:<br>
<br>
<a class="moz-txt-link-freetext" href="http://bogott.net/misc/osmpuppet.png">http://bogott.net/misc/osmpuppet.png</a><br>
<br>
That's what it looks like when you configure an instance using Open
Stack Manager, which is WikiMedia's VM management interface. My
main priority for adding puppet support to Nova is to facilitate the
creation and control of a GUI much like that one.<br>
<br>
On 1/26/12 5:03 PM, Andrew Clay Shafer wrote:
<blockquote
cite="mid:CALC1uEM6QoUvTB8kWFs_NeUv+OHPRiPHAgaKsHgqVTKtr4tAFg@mail.gmail.com"
type="cite">
<div><br>
</div>
I'd also like to see more of a service oriented approach and avoid
adding tables to nova if possible.
<div><br>
</div>
<div>I'm not sure the best solution is to come up with a generic
service for $configuration_manager for nova core. I'd rather see
these implemented as optional first class extensions.</div>
</blockquote>
This sounds intriguing, but I'll plead ignorance here; can you tell
me more about what this would look like, or direct me to an existing
analogous service?<br>
<br>
<blockquote
cite="mid:CALC1uEM6QoUvTB8kWFs_NeUv+OHPRiPHAgaKsHgqVTKtr4tAFg@mail.gmail.com"
type="cite">
<div>What are you going to inject into the instances exactly?
Where does the site.pp live?</div>
</blockquote>
This is the question I'm hoping to get feedback on. Either nova can
generate a fully-formed site.pp and inject that, or it can pass
config information as metadata, in which case an agent would need to
be running on the guest which would do the work of generating the
site.pp. I certainly prefer the former but I'm not yet clear on
whether or not file injection is widely supported.<br>
<br>
<blockquote
cite="mid:CALC1uEM6QoUvTB8kWFs_NeUv+OHPRiPHAgaKsHgqVTKtr4tAFg@mail.gmail.com"
type="cite">
<div>
I haven't thought about this that much yet, but off the top of
my head, but if the instances already have puppet clients and
are configured for the puppet master, then the only thing you
should need to interact with is the puppet master.</div>
</blockquote>
<br>
It's definitely the case that all of this could be done via LDAP or
the puppet master and involve no Nova action at all; that's how
WikiMedia's system works now. My aim is to consolidate the many
ways we currently interact with instances so that we delegate as
much authority to Nova as possible. That strikes me as generally
worthwhile, but you're welcome to disagree :)<br>
<br>
<blockquote
cite="mid:CALC1uEM6QoUvTB8kWFs_NeUv+OHPRiPHAgaKsHgqVTKtr4tAFg@mail.gmail.com"
type="cite">
<div>I'm not a fan of the Available, Unavailable, Default,
particularly because you are managing state of something that
may not be true on the puppet master.</div>
</blockquote>
I may be misunderstanding you, or my blueprint may be unclear.
Available, Unavailable, and Default don't refer to the availability
of classes on the puppet master; rather, they refer to whether or
not a class is made available to a nova user for a given instance.
An 'available' class would appear in the checklist in my
screenshot. An Unavailable class would not. A 'default' class
would appear, and be pre-checked. In all three cases the class is
presumed to be present on the puppet master.<br>
<br>
<blockquote
cite="mid:CALC1uEM6QoUvTB8kWFs_NeUv+OHPRiPHAgaKsHgqVTKtr4tAFg@mail.gmail.com"
type="cite">
<div>I also think managing a site.pp is going to be inferior to
providing an endpoint that can act as an eternal node tool for
the puppet master.</div>
<div><a moz-do-not-send="true"
href="http://docs.puppetlabs.com/guides/external_nodes.html">http://docs.puppetlabs.com/guides/external_nodes.html</a></div>
</blockquote>
In which case nova would interact directly with the puppet master
for configuration purposes? (I don't hate that idea, just asking
for clarification.)<br>
<br>
<blockquote
cite="mid:CALC1uEM6QoUvTB8kWFs_NeUv+OHPRiPHAgaKsHgqVTKtr4tAFg@mail.gmail.com"
type="cite">
<div><br>
</div>
<div>One other point, that you might have thought of, but I don't
see anywhere on the wiki is how to handle the ca/certs for the
instances.</div>
</blockquote>
I believe this (and your subsequent question) falls under the
heading of "
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
Instances are presumed to know any puppet config info they need at
creation time (e.g. how to contact the puppet master). " Important,
but outside the scope of this design :)<br>
<br>
<blockquote
cite="mid:CALC1uEM6QoUvTB8kWFs_NeUv+OHPRiPHAgaKsHgqVTKtr4tAFg@mail.gmail.com"
type="cite">
<div>Just to reiterate, I'd love to see deeper configuration
management integrations (because I think managing instances
without them is it's own hell), but I'm not convinced it should
be part of core nova per se.</div>
<div><br>
</div>
</blockquote>
So that I understand your terminology... are extensions like the
quotas or floating ips considered 'core nova'?<br>
<br>
Thanks again for your input! Clearly it would be best to hash this
out at the design summit, but I'm hoping to get at least a bit of
coding done before April :)<br>
<br>
-Andrew<br>
<br>
</body>
</html>