jujuTipsAndTricks
Dev Week -- Ubuntu Juju Tips and Tricks -- m_3 -- Wed, Aug 29th, 2012
1 [19:00] <m_3> thanks larsu
2 [19:00] <m_3> hi all
3 [19:01] <m_3> I'll be talking about some fairly new tools we've recently added to Ubuntu Server
4 [19:02] <m_3> I've got notes and a demo session set up at the following URL:
5 === sayan_ is now known as sayan
6 [19:02] <m_3> http://ec2-107-22-155-155.compute-1.amazonaws.com/
7 [19:02] <m_3> you can either go there in a browser or just ssh directly in
8 [19:02] <m_3> the username and password are both 'guest'
9 [19:02] <m_3> I've got a little overview of where we are in the talk and then a demo session open as well
10 [19:03] <m_3> ok, so Juju!
11 [19:04] <m_3> juju's a set of tools that help out when you're managing services involving multiple servers... real or virtual
12 [19:04] <m_3> in fact... we're really trying to shift the way people think about configuring services on ubuntu server
13 [19:04] <m_3> instead of thinking about configuring _servers_
14 [19:04] <m_3> you configure the _services_ themselves
15 [19:04] <m_3> let's look at some simple examples first
16 [19:05] <m_3> (dragging heels a bit here to let peeps get connected to the demo site)
17 [19:05] <m_3> so if we think about a simple stack of services... wordpress for example
18 [19:06] <m_3> if you're putting this together on servers, you've got a bit of a pain in waiting for one server to reach a certain point of the install, then going to the other one... adding some config... then waiting again
19 [19:07] <m_3> this really is a synchronization problem or what we like to call "service orchestration"
20 [19:07] <m_3> well juju solves that problem well
21 [19:08] <m_3> we can use a handful of really simple examples to deploy a stack of services
22 [19:08] <m_3> I'll deploy some in real-time while we're chatting
23 [19:09] <m_3> and that's really it... we just need to wait for those instances to start up
24 [19:09] <m_3> first question to ask is where are these starting up at?
25 [19:10] <m_3> these are spun up using a "local" provider (note the addresses)
26 [19:10] <m_3> ok, well no addresses yet
27 [19:10] <m_3> :)
28 [19:10] <m_3> it's building out little ubuntu server instances using lxc containers
29 [19:10] <m_3> well local provider is only one type
30 [19:11] <m_3> we can use juju to control services on ec2 cloud, hp cloud (openstack in general)
31 [19:11] <m_3> as well as orchestrate services on bare metal with MaaS (metal-as-a-service)
32 [19:11] <m_3> I'll show a couple of examples of providers as we go
33 [19:12] <m_3> it's worth noting that this is somewhat of a "toy" example
34 [19:12] <m_3> but don't be fooled by that...
35 [19:13] <m_3> we can do more sophisticated stacks... consider the mature mediawiki stack for a second
36 [19:13] <m_3> we'll cover more details here, but I just want to point out that we can use juju to manage a real production-grade stack of services
37 [19:14] <m_3> mysql with read-only replicas
38 [19:14] <m_3> multiple wikis
39 [19:14] <m_3> each with heads fronting multiple nodes
40 [19:14] <m_3> all attached to the databases with monitoring and caching
41 [19:14] <m_3> etc
42 [19:14] <m_3> it's pretty cool from that regard
43 [19:14] <m_3> so let's back up to our simple example
44 [19:15] <m_3> so the services we can deploy are numerous
45 [19:16] <m_3> the template sorta things we use to deploy services are called "charms"
46 [19:16] <m_3> we've got lots of them already as we saw in the more complex example
47 [19:16] <m_3> jujucharms.com shows lots more
48 [19:16] <m_3> ok, let's check in on the simple stack we spun up a sec ago
49 [19:17] <m_3> ok, we're golden
50 [19:17] <m_3> note that we have two service units... mysql/0 and wordpress/0
51 [19:17] <m_3> yes, the /0 implies that there could even be a /1000
52 [19:17] <m_3> multiple "units" of the same "service"
53 [19:17] <m_3> juju scales really well, but we'll get back to that in a big
54 [19:18] <m_3> s/big/bit/
55 [19:18] <m_3> ok note that these services have ip addrs
56 [19:18] <m_3> well they've each got dedicated lxc containers
57 [19:18] <m_3> we could... for instance... ssh into one of them
58 [19:18] <m_3> so I've ssh'd to a local instance inside of this one
59 [19:19] <m_3> similarly, if we look at the same stack up on somewhere like ec2
60 [19:19] <m_3> (I spun this up before the talk)
61 [19:19] <m_3> node the addresses
62 [19:19] <m_3> and familiar service units
63 [19:19] <m_3> mysql/0
64 [19:19] <m_3> etc
65 [19:21] <m_3> we can verify that the charm is up and running properly...
66 [19:21] <m_3> which is as expected once wordpress is up
67 [19:22] <m_3> note that when we're working on the local provider things respond a bit faster than when using remote cloud providers
68 [19:23] <m_3> ok, so charms are the templates we use for deploying services
69 [19:23] <m_3> and we've seen a little bit of the local provider's usefulness
70 [19:23] <m_3> I'll leak a couple of other tips early here... charmtools
71 [19:24] <m_3> ok, so a charm is pretty simple
72 [19:25] <m_3> it's capturing the community's best practice for how to deploy and scale a service
73 [19:25] <m_3> but it does it through a fairly simple structure
74 [19:25] <m_3> the hooks/ are the magic
75 [19:25] <m_3> they're called by juju at the right time
76 [19:25] <m_3> _that_'s what provides the synchronization / orchestration
77 [19:27] <m_3> the metadata for each charms shows how the "plug" together
78 [19:27] <m_3> note the provides and requires
79 [19:28] <m_3> tic tock
80 [19:28] <m_3> here we can see how the ones we deployed earlier fit together
81 [19:29] <m_3> a couple more things about charms
82 [19:29] <m_3> the hooks are just scripts
83 [19:29] <m_3> then can be written in any language with an ubuntu runtime
84 [19:29] <m_3> or even compiled
85 [19:30] <m_3> they've just gotta play nicely with shell exit codes for juju to know if they errored out or not
86 [19:30] <m_3> ok, so the talk's supposed to be about tips-n-tricks and not just all about charms
87 [19:31] <m_3> before I move on, are there any questions about juju in general or charms and the basics of how they work?
88 [19:32] <m_3> ok, so tips
89 [19:32] <m_3> we already saw "local provider"
90 [19:32] <m_3> basics are... use it first and it's a lot quicker
91 [19:32] <m_3> it really makes for a somewhat production-realistic dev environment
92 [19:33] <m_3> concurrency issues'll show up earlier here than other local dev methods
93 [19:33] <m_3> and boom
94 [19:34] <m_3> now I've caused all sorts of problems for development if the code doesn't handle scaling or concurrencly
95 [19:34] <m_3> it's cheap and easy for developers to test that out now... _before_ it gets into production
96 [19:34] <m_3> we see haproxy is pending
97 [19:35] <m_3> and that we now have a second unit of wordpress
98 [19:35] <m_3> if you're having troubles with ajaxterm, please just ssh directly into the instance
99 [19:35] <m_3> there's a limit to how many peeps can connect to ajaxterm at once in this incarnation of the byobu-classroom charm
100 [19:36] <m_3> and yes, we _are_ eating dogfood here :)
101 [19:36] <m_3> ok, so local providers cool
102 [19:36] <m_3> next tip is about managing environments in production
103 [19:37] <m_3> so juju manages security and access to nodes via ssh
104 [19:37] <m_3> if you don't tell it otherwise, it injects the cli user's default ssh keys
105 [19:37] <m_3> well in order for either a.) me to manage the env from multiple machines, or b.) multiple people to manage the environment
106 [19:38] <m_3> then you've got to either share the private side of that key
107 [19:38] <m_3> um... don't do that...it's bad :)
108 [19:38] <m_3> or you set juju up with a list of additional keys to inject into everything
109 [19:38] <m_3> juju is configured with an environments.yaml file in ~/.juju/environments.yaml
110 [19:39] <m_3> I'll show you a sanitized version
111 [19:39] <m_3> I've got three providers in here... local, ec2, and hp's openstack cloud
112 [19:40] <m_3> the way to add other users to manage an environment is just the `authorized-leys` tag
113 [19:40] <m_3> we can take a peek in the local mysql
114 [19:41] <m_3> sorry, local provider sometimes behaves a little differently
115 [19:41] <m_3> but we see the keys we asked it to inject
116 [19:41] <m_3> the last one is for that instance we're controlling from
117 [19:41] <m_3> ok, so next tip
118 [19:42] <m_3> when we deploy like this...
119 [19:42] <m_3> we were deploying straight from the ubuntu charmstore
120 [19:42] <m_3> where you'll get the latest and greatest
121 [19:43] <m_3> juju caches the version of the charm it deploys with, but only for the lifetime of the service
122 [19:43] <m_3> that's so I can add extra units later (like we did with wordpress) and it'll use the same version as the first one
123 [19:43] <m_3> but in general, in production it's a good idea to deploy services you care about from local repos
124 [19:44] <m_3> note the `--repository` in the second script
125 [19:44] <m_3> that's going to use the local one
126 [19:44] <m_3> what I recommend here is that for infrastructure services like haproxy or mysql
127 [19:44] <m_3> things you'd never really tweak that much except for the (extensive) config they offer
128 [19:45] <m_3> deploy those services from the store
129 [19:45] <m_3> custom charms or charms for things that're critical to your infrastructure.... deploy from local repositories
130 [19:45] <m_3> it's fine to mix and match within a single environment
131 [19:46] <m_3> now our local env has some charms from the store and some from local
132 [19:46] <m_3> you can tell from the namespace 'cs' -vs- 'local'
133 [19:46] <m_3> ok, next tip for production
134 [19:47] <m_3> I usually set up a dedicated "client" environment to manage a production environment
135 [19:47] <m_3> we leave a tmux session up that has the right views into the infrastructure
136 [19:47] <m_3> then people can attach/detach at will
137 [19:48] <m_3> I've found this easier to manage than to make sure every ops person in the mgmt group has the right cli setup
138 [19:48] <m_3> ok, just noticed the time...
139 [19:48] <m_3> there's some cool ones left
140 [19:48] <m_3> juju ssh takes args
141 [19:48] <m_3> so...
142 [19:50] <m_3> that's really useful
143 [19:50] <m_3> ok, so next trick
144 [19:50] <ClassBot> There are 10 minutes remaining in the current session.
145 [19:50] <m_3> jitsu is short for 'juju-jitsu'
146 [19:50] <m_3> it's pretty much just a set of juju plugins
147 [19:50] <m_3> lets you pipe juju status to gource
148 [19:51] <m_3> (can't demo this here... but if you haven't seen gource, google it it rocks!)
149 [19:51] <m_3> lets you do things like http://www.youtube.com/watch?v=Jfnxl1Kh9SY&feature=g-upl
150 [19:51] <m_3> the coolest
151 [19:52] <m_3> and I mean paradigm-shifting coolest thing in this talk
152 [19:52] <m_3> is the ability to export and import between environments
153 [19:52] <m_3> that means between _providers_ even
154 [19:52] <m_3> I can slurp my data out of one region and into another
155 [19:53] <m_3> we'll do A->B b/c it's simple
156 [19:54] <m_3> and yes, that worked
157 [19:54] <m_3> here's vid of local->hp http://www.youtube.com/watch?v=Jfnxl1Kh9SY&feature=g-upl
158 [19:55] <m_3> and vid of ec2->hp http://www.youtube.com/watch?v=HUtR3_YlKXU&feature=g-upl
159 [19:55] <m_3> sorry they're pretty raw (dry), but they were backup videos for a demo in case we lost networking at oscon
160 [19:55] <ClassBot> There are 5 minutes remaining in the current session.
161 [19:55] <m_3> note that this doesn't move data
162 [19:56] <m_3> we'd have to do something like the 'juju ssh -e ec2-A mysqldump | juju ssh -e ec2-B mysql'
163 [19:56] <m_3> ok, that's all folks
164 [19:56] <m_3> I'll hang around and answer questions in #ubuntu-classroom-chat
165 [19:57] <m_3> but we live in #juju during mostly west europe and us hours
166 [19:57] <m_3> thanks!
MeetingLogs/devweek1208/jujuTipsAndTricks (last edited 2012-08-30 10:29:19 by dholbach)