== Dev Week -- Ubuntu Juju Tips and Tricks -- m_3 -- Wed, Aug 29th, 2012 ==
{{{#!irc
[19:00] <m_3> thanks larsu
[19:00] <m_3> hi all
[19:01] <m_3> I'll be talking about some fairly new tools we've recently added to Ubuntu Server
[19:02] <m_3> I've got notes and a demo session set up at the following URL:
=== sayan_ is now known as sayan
[19:02] <m_3> http://ec2-107-22-155-155.compute-1.amazonaws.com/
[19:02] <m_3> you can either go there in a browser or just ssh directly in
[19:02] <m_3> the username and password are both 'guest'
[19:02] <m_3> I've got a little overview of where we are in the talk and then a demo session open as well
[19:03] <m_3> ok, so Juju!
[19:04] <m_3> juju's a set of tools that help out when you're managing services involving multiple servers... real or virtual
[19:04] <m_3> in fact... we're really trying to shift the way people think about configuring services on ubuntu server
[19:04] <m_3> instead of thinking about configuring _servers_
[19:04] <m_3> you configure the _services_ themselves
[19:04] <m_3> let's look at some simple examples first
[19:05] <m_3> (dragging heels a bit here to let peeps get connected to the demo site)
[19:05] <m_3> so if we think about a simple stack of services... wordpress for example
[19:06] <m_3> if you're putting this together on servers, you've got a bit of a pain in waiting for one server to reach a certain point of the install, then going to the other one... adding some config... then waiting again
[19:07] <m_3> this really is a synchronization problem or what we like to call "service orchestration"
[19:07] <m_3> well juju solves that problem well
[19:08] <m_3> we can use a handful of really simple examples to deploy a stack of services
[19:08] <m_3> I'll deploy some in real-time while we're chatting
[19:09] <m_3> and that's really it... we just need to wait for those instances to start up
[19:09] <m_3> first question to ask is where are these starting up at?
[19:10] <m_3> these are spun up using a "local" provider (note the addresses)
[19:10] <m_3> ok, well no addresses yet
[19:10] <m_3> :)
[19:10] <m_3> it's building out little ubuntu server instances using lxc containers
[19:10] <m_3> well local provider is only one type
[19:11] <m_3> we can use juju to control services on ec2 cloud, hp cloud (openstack in general)
[19:11] <m_3> as well as orchestrate services on bare metal with MaaS (metal-as-a-service)
[19:11] <m_3> I'll show a couple of examples of providers as we go
[19:12] <m_3> it's worth noting that this is somewhat of a "toy" example
[19:12] <m_3> but don't be fooled by that...
[19:13] <m_3> we can do more sophisticated stacks... consider the mature mediawiki stack for a second
[19:13] <m_3> we'll cover more details here, but I just want to point out that we can use juju to manage a real production-grade stack of services
[19:14] <m_3> mysql with read-only replicas
[19:14] <m_3> multiple wikis
[19:14] <m_3> each with heads fronting multiple nodes
[19:14] <m_3> all attached to the databases with monitoring and caching
[19:14] <m_3> etc
[19:14] <m_3> it's pretty cool from that regard
[19:14] <m_3> so let's back up to our simple example
[19:15] <m_3> so the services we can deploy are numerous
[19:16] <m_3> the template sorta things we use to deploy services are called "charms"
[19:16] <m_3> we've got lots of them already as we saw in the more complex example
[19:16] <m_3> jujucharms.com shows lots more
[19:16] <m_3> ok, let's check in on the simple stack we spun up a sec ago
[19:17] <m_3> ok, we're golden
[19:17] <m_3> note that we have two service units... mysql/0 and wordpress/0
[19:17] <m_3> yes, the /0 implies that there could even be a /1000
[19:17] <m_3> multiple "units" of the same "service"
[19:17] <m_3> juju scales really well, but we'll get back to that in a big
[19:18] <m_3> s/big/bit/
[19:18] <m_3> ok note that these services have ip addrs
[19:18] <m_3> well they've each got dedicated lxc containers
[19:18] <m_3> we could... for instance... ssh into one of them
[19:18] <m_3> so I've ssh'd to a local instance inside of this one
[19:19] <m_3> similarly, if we look at the same stack up on somewhere like ec2
[19:19] <m_3> (I spun this up before the talk)
[19:19] <m_3> node the addresses
[19:19] <m_3> and familiar service units
[19:19] <m_3> mysql/0
[19:19] <m_3> etc
[19:21] <m_3> we can verify that the charm is up and running properly...
[19:21] <m_3> which is as expected once wordpress is up
[19:22] <m_3> note that when we're working on the local provider things respond a bit faster than when using remote cloud providers
[19:23] <m_3> ok, so charms are the templates we use for deploying services
[19:23] <m_3> and we've seen a little bit of the local provider's usefulness
[19:23] <m_3> I'll leak a couple of other tips early here... charmtools
[19:24] <m_3> ok, so a charm is pretty simple
[19:25] <m_3> it's capturing the community's best practice for how to deploy and scale a service
[19:25] <m_3> but it does it through a fairly simple structure
[19:25] <m_3> the hooks/ are the magic
[19:25] <m_3> they're called by juju at the right time
[19:25] <m_3> _that_'s what provides the synchronization / orchestration
[19:27] <m_3> the metadata for each charms shows how the "plug" together
[19:27] <m_3> note the provides and requires
[19:28] <m_3> tic tock
[19:28] <m_3> here we can see how the ones we deployed earlier fit together
[19:29] <m_3> a couple more things about charms
[19:29] <m_3> the hooks are just scripts
[19:29] <m_3> then can be written in any language with an ubuntu runtime
[19:29] <m_3> or even compiled
[19:30] <m_3> they've just gotta play nicely with shell exit codes for juju to know if they errored out or not
[19:30] <m_3> ok, so the talk's supposed to be about tips-n-tricks and not just all about charms
[19:31] <m_3> before I move on, are there any questions about juju in general or charms and the basics of how they work?
[19:32] <m_3> ok, so tips
[19:32] <m_3> we already saw "local provider"
[19:32] <m_3> basics are... use it first and it's a lot quicker
[19:32] <m_3> it really makes for a somewhat production-realistic dev environment
[19:33] <m_3> concurrency issues'll show up earlier here than other local dev methods
[19:33] <m_3> and boom
[19:34] <m_3> now I've caused all sorts of problems for development if the code doesn't handle scaling or concurrencly
[19:34] <m_3> it's cheap and easy for developers to test that out now... _before_ it gets into production
[19:34] <m_3> we see haproxy is pending
[19:35] <m_3> and that we now have a second unit of wordpress
[19:35] <m_3> if you're having troubles with ajaxterm, please just ssh directly into the instance
[19:35] <m_3> there's a limit to how many peeps can connect to ajaxterm at once in this incarnation of the byobu-classroom charm
[19:36] <m_3> and yes, we _are_ eating dogfood here :)
[19:36] <m_3> ok, so local providers cool
[19:36] <m_3> next tip is about managing environments in production
[19:37] <m_3> so juju manages security and access to nodes via ssh
[19:37] <m_3> if you don't tell it otherwise, it injects the cli user's default ssh keys
[19:37] <m_3> well in order for either a.) me to manage the env from multiple machines, or b.) multiple people to manage the environment
[19:38] <m_3> then you've got to either share the private side of that key
[19:38] <m_3> um... don't do that...it's bad :)
[19:38] <m_3> or you set juju up with a list of additional keys to inject into everything
[19:38] <m_3> juju is configured with an environments.yaml file in ~/.juju/environments.yaml
[19:39] <m_3> I'll show you a sanitized version
[19:39] <m_3> I've got three providers in here... local, ec2, and hp's openstack cloud
[19:40] <m_3> the way to add other users to manage an environment is just the `authorized-leys` tag
[19:40] <m_3> we can take a peek in the local mysql
[19:41] <m_3> sorry, local provider sometimes behaves a little differently
[19:41] <m_3> but we see the keys we asked it to inject
[19:41] <m_3> the last one is for that instance we're controlling from
[19:41] <m_3> ok, so next tip
[19:42] <m_3> when we deploy like this...
[19:42] <m_3> we were deploying straight from the ubuntu charmstore
[19:42] <m_3> where you'll get the latest and greatest
[19:43] <m_3> juju caches the version of the charm it deploys with, but only for the lifetime of the service
[19:43] <m_3> that's so I can add extra units later (like we did with wordpress) and it'll use the same version as the first one
[19:43] <m_3> but in general, in production it's a good idea to deploy services you care about from local repos
[19:44] <m_3> note the `--repository` in the second script
[19:44] <m_3> that's going to use the local one
[19:44] <m_3> what I recommend here is that for infrastructure services like haproxy or mysql
[19:44] <m_3> things you'd never really tweak that much except for the (extensive) config they offer
[19:45] <m_3> deploy those services from the store
[19:45] <m_3> custom charms or charms for things that're critical to your infrastructure.... deploy from local repositories
[19:45] <m_3> it's fine to mix and match within a single environment
[19:46] <m_3> now our local env has some charms from the store and some from local
[19:46] <m_3> you can tell from the namespace 'cs' -vs- 'local'
[19:46] <m_3> ok, next tip for production
[19:47] <m_3> I usually set up a dedicated "client" environment to manage a production environment
[19:47] <m_3> we leave a tmux session up that has the right views into the infrastructure
[19:47] <m_3> then people can attach/detach at will
[19:48] <m_3> I've found this easier to manage than to make sure every ops person in the mgmt group has the right cli setup
[19:48] <m_3> ok, just noticed the time...
[19:48] <m_3> there's some cool ones left
[19:48] <m_3> juju ssh takes args
[19:48] <m_3> so...
[19:50] <m_3> that's really useful
[19:50] <m_3> ok, so next trick
[19:50] <ClassBot> There are 10 minutes remaining in the current session.
[19:50] <m_3> jitsu is short for 'juju-jitsu'
[19:50] <m_3> it's pretty much just a set of juju plugins
[19:50] <m_3> lets you pipe juju status to gource
[19:51] <m_3> (can't demo this here... but if you haven't seen gource, google it it rocks!)
[19:51] <m_3> lets you do things like http://www.youtube.com/watch?v=Jfnxl1Kh9SY&feature=g-upl
[19:51] <m_3> the coolest
[19:52] <m_3> and I mean paradigm-shifting coolest thing in this talk
[19:52] <m_3> is the ability to export and import between environments
[19:52] <m_3> that means between _providers_ even
[19:52] <m_3> I can slurp my data out of one region and into another
[19:53] <m_3> we'll do A->B b/c it's simple
[19:54] <m_3> and yes, that worked
[19:54] <m_3> here's vid of local->hp http://www.youtube.com/watch?v=Jfnxl1Kh9SY&feature=g-upl
[19:55] <m_3> and vid of ec2->hp http://www.youtube.com/watch?v=HUtR3_YlKXU&feature=g-upl
[19:55] <m_3> sorry they're pretty raw (dry), but they were backup videos for a demo in case we lost networking at oscon
[19:55] <ClassBot> There are 5 minutes remaining in the current session.
[19:55] <m_3> note that this doesn't move data
[19:56] <m_3> we'd have to do something like the 'juju ssh -e ec2-A mysqldump | juju ssh -e ec2-B mysql'
[19:56] <m_3> ok, that's all folks
[19:56] <m_3> I'll hang around and answer questions in #ubuntu-classroom-chat
[19:57] <m_3> but we live in #juju during mostly west europe and us hours
[19:57] <m_3> thanks!
}}}