LibCloud backend¶
This is an experimental provisioning backend that eventually intends to support several libcloud drivers. At this time only the OpenStack driver is supported.
Prerequisites¶
An account with an OpenStack provider that supports Nova and Cinder
A DNS server supporting RFC 2136. We use bind and this ansible role to help configure ours.
An nsupdate-web instance configured to update DNS records. We use an ansible role for this as well.
Configuration in teuthology.yaml for this backend itself (see Configuration) and nsupdate-web
You will also need to choose a maximum number of nodes to be running at once, and create records in your paddles database for each one - making sure to set is_vm to True for each.
Configuration¶
An example configuration using OVH as an OpenStack provider:
libcloud:
providers:
ovh: # This string is the 'machine type' value you will use when locking these nodes
driver: openstack
driver_args: # driver args are passed directly to the libcloud driver
username: 'my_ovh_username'
password: 'my_ovh_password'
ex_force_auth_url: 'https://auth.cloud.ovh.net/v2.0/tokens'
ex_force_auth_version: '2.0_password'
ex_tenant_name: 'my_tenant_name'
ex_force_service_region: 'my_region'
Why nsupdate-web?¶
While we could have supported directly calling nsupdate, we chose not to. There are a few reasons for this:
To avoid piling on yet another feature of teuthology that could be left up to a separate service
To avoid teuthology users having to request, obtain and safeguard the private key that nsupdate requires to function
Because we use one subdomain for all of Sepia’s test nodes, we had to enable dynamic DNS for that whole zone (this is a limitation of bind). However, we do not want users to be able to push DNS updates for the entire zone. Instead, we gave nsupdate-web the ability to accept or reject requests based on whether the hostname matches a configurable regular expression. The private key itself is not shared with non-admin users.
Bugs¶
At this time, only OVH has been tested as a provider. PRs are welcome to support more!