For the past month or so I’ve been working on an extension to manage OpenStack (Nova), for use on the Wikimedia Foundation’s upcoming virtualization cluster. I’ve gotten to a point where I believe the extension is ready for an initial release.
In brief, OpenStack works a lot like EC2, and in fact implements the EC2 API. This extension interacts with the EC2 API and LDAP, to manage a virtual machine infrastructure. It has the following features:
- Integrates with the LdapAuthentication extension, and creates user accounts in LDAP upon user creation
- Users created with a posix username, uid, and gid; home directory; OpenStack credentials; and wiki credentials
- Manages most features of OpenStack
- Handles project creation/deletion, and membership
- Handles project and global role membership
- Handles instance creation/deletion
- Handles security group creation/deletion and rule addition/removal
- Handles floating IP address allocation and association with instances
- Handles public SSH key addition/removal from user accounts
- Manages DNS via PowerDNS with an LDAP backend
- Handles private DNS for private IP address ranges upon instance creation and deletion
- Handles public DNS for floating IP addresses
- Manages Puppet configuration for instances via Puppet with an LDAP backend for nodes
The extension was written to handle the case explained in previous blog post about this subject. It is likely not written in a generic enough way to fit into most existing infrastructures currently. If you’d like to help make the extension more useful for a wider audience, please contact me, send patches, or if you have commit access, make modifications. I have a test/dev environment for this project configured on tesla, if you’d like to work in a pre-configured environment.