Wikimedia Labs/Instance creation improvement project

Instance creation, though currently fully automated, is slow and doesn't provide enough feedback. This project aims to make this better.

Here's the current bootstrapping method:

1. User creates an instance
   1. OpenStackManager calls the OpenStack Nova API and creates an instance, injecting a bootstrapping script into the instance's UserData
   2. OpenStackManager adds an LDAP entry for puppet
      • Have nova handle this?
   3. OpenStackManager adds an LDAP entry for DNS, minus the A record
   4. OpenStackManager adds a job into the job queue that waits until nova-network has assigned an IP address to the instance. When the IP address is assigned, the job adds the IP address into the instance's LDAP DNS A record.
      • Bug 46818: Have an OpenStack service handle DNS.
2. The instance boots, gets its IP and DNS information from DHCP
3. The instance runs cloud-init, pulling its information from UserData. It then executes the bootstrapping script
   1. The bootstrapping script installs puppet, and forces a puppet run
   2. The initial puppet run requests a certificate signature from the puppet master
   3. The puppet master has a cron that runs every minute to check for new certificate requests. When a new request comes it, it checks to see if the certificate's name is an entry in LDAP. If so, it signs it.
   4. After the signature request is signed, the puppet run continues on the client, instance creation is finished when this is done
      • Bug 32163: At this point we should fire an event to the master that lists the instance's ssh fingerprint and store the fingerprint in MediaWiki, or possibly in the instance's metadata in nova.