Beginner's Guide to OpenStack : Basics of Nova [Part 2]

parts of Beginner's Guide to OpenStack to read before this ~

Part1: Basics

[Part.2 Basics of Nova] Beginner's Guide to OpenStack

# Nova?
It's the main fabric controller for IaaS providing Cloud Computing Service by OpenStack. Took its first baby steps in NASA. Contributed to OpenSource and became most important component of OpenStack.
It built of multiple components performing different tasks turning End User's API request into a virtual machine service. All these components run in a non-blocking message based architecture, and can be run off from same or different locations with just access to same message queue service.

---

# Components?

Nova stores states of virtual machines in a central database. It's optimal for small deployments. Nova is moving towards multiple data stores with aggregation for high scale requirements.

• Nova API : supports OpenStack Compute API, Amazon's EC2 API and powerful Admin API (for privileged users). It's used to initiate most of orchestration activities and policies (like Quota). It gets communicated over HTTP, converts the requests to commands further contacting other components via Message Broker and HTTP for ObjectStore. It's a WSGI application which routes and authenticates requests.
• Nova Compute : worker daemon taking orders from its Message Broker and perform virtual machine create/delete tasks using Hypervisor's API. It also updates status of its tasks in Database.
• Nova Scheduler : decides which Nova Compute Host to allot for virtual machine request.
• Network Manager : worker daemon picking network related tasks from its Message Broker and performing those. OpenStack's Quantum now with Grizzly release can be opted instead of nova-network. Tasks like maintaining IP Forwarding, Network Bridges and VLANs get covered.
• Volume Manager : handles attach/detach of persistent block storage volumes to virtual machines (similar to Amazon's EBS). This functionality has been extracted to OpenStack's Cinder. It's an ISCSI solution utilizing Logical Volume Manager. Network Manager doesn't interfere in Cinder's tasks but need to be setup for Cinder to be used.
• Authorization Manager : interfaces authorized APIs usage for Users, Projects and Roles. It communicates with OpenStack's KeyStone for details.
• WebUI : OpenStack's Horizon communicates with Nova API for Dashboard interfacing.
• Message Broker : All components of Nova communicate with each other in a non-blocking callback-oriented manner using AMQP protocol well supported by RabbitMQ, Apache QPid. There is also emerging support for ZeroMQ integration as Message Queue. It's like central task list shared and updated by all Nova components.
• ObjectStore : It's a simple file-based storage (like Amazon's S3) for images. This can be replaced with OpenStack's Glance.
• Database : used to gather build times, run states of virtual machines. It has details around instance types available, networks available (if nova-network), and projects. Any database supported by SQLAlchemy can be used. It's central information hub for all Nova components.

---

# API Style
Interface is mostly RESTful. Routes (python re-implementation of Rails route system) packages maps URIs to action methods on controller classes.
Each HTTP Request to Compute requires specific authentication credentials required. Multiple authentication schemes can be allowed for a Compute node, provider determines the one to be used.

---

# Threading Model
Uses Green Thread implementation by design using eventlet and greenlet libraries. This results into single process thread for O.S. with it's blocking I/O issues. Though single reduces race conditions to great extent, to eliminate them further in suspicious scenarios use decorator @lockutils.synchronized('lock_name') over methods to be protected from it.
If any action is long-running, it should have methods with desired process-state location triggering eventlet context switch. Placing something like following code-piece will switch context to waiting threads, if any. And will continue on current thread without any delay if there is no other thread in wait.

from eventlet import greenthread
greenthread.sleep(0)

MySQL query uses drivers blocking main process thread. In Diablo release a thread pool was implemented but removed because of trade-off for advantages over bugs.

---

# Filtering Scheduler
In short it's the mechanism used by 'nova-scheduler' to choose the worthy nova-compute host for new required virtual machine to be spawned upon. It prepares a dictionary of unfiltered hosts and weigh their costing for creating required virtual machine(s) request. Then it chooses the least costly host.
Hosts are weighted based on the configuration options for virtual machines.
It's a better practice for customer to ask for large count of required instances together as each request computes weight.

---

# Message Queue Usage
Nova components use RPC to communicate each other via Message Broker using PubSub. Nova implements rpc.call (request/response, API acts as consumer) and rpc.cast (one way, API acts as publisher).
Nova API and Scheduler uses message queue as Invoker, whereas Network and Compute act as workers. Invoker pattern sends messages via rpc.call or rpc.cast. Worker pattern receives messages from queue and respond back to rpc.call with appropriate response.
Nova uses Kombu library when interfacing with RabbitMQ.

---

# Hooks
Enable developers to extend Nova capabilities by adding named hooks to Nova code as decorator that will lazily load plug-in code matching hook name (using setuptools entrypoints, it's an extension mechanism). The hook's class definition should have pre and post method.
Don't use hooks when stability is a factor, internal APIs may change.

---

# Dev Bootstrap
To get started with contributing... read this (OpenStack Wiki on HowToContribute) in detail.

To get rolling with Nova wheels, system will need to have libvirt and one of the hypervisors (xen/kvm preferred for linux hosts) present.

$ git clone git://github.com/openstack/nova.git
$ cd nova
$ python ./tools/install_venv.py

this will prepare your copy of nova codebase with virtualenv required, now any command you wanna run on this in context of required codebase

$ ./tools/with_venv.sh

---

# Run My Tests
to run the nose tests and pep8 checker, when you are done with virtualenv setup (or that will be initiated first here)... inside 'nova' codebase

$ ./run_tests.sh

---

# Terminology

• Server: Virtual Machines created inside Compute System, required Flavor & Image detail.
• Flavor: Represents unique hardware configurations with disk space, memory and CPU time priority
• Image: System Image File used to create/rebuild a Server
• Reboot: Soft Server Reboot sends a graceful shutdown signal. Hard Reboot does power reset.
• Rebuild: Removes all data on Server and replaces it with specified image. Server's IP Address and ID remains same.
• Resize: Converts existing server to a different flavor. All resize need to be explicitly confirmed, only then the original server is removed. After 24hrs. delay, there is an automated confirmation.

Beginner's Guide to OpenStack : Basics [Part 1]

# OpenStack?

OpenStack (http://www.openstack.org/) is an OpenSource cloud computing platform that can be used to build up a Public and Private cloud. As in weaving of various technological components to provide a capability to build a cloud service supporting any use-case and scale.

Once upon a time RackSpace came into Cloud Services. In some parallel beautiful world, few Pythonistas at NASA started building there own Nova Cloud Compute to handle there own instances. RackSpace bought SliceHost which worked 'somewhat' fine. RackSpace came along with their Swift Object Storage Service and weaved in Nova with few more components around it. More other companies like HP, RedHat, Canonical  etc. came along to contribute and benefit from OpenSource cloud.

It's all Open it can be. Open Source. Open Design. Ope Development. Open Community.

---

# Quick Hands-On

DevStack (http://devstack.org/) gives you the easiest fastest way to get all OpenStack components installed, configured and started on any supported O.S. platform.
You can trial-run your app-code in an OpenStack environment at TryStack (http://trystack.org/).
RedHat RDO (http://openstack.redhat.com/Main_Page) is also coming in soon making it super easy to get OpenStack running on RHEL-based distros.
---

# Components?

OpenStack Cloud Platform constitutes of mainly following components:

• Compute: Nova
  Brings up and maintains operations related to virtual server as per requirement.
  ~like aws ec2
• Storage: Swift
  Allows you to store, retrieve & remove objects (files).
  ~like aws s3
• Image Registry/Delivery: Glance
  Processes metadata for disk images, manages read/write/delete for actual image files using  'Swift' or similar scalable file storage service.
  ~like aws ami
• Network Management: Quantum/Melange
  Provides all the networking mechanisms required in any instance or environment as a service. Handels network interface cards plug/un-plug actions, ip allocation procedures along-with capability enhancement possible to virtual switches.
• Block Storage: Cinder
  Enables to attach volumes for persistent usage. Detach them, snapshot them.
  ~like aws ebs
• WebUI: Horizon
  Provides usability improvement for users or projects for managing compute nodes, object storage resources, quota usages and more in a detailed web-app way.
  ~like aws web dashboard
• Authentication: Keystone
  Identity management system, providing apis to all other OpenStack components to query for authorization.
• Billing Service: Ceilometer (preview)
  Analyzes quantity, cost-priority and hence billing of all the tasks performed at cloud.
• Cloud Template: Heat (under construction)
  Build your entire desired cloud setup providing OpenStack a Template for it.
  ~like aws cloudformation
• OpenStack Common: OSLO (tenure code)
  Supposed to contain all common libraries of shared infrastructure code in OpenStack.

Hypervisors are software/firmware/hardware that enables to create, run and monitor virtual machines. OpenStack Compute supports multiple hypervisors like KVM, LXC, QEMU, XEN, VMWARE & more.

Message Queue Service is used by most of the OpenStack Compute services to communicate with each other using AMQP (Advanced Message Queue Protocol) supporting async calls and callbacks.

---

# Weaving of Components

asciigram: openstack ~ evolution mode, how varied components are connected

~~~~~

~~~~~

~~~~~

~~~~~

~~~~~

---

More Links:

• (article) Folsom Architecture by Ken Pepple
• (video) Mark Collier on 'Overview of OpenStack & Openstack foundation'
• (video) Sandy Walsh on 'Introduction to OpenStack'
• (work) http://launchpad.net/openstack
• (wiki) http://wiki.openstack.org
• (join) http://planet.openstack.org
• (irc) Freenode #openstack #openstack-dev
• RedDward : Database as a Service for OpenStack : https://github.com/stackforge/reddwarf

MessQ : message queue for quickly trying any idea

Past some time while trying up some set-up based on Message Queue at infrastructure... needed a quick to set-up, localhost friendly, network available Message Queue service to try out ideas.
So here is Mess(age)Q(ueue). Something quickly thrown together. Would work later to get it more performance oriented, good to go with smaller projects.

@GitHub:       https://github.com/abhishekkr/messQ
@RubyGems: https://rubygems.org/gems/messQ
_________________________

A Quick Tryout

[+] Install
$ gem install messQ --no-ri --no-rdoc
[+] Start Server (starts at 0.0.0.0 on port#5566)

$ messQ --start

[+] Enqueue user-id & home value to the Queue

$ messQ -enq $USER

$ messQ --enqueue $HOME

[+] Dequeue 2 values from Queue

$ messQ -deq

$ messq --dequeue

[+] Stop Server

$ messQ --stop

_________________________

Via Code

[+] Install
$ gem install messQ --no-ri --no-rdoc
or add following to your Gemfile
gem 'messQ'
require 'messQ'

[+] Start Server

MessQ.host = '127.0.0.1' # default is 0.0.0.0

MessQ.port = 8888 # default is 5566

MessQ.messQ_server

[+] Enqueue user-id & home value to the Queue

MessQ.host = '127.0.0.1' # default is 0.0.0.0

MessQ.port = 8888 # default is 5566

MessQ::Agent.enqueue(ENV['USER'])

MessQ::Agent.enqueue(ENV['HOME'])

[+] Dequeue 2 values from Queue

MessQ.host = '127.0.0.1' # default is 0.0.0.0

MessQ.port = 8888 # default is 5566

puts MessQ::Agent.dequeue

puts MessQ::Agent.dequeue

[+] Stop Server

MessQ::Server.stop

ci-go-nfo v0.0.1 : console util for ThoughtWorks' Go CI Server

ci-go-nfo v0.0.1



Just a rubygem console utility to get focussed INFO about your Go Continuous Integration pipeline easily, no more switching again to browsers.

@RubyGems: https://rubygems.org/gems/ci-go-nfo

@GitHub:  https://github.com/abhishekkr/ci-go-nfo


Installation 

$ gem install ci-go-nfo



Usage Ci-Go-Nfo ver.0.0.1 

to set-up credential config for your go-ci
$ ci-go-nfo setup
it asks for
(a.) the location where you want to store your configuration file
(b.) the URL for your Go Server like http://my.go.server:8153
(c.) then username and password (create a read-only a/c for it)



to show go-ci info of all runs
$ ci-go-nfo

to show go-ci info of failed runs
$ ci-go-nfo fail

to show go-ci info of passed runs
$ ci-go-nfo pass

_____

.....more to come


output example:

 $ ci-go-nfo setup

 Store sensitive Go Configs in file {current file: /home/myuser/.go.abril}:

 Enter Base URL of Go Server {like http://:8153}:
                                                           http://my.go.server:8153

 This is better to be ReadOnly account details...

 Enter Log-in UserName: go_user

 Password: restrictedpassword

 $ ci-go-nfo pass

  my_pipeline -> specs -> specs

  Success  for run#2 at 2012-09-19T04:24:38

  details at http://my.go.server:8153/go/tab/build/detail/my_pipeline/10/specs/2/specs

  my_pipeline -> package ->gemify

  Success  for run#1 at 2012-09-19T07:04:39

  details at http://my.go.server:8153/go/tab/build/detail/my_pipeline/10/package/1/gemify

 $ ci-go-nfo fail

  your_pipeline -> smoke -> cukes

  Failure  for run#5 at 2012-09-19T04:24:38

  details at http://my.go.server:8153/go/tab/build/detail/your_pipeline/7/smoke/5/cukes

 $ ci-go-nfo

  my_pipeline -> specs -> specs

  Success  for run#2 at 2012-09-19T04:24:38

  details at http://my.go.server:8153/go/tab/build/detail/my_pipeline/10/specs/2/specs

  my_pipeline -> package ->gemify

  Success  for run#1 at 2012-09-19T07:04:39

  details at http://my.go.server:8153/go/tab/build/detail/my_pipeline/10/package/1/gemify

  your_pipeline -> smoke -> cukes   Failure  for run#5 at 2012-09-19T04:24:38   details at http://my.go.server:8153/go/tab/build/detail/your_pipeline/7/smoke/5/cukes

Puppet ~ a beginners concept guide (Part 3) ~ Modules much more

you might prefer first reading guide Part#1(intro to puppet), & Part#2(intro to modules)

Puppet
beginners concept guide (Part 3)

Modules with More

here some time on the practices to prefer while writing most of your modules

[] HowTo Write Good Puppet Modules  
(so everyone could use it and you could use it everywhere)

• platform-agnostic
  With change in Operating System distro; module also might require difference in package names, configuration file locations, device port names, system commands and more.
  Obviously, it's not expected to test each and every module against each and every distro and get it full-proof for community usage. But what's expected is to use case $operatingsystem{...} statements for whatever distros you can and let the users get notified in case they gotta add something for their distro by fail(""), and might also contribute back..... like following
  case $operatingsystem {
    centos, redhat: {
      $libxml2_development = 'libxml2-devel'
    }
    ubntu, debian: {
      $libxml2_development = 'libxml2-dev'
    }
    default: {
      fail("Unrecognized libxml2 development header package name for your O.S. $operatingsystem")
    }
  }
  ~
• untangled puppet strings
  You are writing puppet modules. Good chance is you have a client or personal environment to manage for which you had a go at it.
  That means there gonna be your environment specific some client or personal code &/or configuration that is 'for your eyes only'. This will prohibit you from placing any of your module in Community.
  It's wrong on two main fronts. First, you'll end up using so much from OpenSource and give back nothing. Second, your modules will miss on the community update/comment action.
  So, untangle all your modules into atomic service level modules. Further modularize those modules into service puppet-ization requirement. That will be like sub-modules for install, configure, service and whatever more you can extract out. Now these sub-modules can be clubbed together to and we can move bottom-up gradually.
  Now you can just keep your private service modules to yourself, go ahead and use the community trusted and available modules for whatever you can..... try  making minor updates to those and also contribute these updates. Write the others that you don't find out in the wild and contribute those too for community to use, update and improve.
  ~
  
• no data in c~o~d~e
  Now when you are delivering 'configuration as a code', adapt the good coding practices applicable in this domain. One of those is keeping data separate than the code, as in no db-name, db-user-name, db-password, etc. details stored directly in the module's manifest intending to create the db-config file.
  There will be a detailed section later over different external data usage involving separate parameter manifest setting up values when included, extlookup loading values from CSVs, puppetDB, hiera data-store and custom facts file to load up key-values.
  ~
• puppet-lint
  To keep the modules adhere to dsl-syntactic correct and beautiful code writing practice. So the DSL and the community contributors, both find it easy to understand your manifests. It's suggested to have it added to rake default of your project to check all the manifests, ran before every repo-check-in.
  ~
• do-undo-redo
  It's suggested to have a undo-manifest ready for all the changes made by a module. It mainly comes in handy for infrastructures/situations where creating and destroying a node is not under your administrative tasks or consumes hell lot of time.
  Obviously, in case getting new node is easier..... that's the way to go instead of wasting time in undo-ing all the changes (and also relying on that).
  Those are just there for the dry-days when there is no 'cloud'.
  ~

[] More about Modules  (moreover.....)

Where to get new:http://forge.puppetlabs.com/ is the community-popular home for most of the Puppet Modules.

Where to contribute:
Can manage your public module at GitHub or similar online free repository like puppetlabs-kvm.
Then you can push your module to forge.puppetlabs.com.

DevOps AND 12FactorApp ~ some obsolete & much valid

Why?

Few months ago I came across The Twelve-Factor-App preaching the best practices for building and delivering software. Nothing really new, but a good central place with many good practices for people to refer and compare. Recently I saw some implementation of it in an environment where the basic concerns were already handled and thus the solution implemented was redundant and extra cost. To some level also low-grade.

What?

Actually what 12FactorApp is... it is a good set of ideas around basic set of concerns. The concerns are right, the solutions suggested are situational and the situation is the default/basic setup. With the teams following good DevOps-y practices, they don't turn out to be exactly same.

So to avoid the confusions for more people and foremost saving me the pain of explaining myself at different places in different times for my views against 12FactorApp..... here is what the concerns are and what the solutions turn into when following a proper DevOps-y approach.

What @12FactorApp doesn't suit at all for DevOps-y Solutions

1. ~
2. Dependencies
   [+] Obsolete: 'If the app needs to shell out to a system tool, that tool should be vendored into the app.'
   Changed-to: Make your automation configuration management system handle it.
3. Configurations.
   [+] Obsolete: The twelve-factor app stores config in environment variables changing between deploys w/o changing any code.
   Changed-to: This is not a fine scalable with disaster management based solution. Now configuration management handles the node level deterministic state. The non-developer box level configuration is no more in code.
   [+] Obsolete: The twelve-factor app stores config in environment variables changing between deploys w/o changing any code.
   Changed-to: Now configuration management handles the node level deterministic state. In such a case keeping configurations in a file is much more verifiable, cleaner and broadly available solution. So, there will be no more noise of different environment level configurations in the same configuration file.
4. ~
5. Build, Release, Run
   [+] Obsolete: The resulting release contains both the build and config.
   Changed-to: Packaging configuration along-with build makes it dependent of a set environment. Any disaster resistant or scalable architecture would be crippled with it as it requires creating new packages every change. Make your automated configuration management solution intelligent enough to infer required configuration and deploy the build.
6. ~
7. ~
8. Concurrency
   [+] Obsolete: Twelve-factor app processes should never daemonize or write PIDfiles.
   Changed-to: PID files help some automated configuration management solutions to easily identify the 'service' check placed in them. There are operating system level process managers also supporting PIDfiles. Having a pidfile eases up lots of other custom monitoring plug-ins too... and is not a bad practice to have.
9. ~
10. ~
11. ~
12. ~

Cumulative Correct Concerns 3C@12FactorApp and DevOps-y Solutions

Overall aiming to achieve a easy-to-setup, clean-to-configure, quick-to-scale and smooth-to-update software development ambiance.
The 12 Concerns+Solutions:

1. Problem: Maintaining Application Source Code
   Solution:
   a. Using Version Control Mechanism, if possible Distributed VCS like git. Private hosted (at least private account) code repository.
   b. Unique application~to~repository mapping i.e. single application or independent library's source code in a single repository.
   c. For different versions of same application depend on different commit-stages (not even branches in general cases) of the same code repository.
   
2. Problem: Managing Application Dependencies
   Solution:
   a. Never manually source compile any dependent library or application. Always depend on the standard PackageManager for the intended platform (like rpm, pkg, gem, egg, npm). If there are no packages available, create one. It's not really difficult. On a standard practice, I'd suggest to utilize something like FPM (may be even fpm-cookery gem if you like), which would give you elasticity of easily changing your platform without worrying for the re-creation of packages. Even creating rpm, gem and other is not too much pain compared to the stability it would bring to infrastructure set-up.
   b. Make your automated configuration management utility ensure all the required dependencies of your application are pre-installed in correct order of correct version with correct required configurations.
   c. The dependency configuration will be specific enough to ensure the usage of the installed & configured dependencies. So in case of compiling binary, use static library linking. If you are loading external libraries, ensure the fixated path. Same configuration management tool can be run even in solo/masterless (no-server) usage mode.
   
3. Problem: Configuration in Code, Configuration at all Deploy
   Solution:
   a. Ideally no configuration details as in node's IP/Name, credentials, etc. shall not be a part of application's codebase. As if such a configuration file is locally available in developer-box repository, in non-alert & non-gitignore days it might get committed to your repository.
   b. Make your automated configuration management tool generate all these configuration files for a node based on the node-specific details provided to configuration management tool, no the application.
   c. Suggested practice for keeping these configurations with configuration management tool, also require to utilize a proper different data-store from normal configuration statements. Could be in CSVs, Hiera, dedicated parameter's manifest for a tool like Puppet. For a tool like OpsCode's Chef, there is already databag facility available. Wherever available and required the info should be encrypted with a non-repository available secret key.
   
4. Problem: Backing Services
   Solution:
   a. Whatever other application services are required by application to serve can be included in the 'Backing Services' list. It will be services like data-stores (databases, memory cache and more activesupport), smtp services, etc.
   b. Every information required for these backing services should be configuration details like node-name, credentials, port#, etc. and maintained as a loaded configuration file via configuration management tool.
   c. If it's a highly complex applications broken into several component applications supporting each other, then all other component applications for any component application are also 'Backing Services'.
   
5. Problem: Build, Release, Run
   Solution:
   a. The development stage code gets pushed to codebase and after passing intended tests should be pushed to Build Stage for preparing deploy-able (compile, include dependencies) code. Should read Continuous Integration process for the better approach at it.
   b. The deploy-able code is packaged ready to deliver in Release Stage and pushed in to the package-manager repositories. The required configuration for execution environment is provided to automated configuration management solution.
   c. Run Stage involves release application package from package-manager and intended system-level configurations via configuration management solution.
   
6. Problem: Processes
   Solution:
   a. No persistent data related to application shall be kept along-with it. All of user-input & calculated information required for service shall be at the 'Backing Services' available to all the instances of the application of that environment. Helping the application to be stateless.
   b. Get the static assets compiled at 'Build Stage', served via CDN and cached at load balancing server.
   c. Session state data is a good candidate to be stored and retrieved using backing memory powered cache service (like memcache or redis) providing full-blown stateless servers where lossing/killing one and bringing another doesn't impact on user experience.
   
7. Problem: Port Binding
   Solution:
   a. Applications shouldn't allow any run-time injection to get utilized by 'Backing Services' but instead expose their interaction over any RESTful (or similar) protocol.
   b. In a standard setup, the data/information store/provider opens up a socket and the retriever contacts at the socket with required data transaction protocol. Now this data/information provider can be 'Backing Service' (like db service) or could be the primary application providing information over to a 'Backing Service' (like application server, load balancer).
   c. Either way, they get configured with primary application via automated configuration management by url, port and any other service specific required detail being provided.
   
8. Problem: Concurrency
   Solution:
   a. Here concurrency is mainly used for highly scalable (on requirement) process model, which is almost equivalent to how used libraries manage internal concurrent processes.
   b. All application & 'Backing Service' processes should be such managed that process count of one doesn't effect another as in say access via load balancer over multiple http processes.
   c. All the processes have a process-type and process-count. There should be a process manager to handle continuous execution of that process with that count. Now it could be ruby rack server to be run with multiple threads on same server, or multiple nodes with nginx serving indecent amount of users via a load balancer.
   
9. Problem: Disposability
   Solution:
   a. Quick code & configuration deployment. Configuration Management solution makes sure of the latest (or required stage) application code & configuration changes cleanly & quickly replace the old application exactly as desired.
   b. Application (and 'Backing Services') Architecture shall be elastic, spawning up new nodes under a load-balancer and destroying when the process-load is less must be smooth.
   c. Application's data transactions & task list should be crash-proof. The data & tasks shall be managed to handle the re-schedule of those processes in case of application crash.
   
10. Problem: Dev/Prod Parity
    Solution:
    a. Keep dev, staging, ..., and production environments as similar as possible.If not in process count and machine nodes count, but necessarily similar on the deployment tasks. Could utilize 'vagrant' in coordination with configuration management solution to get quick production like environments at any development box.
    b. Code manages the application and configuration both, any developer (with considerable system level expertise) could get a hang of configuration management frameworks and manage them. Using 'Backing Services' as mentioned would enable environment based different service providers.
    c. Adapting Continuous Delivery would also ensure no new change in code or configuration breaks the deployment.
    
11. Problem: Logs
    Solution:a. All staging/production environment will have application and 'Backing Services' promoting its logs to a central (like syslog, syslog-ng, logstash, etc) log hub for archival, if required back-up proof. It can be queried here for analyzing trnds in application performance over past time.
    b. The central log solution is not configured within applications but the log solution takes care of what to pick and collect, can even have a look at log routers (fluentd, logplex, rsyslog).
    c. Specific log trends can be put to alert everyone effected whenever captured again at Central Log Services (like graylog2, splunk, etc).
    
12. Problem: Admin Processes
    Solution:
    a. Application level admin processes (like db-migration, specific-case-tasks, debug console, etc.) shall also pick the same code and configuration as the running instances of application.
    b. The admin tasks script related to application shall also ship with application code and evolve with it. As db management rake tasks in RubyOnRails applications, run using 'bundler' to stay pick required Environment related library versions.
    c. Languages with REPL shell (like python) or providing it via separate utility (like 'rails console' for rails) give an advantage to easily debug an environment specific issue (which might me arising due to library versions of that environment, data in-consistency, etc) by directly playing around with the objects seemingly acting as the source of flaw.

As I Always Say

Every Generic Solution is very Specifically Placed.

how to host your Public YUM (or any) Repo

almost an year ago came up the simple idea of getting a really simple static-content (html,css,js,...) website on public portal hosted by Google AppEngine for free upto a daily revived usage scheme: http://gae-flat-web.appspot.com/

few days back I was just playing around custom yum repos and thought why not get up one of my own for public usage with RPMs served for either my projects or other non-available rpms, and what I came up with is: http://yum-my.appspot.com/flat_web/index.htm

it's nothing fascinating but just a re-mixed usage of project created from gae-flat-web.

you can access base skeleton of this re-mixed gae-yum-my (the easy way to host your yum repo online) at https://github.com/abhishekkr/gae-yum-my which also has rpm served for gae-flat-web.

now to see how you could get one too~

First Task, register a new portal on Google AppEngine (it's free for reasonable limited usage)using your Google Account. Say, your appengine portal is name MY-YUM-MY.

Now the fun begins.

cloned the starter kit

$ git clone

enter the cloned repo

$ cd gae-yum-my

to actually change your application name in app.yaml

$ sed -i 's/yum-my/MY-YUM-MY/g' app.yaml

create the required linux distro, release branch

$ mkdir yummy/<distro><releasever>/<basearch>

copy all required RPMs in that distro, release branch

$ cp <ALL_MY_RPMS_of__DISTRO_ReleaseVer_BaseArch> yummy/<distro><releasever>/<basearch>/

prepare yum-repo-listing using createrepo command

$ createrepo yummy/<distro><releasever>/<basearch>/ 

now, place a file 'flat_web/yum-my-el6<or-whichever>.repo' with content 

[yum-my-<distro><releasever>-<basearch>] 

name=MY-YUM-MY 

baseurl=http://MY-YUM-MY.appspot.com/yummy/<distro>$releasever/$basearch 

enabled=1 

gpgcheck=0

and can link this file on your 'flat_web/index.htm' homepage 

 to host: 

$ <google_appengine_path>/appcfg.py update <MY-YUM-MY_path>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

now you yum repo has a homepage at http://MY-YUM-MY.appspot.com

and placing tthe *.repo file above with hinted content will get the RPMs added to you repo accessible.