Unless you’re reading this on a braille reader, you’re probably wondering what happened to my blog. The theme has changed, the sidebar is different, the background image different, and so on. What gives?
So we come to the final day, and we still hadn’t made a decision about the towering mass of Goatfell. The plan throughout the week had been to do Goatfell on the last day. There were two reasons for this; one, to do it when we were supposedly at out fittest, and two, to look back from the highest point of Arran on everything we had walked over the course of the week.
Day 6 - Lochranza to Sannox
|The Arran Alps|
The weather was again bright and clear, and we were expected high temperatures. After a superb breakfast from out hosts, we were driven back to Lochranza to start the day. We stopped to grab a picture of the so-called Arran Alps; a view of Goatfell and it’s lower siblings from the north. We then started off around Loch Ranza and picked up the northern trail to Hutton’s Unconformity.
|Ex-scientist ponders the Unconformity|
The next section of the walk is extremely difficult to describe - but this time, in a good way. If all walks were like this, everyone would be doing it. The temperature was mid-twenties, with a light sea breeze. The terrain was easy walking, with splendid views across the sea and into the island. We took a break
just before the An Scrior rockfall, and leaned in the shade tossing pebbles into
the sea. I could have stayed there all day, it was bliss.
An Scrior was not as difficult to cross as the rocks around Black Cave, as there was a reasonable path above it, and we soon passed into a verdant coastline. After lunch, the heat and the horseflies both became brutal - we estimate it was 32C in the shade by 3pm. We drank copious amounts of water, but it was never going to be enough in those temperatures, and before we reached the forest just north of Sannox, there was no shade at all. We took a few stops, but the flies were not about to give us any peace, so we soldiered on through some of the remotest parts of Arran.
|It’s 5 miles to the nearest road from here|
I hope you like privacy…
That left one more day, and the big question was still unanswered. Goatfell loomed large on the horizon as the sun was setting….
Day 5 - Pirnmill to Lochranza
|Clisham Lodge, Pirnmill|
The plan called for a short road stretch to Catacol, then over the headland on the old Postman’s Path to Lochranza. The added joy is that Lochranza is home to Arran’s own whisky distillery, and given the short distance, we aimed to be arrived in time for a tour and a taster before being picked up by our host for the evening at 4pm. A grand plan.
|The Apostles of Catacol|
It was not such a sunny morning as others on the walk, overcast and somewhat humid. The sea across to Kintyre was unbelievably still; it barely rippled. If it weren’t for the midges flying around, it would have been possible to think time itself had stopped. The road was easy going when fresh from breakfast, and we were at the base of the Postman’s Path in Catacol before 12. Catacol’s only noteworthy fact is that it’s cottages are called the Apostles, for reasons that were explained to me at the time, but now escape me. They were good resons, I assure you :)
|Looking back the way we had come|
We dropped down into Lochranza itself by just after 1pm, and as we rested on a bench, we discovered Mrs ER had picked up a big collection of ticks from the close vegetation as we passed. Ticks are not pleasant critters, and in rare cases can transmit the extremely nasty Lyme’s Disease, so we immediately broke out the tools and removed them. Gladly, they were so quickly
discovered that some hadn’t even latched on yet, and were easy to remove.
Finally we were collected by our host, as we were staying in nearby Sannox for the evening. Darven Cottage’s owners were incredibly welcoming, and we felt right at home. After a shower and a meal, we hit the sack, feeling ready for
the north part of the island the following day….
Day 4 - Blackwaterfoot to Pirnmill
|Setting off towards King’s Cave|
|*How* much food?|
very tired by this point.
Day 3 - Lagg to Blackwaterfoot
Since it was going to be a short day, we had a slightly later breakfast, and were underway by 10am. The main issue of the day was going to be lunch - there were no convenient towns to stop in en route, so we tried to get supplies in Lagg. Sadly the village store seemed to be closed. Not to worry, there was apparently another store en route to the coast path.
|Wading through bracken|
While Sliddry does indeed have a store, it seems it’s a farming supply store rather than a food shop. Good job we still had the provisions we bought on day 1! Heading down a lane, we found ourselves back on the coast proper, and with good paths underfoot, we set off around the southwest corner of Arran.
|Wilder parts of the Arran Coast|
Lunch was taken on some appropriately large and comfortably shaped rocks. We figured we had about 3 miles to go to Blackwaterfoot, and it was only 1pm. Easy work after the previous day. However, we hadn’t reckoned on the terrain.
|Can you see the path? This was a highway|
compared to what we had just done
were glad to be out of the hell zone.
Another good meal at the Kinloch Hotel, followed by a pint in our B&B (Blackwaterfoot Lodge), as well as a chat with the owners of said B&B helped set things to rights.
|Finally, Blackwaterfoot in sight!|
Day 1 - Whiting bay to Lagg
Another glorious day, and another large breakfast - required though, as we set off on our longest day, both by distance and time. The issue was that we had two tidal sections to do - first, the boulder field at Dippen Head (which has an optional inland route if it’s a problem) and the coast at Black Cave (which doesn’t). Black Cave is impassable for 2 hours either side of high tide, and with that being at 4pm, we had to aim to arrive at either 2pm or 6pm. Figuring 2pm was unrealistic, we set upon a plan to arrive later and take our time.
|South to Dippen Head from Largymore|
There was a strong possibility that passing Black Cave at 6pm would get us to our hotel after they stopped doing food, so we decided to have a pretty sizable lunch - if all else failed, we had our emergency provisions in our packs.
|Seals enjoying the afternoon sun|
We had information that the remainder of the walk should take around 1.5 hours, and that food stopped at 9pm in the Lagg Hotel, our eventual goal. But we were tired, and carrying heavy bags, so we assumed it would take longer. However, we had no option but to wait, so we rested and watched the tide. It definitely was going out, no doubt about it - but very slowly…
|The rocks we had to cross…|
We could now actually see the cave - and it’s pretty huge. We didn’t admire it for long though - we had miles to go to Lagg, and if we wanted any food, we had less than 2 hours to get there (it was now 7.15pm). We set off at a surprisingly high pace.
|The awe-inspiring Black Cave|
We paid the price though. Because of the big lunch, and the big exertion, we weren’t hungry. We’d pushed every limit to arrive in time to get a meal, and we weren’t hungry! We settled for an ice cold beer, and a dessert each. It was heavenly, and we spent the ‘meal’ discussing exactly how crazy we are, and how we managed to keep that pace up for over an hour.
|The Lagg Hotel|
Day 1 - Brodick to Whiting bay
The first day of our epic walk started with sunshine blazing in through the window - it was clear, blue, and going to be hot. I started the day with an epic walker’s breakfast (porridge and a cooked breakfast :P) and some lively chat with our host at Rothwell Lodge.
|Is this for real?|
|“Lunch is that-a-way”|
|Holy Isle from Clauchland Point|
|Forestry tracks - no shade!|
We now headed inland, up to Dyemill and the Forestry track over the headland towards the Glenashdale Falls. It was blisteringly hot - 2pm is the heat of the day, and forestry tracks rarely have much shade, as the trees will be cleared back to a good 10ft either side of the track. Also, we were climbing uphill, so we had to take it slow.
|Holy Isle from the southwest|
Once the track levelled out, we could start looking for our turning left off the main track, down into Whiting Bay. This lead us down the hillside, with great evening views of the south side of Holy Isle, before passing a few houses, and heading north up the road to our second accommodation, the Burlington Hotel.
We hit the sack early, as we had a big day ahead of us next - the only day with any real tide-dependant sections. I was tired, sure, but not exhausted, and pretty pleased with the first day’s walk. The next promised to be interesting…
I spent last week on a walking holiday, around the coast of Arran, an island in the Firth of Clyde, off the coast of Ayrshire, southwest of Glasgow. It’s postition is fortuitous - being on the western coast, it sits in the Gulf Stream, and yet is sheltered from the western Atlantic storms by the Kintyre peninsula. There are palm trees on some parts of the island :). It also lies across the Highland Boundary Fault - the tectonic line which gives Scotland a lot of it’s mountains. As such, it’s northern part is mountainous, and yet it’s southern half is rolling farming land. Not bad for an island 30 miles long. These features have earned Arran the nickname “Scotland in miniature”. It’s earned this not just for it’s geography, but it’s produce as well - Arran is known for it’s cheese, beer, and whisky.
Arran has had a coastal path for a while - it actually has the domain “www.coastalway.co.uk”. We’d heard how nice Arran was from several friends, and we’d already had one holiday abroad this year, so we decided to go walk around it. There are a number of companies that will organise this kind of thing for you (and we have used them in the past) - they book accommodation, make dinner reservations, move your bags from one place to the next, all you have to do is turn up and walk. However, they’re quite pricey, so my darling wife spent a heap of time organising the B&Bs herself, and we decided to carry our packs ourselves.
Since this was a one week walk, I’m planning to write up each day separately - I sent myself a email every day with my thoughts on the day, which I’ll expand with photos, GPX/KML data so on. For now I’ll give the total stat block for the walk, and my thoughts on arrival… stay tuned over the next few days if this interests you.
(Technical note: Sadly, my Garmin GPS can’t store a week’s data, and I only discovered this when I got home, so I only have accurate GPS data for the last day. The rest has been recreated roughly, from memory. It won’t be far wrong though :P)
Day 0 - Arrival in Brodick
Friday was a crazy day. I had only got back from a business trip to Europe the day before, with a list of tasks I wanted to accomplish before my holiday. I also had to pack my rucksack for an 8day trip, lock up the house, and be in a taxi by 4.30pm. Somehow, I don’t know how, it all got done.
I met up with Mrs ER on the train, and we switched trains in Glasgow Central - it was ridiculously hot and humid there, I felt sticky even without moving. Fortunately the train to Ardrossan harbour was air conditioned, and I could start to relax.
The sea was very calm as we sailed over from Ardrossan to Brodick, and it was easy to grab a few snaps of the approaching island (and thus what we had let ourselves in for). To give you an idea of what we were in for, on the right is a picture of the whole GPX track laid out on a contour map (each day is a different colour).
The approach was spectacular in the sunset, with the sun going down behind the right shoulder of the highest peak on Arran, Goatfell. The plan called for walking up that on the last day, on the way down to the ferry home. It looked pretty imposing from out on the ferry (although the light levels didn’t allow for the best photos).
Sadly, the chip shop was closed when we got off the ferry (9.30pm - that’s island life for you :P). So, we made do with snacks from the local supermarket, and headed to our first B&B for the night (the lovely Rothwell Lodge). It had been a crazy day of work and travel, and sleep was most welcome before the first serious day of walking.
It’s been a while since I last wrote a blog, but that doesn’t mean I’ve been slacking off. In the next series of blog posts, we’ll be looking at some of the new things in Foreman 1.2. But today, I want to make a small diversion…
I recently got some new hardware in the house, courtesy of my employer, so I decided it was time to play with one of the other virtualization technologies out there. As existing readers will know, I’m a big fan of Libvirt and KVM. I’m in no way disatisfied with Foreman’s ability to manage Libvirt - but there’s little point in running it on 2 machines. I won’t learn anything new that way.
So, what to use?
My choice was really between two systems - oVirt and OpenStack. I had originally planned to run oVirt when I ordered the hardware, but delivery issues meant it took a while to reach me. In the meantime, I was asked to help out with some OpenStack/Foreman integration, and was quickly intrigued by it’s capabilites. I’ve been using it now for a couple of weeks, and it’s pretty great. However, I haven’t seen a huge amount of literature on OpenStack and Foreman, so I decided to explain how I set it all up to you.
There’s a ton of blogs about OpenStack at the moment - with so many companies putting time and effort into the codebase, and even more using it in production, it’s hard to not hear about it. So I’ll be keeping my introduction to OpenStack itself brief.
OpenStack is a tool for building a private cloud at large scale - if you’re the sort of organisation that wants the compute power & flexibility of Amazon EC2, but on your premises, OpenStack is the way to go. It deals with co-ordinating real hardware as a cloud, and deploying virtual machines to those nodes, along with the associated tasks of storage, image management, networking, capacity balancing, and so on.
However, despite the goal of a massively scalable computing system, it’s quite possible to run Openstack on a single machine. It simply means that services which would normally run on a dedicated system each, all run on the same box. Not optimal perhaps, but certainly usable.
Stack ‘em up
So, I’ve settled on OpenStack - how do I get rolling?
DevStack was written for people in my position - those wanting to try out OpenStack, but lacking a decent pool of hardware to run it on. DevStack is a script which takes in a configuration file and then sets up a complete installation of OpenStack ready for use.
(Aside: now that I’m more familiar with OpenStack, I may well try out some of the more other installers at a later date. DevStack is a great starting point while you’re getting used to the terminology though :P)
DevStack requires an Ubuntu or Fedora base install - you’ll not be surprised to hear that I opted for a 12.04 LTS install. Once that was complete, I started to follow DevStack’s execellent all-in-one install guide. I’ll not bore you with repeating it here, but I will post my
localrc file (which is the configuration input for DevStack)
greg@amethyst:~/devstack$ cat localrc | egrep -v "^\s*#|^\s*$"
I’ve stripped the comments to keep it short, and most of it is specific to my network - but as you can see, it’s a pretty short config file for such a big project. Once we’re done with the config, we can run the installer
This should run to completion, but it does take quite a while :P. We can now access Openstack on our machine, as a webservice (so, in my case, at
http://amethyst/) using ‘admin’ and the password from the localrc file.
It’s all very well saying ‘it’s running!’ but what do we do with it? Well, Openstack is primarily an image-based system, so the next step is either to download or build some images to use.
If you’ve already logged in, you’ll have seen that
Images & Snapshots is a menu entry in the navigation sidebar. Going there, we have
Create Image, which will ask for a source URL (or file to upload). A few distros do provide images ready for use (see the OpenStack documentation on obtaining imagesfor more):
- Ubuntu: http://cloud-images.ubuntu.com/
- I used the latest QCOW image
- Fedora: http://mattdm.fedorapeople.org/cloud-images/ (semi official)
Sadly, my two favorite distros (Debian and Arch) do not provide a prebuilt image for OpenStack. Debian have started a project to build a Wheezy or Jessie image from a script (see this thread for the discussion) which should eventually end up as a package available to install on Debian which will build an OpenStack image.
You can download this script from their git repo (git://anonscm.debian.org/openstack/openstack-debian-images.git), and I’ve also forked a copy of it myself. I then used it as a base for doing the same steps for Archlinux, which has been moderately successful. The only thing I haven’t yet (at time of writing) managed to do is to have the root filesystem expand to the full size of the disk on boot (which the Debian images do via
cloud-initramfs-growroot). I’m sure I’ll get it working though. You can find my current versions on my GitHub page).
If all else fails, you can use Libvirt (you knew I’d get that in here somewhere, right?). The OpenStack documentation has walkthroughs for both CentOS and Ubuntu, using an interactive install in virt-manager, which work fine for any distros where you can’t get a prebuilt image (I did this for Squeeze, as the above Debian script doesn’t work on Squeeze).
Once you have an image, you can upload it to OpenStack using the Create Image button. You should also be able to test lauching an instance and make sure it boots. Hooray! We have a working virtualization platform! Well, almost….
The only thing that wasn’t set up out of the box (as far as I can remember, after three weeks of using OpenStack) was the floating IPs. What’s that? Let me explain…
Those of you who have used Libvirt in any serious endeavours will be aware that there are broadly two networking approaches. The first is to create a network bridge between the physical network device on the libvirt host, and the virtual machines. This has the effect that all VMs are on the public-facing network, and firewalling is the job of the VM. Alternatively, one can create a virtual NAT network inside Libvirt and have the VMs attach to that - which makes them hard to get to. If you want to reach a NATed VM from your laptop, you either need to do some SSH tunnelling, or set up some static port-forwards on your Libvirt host. Neither option is particularly awesome, although bridging works OK if you have control of the ‘public’ network too.
OpenStack (and other platforms, for that matter) approach this by having a pool of ‘floating IPs’ on the public network (in this case public means my house network, not the public internet). These IPs are reserved for use by OpenStack, so I had to reduce the pool of my DHCP server to avoid clashes. These can then be assigned to a VM from the OpenStack console. This gives you the best of both worlds - you still get the security of being on an isolated network (you have to configure the Security Groups if you even want to be able to ping your hosts on the assigned floating IP), but you can then access the VM on the public IP, eliminating the need for SSH tunnels (which can be awkward if you’re testing webservices, for example).
I added 49 IPs to my OpenStack instance using the following inline bash script:
for n in `seq -w 151 199`; do nova-manage floating create --ip_range 172.20.10.$n; done
Your mileage may vary, as I’m writing this from memory (and .bash_history), but you will need some floating IPs for the Foreman stage.
You’ll also need to allow SSH access (22 TCP) to your VMs using the Security Groups. I used a simple rule of ‘22 TCP from 0.0.0.0/0’ (i.e everywhere) on the ‘default’ security group.
Stack The Deck
So, we have OpenStack up and running, and after ~150 lines of blog, you’re wondering when I’ll get to the Foreman bit - well, that’s now ;)
I’m going to assume a few things about your setup:
- Foreman is already configured with an appropriate Architecture
- Foreman already has an Operating System that matches the distro image you uploaded to OpenStack
- Foreman and OpenStack are on different machines
- Both are on the same network (in my case 172.20.10.0/24)
- Foreman controls DNS for this network (optional)
The first step is to add your OpenStack API credentials to Foreman. Go to
More -> Provisioning -> Compute Resources and add a new one. Give it a
Name of course, and select OpenStack as the type (slightly obvious, but if you don’t see OpenStack, ensure you have the additional compute packages installed on your Foreman server). The
URL is the API endpoint, which will be something like
http://amethyst:5000/v2.0/tokens (set the hostname as appropriate). The
Password will be ‘admin’ and the admin password from your localrc. Then you can press
Load Tenants and pick the one which you uploaded your distro image(s) to. Hit
Test Connection and (assuming it’s fine - remember that
Test Connection silently succeeds) save the CR.
Now we need to map the image on OpenStack to the Operating System on Foreman. Click the new CR and select ‘New Image’. Select the appropriate image from the dropdown, and fill in the rest of the boxes (be careful with ‘Username’ as it varies from distro to distro - Ubuntu use ‘ubuntu’, Debian use ‘debian’, and my Arch image uses ‘root’). Save the image.
We’re almost there, but we also need a Finish template to run on the machine when Foreman provisions it. You could use any existing Finish template,but I’m going to add an OpenStack specific one (I also created an ‘openstack’ Puppet environment, to completely isolate my test area, but this is optional). Under
More > Provisioning > Provisioning Templates I created a new template, containing just
mkdir -p /root/.ssh
echo "<my ssh key>" >> /root/.ssh/authorized_keys
Assign this template to the appropriate OS, and also restrict by environment if you’re using one. You can always extended this further, using exising templates for inspiration (such as installing packages, running Puppet, etc). You can also check out Ohad’s EC2 blogpostfor more ideas - OpenStack works very similarly to EC2, and those scripts should work for OpenStack too.
Deal the hand
So, after a lot of UI setup, we’re ready to try it!
Hosts -> New Host, select your OpenStack CR from
Deploy On, give it the usual things like
Puppet Environment, etc. You’ll notice
Network only has a choice of
Domain now (which matters for your DNS records). On the
Operating System tab, after selecting the correct
Operating System, you should be able to select the
Imageyou created above, and load the templates to make sure the new template is being used. The
Virtual Machine tab allows us to select how many resources we should give to the new VM, and importantly we must select the
Floating IP network (otherwise Foreman won’t be able to reach the VM). You should also select the
Security Group which has SSH access (otherwise Foreman won’t be able to log in).
Once we’ve done all that, Submit the Host, and you should see Foreman spin up the VM on OpenStack, SSH in, and run the template.
OpenStack plays very well with Foreman, as they split the required duties - OpenStack deals with all the resource management, quota management, security, and networking, and simply tells Foreman the IP it chose to assign to the host. Foreman can then do it’s usual job of managing DNS, certificates, and providing Puppet on the host with ENC data (obviously DHCP and TFTP are not required in this scenario).
As a result, I now have the joy of booting my most commonly used distributions in ~1min rather than the ~20min it takes to do a PXE install on Libvirt, with DNS, and (if requested) a full Puppet run already done. Of course, I still have my Libvirt host of course, and can do a PXE install if I need a specific setup on the host, but so far I’ve had little need for that.
While this blog is quite long, the above took me less than a day to figure out. OpenStack is fairly intuitive (assuming you’ve used some other virtualization before), and of course, once you get to Foreman, you’re getting the same consistent interface you’re used to. It’s all very smooth, really.
As ever, if you try this yourself, do let me know how you get on!