Resource orchestration (templates)

Even when individual elements in the cloud can be configured through the OpenStack API, configuration management and operation and maintenance on element level becomes a daunting task for any but the simplest service architectures.

A resource orchestration platform automates configuration tasks through a language-level API, allowing representing the cloud elements as code, and human-readable configuration files (known as templates). A number of resource orchestration platforms exist, supporting different languages, cloud infrastructure APIs and varied feature sets.

OpenStack Heat

In OpenStack, the program Heat is dedicated to orchestration. It uses test files (typically in YAML format) that can be treated as code. OpenStack Heat automates the creation of cloud resources like networks, instances, storage devices, collectively known as stacks.

The Heat engine is the project server which does the actual orchestration and resource integration. It receives API requests over Remote Procedure Call (RPC), orchestrates the launching of templates and feeds events back to the API.

For an introduction to Heat, please see


Terraform is a server orchestration and service provisioning tool from Hashicorp. It represents cloud elements in a set of configuration files and provides an API that checks for configuration consistency, creates a build and returns output as input to other configuration tools, such as Ansible, and applies the build onto the cloud infrastructure.

For an introduction to Terraform, please see


Ansible manages remote tasks over SSH. It runs on Linux and configures remote hosts on Unix-like or Windows platforms.

During the execution of a task, a process communicates with the accessed node over standard input/output using a JSON-based protocol. Ansible is agentless - it orchestrates a node by installing and running modules on the node temporarily via SSH. When it is not performing any tasks, it does not consume any resources on the controlled node, since no daemons are running on it. Only OpenSSH and Python are required on the managed nodes.

Configuration files for Ansible are stored in inventory files (in ASCII text, YAML etc. formats) that are used to orchestrate remote hosts. These files contain either the IP address or the host name accessible by Ansible. Orchestration tasks are specified in playbooks, a language based on YAML and Jinja templates.

For an introduction to Ansible, please see


Juju is an open source application modeling tool for deploying, configuring and other operational tasks on cloud services. It uses charms - a collection of YAML files and hooks to install, start/stop, configure service, written in any programming language executable from the command-line.

A Juju bundle is a portable specification including charms and configuration files of the applications to deploy, such as

  • OpenStack components/projects

  • supplementary components

  • versions

  • repositories

  • certificates

  • network layout definition (spaces)

Juju deploys the control plane of the cloud to the OpenStack control nodes and handles the data plane as well.

A Juju environment template is available for download from Horizon. This contains template data used at the cloud side orchestration of the tenant resources.

Additional Resources

OpenStack Heat - the OpenStack orchestration engine

Ansible - utility for automated deployment and configuration of server-side software (e.g. database, load balancer, web server, app server etc.)

Terraform – utility for automated infrastructure configuration and deployment of VM’s

Juju - model-driven application management and infrastructure-as-code utility