Embed Size (px)
Citation preview
@STL_PUGGITHUB.COM/STLPUG
WELCOMEST LOUIS PUPPET USERS GROUP
PUPPETCONF WRAP-UPSTLPUG GITHUB UPDATESRAZORMCOLLECTIVE PLUGIN DEVELOPMENT
Agenda
OVERVIEW
CONFERENCE
PUPPETCONF WRAP-UP▸ training
▸ experience
▸ user sessions
▸ unit testing
▸ types & providers
▸ best practices / patterns
▸ Puppet on Windows
▸ PuppetConf 2017
PUPPET AUTOMATED PROVISIONING
RAZORKris ReeseLenny Ilyashov
PROVISIONING APPLICATION THAT DEPLOYS BARE-METAL AND VIRTUAL SYSTEMS BASED ON CHARACTERISTICS OF THE HARDWARE
What is Razor?
WHY RAZOR?▸ Synergy with Configuration Management▸ Bare-metal & Virtual▸ Deployment of multiple OS▸ Hand off to Puppet▸ RESTful API▸ Consistent Minimal OS install▸ Capability to redeploy on demand▸ pe_razor (ships with Puppet Enterprise!)
SETUP
RAZOR REQUIREMENTS
▸ A DHCP/DNS/TFTP service with SELinux configured to enable PXE boot▸ iPXE Software
▸ undionly.kpxe file from the iPXE open source software stack▸ Razor specific bootstrap.ipxe script
▸ Razor Client (pe-razor-client ruby gem)▸ Puppet Enterprise
▸ The Razor Server▸ bootstrap.ipxe
PREREQUISITES
- DNSMASQ FOR DHCP, DNS, TFTP- UNDIONLY.KPXE- PE-RAZOR-CLIENTSetup via Vagrantfile shell provisioner
SETUP
PUPPET ENTERPRISE (PE_RAZOR)
SETUP
PUPPET ENTERPRISE (PE_RAZOR)STLPUG razor ~ # puppet agent -tInfo: Using configured environment 'production'Info: Retrieving pluginfactsInfo: Retrieving pluginInfo: Loading factsInfo: Caching catalog for razor.stlpug.comInfo: Applying configuration version '1480995491'Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Exec[unpack the microkernel]/returns: executed successfullyNotice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Pe_razor::Server::Repo[razor]/Exec[unpack the razor repo]/returns: executed successfullyNotice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Pe_razor::Server::Repo[razor]/Yumrepo[pe-razor]/ensure: createdInfo: changing mode of /etc/yum.repos.d/pe-razor.repo from 600 to 644Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Package[pe-razor-server]/ensure: created...
SETUP
POST PE_RAZOR
STLPUG razor ~ # cat /vagrant/files/bootstrap.sh | grep "#"# Get bootstrap.ipxe# Create Razor Broker# Create Razor Repo# Create Razor Tag# Create Razor Policy# Prep for Windows deployment
SETUP
RAZOR COMMANDSSTLPUG razor ~ # razor commandsFrom https://razor.stlpug.com:8151/api/collections/commands:
+------+---------------+----------------+--------+----------+| name | command | name parameter | errors | status |+------+---------------+----------------+--------+----------+| 11 | create-policy | esxi6 | 0 | finished |+------+---------------+----------------+--------+----------+| 10 | create-policy | win2k12r2 | 0 | finished |+------+---------------+----------------+--------+----------+| 9 | create-policy | centos6 | 0 | finished |+------+---------------+----------------+--------+----------+| 8 | create-tag | esxi6 | 0 | finished |+------+---------------+----------------+--------+----------+| 7 | create-tag | win2k12r2 | 0 | finished |+------+---------------+----------------+--------+----------+| 6 | create-tag | centos6 | 0 | finished |+------+---------------+----------------+--------+----------+| 5 | create-repo | esxi6 | 0 | finished |+------+---------------+----------------+--------+----------+| 4 | create-repo | win2k12r2 | 0 | finished |+------+---------------+----------------+--------+----------+| 3 | create-repo | centos6 | 0 | finished |+------+---------------+----------------+--------+----------+| 2 | create-broker | noop | 0 | finished |+------+---------------+----------------+--------+----------+| 1 | create-broker | pe | 0 | finished |+------+---------------+----------------+--------+----------+
Query an entry by including its name, e.g. `razor commands 11`
WORKFLOW
HOW RAZOR WORKS▸ Repositories
▸ Repositories contain – or point to – the operating system to install on a noderazor create-repo --name centos6
--task centos --iso-url “http://archive.kernel.org/centos-vault/6.6/isos/x86_64/CentOS-6.6-x86_64-minimal.iso”
extracts to /opt/puppetlabs/server/data/razor-server/repo/centos6
WORKFLOW
HOW RAZOR WORKS▸ Tags (Optional)
▸ Tags let you group nodes based on their characteristics▸ Apply policies based on tags to install appropriate operating systems
on tagged nodes▸ If you don’t specify tags for a policy, the policy binds to any node
razor create-tag --name centos6 --rule '["has_macaddress", "08:00:27:41:1f:6f"]'
WORKFLOW
HOW RAZOR WORKS▸ Policies
▸ Tell Razor what OS to install on the provisioned node▸ Where to get the OS software▸ How it should be configured▸ How to communicate between the node and PE
razor create-policy --name centos6 --repo centos6 --task centos --broker pe --enabled --hostname ‘apache${id}.stlpug.com' --root-password secret --tag centos6
WORKFLOW
HOW RAZOR WORKS▸ Broker (Optional)
▸ Brokers hand off nodes to configuration management systems like PE
razor create-broker --name pe --broker-type puppet-pe --configuration server=puppetmaster.stlpug.com
razor create-broker --name=noop --broker-type=noop
WORKFLOW
HOW RAZOR WORKS▸ Phases
▸ Discovery▸ Task▸ Broker
Discovery Phase
Discovery Phase
Discovery Phase
Discovery Phase
Discovery Phase
Discovery Phase
Task Phase
OS is now deployed
Hand off to broker for day 2 commencement!
Broker Phase
DEMO TIME!
ADVANCED
RAZOR HOOKS▸ Trigger invocation of scripts during certain events in a node’s lifecycle
▸ node-registered: triggered after a node has been registered▸ node-bound-to-policy: triggered after a node has been bound to a policy▸ node-unbound-from-policy: triggered after a node has been marked as uninstalled by the
reinstall-node command▸ node-deleted: triggered after a node has been deleted.▸ node-booted: triggered every time a node boots via iPXE.▸ node-facts-changed: triggered whenever a node changes its facts.▸ node-install-finished: triggered when a policy finishes its last step.
ADVANCED
RAZOR HOOKS▸ Scripts must exist on disk▸ Executable scripts named after their triggering event▸ Scripts receive input including node info
?QUESTIONS
?
REFERENCES
▸ Razor Workflow Slides 9 - 16▸ Slides borrowed from May 2015 Austin PUG
▸ https://github.com/stlpug/pe-vagrant/tree/razor▸ https://puppet.com/product/capabilities/automated-provisioning▸ https://github.com/puppetlabs/razor-server/wiki▸ https://docs.puppet.com/pe/latest/razor_using.html▸ https://github.com/npwalker/pe-razor-vagrant-stack
