SlideShare a Scribd company logo

Bare-metal and Virtual Provisioning with Razor

Download as PPTX, PDF
K
Kristian Reese

Bare-metal and Virtual Provisioning using Puppet Razor

Technology
1 of 32
@STL_PUG GITHUB.COM/STLPUG WELCOME ST LOUIS PUPPET USERS GROUP
PUPPETCONF WRAP-UP STLPUG GITHUB UPDATES RAZOR MCOLLECTIVE PLUGIN DEVELOPMENT Agenda OVERVIEW
CONFERENCE PUPPETCONF WRAP-UP ▸ training ▸ experience ▸ user sessions ▸ unit testing ▸ types & providers ▸ best practices / patterns ▸ Puppet on Windows ▸ PuppetConf 2017
STLPUG GITHUB UPDATES — GITHUB.COM/STLPUG
PUPPET AUTOMATED PROVISIONING RAZOR Kris Reese Lenny Ilyashov
PROVISIONING APPLICATION THAT DEPLOYS BARE-METAL AND VIRTUAL SYSTEMS BASED ON CHARACTERISTICS OF THE HARDWARE What is Razor?
WHY RAZOR? ▸Synergy with Configuration Management ▸Bare-metal & Virtual ▸Deployment of multiple OS ▸Hand off to Puppet ▸RESTful API ▸Consistent Minimal OS install ▸Capability to redeploy on demand ▸pe_razor (ships with Puppet Enterprise!)
SETUP RAZOR REQUIREMENTS ▸A DHCP/DNS/TFTP service with SELinux configured to enable PXE boot ▸iPXE Software ▸undionly.kpxe file from the iPXE open source software stack ▸Razor specific bootstrap.ipxe script ▸Razor Client (pe-razor-client ruby gem) ▸Puppet Enterprise ▸The Razor Server ▸bootstrap.ipxe
PREREQUISITES - DNSMASQ FOR DHCP, DNS, TFTP - UNDIONLY.KPXE - PE-RAZOR-CLIENT Setup via Vagrantfile shell provisioner
SETUP PUPPET ENTERPRISE (PE_RAZOR)
SETUP PUPPET ENTERPRISE (PE_RAZOR) STLPUG razor ~ # puppet agent -t Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for razor.stlpug.com Info: Applying configuration version '1480995491' Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Exec[unpack the microkernel]/returns: executed successfully Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Pe_razor::Server::Repo[razor]/Exec[unpack the razor repo]/returns: executed successfully Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Pe_razor::Server::Repo[razor]/Yumrepo[pe- razor]/ensure: created Info: changing mode of /etc/yum.repos.d/pe-razor.repo from 600 to 644 Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Package[pe-razor-server]/ensure: created ...
SETUP POST PE_RAZOR STLPUG razor ~ # cat /vagrant/files/bootstrap.sh | grep "#" # Get bootstrap.ipxe # Create Razor Broker # Create Razor Repo # Create Razor Tag # Create Razor Policy # Prep for Windows deployment
SETUP RAZOR COMMANDS STLPUG razor ~ # razor commands From https://razor.stlpug.com:8151/api/collections/commands: +------+---------------+----------------+--------+----------+ | name | command | name parameter | errors | status | +------+---------------+----------------+--------+----------+ | 11 | create-policy | esxi6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 10 | create-policy | win2k12r2 | 0 | finished | +------+---------------+----------------+--------+----------+ | 9 | create-policy | centos6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 8 | create-tag | esxi6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 7 | create-tag | win2k12r2 | 0 | finished | +------+---------------+----------------+--------+----------+ | 6 | create-tag | centos6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 5 | create-repo | esxi6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 4 | create-repo | win2k12r2 | 0 | finished | +------+---------------+----------------+--------+----------+ | 3 | create-repo | centos6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 2 | create-broker | noop | 0 | finished | +------+---------------+----------------+--------+----------+ | 1 | create-broker | pe | 0 | finished | +------+---------------+----------------+--------+----------+ Query an entry by including its name, e.g. `razor commands 11`
WORKFLOW HOW RAZOR WORKS ▸Repositories ▸Repositories contain – or point to – the operating system to install on a node razor create-repo --name centos6 --task centos --iso-url “http://archive.kernel.org/centos- vault/6.6/isos/x86_64/CentOS-6.6-x86_64-minimal.iso” extracts to /opt/puppetlabs/server/data/razor-server/repo/centos6
WORKFLOW HOW RAZOR WORKS ▸Tags (Optional) ▸Tags let you group nodes based on their characteristics ▸Apply policies based on tags to install appropriate operating systems on tagged nodes ▸If you don’t specify tags for a policy, the policy binds to any node razor create-tag --name centos6 --rule '["has_macaddress", "08:00:27:41:1f:6f"]'
WORKFLOW HOW RAZOR WORKS ▸Policies ▸Tell Razor what OS to install on the provisioned node ▸Where to get the OS software ▸How it should be configured ▸How to communicate between the node and PE razor create-policy --name centos6 --repo centos6 --task centos --broker pe --enabled --hostname ‘apache${id}.stlpug.com' --root-password secret --tag centos6
WORKFLOW HOW RAZOR WORKS ▸Broker (Optional) ▸Brokers hand off nodes to configuration management systems like PE razor create-broker --name pe --broker-type puppet-pe --configuration server=puppetmaster.stlpug.com razor create-broker --name=noop --broker-type=noop
WORKFLOW HOW RAZOR WORKS ▸Phases ▸Discovery ▸Task ▸Broker
Discovery Phase
Discovery Phase
Discovery Phase
Discovery Phase
Discovery Phase
Discovery Phase
Task Phase OS is now deployed Hand off to broker for day 2 commencement!
Broker Phase
ADVANCED RAZOR HOOKS ▸Trigger invocation of scripts during certain events in a node’s lifecycle ▸node-registered: triggered after a node has been registered ▸node-bound-to-policy: triggered after a node has been bound to a policy ▸node-unbound-from-policy: triggered after a node has been marked as uninstalled by the reinstall-node command ▸node-deleted: triggered after a node has been deleted. ▸node-booted: triggered every time a node boots via iPXE. ▸node-facts-changed: triggered whenever a node changes its facts. ▸node-install-finished: triggered when a policy finishes its last step.
ADVANCED RAZOR HOOKS ▸Scripts must exist on disk ▸Executable scripts named after their triggering event ▸Scripts receive input including node info
REFERENCES ▸Razor Workflow Slides 9 - 16 ▸Slides borrowed from May 2015 Austin PUG ▸https://github.com/stlpug/pe-vagrant/tree/razor ▸https://puppet.com/product/capabilities/automated-provisioning ▸https://github.com/puppetlabs/razor-server/wiki ▸https://docs.puppet.com/pe/latest/razor_using.html ▸https://github.com/npwalker/pe-razor-vagrant-stack

Recommended

Mysql56 replication
Mysql56 replicationMysql56 replication
Mysql56 replicationChris Makayal
 
Drizzle to MySQL, Stress Free Migration
Drizzle to MySQL, Stress Free MigrationDrizzle to MySQL, Stress Free Migration
Drizzle to MySQL, Stress Free MigrationAndrew Hutchings
 
Oracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsiOracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsiChanaka Lasantha
 
Oracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfsOracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfsChanaka Lasantha
 
Installing spark 2
Installing spark 2Installing spark 2
Installing spark 2Ahmed Mekawy
 
Deploying Percona XtraDB Cluster in Openshift
Deploying Percona XtraDB Cluster in OpenshiftDeploying Percona XtraDB Cluster in Openshift
Deploying Percona XtraDB Cluster in OpenshiftAlexander Rubin
 
Python, Keras, Hello world, Installation, Binary Classification
Python, Keras, Hello world, Installation, Binary ClassificationPython, Keras, Hello world, Installation, Binary Classification
Python, Keras, Hello world, Installation, Binary ClassificationHamed Shah-Hosseini
 
MariaDB ColumnStore column-oriented database Install memo
MariaDB ColumnStore column-oriented database Install memoMariaDB ColumnStore column-oriented database Install memo
MariaDB ColumnStore column-oriented database Install memoNaoto MATSUMOTO
 

Recommended

Mysql56 replication
Mysql56 replicationMysql56 replication
Mysql56 replicationChris Makayal
 
Drizzle to MySQL, Stress Free Migration
Drizzle to MySQL, Stress Free MigrationDrizzle to MySQL, Stress Free Migration
Drizzle to MySQL, Stress Free MigrationAndrew Hutchings
 
Oracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsiOracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsiChanaka Lasantha
 
Oracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfsOracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfsChanaka Lasantha
 
Installing spark 2
Installing spark 2Installing spark 2
Installing spark 2Ahmed Mekawy
 
Deploying Percona XtraDB Cluster in Openshift
Deploying Percona XtraDB Cluster in OpenshiftDeploying Percona XtraDB Cluster in Openshift
Deploying Percona XtraDB Cluster in OpenshiftAlexander Rubin
 
Python, Keras, Hello world, Installation, Binary Classification
Python, Keras, Hello world, Installation, Binary ClassificationPython, Keras, Hello world, Installation, Binary Classification
Python, Keras, Hello world, Installation, Binary ClassificationHamed Shah-Hosseini
 
MariaDB ColumnStore column-oriented database Install memo
MariaDB ColumnStore column-oriented database Install memoMariaDB ColumnStore column-oriented database Install memo
MariaDB ColumnStore column-oriented database Install memoNaoto MATSUMOTO
 
How to manage Microsoft Azure with open source
How to manage Microsoft Azure with open sourceHow to manage Microsoft Azure with open source
How to manage Microsoft Azure with open sourceTaehee Jang
 
ClickHouse column-oriented database Install memo
ClickHouse column-oriented database Install memoClickHouse column-oriented database Install memo
ClickHouse column-oriented database Install memoNaoto MATSUMOTO
 
Ceph issue 해결 사례
Ceph issue 해결 사례Ceph issue 해결 사례
Ceph issue 해결 사례Open Source Consulting
 
Alluxio in MOMO
Alluxio in MOMOAlluxio in MOMO
Alluxio in MOMOAlluxio, Inc.
 
ProxySQL & PXC(Query routing and Failover Test)
ProxySQL & PXC(Query routing and Failover Test)ProxySQL & PXC(Query routing and Failover Test)
ProxySQL & PXC(Query routing and Failover Test)YoungHeon (Roy) Kim
 
Spider Setup with AWS/sandbox
Spider Setup with AWS/sandboxSpider Setup with AWS/sandbox
Spider Setup with AWS/sandboxI Goo Lee
 
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]Alluxio, Inc.
 
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...Windows Developer
 
Diff
DiffDiff
Diffyosuke_shimada
 
Nat
NatNat
NatMohamed Gamel
 
Webserver Architecture Example
Webserver Architecture ExampleWebserver Architecture Example
Webserver Architecture ExampleOhio University
 
Passwordless login with unix auth_socket
Passwordless login with unix auth_socketPasswordless login with unix auth_socket
Passwordless login with unix auth_socketOtto Kekäläinen
 
Hw09 Monitoring Best Practices
Hw09 Monitoring Best PracticesHw09 Monitoring Best Practices
Hw09 Monitoring Best PracticesCloudera, Inc.
 
Haproxy - zastosowania
Haproxy - zastosowaniaHaproxy - zastosowania
Haproxy - zastosowaniaŁukasz Jagiełło
 
Proxy server ubuntu 12.04
Proxy server ubuntu 12.04Proxy server ubuntu 12.04
Proxy server ubuntu 12.04Tio Aldiansyah
 
Openstack kilo installation using rdo
Openstack kilo installation using rdoOpenstack kilo installation using rdo
Openstack kilo installation using rdoNarasimha sreeram
 
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀EXEM
 
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsMake stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsWeaveworks
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefMatt Ray
 
Percona Live 2012PPT:mysql-security-privileges-and-user-management
Percona Live 2012PPT:mysql-security-privileges-and-user-managementPercona Live 2012PPT:mysql-security-privileges-and-user-management
Percona Live 2012PPT:mysql-security-privileges-and-user-managementmysqlops
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 
Curso de MySQL 5.7
Curso de MySQL 5.7Curso de MySQL 5.7
Curso de MySQL 5.7Eduardo Legatti
 

More Related Content

What's hot

How to manage Microsoft Azure with open source
How to manage Microsoft Azure with open sourceHow to manage Microsoft Azure with open source
How to manage Microsoft Azure with open sourceTaehee Jang
 
ClickHouse column-oriented database Install memo
ClickHouse column-oriented database Install memoClickHouse column-oriented database Install memo
ClickHouse column-oriented database Install memoNaoto MATSUMOTO
 
ProxySQL & PXC(Query routing and Failover Test)
ProxySQL & PXC(Query routing and Failover Test)ProxySQL & PXC(Query routing and Failover Test)
ProxySQL & PXC(Query routing and Failover Test)YoungHeon (Roy) Kim
 
Spider Setup with AWS/sandbox
Spider Setup with AWS/sandboxSpider Setup with AWS/sandbox
Spider Setup with AWS/sandboxI Goo Lee
 
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]Alluxio, Inc.
 
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...Windows Developer
 
Webserver Architecture Example
Webserver Architecture ExampleWebserver Architecture Example
Webserver Architecture ExampleOhio University
 
Passwordless login with unix auth_socket
Passwordless login with unix auth_socketPasswordless login with unix auth_socket
Passwordless login with unix auth_socketOtto Kekäläinen
 
Hw09 Monitoring Best Practices
Hw09 Monitoring Best PracticesHw09 Monitoring Best Practices
Hw09 Monitoring Best PracticesCloudera, Inc.
 
Proxy server ubuntu 12.04
Proxy server ubuntu 12.04Proxy server ubuntu 12.04
Proxy server ubuntu 12.04Tio Aldiansyah
 
Openstack kilo installation using rdo
Openstack kilo installation using rdoOpenstack kilo installation using rdo
Openstack kilo installation using rdoNarasimha sreeram
 
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀EXEM
 

What's hot (17)

How to manage Microsoft Azure with open source
How to manage Microsoft Azure with open sourceHow to manage Microsoft Azure with open source
How to manage Microsoft Azure with open source
 
ClickHouse column-oriented database Install memo
ClickHouse column-oriented database Install memoClickHouse column-oriented database Install memo
ClickHouse column-oriented database Install memo
 
Ceph issue 해결 사례
Ceph issue 해결 사례Ceph issue 해결 사례
Ceph issue 해결 사례
 
Alluxio in MOMO
Alluxio in MOMOAlluxio in MOMO
Alluxio in MOMO
 
ProxySQL & PXC(Query routing and Failover Test)
ProxySQL & PXC(Query routing and Failover Test)ProxySQL & PXC(Query routing and Failover Test)
ProxySQL & PXC(Query routing and Failover Test)
 
Spider Setup with AWS/sandbox
Spider Setup with AWS/sandboxSpider Setup with AWS/sandbox
Spider Setup with AWS/sandbox
 
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]
The Practice of Alluxio in Near Real-Time Data Platform at VIPShop [Chinese]
 
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...
Build 2017 - P4168 - Managing Secure, Scalable, Azure Service Fabric Clusters...
 
Diff
DiffDiff
Diff
 
Nat
NatNat
Nat
 
Webserver Architecture Example
Webserver Architecture ExampleWebserver Architecture Example
Webserver Architecture Example
 
Passwordless login with unix auth_socket
Passwordless login with unix auth_socketPasswordless login with unix auth_socket
Passwordless login with unix auth_socket
 
Hw09 Monitoring Best Practices
Hw09 Monitoring Best PracticesHw09 Monitoring Best Practices
Hw09 Monitoring Best Practices
 
Haproxy - zastosowania
Haproxy - zastosowaniaHaproxy - zastosowania
Haproxy - zastosowania
 
Proxy server ubuntu 12.04
Proxy server ubuntu 12.04Proxy server ubuntu 12.04
Proxy server ubuntu 12.04
 
Openstack kilo installation using rdo
Openstack kilo installation using rdoOpenstack kilo installation using rdo
Openstack kilo installation using rdo
 
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀
제 8회 엑셈 수요 세미나 자료 연구컨텐츠팀
 

Similar to Bare-metal and Virtual Provisioning with Razor

Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsMake stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsWeaveworks
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefMatt Ray
 
Percona Live 2012PPT:mysql-security-privileges-and-user-management
Percona Live 2012PPT:mysql-security-privileges-and-user-managementPercona Live 2012PPT:mysql-security-privileges-and-user-management
Percona Live 2012PPT:mysql-security-privileges-and-user-managementmysqlops
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 
Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Nalee Jang
 
Automating the Network
Automating the NetworkAutomating the Network
Automating the NetworkPuppet
 
Automating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWSAutomating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWSChris Brown
 
glance replicator
glance replicatorglance replicator
glance replicatoririx_jp
 
Salting new ground one man ops from scratch
Salting new ground one man ops from scratchSalting new ground one man ops from scratch
Salting new ground one man ops from scratchJay Harrison
 
SecZone 2011: Scrubbing SAP clean with SOAP
SecZone 2011: Scrubbing SAP clean with SOAPSecZone 2011: Scrubbing SAP clean with SOAP
SecZone 2011: Scrubbing SAP clean with SOAPChris John Riley
 
The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015
The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015
The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015Remi Bergsma
 
Linux Desktop Automation
Linux Desktop AutomationLinux Desktop Automation
Linux Desktop AutomationRui Lapa
 
Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015Stephen Gordon
 
SAP (in)security: Scrubbing SAP clean with SOAP
SAP (in)security: Scrubbing SAP clean with SOAPSAP (in)security: Scrubbing SAP clean with SOAP
SAP (in)security: Scrubbing SAP clean with SOAPChris John Riley
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...Jisc
 
Cloud Meetup - Automation in the Cloud
Cloud Meetup - Automation in the CloudCloud Meetup - Automation in the Cloud
Cloud Meetup - Automation in the Cloudpetriojala123
 

Similar to Bare-metal and Virtual Provisioning with Razor (20)

Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsMake stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and Chef
 
Percona Live 2012PPT:mysql-security-privileges-and-user-management
Percona Live 2012PPT:mysql-security-privileges-and-user-managementPercona Live 2012PPT:mysql-security-privileges-and-user-management
Percona Live 2012PPT:mysql-security-privileges-and-user-management
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
 
Curso de MySQL 5.7
Curso de MySQL 5.7Curso de MySQL 5.7
Curso de MySQL 5.7
 
Puppet Data Mining
Puppet Data MiningPuppet Data Mining
Puppet Data Mining
 
Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차Red Hat OpenStack 17 저자직강+스터디그룹_4주차
Red Hat OpenStack 17 저자직강+스터디그룹_4주차
 
Automating the Network
Automating the NetworkAutomating the Network
Automating the Network
 
Automating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWSAutomating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWS
 
Development Workflows on AWS
Development Workflows on AWSDevelopment Workflows on AWS
Development Workflows on AWS
 
glance replicator
glance replicatorglance replicator
glance replicator
 
Salting new ground one man ops from scratch
Salting new ground one man ops from scratchSalting new ground one man ops from scratch
Salting new ground one man ops from scratch
 
Automation day red hat ansible
Automation day red hat ansible Automation day red hat ansible
Automation day red hat ansible
 
SecZone 2011: Scrubbing SAP clean with SOAP
SecZone 2011: Scrubbing SAP clean with SOAPSecZone 2011: Scrubbing SAP clean with SOAP
SecZone 2011: Scrubbing SAP clean with SOAP
 
The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015
The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015
The Mission Critical Cloud @ Apache CloudStack meetup Amsterdam June 2015
 
Linux Desktop Automation
Linux Desktop AutomationLinux Desktop Automation
Linux Desktop Automation
 
Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015
 
SAP (in)security: Scrubbing SAP clean with SOAP
SAP (in)security: Scrubbing SAP clean with SOAPSAP (in)security: Scrubbing SAP clean with SOAP
SAP (in)security: Scrubbing SAP clean with SOAP
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
 
Cloud Meetup - Automation in the Cloud
Cloud Meetup - Automation in the CloudCloud Meetup - Automation in the Cloud
Cloud Meetup - Automation in the Cloud
 

Recently uploaded

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

Bare-metal and Virtual Provisioning with Razor

  • 2. PUPPETCONF WRAP-UP STLPUG GITHUB UPDATES RAZOR MCOLLECTIVE PLUGIN DEVELOPMENT Agenda OVERVIEW
  • 3. CONFERENCE PUPPETCONF WRAP-UP ▸ training ▸ experience ▸ user sessions ▸ unit testing ▸ types & providers ▸ best practices / patterns ▸ Puppet on Windows ▸ PuppetConf 2017
  • 4. STLPUG GITHUB UPDATES — GITHUB.COM/STLPUG
  • 6. PROVISIONING APPLICATION THAT DEPLOYS BARE-METAL AND VIRTUAL SYSTEMS BASED ON CHARACTERISTICS OF THE HARDWARE What is Razor?
  • 7. WHY RAZOR? ▸Synergy with Configuration Management ▸Bare-metal & Virtual ▸Deployment of multiple OS ▸Hand off to Puppet ▸RESTful API ▸Consistent Minimal OS install ▸Capability to redeploy on demand ▸pe_razor (ships with Puppet Enterprise!)
  • 8. SETUP RAZOR REQUIREMENTS ▸A DHCP/DNS/TFTP service with SELinux configured to enable PXE boot ▸iPXE Software ▸undionly.kpxe file from the iPXE open source software stack ▸Razor specific bootstrap.ipxe script ▸Razor Client (pe-razor-client ruby gem) ▸Puppet Enterprise ▸The Razor Server ▸bootstrap.ipxe
  • 9. PREREQUISITES - DNSMASQ FOR DHCP, DNS, TFTP - UNDIONLY.KPXE - PE-RAZOR-CLIENT Setup via Vagrantfile shell provisioner
  • 11. SETUP PUPPET ENTERPRISE (PE_RAZOR) STLPUG razor ~ # puppet agent -t Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for razor.stlpug.com Info: Applying configuration version '1480995491' Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Exec[unpack the microkernel]/returns: executed successfully Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Pe_razor::Server::Repo[razor]/Exec[unpack the razor repo]/returns: executed successfully Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Pe_razor::Server::Repo[razor]/Yumrepo[pe- razor]/ensure: created Info: changing mode of /etc/yum.repos.d/pe-razor.repo from 600 to 644 Notice: /Stage[main]/Pe_razor/Pe_razor::Server[razor]/Package[pe-razor-server]/ensure: created ...
  • 12. SETUP POST PE_RAZOR STLPUG razor ~ # cat /vagrant/files/bootstrap.sh | grep "#" # Get bootstrap.ipxe # Create Razor Broker # Create Razor Repo # Create Razor Tag # Create Razor Policy # Prep for Windows deployment
  • 13. SETUP RAZOR COMMANDS STLPUG razor ~ # razor commands From https://razor.stlpug.com:8151/api/collections/commands: +------+---------------+----------------+--------+----------+ | name | command | name parameter | errors | status | +------+---------------+----------------+--------+----------+ | 11 | create-policy | esxi6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 10 | create-policy | win2k12r2 | 0 | finished | +------+---------------+----------------+--------+----------+ | 9 | create-policy | centos6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 8 | create-tag | esxi6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 7 | create-tag | win2k12r2 | 0 | finished | +------+---------------+----------------+--------+----------+ | 6 | create-tag | centos6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 5 | create-repo | esxi6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 4 | create-repo | win2k12r2 | 0 | finished | +------+---------------+----------------+--------+----------+ | 3 | create-repo | centos6 | 0 | finished | +------+---------------+----------------+--------+----------+ | 2 | create-broker | noop | 0 | finished | +------+---------------+----------------+--------+----------+ | 1 | create-broker | pe | 0 | finished | +------+---------------+----------------+--------+----------+ Query an entry by including its name, e.g. `razor commands 11`
  • 14. WORKFLOW HOW RAZOR WORKS ▸Repositories ▸Repositories contain – or point to – the operating system to install on a node razor create-repo --name centos6 --task centos --iso-url “http://archive.kernel.org/centos- vault/6.6/isos/x86_64/CentOS-6.6-x86_64-minimal.iso” extracts to /opt/puppetlabs/server/data/razor-server/repo/centos6
  • 15. WORKFLOW HOW RAZOR WORKS ▸Tags (Optional) ▸Tags let you group nodes based on their characteristics ▸Apply policies based on tags to install appropriate operating systems on tagged nodes ▸If you don’t specify tags for a policy, the policy binds to any node razor create-tag --name centos6 --rule '["has_macaddress", "08:00:27:41:1f:6f"]'
  • 16. WORKFLOW HOW RAZOR WORKS ▸Policies ▸Tell Razor what OS to install on the provisioned node ▸Where to get the OS software ▸How it should be configured ▸How to communicate between the node and PE razor create-policy --name centos6 --repo centos6 --task centos --broker pe --enabled --hostname ‘apache${id}.stlpug.com' --root-password secret --tag centos6
  • 17. WORKFLOW HOW RAZOR WORKS ▸Broker (Optional) ▸Brokers hand off nodes to configuration management systems like PE razor create-broker --name pe --broker-type puppet-pe --configuration server=puppetmaster.stlpug.com razor create-broker --name=noop --broker-type=noop
  • 25. Task Phase OS is now deployed Hand off to broker for day 2 commencement!
  • 27.
  • 28.
  • 29. ADVANCED RAZOR HOOKS ▸Trigger invocation of scripts during certain events in a node’s lifecycle ▸node-registered: triggered after a node has been registered ▸node-bound-to-policy: triggered after a node has been bound to a policy ▸node-unbound-from-policy: triggered after a node has been marked as uninstalled by the reinstall-node command ▸node-deleted: triggered after a node has been deleted. ▸node-booted: triggered every time a node boots via iPXE. ▸node-facts-changed: triggered whenever a node changes its facts. ▸node-install-finished: triggered when a policy finishes its last step.
  • 30. ADVANCED RAZOR HOOKS ▸Scripts must exist on disk ▸Executable scripts named after their triggering event ▸Scripts receive input including node info
  • 31.
  • 32. REFERENCES ▸Razor Workflow Slides 9 - 16 ▸Slides borrowed from May 2015 Austin PUG ▸https://github.com/stlpug/pe-vagrant/tree/razor ▸https://puppet.com/product/capabilities/automated-provisioning ▸https://github.com/puppetlabs/razor-server/wiki ▸https://docs.puppet.com/pe/latest/razor_using.html ▸https://github.com/npwalker/pe-razor-vagrant-stack

Editor's Notes

  1. Synergy w/config mgmt use of facter hardware facts & metadata are sent by microkernel provided by Razor think UCS profiles think virtual fact (true or false) Bare-metal Oracle ESXi deployments RESTful API Anything I can do with the CLI, we can do with the API pe-razor-client ruby gem Minimal OS point here is removal of template deployments removes care and feeding of templates Hand off to Puppet handled same way across systems. Razor knows how to do inherently Windows (we currently use SCCM) Linux (manual deployment of puppet agent) Razor standardizes process for each os deployment type Redeploy on demand current deployment orchestration isn’t repeatable one and done kind of thing with Razor, we get this for free
  2. DNSMASQ for DHCP/DNS/TFTP undionly download from Internets razor client ruby gem (pe-razor-client). Can be installed anywhere RBAC capability Razor Server installed with pe_razor class
  3. dnsmasq setup on razor server via shell inline within Vagrantfile undionly downloaded from Internets and placed in TFTP directory pe-razor-client ruby gem installed via shell inline Puppet Module Opportunity (pe_razor_complete) iptables (not shown in screenshot) to enable ipforward on the razor server which becomes default gateway for razor nodes
  4. The Razor Server w/parameter overrides Razor-specific bootstrap.ipxe script
  5. Razor-specific bootstrap.ipxe script
  6. Razor-specific bootstrap.ipxe script
  7. Discovery: microkernel sending facts to Razor server to match tags pinned to a policy Task: The OS type to deploy on machine RedHat / CentOS to use kickstart Ubuntu to use preseed Windows unattend.xml installation Broker: handoff to Puppet
  8. Discovery: microkernel sending facts to Razor server to match tags pinned to a policy Task: The OS type to deploy on machine RedHat / CentOS to use kickstart Ubuntu to use preseed Windows unattend.xml installation Broker: handoff to Puppet
  9. Discovery: microkernel sending facts to Razor server to match tags pinned to a policy Task: The OS type to deploy on machine RedHat / CentOS to use kickstart Ubuntu to use preseed Windows unattend.xml installation Broker: handoff to Puppet
  10. Discovery: microkernel sending facts to Razor server to match tags pinned to a policy Task: The OS type to deploy on machine RedHat / CentOS to use kickstart Ubuntu to use preseed Windows unattend.xml installation Broker: handoff to Puppet
  11. Discovery: microkernel sending facts to Razor server to match tags pinned to a policy Task: The OS type to deploy on machine RedHat / CentOS to use kickstart Ubuntu to use preseed Windows unattend.xml installation Broker: handoff to Puppet
  12. show razor commands razor policies - talk about order of precedence based on rules configured within tags that have been applied to listed policies razor commands razor nodes (subcommands to show facts, etc) razor tasks (shows built-in / out of the box tasks) razor tags