Razor: A fresh look at provisioning by David Lutterkort

David Lutterkort lutter@puppetlabs.com

@lutterkort

Razor - Provision like a

boss

PXE provisioning – satisfaction rating

How satisfied are you with your PXE installation solution ? (representative sample of imaginary users)

3

4

Components

5

Server

Components

6

Server

Setup

7

Server

TFTP

DHCP

Client

Architecture

8

Node

Node

Node

Node

TFTP

DHCP

Server

Discovery

9

Node

Server

TFTP

DHCP

Node

Discovery

10

MK Serv

er

TFTP

DHCP

Node

Server

Client

Setup

11

Repo Broker

Policy

Tags

RE

ST

MK

TFTP

DHCP

Installer

Node

Client

Installation

12

RE

ST

MK

TFTP

DHCP

Server

Repo Broker

Policy

Tags Installer

Node

Client

Installation

13

RE

ST

TFTP

DHCP

Server

Repo Broker

Policy

Tags Installer

Node

Client

Installation

14

RE

ST

TFTP

DHCP

Server

Repo Broker

Policy

Tags Installer

Client

Installers

15

Node

Node

Node

Node

TFTP

DHCP

Server

Tags

• A named match rule

• Rules can have complex logic

16

[“or”,

[“in”, [“fact”, “macaddress”],

“de:ad:be:ef:00:01”,

“de:ad:be:ef:00:02”],

[“=”, “2”, [“fact”, “processorcount”]]]

Installer example

17

---

# redhat.yaml

os_version: 6

description: Red Hat EL

installer

boot_sequence:

1: boot_install

default: boot_local

Broker example

18

# broker.json

{

“name”: "puppet",

“broker-type”: "puppet",

“configuration”: {

“server”:

"puppet.local.watzmann.net",

“certname”: …,

“environment”:

“production”

}

}

Template example

19

# os_boot.erb

hostname <%= node.hostname %>

yum -y install rubygems

facter

[ $? -eq 0 ] && curl <%=

log_url(“ok”) %>\

|| curl <%=

log_url(“fail”, :error) %>

#!ipxe

# boot_install.erb

kernel <%=

repo_url(“/vmlinuz”) %> \

ks=<%=

file_url(“kickstart”) %>

Policy example

# policy.json

{

“name”: “centos”,

“repo”: { “name”: “centos-6.4” },

“installer”: { “name”: “centos” },

“broker”: { “name”: “puppet” },

“hostname”: “host${id}.example.com”,

“root_password”: “secret”,

“max_count”: 20,

“enabled”: true,

“rule_number”: 100,

“tags”: [{ “name”: “large-server”,

“rule”: [ … ] }]

}

21

The Cloudy Part

ESXi → vCenter

vCenter

Node

Node

Node

Node

TFTP

DHCP

Razor

GET /broker

export node details

collect

puppetlabs/ vcenter

Openstack

Cntrl

Comp

TFTP

DHCP

Razor

puppetlabs/ openstack

Openstack: Controller Policy

# controller.json

{

“name”: “controller”,

“repo”: { “name”: “fedora-19” },

“installer”: { “name”: “fedora” },

“broker”: { “name”: “puppet” },

“hostname”: “controller${id}.example.com”,

“root_password”: “secret”,

“max_count”: 1,

“enabled”: true,

“rule_number”: 100,

“tags”: [{ “name”: “controller”,

“rule”: [ … ] }]

}

Openstack: Compute Policy

# compute.json

{

“name”: “compute”,

“repo”: { “name”: “fedora-19” },

“installer”: { “name”: “fedora” },

“broker”: { “name”: “puppet” },

“hostname”: “compute${id}.example.com”,

“root_password”: “secret”,

“max_count”: 1,

“enabled”: true,

“rule_number”: 90,

“tags”: [{ “name”: “compute”,

“rule”: [ … ] }]

}

Openstack: site.pp

node /controller/ {

class { 'openstack::controller':

public_address => '192.168.100.10',

public_interface => 'eth0',

private_interface => 'eth1',

…

}

}

node /compute/ {

class { 'openstack::compute':

internal_address => $::ipaddress_eth0,

…

}

}

The Future

Client

Command and control

29

Node

Node

Node

Node

TFTP

DHCP

Server

Commands

Client

Events

30

Node

Node

Node

Node

TFTP

DHCP

Server Events

Don’t be a stranger

• Github repos (will change)

– Server: https://github.com/puppetlabs/razor-server

– Microkernel: https://github.com/puppetlabs/razor-el-mk

• Mailing list: http://groups.google.com/group/puppet-razor

• IRC: #puppet-razor (freenode)

• My email: lutter@puppetlabs.com

31