Upload
julien-pivotto
View
4.775
Download
4
Embed Size (px)
DESCRIPTION
Slides from my conference at CentOS Dojo Brussels 2014 at IBM
Citation preview
;
Julien PivottoJulien Pivotto
CentOS Dojo, BrusselsCentOS Dojo, BrusselsJanuary 31, 2014January 31, 2014
;
whoamiwhoami• sysadmin @ inuitssysadmin @ inuits• open-source defender for 7+ yearsopen-source defender for 7+ years• devops believerdevops believer• @roidelapluie on twitter/github@roidelapluie on twitter/github
Julien Pivotto Foreman
;
IntroductionIntroduction
Julien Pivotto Foreman
;
Lifecycle managementLifecycle management• ProvisioningProvisioning• AutomationAutomation• ReportingReporting
Julien Pivotto Foreman
;
We had tools!?We had tools!?• Provisioning using CobblerProvisioning using Cobbler• Automation using Puppet/Chef/. . .Automation using Puppet/Chef/. . .• Puppet reporting with Puppet DashboardPuppet reporting with Puppet Dashboard
Julien Pivotto Foreman
;
Then came virtualisationThen came virtualisation• Cobbler was not enoughCobbler was not enough• Using virt-install to automate VM creationUsing virt-install to automate VM creation• One shot command line, decentralizedOne shot command line, decentralized• Cobbler does not clusterCobbler does not cluster
Julien Pivotto Foreman
;
Then came cloudThen came cloud• Where is my machine?Where is my machine?• Bare-Metal? Bare-what?Bare-Metal? Bare-what?• Dynamic environmentsDynamic environments• Change quickly and oftenChange quickly and often
Julien Pivotto Foreman
;
CobblerCobbler• Not intuitive or reactiveNot intuitive or reactive• Support for XenSupport for Xen• TFTP on the local machineTFTP on the local machine• Direct control of DHCP configurationDirect control of DHCP configuration• Basic yumrepo supportBasic yumrepo support
Julien Pivotto Foreman
;
Puppet-dashboardPuppet-dashboard• Puppet web frontendPuppet web frontend• It was the referenceIt was the reference• Until the arrival of ForemanUntil the arrival of Foreman• Puppetlabs abandoned it for PuppetDBPuppetlabs abandoned it for PuppetDB
Julien Pivotto Foreman
;
ProvisioningProvisioning• Bare metal and virtualBare metal and virtual• Multiple backendsMultiple backends• Decentralized (control remote TFTP, DNS, DHCP)Decentralized (control remote TFTP, DNS, DHCP)
Julien Pivotto Foreman
;
AutomationAutomation• (puppet) ENC(puppet) ENC• Trigger puppet runsTrigger puppet runs• Advanced use: parameters,. . .Advanced use: parameters,. . .• History of changesHistory of changes• ENC is optionalENC is optional
Julien Pivotto Foreman
;
ReportingReporting• Visualise changesVisualise changes• See the full logsSee the full logs• View the factsView the facts
Julien Pivotto Foreman
;
ForemanForeman
Julien Pivotto Foreman
;
Foreman 101Foreman 101• Foreman was used for one thingForeman was used for one thing• Viewing puppet reportsViewing puppet reports• Having cool statistics gathering, factsHaving cool statistics gathering, facts
Julien Pivotto Foreman
;
;
MeanwhileMeanwhile• More and more featuresMore and more features• More than a fact/reports viewerMore than a fact/reports viewer• Interacts deeply with puppetInteracts deeply with puppet
Julien Pivotto Foreman
;
Foreman 201Foreman 201• Puppet reports viewerPuppet reports viewer• Machine provisioningMachine provisioning• Puppet ENCPuppet ENC• Extendable with pluginsExtendable with plugins
Julien Pivotto Foreman
;
ArchitectureArchitecture
Julien Pivotto Foreman
;
Smart ProxiesSmart Proxies• Provides Restful APIProvides Restful API• Connect to Bind, DHCP, TFTP, . . .Connect to Bind, DHCP, TFTP, . . .• Also puppet-ca, mcollective, . . .Also puppet-ca, mcollective, . . .• Allow foreman to talk with servicesAllow foreman to talk with services
Julien Pivotto Foreman
;
From the Foreman documentationFrom the Foreman documentation
;
Foreman installerForeman installer• kafokafo• a rubygema rubygem• Command line installerCommand line installer• Using puppet modulesUsing puppet modules• Generic ProjectGeneric Project
Julien Pivotto Foreman
;
Foreman installerForeman installer• a lot of optionsa lot of options• interactive installation: -iinteractive installation: -i• enables/disables stuffenables/disables stuff• sets up git repositoriessets up git repositories• creates a puppet tree skeletoncreates a puppet tree skeleton
Julien Pivotto Foreman
;
ProvisioningProvisioning
Julien Pivotto Foreman
;
ProvisioningProvisioning• Install any distributionInstall any distribution• Configure almost everythingConfigure almost everything• Generate snippets, kickstarts,. . .Generate snippets, kickstarts,. . .• ERB ScriptingERB Scripting
Julien Pivotto Foreman
;
;
ProvidersProviders• LibvirtLibvirt• EC2EC2• OpenStackOpenStack• Google Compute EngineGoogle Compute Engine• oVirtoVirt• VMWareVMWare
Julien Pivotto Foreman
;
;
OSOS• CentOS/RHELCentOS/RHEL• FedoraFedora• Ubuntu/DebianUbuntu/Debian• SuseSuse• SolarisSolaris
Julien Pivotto Foreman
;
;
Features of providersFeatures of providers• Depending on the providerDepending on the provider• Unattended installationUnattended installation• Image-based installImage-based install• Power managementPower management• Console (noVNC)Console (noVNC)
Julien Pivotto Foreman
;
;
AutomationAutomation
Julien Pivotto Foreman
;
Puppet ENCPuppet ENC• Support classesSupport classes• Parametrized classesParametrized classes• Smart variablesSmart variables
Julien Pivotto Foreman
;
;
ConfigurationConfiguration• EnvironmentsEnvironments• Host groupsHost groups• Classes + paramsClasses + params• Global parametersGlobal parameters
Julien Pivotto Foreman
;
;
;
CertificatesCertificates• Puppet-ca proxyPuppet-ca proxy• Takes care of signing certificatesTakes care of signing certificates• Trigger first puppet runTrigger first puppet run• Run first puppet run in noop mode (before reboot).Run first puppet run in noop mode (before reboot).
Julien Pivotto Foreman
;
ReportingReporting
Julien Pivotto Foreman
;
Puppet reportsPuppet reports• Very detailedVery detailed• HistoryHistory• Time per ressourceTime per ressource• Overview of the last reportsOverview of the last reports
Julien Pivotto Foreman
;
;
Host groupsHost groups• Default provisioning parametersDefault provisioning parameters• Puppet classesPuppet classes• Network configurationNetwork configuration
Julien Pivotto Foreman
;
IntegrationIntegration
Julien Pivotto Foreman
;
QueriesQueries• Advanced queriesAdvanced queries• Query by facts, by last report timeQuery by facts, by last report time• Create custom shorcut in the uiCreate custom shorcut in the ui
Julien Pivotto Foreman
;
RESTful APIRESTful API• Complete and well documentedComplete and well documented• Everything is possibleEverything is possible• Integrate foreman with anythingIntegrate foreman with anything
Julien Pivotto Foreman
;
HammerHammer• Command line to foremanCommand line to foreman• ScriptingScripting• AutomationAutomation• Without browser (e.g no http(s) access)Without browser (e.g no http(s) access)
Julien Pivotto Foreman
;
;
ScaleScale
Julien Pivotto Foreman
;
Large infrastructureLarge infrastructure• Fine-grained roles (ACL)Fine-grained roles (ACL)• LDAP authenticationLDAP authentication• Organisation/location supportOrganisation/location support
Julien Pivotto Foreman
;
Scaling upScaling up• Multiple Puppet MastersMultiple Puppet Masters• Multiple Smart ProxiesMultiple Smart Proxies• Foreman talks with the CAForeman talks with the CA• Multiple compute resourcesMultiple compute resources
Julien Pivotto Foreman
;
Use casesUse cases
Julien Pivotto Foreman
;
Puppet logs readerPuppet logs reader• Why are my puppet runs taking so long?Why are my puppet runs taking so long?• When does that node report the last timeWhen does that node report the last time• Quickly view facter factsQuickly view facter facts• Just ignoring the provision part of foremanJust ignoring the provision part of foreman
Julien Pivotto Foreman
;
Giving accessGiving access• Allow developers to create VM’sAllow developers to create VM’s• Easy, secure, less risksEasy, secure, less risks• NoVNC access in browserNoVNC access in browser• Usage of ACLUsage of ACL
Julien Pivotto Foreman
;
Phoenix testsPhoenix tests• Really easy to rebuild a VMReally easy to rebuild a VM• Re-provisioningRe-provisioning• Puppet certs managed across foremanPuppet certs managed across foreman• Integrate with Jenkins (REST)Integrate with Jenkins (REST)
Julien Pivotto Foreman
;
ConclusionConclusion
Julien Pivotto Foreman
;
ConclusionConclusion• From small labs to larger environmentsFrom small labs to larger environments• Interactions with RESTful APIInteractions with RESTful API• Complete puppet managementComplete puppet management• Bare Metal and virtual machinesBare Metal and virtual machines
Julien Pivotto Foreman
;
Foreman meetings in the next daysForeman meetings in the next days• Configuration management devroom at FOSDEMConfiguration management devroom at FOSDEM• Config Management Camp in Ghent (no tickets left)Config Management Camp in Ghent (no tickets left)
Julien Pivotto Foreman
;
Thank youThank youAny question?Any question?
Julien Pivotto Foreman
;
ContactContactJulien PivottoJulien [email protected]@inuits.eu@roidelapluie@roidelapluie
INUITS bvbaINUITS bvbaBelgiumBelgium+32 473 441 636+32 473 441 636https://inuits.euhttps://inuits.eu
Julien Pivotto Foreman