razor: provision like a boss (build-a-cloud edition)
DESCRIPTION
Introduction to the Razor provTRANSCRIPT
PXE provisioning – satisfaction rating
RageAtrociousHorribleMeh
How satisfied are you with your PXE installation solution ?(representative sample of imaginary users)
3
4
Client
Architecture
5
Node
Node
Node
Node
TFTPDHCP
Server
Components
6
Server
Components
7
Server
Setup
8
Server
TFTPDHCP
Discovery
9
Node
PXE
Server
TFTPDHCP
Node
Discovery
10
MK
HTTP
Facts
Commands
Server
TFTPDHCP
NodeServer
Client
Setup
11
RepoBroke
r
Policy
TagsREST
MK
TFTPDHCP
Installer
Node
Client
Installation
12
REST
MK
TFTPDHCP
reboot
Server
RepoBroke
r
Policy
TagsInstaller
Node
Client
Installation
13
REST
TFTPDHCP
installerServer
RepoBroke
r
Policy
TagsInstaller
Node
Client
Installation
14
REST
TFTPDHCP
● fetch template
● store value
● log message
● stage finished
Server
RepoBroke
r
Policy
TagsInstaller
Client
Installers
15
Node
Node
Node
Node
TFTPDHCP
Server
Tags
• A named match rule• Rules can have complex logic
16
[“or”, [“in”, [“fact”, “macaddress”], “de:ad:be:ef:00:01”, “de:ad:be:ef:00:02”], [“=”, “2”, [“fact”, “processorcount”]]]
Installer example
17
---# redhat.yamlos_version: 6description: Red Hat EL installerboot_sequence: 1: boot_install default: boot_local
Broker example
18
# broker.json{ “name”: "puppet", “broker-type”: "puppet", “configuration”: { “server”: "puppet.local.watzmann.net", “certname”: …, “environment”: “production” }}
Template example
19
# os_boot.erbhostname <%= node.hostname %>
yum -y install rubygems facter[ $? -eq 0 ] && curl <%= log_url(“ok”) %>\ || curl <%= log_url(“fail”, :error) %>
#!ipxe# boot_install.erb
kernel <%= repo_url(“/vmlinuz”) %> \ ks=<%= file_url(“kickstart”) %>
Policy example
# policy.json{ “name”: “centos”, “repo”: { “name”: “centos-6.4” }, “installer”: { “name”: “centos” }, “broker”: { “name”: “puppet” }, “hostname”: “host${id}.example.com”, “root_password”: “secret”, “max_count”: 20, “enabled”: true, “rule_number”: 100, “tags”: [{ “name”: “large-server”, “rule”: [ … ] }]}
21
The Cloudy Part
ESXi → vCenter
vCenter
Node
Node
Node
Node
TFTPDHCP
Razor
GET /broker
export node details
collect
puppetlabs/ vcenter
Openstack
Cntrl
Comp
TFTPDHCP
Razor
puppetlabs/ openstack
Openstack: Controller Policy
# controller.json{ “name”: “controller”, “repo”: { “name”: “fedora-19” }, “installer”: { “name”: “fedora” }, “broker”: { “name”: “puppet” }, “hostname”: “controller${id}.example.com”, “root_password”: “secret”, “max_count”: 1, “enabled”: true, “rule_number”: 100, “tags”: [{ “name”: “controller”, “rule”: [ … ] }]}
Openstack: Compute Policy
# compute.json{ “name”: “compute”, “repo”: { “name”: “fedora-19” }, “installer”: { “name”: “fedora” }, “broker”: { “name”: “puppet” }, “hostname”: “compute${id}.example.com”, “root_password”: “secret”, “max_count”: 1, “enabled”: true, “rule_number”: 90, “tags”: [{ “name”: “compute”, “rule”: [ … ] }]}
Openstack: site.pp
node /controller/ { class { 'openstack::controller': public_address => '192.168.100.10', public_interface => 'eth0', private_interface => 'eth1', … } }
node /compute/ { class { 'openstack::compute': internal_address => $::ipaddress_eth0, … } }
The Future
Client
Command and control
29
Node
Node
Node
Node
TFTPDHCP
Server
Commands
Client
Events
30
Node
Node
Node
Node
TFTPDHCP
ServerEvents
Don’t be a stranger
• Github repos (will change)– Server:
https://github.com/puppetlabs/razor-server–Microkernel:
https://github.com/puppetlabs/razor-el-mk
• Mailing list: http://groups.google.com/group/puppet-razor
• IRC: #puppet-razor (freenode)• My email: [email protected]
31