Your SlideShare is downloading. ×
0
Automatic System Installations
And Change Management

   with


          FAI
Speaker
Henning
Sprang
OpenSource
consultant,
developer,
author
Interests
Systems management
Software development
QA and testing
Virtualization
FAI Team member
About system
installations
Do You...
...use FAI already?
Another auto-installer or
config management
tool?
wonder how to
rebuilt/restore
configurations?
manually tinkered
and tweaked over
long time
Exactly, really
quick
Disk images
Create templates from
``proper'' installations
Copy when needed and adjust
them as needed
Pros
low learning cost

Simple and fast implementation: cp/rsync/tar/dd
Cons
Inflexible - the smallest change requires
rebuilding the image

Still manual work needed to get a installed
system

Storag...
Configuration
with shell scripts
Manual work
replaced by shell scripts
Pros
Much lower storage cost

Higher flexibility

Tailor made
Cons
Full-blown development project
(you'll realize after a while)

You solve every problem on your own, instead of
reusing wor...
Use available
Auto-Installer
Anaconda / Kickstart:
Fedora-based
Autoyast: SuSE-based
Nlite/Unattend:
Windows in many flavours
FAI:
Debian-based,
Fedora-based,
SuSE-based,
Windows experimental,
Solaris possible
Others:
Solaris Jumpstart
RedHat Cobbler/Koan
About FAI
Why FAI?
Shellscript-based

Simple, Flexible, easy to extend
Community support by
seasoned quot;`Installersquot;'
Diverse client- and server-
distributions
Multiple installation types
and
system updates
Can be used for real hardware
and virtualization systems
One-Step-Install

bare metal
to
fully working system
Easily integrate other tools

CFEngine
Puppet
Custom scripts
History
Started 1999 by Thomas Lange
at the University of cologne
Base idea:

structured and planned
installation
Plan your installation, and FAI
installs your plan
Part of the Debian Distribution
Today about 10 active
developers, small but nice
community
Since 2005 softupdates from
Henning Glawe included
Who
is using it
for what?
EDF uses FAI (with GOSA) for
some research clusters
LiMux in Munich:
installs/updates 400(to be 14000)
clients/servers
Multiple top 500 High
Performance Clusters
Small home networks
starting from 2 systems
GRML admin live CD
built with FAI
Functionality
Overview
FAI classes
A class
defines system properties
and actions to be taken
Class-assignment with
simple texfile,
database,
or scripts
Systems can be assigned to
multiple classes
combined at will
Server-distribution:
Debian-based

Dependencies:
Perl, NFS, TFTP, debootstrap

So, easy to port!
Target-distributions:
Debian, Redhat, Ubuntu, Suse, Mandriva
Different installation types
(networked, CD/USB, chroot)
Integrated versioning with
subversion, CVS, git
System updates
Installation types
Network installation
with central install server
Client/Server architecture
Directly calling
 „dirinstall“
 for chroots

(Can be easy integrated into xen-tools, ganeti, ...)
With grml-live:
Live-CD generation!
The
installation/update
process
Most important FAI quot;tasksquot;
(steps of installation)
defclass:
Class definition(assignment)
for the target system
partition:
guess what?! :)
extrbase:
Unpack a minimal base image
debconf:
apply Debconf preseedings
instsoft:
Software package installation
Configure:
Run configuration scripts
savelog:
Push logfiles on
the install Server
Usage details
Considerations
and
Planning
Installation
Decide the matching install type
(net/cd/dirinstall)
Plan your installation
Use cases
Network and environment
Software-packages
Additional files and config adjustments
Acess control, Identity Manage...
Using mirrors of Internet software repositories
Updates
How and when
should
which patches
be applied?
Testing processes

how do I know the effect of a patch/update?
Mirrors of security update repositories?
Automatic
(scheduled, timebased)
or
manually
started?
Setup and
configuration
Installation on Debian:

apt-get install fai-quickstart
Adjust install server setup
in /etc/fai
fai.conf:
LOGUSER=fai, LOGPROTO=ssh
(for Logging via ssh)

apt/sources.list:
use local mirror if available

make-fai-nfsro...
FAI server is configured!

Now create NFSroot:

fai-setup / make-fai-nfsroot
For PXE-Boot:

fai-chboot

to set boot-kernel, -options
Without PXE / Installation
from CD:

fai-cd
Infrastructure services
for network install
DNS entry
for server and clients
DHCP config:
Host/IP/MAC as usual
some FAI-specific stuff:
  option root-path quot;/srv/fai/nfsroot ...quot;
  server-name quot;faiserverquot;; # boot-serve...
System configurations
Configurations for
installation
are stored in
FAI „configspace“
Simple text files and scripts
requirements from
installation plan
are reflected here
Example included in
/usr/share/doc/fai/examples/simple
Default location: /srv/fai/config
Contents of configspace
class
disk_config
basefiles
debconf
package_config
scripts
files
hooks
Adjust configspace: class
class contains
class- and variable definitions/assignments
Simplest way:
assign classes based on hostnames
Some sample classes:
FAISERVER, GNOME, DEMO, XORG
Any script can be used to assign classes
E.G.:
check specific hardware,
MAC or IP,
disk size, . . .
Adjust configspace: basefiles
Minimal base images for non-Debian
distributions and special uses
Task quot;extrbasequot;
checks this directory for
matching images
Images named by classes
You could also
put an image here
and skip the rest :)
Adjust configspace: disk_config
detailed control over
partitions and mounting
new tool includes lvm and raid setups
hard sizes or ranges
# example of new config file for setup-storage
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc
options>

di...
Adjust
configspace:

debconf
Presets for package install scripts
Only for dpkg-based distributions
Works analog to Debian Installer
Adjust configspace:

package_config
Contents:

files named by class names
Purpose:

Define packages to be installed
Supports many
installation methods:
install (apt-get)
aptitude
taskinst (Debian tasks=Package collections)
urpmi (mandriva)
yumi (Fedora)
y2i (SuSE y2pmsh)
ya...
Example package_config/DEMO
from simple examples:

          PACKAGES aptitude
          fortune-mod fortunes
          rs...
Adjust Configspace:

scripts
                         #!/bin/bash

                 #!/bin/perl

    #!/usr/bin/cfagent
scripts to be executed
after package installation
Usually shell-, Perl- and cfengine-scripts
Need for others?

just install Interpreter in the NFS-Root
Naming scheme:
<CLASSNAME>/<NUMBER>-<SCRIPTNAME>
Number defines order of execution
SCRIPTNAME arbitrary just for readability
scripts example:
                   .
                   |-- AMD64
                   | `-- 99-discover-bug
              ...
Adjust configspace: files
Structure of a filesystem, starting with /
classbased copy/unpack
For usage with fcopy/ftar
Copy single files explicitly, or recursive from /
ftar unpacks an archive
Target file=directory
actually copied source file=CLASSNAME
‘-- etc
          |-- X11
          | ‘-- xorg.conf
          | |-- ATI
sample:   | ‘-- NVIDIA
          |-- apache2
     ...
Adjust configspace: hooks
Naming scheme:

<TASKNAME>.<CLASSNAME>[.source]
Execution before the according task
Examples:

   partition.XENU
   instsoft.FAIBASE
   savelog.LAST.source
Do the installation
Depending on
chosen install type
Boot via

PXE
Bootfloppy
install-CD
USB Stick
fai dirinstall <TARGETDIR>

into mounted blockdevice
Call dirinstall from
xen-tools, Ganeti, . . .
Run grml-live
Depending on number of
packages it takes 3-30 minutes
(automatic)Restart with
production configuration
Functionality tests
Advanced stuff
Outlook
Support stuff for more
distributions: fai-distributions
GOSA as LDAP and FAI GUI
Automatic Tests
of the installed systems
hooks/scripts could check
files and configurations
Crucible Test Framework
No LDAP?
Management-Tool/lightweight GUI
without GOSA
better configspace layout
Comparison



   with Puppet
LIMITED VALIDITY
I Only scratched Puppet's
surface yet!
But I try to be unbiased
I actually
like puppet
quite well
The
Points
Puppet has data encryption
functionality!

can distribute secrets!
FAI has a simpler
file copying structure

Could be „emulated“ with some
code in puppet.
Puppet: only quot;configurationquot;

FAI: also partition and base
install
FAI has multiple specific logs


Puppet logs into syslog
FAI: config files + scripts

Puppet: everything is a script
(most „config-filish“ - found some strange
syntax skimming thr...
Puppet:
advanced client/server
config push

FAI: (scripted) ssh into
amanged host, additional tool
FAI is a bit more mature - no
youth problems
Puppet has some more
advanced distribution
abstractions
FAI is still lacking a nice Logo
and website :)
BOTH:

cool tools
that you should use!
Can work together
well and easy
Conclusions
FAI is
a powerful tool
for
Automatic installation
System-Change-Management
Structured
approach
required
Expect some learning
curve on the way
The Big Reward:

less worries
about...
getting a config cloned

setting up new machines

restoring after a crash

changing configs on multiple systems
Further information:
http://www.informatik.uni-koeln.de/fai/

http://faiwiki.informatik.uni-koeln.de/

IRC-Channel #fai at...
ADVERTISEMENT:
to
learn more
or
implement

CALL ME! :)
Contact
   henning@sprang.de
   http://www.sprang.de/
THANKS FOR
LISTENING!
QUESTIONS?
Automatic systems installations and change management wit FAI - Talk for Netways OSDC 2009
Upcoming SlideShare
Loading in...5
×

Automatic systems installations and change management wit FAI - Talk for Netways OSDC 2009

3,170

Published on

How long does it take you, to recover an arbitrary server, or duplicate an arbitrary running configuration to a new system? Especially in the latter case without a full-backup, which would contain a wrong IP Address, Hostname and other things and would therefore eventually break some things - and are storage-exhaustive.



Get into FAI - Fully Automatic Installation.

FAI http://www.informatik.uni-koeln.de/fai/) is a framework for completely automated installations - via LAN, CD or USB stick, as well as configuration management for running systems. The concept "Plan your installation, and FAi installs your plan" supports, but also requires building a well planned and documented infrastructure. Configuration properties can be defined into the smallest possible Detail, and then be arbitrarily combined - a great advantage in environments with many different system types, which at the same time share one or multiple common bases and settings. FAI makes it possible to install and change many different systems at the same time.



In addition to all these things, with the grml-live software, FAI can even be used to build live cd's/usb sticks. This talk will give an overview of the functionality and possibilities of FAI, including a comparison with the also renowned software for similar, but not completely the same tasks, Puppet - which can even be integrated into FAI.

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,170
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
52
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Transcript of "Automatic systems installations and change management wit FAI - Talk for Netways OSDC 2009"

  1. 1. Automatic System Installations And Change Management with FAI
  2. 2. Speaker
  3. 3. Henning Sprang
  4. 4. OpenSource consultant, developer, author
  5. 5. Interests
  6. 6. Systems management Software development QA and testing Virtualization
  7. 7. FAI Team member
  8. 8. About system installations
  9. 9. Do You...
  10. 10. ...use FAI already?
  11. 11. Another auto-installer or config management tool?
  12. 12. wonder how to rebuilt/restore configurations?
  13. 13. manually tinkered and tweaked over long time
  14. 14. Exactly, really
  15. 15. quick
  16. 16. Disk images
  17. 17. Create templates from ``proper'' installations
  18. 18. Copy when needed and adjust them as needed
  19. 19. Pros
  20. 20. low learning cost Simple and fast implementation: cp/rsync/tar/dd
  21. 21. Cons
  22. 22. Inflexible - the smallest change requires rebuilding the image Still manual work needed to get a installed system Storage cost linear to number of different configurations
  23. 23. Configuration with shell scripts
  24. 24. Manual work replaced by shell scripts
  25. 25. Pros
  26. 26. Much lower storage cost Higher flexibility Tailor made
  27. 27. Cons
  28. 28. Full-blown development project (you'll realize after a while) You solve every problem on your own, instead of reusing work of others
  29. 29. Use available Auto-Installer
  30. 30. Anaconda / Kickstart: Fedora-based
  31. 31. Autoyast: SuSE-based
  32. 32. Nlite/Unattend: Windows in many flavours
  33. 33. FAI: Debian-based, Fedora-based, SuSE-based, Windows experimental, Solaris possible
  34. 34. Others: Solaris Jumpstart RedHat Cobbler/Koan
  35. 35. About FAI
  36. 36. Why FAI?
  37. 37. Shellscript-based Simple, Flexible, easy to extend
  38. 38. Community support by seasoned quot;`Installersquot;'
  39. 39. Diverse client- and server- distributions
  40. 40. Multiple installation types and system updates
  41. 41. Can be used for real hardware and virtualization systems
  42. 42. One-Step-Install bare metal to fully working system
  43. 43. Easily integrate other tools CFEngine Puppet Custom scripts
  44. 44. History
  45. 45. Started 1999 by Thomas Lange at the University of cologne
  46. 46. Base idea: structured and planned installation
  47. 47. Plan your installation, and FAI installs your plan
  48. 48. Part of the Debian Distribution
  49. 49. Today about 10 active developers, small but nice community
  50. 50. Since 2005 softupdates from Henning Glawe included
  51. 51. Who is using it for what?
  52. 52. EDF uses FAI (with GOSA) for some research clusters
  53. 53. LiMux in Munich: installs/updates 400(to be 14000) clients/servers
  54. 54. Multiple top 500 High Performance Clusters
  55. 55. Small home networks starting from 2 systems
  56. 56. GRML admin live CD built with FAI
  57. 57. Functionality
  58. 58. Overview
  59. 59. FAI classes
  60. 60. A class defines system properties and actions to be taken
  61. 61. Class-assignment with simple texfile, database, or scripts
  62. 62. Systems can be assigned to multiple classes combined at will
  63. 63. Server-distribution:
  64. 64. Debian-based Dependencies: Perl, NFS, TFTP, debootstrap So, easy to port!
  65. 65. Target-distributions:
  66. 66. Debian, Redhat, Ubuntu, Suse, Mandriva
  67. 67. Different installation types (networked, CD/USB, chroot)
  68. 68. Integrated versioning with subversion, CVS, git
  69. 69. System updates
  70. 70. Installation types
  71. 71. Network installation with central install server
  72. 72. Client/Server architecture
  73. 73. Directly calling „dirinstall“ for chroots (Can be easy integrated into xen-tools, ganeti, ...)
  74. 74. With grml-live: Live-CD generation!
  75. 75. The installation/update process
  76. 76. Most important FAI quot;tasksquot; (steps of installation)
  77. 77. defclass: Class definition(assignment) for the target system
  78. 78. partition: guess what?! :)
  79. 79. extrbase: Unpack a minimal base image
  80. 80. debconf: apply Debconf preseedings
  81. 81. instsoft: Software package installation
  82. 82. Configure: Run configuration scripts
  83. 83. savelog: Push logfiles on the install Server
  84. 84. Usage details
  85. 85. Considerations and Planning
  86. 86. Installation
  87. 87. Decide the matching install type (net/cd/dirinstall)
  88. 88. Plan your installation
  89. 89. Use cases Network and environment Software-packages Additional files and config adjustments Acess control, Identity Management, ...
  90. 90. Using mirrors of Internet software repositories
  91. 91. Updates
  92. 92. How and when should which patches be applied?
  93. 93. Testing processes how do I know the effect of a patch/update?
  94. 94. Mirrors of security update repositories?
  95. 95. Automatic (scheduled, timebased) or manually started?
  96. 96. Setup and configuration
  97. 97. Installation on Debian: apt-get install fai-quickstart
  98. 98. Adjust install server setup in /etc/fai
  99. 99. fai.conf: LOGUSER=fai, LOGPROTO=ssh (for Logging via ssh) apt/sources.list: use local mirror if available make-fai-nfsroot.conf: local mirror for debootstrap
  100. 100. FAI server is configured! Now create NFSroot: fai-setup / make-fai-nfsroot
  101. 101. For PXE-Boot: fai-chboot to set boot-kernel, -options
  102. 102. Without PXE / Installation from CD: fai-cd
  103. 103. Infrastructure services for network install
  104. 104. DNS entry for server and clients
  105. 105. DHCP config: Host/IP/MAC as usual
  106. 106. some FAI-specific stuff: option root-path quot;/srv/fai/nfsroot ...quot; server-name quot;faiserverquot;; # boot-server next-server 172.20.2.64; # tftp server: kernel filename quot;pxelinux.0quot;;
  107. 107. System configurations
  108. 108. Configurations for installation are stored in FAI „configspace“
  109. 109. Simple text files and scripts
  110. 110. requirements from installation plan are reflected here
  111. 111. Example included in /usr/share/doc/fai/examples/simple
  112. 112. Default location: /srv/fai/config
  113. 113. Contents of configspace
  114. 114. class disk_config basefiles debconf package_config scripts files hooks
  115. 115. Adjust configspace: class
  116. 116. class contains class- and variable definitions/assignments
  117. 117. Simplest way: assign classes based on hostnames
  118. 118. Some sample classes: FAISERVER, GNOME, DEMO, XORG
  119. 119. Any script can be used to assign classes
  120. 120. E.G.: check specific hardware, MAC or IP, disk size, . . .
  121. 121. Adjust configspace: basefiles
  122. 122. Minimal base images for non-Debian distributions and special uses
  123. 123. Task quot;extrbasequot; checks this directory for matching images
  124. 124. Images named by classes
  125. 125. You could also put an image here and skip the rest :)
  126. 126. Adjust configspace: disk_config
  127. 127. detailed control over partitions and mounting
  128. 128. new tool includes lvm and raid setups
  129. 129. hard sizes or ranges
  130. 130. # example of new config file for setup-storage # # <type> <mountpoint> <size> <fs type> <mount options> <misc options> disk_config disk1 disklabel:msdos primary / 250 ext3 rw,errors=remount-ro logical swap 200-1000 swap rw logical /var 600-1300 ext3 rw createopts=quot;-m 5quot; tuneopts=quot;-c 0 -i 0quot; logical /tmp 100-1G ext3 rw createopts=quot;-m 0quot; tuneopts=quot;-c 0 -i 0quot; logical /usr 1G-8G ext3 rw logical /home 100-50% ext3 rw,nosuid createopts=quot;-m 1quot; tuneopts=quot;-c 0 -i 0quot;
  131. 131. Adjust configspace: debconf
  132. 132. Presets for package install scripts
  133. 133. Only for dpkg-based distributions
  134. 134. Works analog to Debian Installer
  135. 135. Adjust configspace: package_config
  136. 136. Contents: files named by class names
  137. 137. Purpose: Define packages to be installed
  138. 138. Supports many installation methods:
  139. 139. install (apt-get) aptitude taskinst (Debian tasks=Package collections) urpmi (mandriva) yumi (Fedora) y2i (SuSE y2pmsh) yast (SuSE yast -i)
  140. 140. Example package_config/DEMO from simple examples: PACKAGES aptitude fortune-mod fortunes rstat-client #rstatd rusers rusersd # only when also class XORG is defined PACKAGES aptitude XORG bb frozen-bubble xpenguins
  141. 141. Adjust Configspace: scripts #!/bin/bash #!/bin/perl #!/usr/bin/cfagent
  142. 142. scripts to be executed after package installation
  143. 143. Usually shell-, Perl- and cfengine-scripts
  144. 144. Need for others? just install Interpreter in the NFS-Root
  145. 145. Naming scheme: <CLASSNAME>/<NUMBER>-<SCRIPTNAME>
  146. 146. Number defines order of execution
  147. 147. SCRIPTNAME arbitrary just for readability
  148. 148. scripts example: . |-- AMD64 | `-- 99-discover-bug |-- DEMO | |-- 10-misc | `-- 30-demo |-- FAIBASE | |-- 10-misc | |-- 30-interface | `-- 40-misc |-- FAISERVER | |-- 10-conffiles | `-- 20-copy-mirror |-- GRUB | `-- 10-setup `-- LAST `-- 50-misc
  149. 149. Adjust configspace: files
  150. 150. Structure of a filesystem, starting with /
  151. 151. classbased copy/unpack
  152. 152. For usage with fcopy/ftar
  153. 153. Copy single files explicitly, or recursive from /
  154. 154. ftar unpacks an archive
  155. 155. Target file=directory
  156. 156. actually copied source file=CLASSNAME
  157. 157. ‘-- etc |-- X11 | ‘-- xorg.conf | |-- ATI sample: | ‘-- NVIDIA |-- apache2 | ‘-- conf.d | ‘-- debian-mirror.conf | ‘--FAISERVER ‘-- fai ‘-- fai.conf |-- FAISERVER ‘-- FAI_SOFTUPDATE_CLIENT
  158. 158. Adjust configspace: hooks
  159. 159. Naming scheme: <TASKNAME>.<CLASSNAME>[.source]
  160. 160. Execution before the according task
  161. 161. Examples: partition.XENU instsoft.FAIBASE savelog.LAST.source
  162. 162. Do the installation
  163. 163. Depending on chosen install type
  164. 164. Boot via PXE Bootfloppy install-CD USB Stick
  165. 165. fai dirinstall <TARGETDIR> into mounted blockdevice
  166. 166. Call dirinstall from xen-tools, Ganeti, . . .
  167. 167. Run grml-live
  168. 168. Depending on number of packages it takes 3-30 minutes
  169. 169. (automatic)Restart with production configuration
  170. 170. Functionality tests
  171. 171. Advanced stuff Outlook
  172. 172. Support stuff for more distributions: fai-distributions
  173. 173. GOSA as LDAP and FAI GUI
  174. 174. Automatic Tests of the installed systems
  175. 175. hooks/scripts could check files and configurations Crucible Test Framework
  176. 176. No LDAP? Management-Tool/lightweight GUI without GOSA
  177. 177. better configspace layout
  178. 178. Comparison with Puppet
  179. 179. LIMITED VALIDITY
  180. 180. I Only scratched Puppet's surface yet!
  181. 181. But I try to be unbiased
  182. 182. I actually like puppet quite well
  183. 183. The Points
  184. 184. Puppet has data encryption functionality! can distribute secrets!
  185. 185. FAI has a simpler file copying structure Could be „emulated“ with some code in puppet.
  186. 186. Puppet: only quot;configurationquot; FAI: also partition and base install
  187. 187. FAI has multiple specific logs Puppet logs into syslog
  188. 188. FAI: config files + scripts Puppet: everything is a script (most „config-filish“ - found some strange syntax skimming through)
  189. 189. Puppet: advanced client/server config push FAI: (scripted) ssh into amanged host, additional tool
  190. 190. FAI is a bit more mature - no youth problems
  191. 191. Puppet has some more advanced distribution abstractions
  192. 192. FAI is still lacking a nice Logo and website :)
  193. 193. BOTH: cool tools that you should use!
  194. 194. Can work together well and easy
  195. 195. Conclusions
  196. 196. FAI is a powerful tool for
  197. 197. Automatic installation
  198. 198. System-Change-Management
  199. 199. Structured approach required
  200. 200. Expect some learning curve on the way
  201. 201. The Big Reward: less worries about...
  202. 202. getting a config cloned setting up new machines restoring after a crash changing configs on multiple systems
  203. 203. Further information: http://www.informatik.uni-koeln.de/fai/ http://faiwiki.informatik.uni-koeln.de/ IRC-Channel #fai at OFTC-Network linux-fai-users and linux-fai-devel mailing list Commercial Support: multiple companies and freelancers
  204. 204. ADVERTISEMENT: to learn more or implement CALL ME! :)
  205. 205. Contact henning@sprang.de http://www.sprang.de/
  206. 206. THANKS FOR LISTENING!
  207. 207. QUESTIONS?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×