Your SlideShare is downloading. ×
0
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Virtualization and automation of library software/machines + Puppet

1,228

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,228
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Introduction 2• Virtualization – What is it? – Hands-on lab• Automation – How do you mean? – Hands-on lab• Puppet – Manipulating – Hands-on lab• Questions?
  • 2. Virtualization: What is it? 3• Stand alone server – Host & Guest• Dedicated Server – Guest => Virtual Machine – Host => Actual machine• Benefits – Less physical machines – Easy to move
  • 3. Virtualization: What is it? 4• Virtualization today: – VMware -> vsphere – Microsoft -> Hyper-V – Redhat -> RHEV – VMware player http://www.vmware.com/products/player/ – VMware esxi http://www.vmware.com/products/vsphere-hypervisor/overview.html – VirtualBox http://www.virtualbox.org/ – KVM http://www.linux-kvm.org/page/Main_Page – Xen http://www.xen.org/
  • 4. Virtualization: Hands-on lab 5
  • 5. Virtualization: Hands-on lab 6
  • 6. Virtualization: Hands-on lab 7
  • 7. Virtualization: Hands-on lab 8
  • 8. Virtualization: Hands-on lab 9
  • 9. Virtualization: Hands-on lab 10
  • 10. Virtualization: Hands-on lab 11
  • 11. Automation: How do you mean? 12• Installing OS – > insert disc, choose options, configure root, etc… – > Login, create users, configure server –>…• Automation = install steps written in file – Kickstart – Preseed
  • 12. Automation: How do you mean? 13• Creating kickstart file – Set language, keyboard, timezone, root password, network, … lang en_US langsupport en_US.UTF-8 keyboard us timezone --utc Europe/Brussels rootpw *** text skipx install cdrom zerombr bootloader --location=mbr network --bootproto=dhcp key XXXXXXXXXXXXXXXX• Hard disc formating clearpart --all --initlabel part /boot --fstype ext3 --size=150 --ondisk=sda part / --fstype=ext3 --size=1024 --ondisk=sda part swap --size=7644 --ondisk=sda part pv.6 --size=0 --grow --ondisk=sda volgroup vg00 --pesize=32768 pv.6 logvol /var/log --fstype ext3 --name=varlog --vgname=vg00 --size=2048
  • 13. Automation: How do you mean? 14• Hard disc – Additional partition exlibris (35GB) clearpart --all --initlabel part /boot --fstype ext3 --size=150 --ondisk=sda part / --fstype=ext3 --size=1024 --ondisk=sda part swap --size=4096 --ondisk=sda part pv.6 --size=0 --grow --ondisk=sda volgroup vg00 --pesize=32768 pv.6 logvol /var/log --fstype ext3 --name=varlog --vgname=vg00 --size=2048 logvol /var --fstype ext3 --name=var --vgname=vg00 --size=1536 logvol /tmp --fstype ext3 --name=tmp --vgname=vg00 --size=5120 logvol /opt --fstype ext3 --name=opt --vgname=vg00 --size=1024 logvol /usr --fstype ext3 --name=usr --vgname=vg00 --size=4096 logvol /home --fstype ext3 --name=home --vgname=vg00 --size=512 logvol /exlibris --fstype ext3 --name=exlibris --vgname=vg00 --size=35840• End script auth --useshadow --enablemd5 selinux --disabled firewall --enabled --ssh firstboot --disabled reboot --eject
  • 14. Automation: How do you mean? 15• Add packages repo --name=epel --baseurl=http://dl.fedoraproject.org/pub/epel/5/x86_64/ %packages @core epel-release-5-4 screen ruby puppet• Post – Define hostname, register with RedHat, set puppetmaster %post --log=/root/postinstall.log # set hostname to the dns one IP=`ifconfig eth0 | grep "addr:" | cut -d: -f2 | cut -d -f1` HOSTNAME=`nslookup $IP | grep "name =" | cut -d= -f2 | sed s/.(.*)./1/` SHORTHOSTNAME=`nslookup $IP | grep "name =" | cut -d= -f2 | sed s/.(.*)./1/ | cut -d. -f1` # replace the hostname in the network configuration grep -v "HOSTNAME" /etc/sysconfig/network > /tmp/network echo "HOSTNAME=${HOSTNAME}" >> /tmp/network cp /tmp/network /etc/sysconfig/network echo "${IP} ${HOSTNAME} ${SHORTHOSTNAME}" >> /etc/hosts rhnreg_ks --profilename=${HOSTNAME} --activationkey=XXXXXXXXXXXXX
  • 15. Automation: How do you mean? 16• Users and SSH – Add user, disable root-ssh-login, config port ssh, update system # Create user install useradd --uid 900 install # Set passwd for user install echo "***" | passwd --stdin install # Disable ssh rootlogin sed -e s/^#PermitRootLoginsyes$/PermitRootLogin no/ < /etc/ssh/sshd_config > /tmp/sshd_config # Use port 22000 as default sed -e s/^#Ports22$/Port 22000/ < /tmp/sshd_config > /tmp/sshd_config2 mv /tmp/sshd_config2 /etc/ssh/sshd_config rm /tmp/sshd_config # Open non default port 22000 for ssh sed -e s/--dports22/--dport 22000/ < /etc/sysconfig/iptables > /tmp/iptables mv /tmp/iptables /etc/sysconfig/iptables /usr/bin/yum clean all /usr/bin/yum -y update /usr/bin/yum clean all
  • 16. Automation: Hands-on lab 17• Try to create SFX-installation - Packages /usr/bin/yum -y install glibc unixODBC unixODBC-devel e2fsprogs-libs expat libxml2 zlib libxslt libgcrypt libgpg-error krb5-libs keyutils-libs libselinux libsepol gmp pcre libaio gdbm libstdc++ ncurses bzip2-libs /usr/bin/yum clean all #Disable selinux echo 0 > /selinux/enforce #stop iptables /etc/init.d/iptables stop #disable iptables /sbin/chkconfig --level 2345 iptables off – Sfx-installer can extract only • ./sfx_version_4_linux64_installer.run --confirm – Sfx-installer can run without disclaimer • ./starter.sh nodisclaimer
  • 17. Automation: Hands-on lab 18• Sfx-installer can extract only• Sfx-installer can run without disclaimer
  • 18. Automation: Hands-on lab 19• Sfx-installer can use auto answer-file – Sfx-installer can extract only – Sfx-installer can run without disclaimer
  • 19. Automation: Hands-on lab 20• How to do this? mkdir -m777 /exlibris/ftp_from_exlibris cd /exlibris/ftp_from_exlibris wget http://sartre.ugent.be/bt/sfx_version_4_linux64_installer.run‘ chmod a+x sfx_version_4_linux64_installer.run /bin/echo “LICENSE-SFXGLB41" > license.txt /bin/echo “LICENSE-SFXLCL41" >> license.txt /bin/echo “LICENSE-SFXTST41" >> license.txt # extract sfx_installer echo "y" > answer.txt echo "n" >> answer.txt ./sfx_version_4_linux64_installer.run --confirm < answer.txt #start installer cd build echo "y" > answer.txt echo "3410" >> answer.txt echo "n" >> answer.txt ./starter.sh nodisclaimer < answer.txt # Set passwd for users sfx echo "***" | passwd --stdin sfxglb41 echo "***" | passwd --stdin sfxlcl41 echo "***" | passwd --stdin sfxtst41
  • 20. Automation: Hands-on lab 21• Finishing script # Add port 80 for browsing sed -e s/^Listens3410$/Listen 80nListen 3410/ < /exlibris/sfx_ver/sfx4_1/proxy/conf/httpd.conf > /tmp/httpproxy.conf mv /tmp/httpproxy.conf /exlibris/sfx_ver/sfx4_1/proxy/conf/httpd.conf # Open the port in the firewall sed /23000/i-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -- dport 80 -j ACCEPT < /etc/sysconfig/iptables > /tmp/iptables sed /23000/i-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -- dport 3410 -j ACCEPT < /tmp/iptables > /etc/sysconfig/iptables #Enable back iptables /sbin/chkconfig --level 2345 iptables on
  • 21. Automation: Hands-on lab 22
  • 22. Automation: Hands-on lab 23
  • 23. Virtualization: Hands-on lab 24
  • 24. Puppet: Manipulating 25• Automation software• DSL Language written in Ruby• Client / server oriented• Repeatable processes• Abstraction layers
  • 25. Puppet: Manipulating 26• Abstraction layers? – Package managers | User management | Services Apt, dpkg, yum, rpm, pkg, … | useradd, adduser, dscl, …
  • 26. Puppet: Manipulating 27• Server structure ‒ puppet/ ‒ manifests/ ‒ environments / ‒ production / ‒ modules / ‒ [a-z][a-z0-9_]* / ‒ files / ‒ manifests / ‒ init.pp ‒ templates / ‒ tests / ‒ manifests / ‒ nodes.pp ‒ development /
  • 27. Puppet: Manipulating 28• Nodes.pp node HOSTNAME { include apache; class { ntp: enable => false; } apache::vhost { personal_site: port => 80, docroot => /var/www/personal, options => Indexes MultiViews‘; } }• Module – [a-z][a-z0-9_]* (except main, settings)
  • 28. Puppet: Manipulating 29 ‒modules /• init.pp ‒[a-z][a-z0-9_]* / ‒files / – Class-name same as module ‒service.conf ‒manifests / ‒init.pp• otherclass.pp ‒otherclass.pp ‒templates / – my_module::otherclass ‒template.erb ‒tests /• files/service.conf – puppet:///modules/my_module/service.conf• templates/template.erb – template(my_module/template.erb)
  • 29. Puppet: Manipulating 30• Built-in resources: – file file { ‘/exlibris’: ensure => directory, mode => 777, group => exlibris; } file {‘/exlibris/ftp_from_exlibris/build/answer.txt’: ensure => present, content => "yn3410nn", require => Exec["extract_sfx"]; } file { ‘/exlibris’: ensure => directory, mode => 777, group => exlibris; ‘/exlibris/ftp_from_exlibris/build/answer.txt’: ensure => present, content => "yn3410nn", require => Exec["extract_sfx"]; }
  • 30. Puppet: Manipulating 31 – package package { ‘glibc’: ensure => ‘installed’; ‘unixODBC’: ensure => ‘installed’; ‘unixODBC-devel’ ensure => ‘latest’; ‘gdbm.i686’: ensure => ‘2.2.16-6’;}Package { ensure => ‘installed’ }$package2install = [ ‘glibc’, ‘unixODBC’, ‘unixODBC-devel’, ‘gdbm.i686’ ]package { $package2install: } – exec exec { ‘download_installer’: command => ‘./sfx_version_4_linux64_installer.run --confirm < answer.txt’, cwd => ‘/exlibris/ftp_from_exlibris’, creates => ‘/exlibris/ftp_from_exlibris/build’, require => File[‘/exlibris/ftp_from_exlibris’];}
  • 31. Puppet: Manipulating 32 – user & groupuser { ‘ca20c800’: ensure => ‘present’, group { ‘ca20c800’: comment => ‘Comment for user’, ensure => ‘present’, uid => ‘600’, gid => ‘600’; gid => ‘600’, } membership => minimum, shell => ‘/bin/bash’, home => ‘/home/$title", require => Group[$title], password => ‘***’; } – ± 40 different resource types • cron • mount • yumrepo
  • 32. Puppet: Hands-on lab 33• Sfx & puppet class sfx { Package { ensure => "installed"} $package2install = [ "glibc", "unixODBC-devel", "e2fsprogs- libs", "unixODBC", "expat", "libxml2", "zlib", "libxslt", "libgcrypt", "libgpg- error", "krb5-libs", "keyutils- libs", "libselinux", "libsepol", "gmp", "pcre.i686", "pcre.x86_64", "libaio", " gdbm.i686", "gdbm.x86_64", "libstdc++", "ncurses", "bzip2-libs.i686", "bzip2- libs.x86_64" ] package { $package2install: } concat::fragment { "/etc/sysconfig/iptables.sfx.server": target => "/etc/sysconfig/iptables", source => puppet:///modules/sfx/iptables.server, order => 200, }
  • 33. Puppet: Hands-on lab 34• Sfx & puppet file { ‘/exlibris’: ensure => directory, group => exlibris; ‘/exlibris/ftp_from_exlibris’: ensure => directory, group => exlibris, mode => 777, require => File[‘/exlibris’]; ‘/exlibris/ftp_from_exlibris/answer.txt’: ensure => present, content => ‘ynn’, ‘/exlibris/ftp_from_exlibris/build/answer.txt’: ensure => present, content => ‘yn3410nn’, require => Exec[‘extract_sfx"]; }
  • 34. Puppet: Hands-on lab 35• Sfx & puppet exec { "download_installer": command => "/usr/bin/wget http://sartre.ugent.be/bt/sfx_version_4_linux64_installer.run -O sfx_version_4_linux64_installer.run; /bin/chmod a+x sfx_version_4_linux64_installer.run", cwd => "/exlibris/ftp_from_exlibris", creates => "/exlibris/ftp_from_exlibris/sfx_version_4_linux64_installer.run", require => File["/exlibris/ftp_from_exlibris"]; "get_license": command => "/usr/bin/wget http://lib.ugent.be/files/elag2012/${hostname}.license -O license.txt", cwd => "/exlibris/ftp_from_exlibris", creates => "/exlibris/ftp_from_exlibris/license.txt", require => File["/exlibris/ftp_from_exlibris"]; "extract_sfx": command => "./sfx_version_4_linux64_installer.run --confirm < answer.txt", cwd => "/exlibris/ftp_from_exlibris", creates => "/exlibris/ftp_from_exlibris/build", require => File["/exlibris/ftp_from_exlibris/answer.txt"]; "installing_sfx": command => "/etc/init.d/iptables stop; /sbin/chkconfig --level 2345 iptables off; ./starter.sh nodisclaimer < answer.txt", cwd => "/exlibris/ftp_from_exlibris/build", creates => "/exlibris/sfx_ver", timeout => "1800", require => File["/exlibris/ftp_from_exlibris/build/answer.txt"]; }
  • 35. Puppet: Hands-on lab 36• Server node node ca20c802 { class { basenode:; vmware::tools:; selinux::disable:; exlibris:; sfx:; icinga: nrpe_allowed_hosts => ‘x.x.x.x; icinga::plugins::checksfx: perfdata => true; } }
  • 36. Puppet: Hands-on lab 37• Sfx-class class exlibris { realize User_create[exlibris] realize User_create[ca20c801] realize User_create[ca20c802] realize User_create[ca20c803] realize User_create[ca20c804] concat::fragment { "/etc/sysconfig/iptables.exlibris.server": target => "/etc/sysconfig/iptables", source => puppet:///modules/exlibris/iptables.server, order => 150, } }
  • 37. Questions? 38 • Questions? http://www.vmware.com http://fedoraproject.org/wiki/Anaconda/Kickstart http://www.puppetlabs.com  Omar.Reygaert@UGent.be

×