Introduction          2• Virtualization  – What is it?  – Hands-on lab• Automation  – How do you mean?  – Hands-on lab• Pu...
Virtualization: What is it?   3• Stand alone server  – Host & Guest• Dedicated Server  – Guest => Virtual Machine  – Host ...
Virtualization: What is it?                                                                4• Virtualization today:  – VMw...
Virtualization: Hands-on lab   5
Virtualization: Hands-on lab   6
Virtualization: Hands-on lab   7
Virtualization: Hands-on lab   8
Virtualization: Hands-on lab   9
Virtualization: Hands-on lab   10
Virtualization: Hands-on lab   11
Automation: How do you mean?                             12• Installing OS  – > insert disc, choose options, configure roo...
Automation: How do you mean?                                               13• Creating kickstart file   – Set language, k...
Automation: How do you mean?                                                  14• Hard disc  – Additional partition exlibr...
Automation: How do you mean?                                                15• Add packages repo --name=epel --baseurl=ht...
Automation: How do you mean?                                          16• Users and SSH  – Add user, disable root-ssh-logi...
Automation: Hands-on lab                                                    17• Try to create SFX-installation - Packages ...
Automation: Hands-on lab                    18• Sfx-installer can extract only• Sfx-installer can run without disclaimer
Automation: Hands-on lab                      19• Sfx-installer can use auto answer-file  – Sfx-installer can extract only...
Automation: Hands-on lab                                               20• How to do this? mkdir -m777 /exlibris/ftp_from_...
Automation: Hands-on lab                                                    21• Finishing script # Add port 80 for browsin...
Automation: Hands-on lab   22
Automation: Hands-on lab   23
Virtualization: Hands-on lab   24
Puppet: Manipulating            25• Automation software• DSL Language written in Ruby• Client / server oriented• Repeatabl...
Puppet: Manipulating                                        26• Abstraction layers?  – Package managers | User management ...
Puppet: Manipulating                   27• Server structure  ‒ puppet/     ‒ manifests/     ‒ environments /         ‒ pro...
Puppet: Manipulating                           28• Nodes.pp node HOSTNAME {     include apache;     class {         ntp:  ...
Puppet: Manipulating                                       29                                  ‒modules /• init.pp        ...
Puppet: Manipulating                                        30• Built-in resources:     – file     file { ‘/exlibris’:    ...
Puppet: Manipulating                                                             31    – package    package {      ‘glibc’...
Puppet: Manipulating                                             32 – user & groupuser { ‘ca20c800’:   ensure      => ‘pre...
Puppet: Hands-on lab                                                              33• Sfx & puppet class sfx {   Package {...
Puppet: Hands-on lab                                  34• Sfx & puppet  file {     ‘/exlibris’:       ensure => directory,...
Puppet: Hands-on lab                                                              35• Sfx & puppet  exec { "download_insta...
Puppet: Hands-on lab                         36• Server node node ca20c802 {   class {     basenode:;     vmware::tools:; ...
Puppet: Hands-on lab                                                37• Sfx-class class exlibris {   realize User_create[e...
Questions?                                                 38                   • Questions?                    http://www...
Virtualization and automation of library software/machines + Puppet
Upcoming SlideShare
Loading in...5
×

Virtualization and automation of library software/machines + Puppet

1,239

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,239
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Virtualization and automation of library software/machines + Puppet

  1. 1. Introduction 2• Virtualization – What is it? – Hands-on lab• Automation – How do you mean? – Hands-on lab• Puppet – Manipulating – Hands-on lab• Questions?
  2. 2. Virtualization: What is it? 3• Stand alone server – Host & Guest• Dedicated Server – Guest => Virtual Machine – Host => Actual machine• Benefits – Less physical machines – Easy to move
  3. 3. Virtualization: What is it? 4• Virtualization today: – VMware -> vsphere – Microsoft -> Hyper-V – Redhat -> RHEV – VMware player http://www.vmware.com/products/player/ – VMware esxi http://www.vmware.com/products/vsphere-hypervisor/overview.html – VirtualBox http://www.virtualbox.org/ – KVM http://www.linux-kvm.org/page/Main_Page – Xen http://www.xen.org/
  4. 4. Virtualization: Hands-on lab 5
  5. 5. Virtualization: Hands-on lab 6
  6. 6. Virtualization: Hands-on lab 7
  7. 7. Virtualization: Hands-on lab 8
  8. 8. Virtualization: Hands-on lab 9
  9. 9. Virtualization: Hands-on lab 10
  10. 10. Virtualization: Hands-on lab 11
  11. 11. Automation: How do you mean? 12• Installing OS – > insert disc, choose options, configure root, etc… – > Login, create users, configure server –>…• Automation = install steps written in file – Kickstart – Preseed
  12. 12. Automation: How do you mean? 13• Creating kickstart file – Set language, keyboard, timezone, root password, network, … lang en_US langsupport en_US.UTF-8 keyboard us timezone --utc Europe/Brussels rootpw *** text skipx install cdrom zerombr bootloader --location=mbr network --bootproto=dhcp key XXXXXXXXXXXXXXXX• Hard disc formating clearpart --all --initlabel part /boot --fstype ext3 --size=150 --ondisk=sda part / --fstype=ext3 --size=1024 --ondisk=sda part swap --size=7644 --ondisk=sda part pv.6 --size=0 --grow --ondisk=sda volgroup vg00 --pesize=32768 pv.6 logvol /var/log --fstype ext3 --name=varlog --vgname=vg00 --size=2048
  13. 13. Automation: How do you mean? 14• Hard disc – Additional partition exlibris (35GB) clearpart --all --initlabel part /boot --fstype ext3 --size=150 --ondisk=sda part / --fstype=ext3 --size=1024 --ondisk=sda part swap --size=4096 --ondisk=sda part pv.6 --size=0 --grow --ondisk=sda volgroup vg00 --pesize=32768 pv.6 logvol /var/log --fstype ext3 --name=varlog --vgname=vg00 --size=2048 logvol /var --fstype ext3 --name=var --vgname=vg00 --size=1536 logvol /tmp --fstype ext3 --name=tmp --vgname=vg00 --size=5120 logvol /opt --fstype ext3 --name=opt --vgname=vg00 --size=1024 logvol /usr --fstype ext3 --name=usr --vgname=vg00 --size=4096 logvol /home --fstype ext3 --name=home --vgname=vg00 --size=512 logvol /exlibris --fstype ext3 --name=exlibris --vgname=vg00 --size=35840• End script auth --useshadow --enablemd5 selinux --disabled firewall --enabled --ssh firstboot --disabled reboot --eject
  14. 14. Automation: How do you mean? 15• Add packages repo --name=epel --baseurl=http://dl.fedoraproject.org/pub/epel/5/x86_64/ %packages @core epel-release-5-4 screen ruby puppet• Post – Define hostname, register with RedHat, set puppetmaster %post --log=/root/postinstall.log # set hostname to the dns one IP=`ifconfig eth0 | grep "addr:" | cut -d: -f2 | cut -d -f1` HOSTNAME=`nslookup $IP | grep "name =" | cut -d= -f2 | sed s/.(.*)./1/` SHORTHOSTNAME=`nslookup $IP | grep "name =" | cut -d= -f2 | sed s/.(.*)./1/ | cut -d. -f1` # replace the hostname in the network configuration grep -v "HOSTNAME" /etc/sysconfig/network > /tmp/network echo "HOSTNAME=${HOSTNAME}" >> /tmp/network cp /tmp/network /etc/sysconfig/network echo "${IP} ${HOSTNAME} ${SHORTHOSTNAME}" >> /etc/hosts rhnreg_ks --profilename=${HOSTNAME} --activationkey=XXXXXXXXXXXXX
  15. 15. Automation: How do you mean? 16• Users and SSH – Add user, disable root-ssh-login, config port ssh, update system # Create user install useradd --uid 900 install # Set passwd for user install echo "***" | passwd --stdin install # Disable ssh rootlogin sed -e s/^#PermitRootLoginsyes$/PermitRootLogin no/ < /etc/ssh/sshd_config > /tmp/sshd_config # Use port 22000 as default sed -e s/^#Ports22$/Port 22000/ < /tmp/sshd_config > /tmp/sshd_config2 mv /tmp/sshd_config2 /etc/ssh/sshd_config rm /tmp/sshd_config # Open non default port 22000 for ssh sed -e s/--dports22/--dport 22000/ < /etc/sysconfig/iptables > /tmp/iptables mv /tmp/iptables /etc/sysconfig/iptables /usr/bin/yum clean all /usr/bin/yum -y update /usr/bin/yum clean all
  16. 16. Automation: Hands-on lab 17• Try to create SFX-installation - Packages /usr/bin/yum -y install glibc unixODBC unixODBC-devel e2fsprogs-libs expat libxml2 zlib libxslt libgcrypt libgpg-error krb5-libs keyutils-libs libselinux libsepol gmp pcre libaio gdbm libstdc++ ncurses bzip2-libs /usr/bin/yum clean all #Disable selinux echo 0 > /selinux/enforce #stop iptables /etc/init.d/iptables stop #disable iptables /sbin/chkconfig --level 2345 iptables off – Sfx-installer can extract only • ./sfx_version_4_linux64_installer.run --confirm – Sfx-installer can run without disclaimer • ./starter.sh nodisclaimer
  17. 17. Automation: Hands-on lab 18• Sfx-installer can extract only• Sfx-installer can run without disclaimer
  18. 18. Automation: Hands-on lab 19• Sfx-installer can use auto answer-file – Sfx-installer can extract only – Sfx-installer can run without disclaimer
  19. 19. Automation: Hands-on lab 20• How to do this? mkdir -m777 /exlibris/ftp_from_exlibris cd /exlibris/ftp_from_exlibris wget http://sartre.ugent.be/bt/sfx_version_4_linux64_installer.run‘ chmod a+x sfx_version_4_linux64_installer.run /bin/echo “LICENSE-SFXGLB41" > license.txt /bin/echo “LICENSE-SFXLCL41" >> license.txt /bin/echo “LICENSE-SFXTST41" >> license.txt # extract sfx_installer echo "y" > answer.txt echo "n" >> answer.txt ./sfx_version_4_linux64_installer.run --confirm < answer.txt #start installer cd build echo "y" > answer.txt echo "3410" >> answer.txt echo "n" >> answer.txt ./starter.sh nodisclaimer < answer.txt # Set passwd for users sfx echo "***" | passwd --stdin sfxglb41 echo "***" | passwd --stdin sfxlcl41 echo "***" | passwd --stdin sfxtst41
  20. 20. Automation: Hands-on lab 21• Finishing script # Add port 80 for browsing sed -e s/^Listens3410$/Listen 80nListen 3410/ < /exlibris/sfx_ver/sfx4_1/proxy/conf/httpd.conf > /tmp/httpproxy.conf mv /tmp/httpproxy.conf /exlibris/sfx_ver/sfx4_1/proxy/conf/httpd.conf # Open the port in the firewall sed /23000/i-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -- dport 80 -j ACCEPT < /etc/sysconfig/iptables > /tmp/iptables sed /23000/i-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -- dport 3410 -j ACCEPT < /tmp/iptables > /etc/sysconfig/iptables #Enable back iptables /sbin/chkconfig --level 2345 iptables on
  21. 21. Automation: Hands-on lab 22
  22. 22. Automation: Hands-on lab 23
  23. 23. Virtualization: Hands-on lab 24
  24. 24. Puppet: Manipulating 25• Automation software• DSL Language written in Ruby• Client / server oriented• Repeatable processes• Abstraction layers
  25. 25. Puppet: Manipulating 26• Abstraction layers? – Package managers | User management | Services Apt, dpkg, yum, rpm, pkg, … | useradd, adduser, dscl, …
  26. 26. Puppet: Manipulating 27• Server structure ‒ puppet/ ‒ manifests/ ‒ environments / ‒ production / ‒ modules / ‒ [a-z][a-z0-9_]* / ‒ files / ‒ manifests / ‒ init.pp ‒ templates / ‒ tests / ‒ manifests / ‒ nodes.pp ‒ development /
  27. 27. Puppet: Manipulating 28• Nodes.pp node HOSTNAME { include apache; class { ntp: enable => false; } apache::vhost { personal_site: port => 80, docroot => /var/www/personal, options => Indexes MultiViews‘; } }• Module – [a-z][a-z0-9_]* (except main, settings)
  28. 28. Puppet: Manipulating 29 ‒modules /• init.pp ‒[a-z][a-z0-9_]* / ‒files / – Class-name same as module ‒service.conf ‒manifests / ‒init.pp• otherclass.pp ‒otherclass.pp ‒templates / – my_module::otherclass ‒template.erb ‒tests /• files/service.conf – puppet:///modules/my_module/service.conf• templates/template.erb – template(my_module/template.erb)
  29. 29. Puppet: Manipulating 30• Built-in resources: – file file { ‘/exlibris’: ensure => directory, mode => 777, group => exlibris; } file {‘/exlibris/ftp_from_exlibris/build/answer.txt’: ensure => present, content => "yn3410nn", require => Exec["extract_sfx"]; } file { ‘/exlibris’: ensure => directory, mode => 777, group => exlibris; ‘/exlibris/ftp_from_exlibris/build/answer.txt’: ensure => present, content => "yn3410nn", require => Exec["extract_sfx"]; }
  30. 30. Puppet: Manipulating 31 – package package { ‘glibc’: ensure => ‘installed’; ‘unixODBC’: ensure => ‘installed’; ‘unixODBC-devel’ ensure => ‘latest’; ‘gdbm.i686’: ensure => ‘2.2.16-6’;}Package { ensure => ‘installed’ }$package2install = [ ‘glibc’, ‘unixODBC’, ‘unixODBC-devel’, ‘gdbm.i686’ ]package { $package2install: } – exec exec { ‘download_installer’: command => ‘./sfx_version_4_linux64_installer.run --confirm < answer.txt’, cwd => ‘/exlibris/ftp_from_exlibris’, creates => ‘/exlibris/ftp_from_exlibris/build’, require => File[‘/exlibris/ftp_from_exlibris’];}
  31. 31. Puppet: Manipulating 32 – user & groupuser { ‘ca20c800’: ensure => ‘present’, group { ‘ca20c800’: comment => ‘Comment for user’, ensure => ‘present’, uid => ‘600’, gid => ‘600’; gid => ‘600’, } membership => minimum, shell => ‘/bin/bash’, home => ‘/home/$title", require => Group[$title], password => ‘***’; } – ± 40 different resource types • cron • mount • yumrepo
  32. 32. Puppet: Hands-on lab 33• Sfx & puppet class sfx { Package { ensure => "installed"} $package2install = [ "glibc", "unixODBC-devel", "e2fsprogs- libs", "unixODBC", "expat", "libxml2", "zlib", "libxslt", "libgcrypt", "libgpg- error", "krb5-libs", "keyutils- libs", "libselinux", "libsepol", "gmp", "pcre.i686", "pcre.x86_64", "libaio", " gdbm.i686", "gdbm.x86_64", "libstdc++", "ncurses", "bzip2-libs.i686", "bzip2- libs.x86_64" ] package { $package2install: } concat::fragment { "/etc/sysconfig/iptables.sfx.server": target => "/etc/sysconfig/iptables", source => puppet:///modules/sfx/iptables.server, order => 200, }
  33. 33. Puppet: Hands-on lab 34• Sfx & puppet file { ‘/exlibris’: ensure => directory, group => exlibris; ‘/exlibris/ftp_from_exlibris’: ensure => directory, group => exlibris, mode => 777, require => File[‘/exlibris’]; ‘/exlibris/ftp_from_exlibris/answer.txt’: ensure => present, content => ‘ynn’, ‘/exlibris/ftp_from_exlibris/build/answer.txt’: ensure => present, content => ‘yn3410nn’, require => Exec[‘extract_sfx"]; }
  34. 34. Puppet: Hands-on lab 35• Sfx & puppet exec { "download_installer": command => "/usr/bin/wget http://sartre.ugent.be/bt/sfx_version_4_linux64_installer.run -O sfx_version_4_linux64_installer.run; /bin/chmod a+x sfx_version_4_linux64_installer.run", cwd => "/exlibris/ftp_from_exlibris", creates => "/exlibris/ftp_from_exlibris/sfx_version_4_linux64_installer.run", require => File["/exlibris/ftp_from_exlibris"]; "get_license": command => "/usr/bin/wget http://lib.ugent.be/files/elag2012/${hostname}.license -O license.txt", cwd => "/exlibris/ftp_from_exlibris", creates => "/exlibris/ftp_from_exlibris/license.txt", require => File["/exlibris/ftp_from_exlibris"]; "extract_sfx": command => "./sfx_version_4_linux64_installer.run --confirm < answer.txt", cwd => "/exlibris/ftp_from_exlibris", creates => "/exlibris/ftp_from_exlibris/build", require => File["/exlibris/ftp_from_exlibris/answer.txt"]; "installing_sfx": command => "/etc/init.d/iptables stop; /sbin/chkconfig --level 2345 iptables off; ./starter.sh nodisclaimer < answer.txt", cwd => "/exlibris/ftp_from_exlibris/build", creates => "/exlibris/sfx_ver", timeout => "1800", require => File["/exlibris/ftp_from_exlibris/build/answer.txt"]; }
  35. 35. Puppet: Hands-on lab 36• Server node node ca20c802 { class { basenode:; vmware::tools:; selinux::disable:; exlibris:; sfx:; icinga: nrpe_allowed_hosts => ‘x.x.x.x; icinga::plugins::checksfx: perfdata => true; } }
  36. 36. Puppet: Hands-on lab 37• Sfx-class class exlibris { realize User_create[exlibris] realize User_create[ca20c801] realize User_create[ca20c802] realize User_create[ca20c803] realize User_create[ca20c804] concat::fragment { "/etc/sysconfig/iptables.exlibris.server": target => "/etc/sysconfig/iptables", source => puppet:///modules/exlibris/iptables.server, order => 150, } }
  37. 37. Questions? 38 • Questions? http://www.vmware.com http://fedoraproject.org/wiki/Anaconda/Kickstart http://www.puppetlabs.com  Omar.Reygaert@UGent.be

×