Lifecycle Management with Foreman

8.393 visualizaciones
7.967 visualizaciones

Publicado el

Slides from my conference at CentOS Dojo Brussels 2014 at IBM

Publicado en: Tecnología, Meditación

Lifecycle Management with Foreman

  1. 1. Julien Pivotto CentOS Dojo, Brussels January 31, 2014
  2. 2. whoami sysadmin @ inuits • open-source defender for 7+ years • devops believer • @roidelapluie on twitter/github • Julien Pivotto Foreman
  3. 3. Introduction Julien Pivotto Foreman
  4. 4. Lifecycle management • Provisioning • Automation • Reporting Julien Pivotto Foreman
  5. 5. We had tools!? • Provisioning using Cobbler • Automation using Puppet/Chef/. . . • Puppet reporting with Puppet Dashboard Julien Pivotto Foreman
  6. 6. Then came virtualisation • Cobbler was not enough • Using virt-install to automate VM creation • One shot command line, decentralized • Cobbler does not cluster Julien Pivotto Foreman
  7. 7. Then came cloud • Where is my machine? • Bare-Metal? Bare-what? • Dynamic environments • Change quickly and often Julien Pivotto Foreman
  8. 8. Cobbler • Not intuitive or reactive • Support for Xen • TFTP on the local machine • Direct control of DHCP configuration • Basic yumrepo support Julien Pivotto Foreman
  9. 9. Puppet-dashboard • Puppet web frontend • It was the reference • Until the arrival of Foreman • Puppetlabs abandoned it for PuppetDB Julien Pivotto Foreman
  10. 10. Provisioning • Bare metal and virtual • Multiple backends • Decentralized (control remote TFTP, DNS, DHCP) Julien Pivotto Foreman
  11. 11. Automation • (puppet) ENC • Trigger puppet runs • Advanced use: parameters,. . . • History of changes • ENC is optional Julien Pivotto Foreman
  12. 12. Reporting • Visualise changes • See the full logs • View the facts Julien Pivotto Foreman
  13. 13. Foreman Julien Pivotto Foreman
  14. 14. Foreman 101 • Foreman was used for one thing • Viewing puppet reports • Having cool statistics gathering, facts Julien Pivotto Foreman
  15. 15. Meanwhile • More and more features • More than a fact/reports viewer • Interacts deeply with puppet Julien Pivotto Foreman
  16. 16. Foreman 201 • Puppet reports viewer • Machine provisioning • Puppet ENC • Extendable with plugins Julien Pivotto Foreman
  17. 17. Architecture Julien Pivotto Foreman
  18. 18. Smart Proxies • Provides Restful API • Connect to Bind, DHCP, TFTP, . . . • Also puppet-ca, mcollective, . . . • Allow foreman to talk with services Julien Pivotto Foreman
  19. 19. From the Foreman documentation
  20. 20. Foreman installer • kafo • a rubygem • Command line installer • Using puppet modules • Generic Project Julien Pivotto Foreman
  21. 21. Foreman installer • a lot of options • interactive installation: -i • enables/disables stuff • sets up git repositories • creates a puppet tree skeleton Julien Pivotto Foreman
  22. 22. Provisioning Julien Pivotto Foreman
  23. 23. Provisioning • Install any distribution • Configure almost everything • Generate snippets, kickstarts,. . . • ERB Scripting Julien Pivotto Foreman
  24. 24. Providers • Libvirt • EC2 • OpenStack • Google Compute Engine • oVirt • VMWare Julien Pivotto Foreman
  25. 25. OS • CentOS/RHEL • Fedora • Ubuntu/Debian • Suse • Solaris Julien Pivotto Foreman
  26. 26. Features of providers • Depending on the provider • Unattended installation • Image-based install • Power management • Console (noVNC) Julien Pivotto Foreman
  27. 27. Automation Julien Pivotto Foreman
  28. 28. Puppet ENC • Support classes • Parametrized classes • Smart variables Julien Pivotto Foreman
  29. 29. Configuration • Environments • Host groups • Classes + params • Global parameters Julien Pivotto Foreman
  30. 30. Certificates • Puppet-ca proxy • Takes care of signing certificates • Trigger first puppet run • Run first puppet run in noop mode (before reboot). Julien Pivotto Foreman
  31. 31. Reporting Julien Pivotto Foreman
  32. 32. Puppet reports • Very detailed • History • Time per ressource • Overview of the last reports Julien Pivotto Foreman
  33. 33. Host groups • Default provisioning parameters • Puppet classes • Network configuration Julien Pivotto Foreman
  34. 34. Integration Julien Pivotto Foreman
  35. 35. Queries • Advanced queries • Query by facts, by last report time • Create custom shorcut in the ui Julien Pivotto Foreman
  36. 36. RESTful API • Complete and well documented • Everything is possible • Integrate foreman with anything Julien Pivotto Foreman
  37. 37. Hammer • Command line to foreman • Scripting • Automation • Without browser (e.g no http(s) access) Julien Pivotto Foreman
  38. 38. Scale Julien Pivotto Foreman
  39. 39. Large infrastructure • Fine-grained roles (ACL) • LDAP authentication • Organisation/location support Julien Pivotto Foreman
  40. 40. Scaling up • Multiple Puppet Masters • Multiple Smart Proxies • Foreman talks with the CA • Multiple compute resources Julien Pivotto Foreman
  41. 41. Use cases Julien Pivotto Foreman
  42. 42. Puppet logs reader • Why are my puppet runs taking so long? • When does that node report the last time • Quickly view facter facts • Just ignoring the provision part of foreman Julien Pivotto Foreman
  43. 43. Giving access • Allow developers to create VM’s • Easy, secure, less risks • NoVNC access in browser • Usage of ACL Julien Pivotto Foreman
  44. 44. Phoenix tests • Really easy to rebuild a VM • Re-provisioning • Puppet certs managed across foreman • Integrate with Jenkins (REST) Julien Pivotto Foreman
  45. 45. Conclusion Julien Pivotto Foreman
  46. 46. Conclusion • From small labs to larger environments • Interactions with RESTful API • Complete puppet management • Bare Metal and virtual machines Julien Pivotto Foreman
  47. 47. Foreman meetings in the next days • Configuration management devroom at FOSDEM • Config Management Camp in Ghent (no tickets left) Julien Pivotto Foreman
  48. 48. Thank you Any question? Julien Pivotto Foreman
  49. 49. Contact Julien Pivotto julien@inuits.eu @roidelapluie INUITS bvba INUITS bvba Belgium Belgium +32 473 441 636 +32 473 441 636 https://inuits.eu https://inuits.eu Julien Pivotto Foreman

×