Automatic systems installations and change management wit FAI - Talk for Netways OSDC 2009

4,040 views

Published on

How long does it take you, to recover an arbitrary server, or duplicate an arbitrary running configuration to a new system? Especially in the latter case without a full-backup, which would contain a wrong IP Address, Hostname and other things and would therefore eventually break some things - and are storage-exhaustive.



Get into FAI - Fully Automatic Installation.

FAI http://www.informatik.uni-koeln.de/fai/) is a framework for completely automated installations - via LAN, CD or USB stick, as well as configuration management for running systems. The concept "Plan your installation, and FAi installs your plan" supports, but also requires building a well planned and documented infrastructure. Configuration properties can be defined into the smallest possible Detail, and then be arbitrarily combined - a great advantage in environments with many different system types, which at the same time share one or multiple common bases and settings. FAI makes it possible to install and change many different systems at the same time.



In addition to all these things, with the grml-live software, FAI can even be used to build live cd's/usb sticks. This talk will give an overview of the functionality and possibilities of FAI, including a comparison with the also renowned software for similar, but not completely the same tasks, Puppet - which can even be integrated into FAI.

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,040
On SlideShare
0
From Embeds
0
Number of Embeds
23
Actions
Shares
0
Downloads
54
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Automatic systems installations and change management wit FAI - Talk for Netways OSDC 2009

  1. 1. Automatic System Installations And Change Management with FAI
  2. 2. Speaker
  3. 3. Henning Sprang
  4. 4. OpenSource consultant, developer, author
  5. 5. Interests
  6. 6. Systems management Software development QA and testing Virtualization
  7. 7. FAI Team member
  8. 8. About system installations
  9. 9. Do You...
  10. 10. ...use FAI already?
  11. 11. Another auto-installer or config management tool?
  12. 12. wonder how to rebuilt/restore configurations?
  13. 13. manually tinkered and tweaked over long time
  14. 14. Exactly, really
  15. 15. quick
  16. 16. Disk images
  17. 17. Create templates from ``proper'' installations
  18. 18. Copy when needed and adjust them as needed
  19. 19. Pros
  20. 20. low learning cost Simple and fast implementation: cp/rsync/tar/dd
  21. 21. Cons
  22. 22. Inflexible - the smallest change requires rebuilding the image Still manual work needed to get a installed system Storage cost linear to number of different configurations
  23. 23. Configuration with shell scripts
  24. 24. Manual work replaced by shell scripts
  25. 25. Pros
  26. 26. Much lower storage cost Higher flexibility Tailor made
  27. 27. Cons
  28. 28. Full-blown development project (you'll realize after a while) You solve every problem on your own, instead of reusing work of others
  29. 29. Use available Auto-Installer
  30. 30. Anaconda / Kickstart: Fedora-based
  31. 31. Autoyast: SuSE-based
  32. 32. Nlite/Unattend: Windows in many flavours
  33. 33. FAI: Debian-based, Fedora-based, SuSE-based, Windows experimental, Solaris possible
  34. 34. Others: Solaris Jumpstart RedHat Cobbler/Koan
  35. 35. About FAI
  36. 36. Why FAI?
  37. 37. Shellscript-based Simple, Flexible, easy to extend
  38. 38. Community support by seasoned quot;`Installersquot;'
  39. 39. Diverse client- and server- distributions
  40. 40. Multiple installation types and system updates
  41. 41. Can be used for real hardware and virtualization systems
  42. 42. One-Step-Install bare metal to fully working system
  43. 43. Easily integrate other tools CFEngine Puppet Custom scripts
  44. 44. History
  45. 45. Started 1999 by Thomas Lange at the University of cologne
  46. 46. Base idea: structured and planned installation
  47. 47. Plan your installation, and FAI installs your plan
  48. 48. Part of the Debian Distribution
  49. 49. Today about 10 active developers, small but nice community
  50. 50. Since 2005 softupdates from Henning Glawe included
  51. 51. Who is using it for what?
  52. 52. EDF uses FAI (with GOSA) for some research clusters
  53. 53. LiMux in Munich: installs/updates 400(to be 14000) clients/servers
  54. 54. Multiple top 500 High Performance Clusters
  55. 55. Small home networks starting from 2 systems
  56. 56. GRML admin live CD built with FAI
  57. 57. Functionality
  58. 58. Overview
  59. 59. FAI classes
  60. 60. A class defines system properties and actions to be taken
  61. 61. Class-assignment with simple texfile, database, or scripts
  62. 62. Systems can be assigned to multiple classes combined at will
  63. 63. Server-distribution:
  64. 64. Debian-based Dependencies: Perl, NFS, TFTP, debootstrap So, easy to port!
  65. 65. Target-distributions:
  66. 66. Debian, Redhat, Ubuntu, Suse, Mandriva
  67. 67. Different installation types (networked, CD/USB, chroot)
  68. 68. Integrated versioning with subversion, CVS, git
  69. 69. System updates
  70. 70. Installation types
  71. 71. Network installation with central install server
  72. 72. Client/Server architecture
  73. 73. Directly calling „dirinstall“ for chroots (Can be easy integrated into xen-tools, ganeti, ...)
  74. 74. With grml-live: Live-CD generation!
  75. 75. The installation/update process
  76. 76. Most important FAI quot;tasksquot; (steps of installation)
  77. 77. defclass: Class definition(assignment) for the target system
  78. 78. partition: guess what?! :)
  79. 79. extrbase: Unpack a minimal base image
  80. 80. debconf: apply Debconf preseedings
  81. 81. instsoft: Software package installation
  82. 82. Configure: Run configuration scripts
  83. 83. savelog: Push logfiles on the install Server
  84. 84. Usage details
  85. 85. Considerations and Planning
  86. 86. Installation
  87. 87. Decide the matching install type (net/cd/dirinstall)
  88. 88. Plan your installation
  89. 89. Use cases Network and environment Software-packages Additional files and config adjustments Acess control, Identity Management, ...
  90. 90. Using mirrors of Internet software repositories
  91. 91. Updates
  92. 92. How and when should which patches be applied?
  93. 93. Testing processes how do I know the effect of a patch/update?
  94. 94. Mirrors of security update repositories?
  95. 95. Automatic (scheduled, timebased) or manually started?
  96. 96. Setup and configuration
  97. 97. Installation on Debian: apt-get install fai-quickstart
  98. 98. Adjust install server setup in /etc/fai
  99. 99. fai.conf: LOGUSER=fai, LOGPROTO=ssh (for Logging via ssh) apt/sources.list: use local mirror if available make-fai-nfsroot.conf: local mirror for debootstrap
  100. 100. FAI server is configured! Now create NFSroot: fai-setup / make-fai-nfsroot
  101. 101. For PXE-Boot: fai-chboot to set boot-kernel, -options
  102. 102. Without PXE / Installation from CD: fai-cd
  103. 103. Infrastructure services for network install
  104. 104. DNS entry for server and clients
  105. 105. DHCP config: Host/IP/MAC as usual
  106. 106. some FAI-specific stuff: option root-path quot;/srv/fai/nfsroot ...quot; server-name quot;faiserverquot;; # boot-server next-server 172.20.2.64; # tftp server: kernel filename quot;pxelinux.0quot;;
  107. 107. System configurations
  108. 108. Configurations for installation are stored in FAI „configspace“
  109. 109. Simple text files and scripts
  110. 110. requirements from installation plan are reflected here
  111. 111. Example included in /usr/share/doc/fai/examples/simple
  112. 112. Default location: /srv/fai/config
  113. 113. Contents of configspace
  114. 114. class disk_config basefiles debconf package_config scripts files hooks
  115. 115. Adjust configspace: class
  116. 116. class contains class- and variable definitions/assignments
  117. 117. Simplest way: assign classes based on hostnames
  118. 118. Some sample classes: FAISERVER, GNOME, DEMO, XORG
  119. 119. Any script can be used to assign classes
  120. 120. E.G.: check specific hardware, MAC or IP, disk size, . . .
  121. 121. Adjust configspace: basefiles
  122. 122. Minimal base images for non-Debian distributions and special uses
  123. 123. Task quot;extrbasequot; checks this directory for matching images
  124. 124. Images named by classes
  125. 125. You could also put an image here and skip the rest :)
  126. 126. Adjust configspace: disk_config
  127. 127. detailed control over partitions and mounting
  128. 128. new tool includes lvm and raid setups
  129. 129. hard sizes or ranges
  130. 130. # example of new config file for setup-storage # # <type> <mountpoint> <size> <fs type> <mount options> <misc options> disk_config disk1 disklabel:msdos primary / 250 ext3 rw,errors=remount-ro logical swap 200-1000 swap rw logical /var 600-1300 ext3 rw createopts=quot;-m 5quot; tuneopts=quot;-c 0 -i 0quot; logical /tmp 100-1G ext3 rw createopts=quot;-m 0quot; tuneopts=quot;-c 0 -i 0quot; logical /usr 1G-8G ext3 rw logical /home 100-50% ext3 rw,nosuid createopts=quot;-m 1quot; tuneopts=quot;-c 0 -i 0quot;
  131. 131. Adjust configspace: debconf
  132. 132. Presets for package install scripts
  133. 133. Only for dpkg-based distributions
  134. 134. Works analog to Debian Installer
  135. 135. Adjust configspace: package_config
  136. 136. Contents: files named by class names
  137. 137. Purpose: Define packages to be installed
  138. 138. Supports many installation methods:
  139. 139. install (apt-get) aptitude taskinst (Debian tasks=Package collections) urpmi (mandriva) yumi (Fedora) y2i (SuSE y2pmsh) yast (SuSE yast -i)
  140. 140. Example package_config/DEMO from simple examples: PACKAGES aptitude fortune-mod fortunes rstat-client #rstatd rusers rusersd # only when also class XORG is defined PACKAGES aptitude XORG bb frozen-bubble xpenguins
  141. 141. Adjust Configspace: scripts #!/bin/bash #!/bin/perl #!/usr/bin/cfagent
  142. 142. scripts to be executed after package installation
  143. 143. Usually shell-, Perl- and cfengine-scripts
  144. 144. Need for others? just install Interpreter in the NFS-Root
  145. 145. Naming scheme: <CLASSNAME>/<NUMBER>-<SCRIPTNAME>
  146. 146. Number defines order of execution
  147. 147. SCRIPTNAME arbitrary just for readability
  148. 148. scripts example: . |-- AMD64 | `-- 99-discover-bug |-- DEMO | |-- 10-misc | `-- 30-demo |-- FAIBASE | |-- 10-misc | |-- 30-interface | `-- 40-misc |-- FAISERVER | |-- 10-conffiles | `-- 20-copy-mirror |-- GRUB | `-- 10-setup `-- LAST `-- 50-misc
  149. 149. Adjust configspace: files
  150. 150. Structure of a filesystem, starting with /
  151. 151. classbased copy/unpack
  152. 152. For usage with fcopy/ftar
  153. 153. Copy single files explicitly, or recursive from /
  154. 154. ftar unpacks an archive
  155. 155. Target file=directory
  156. 156. actually copied source file=CLASSNAME
  157. 157. ‘-- etc |-- X11 | ‘-- xorg.conf | |-- ATI sample: | ‘-- NVIDIA |-- apache2 | ‘-- conf.d | ‘-- debian-mirror.conf | ‘--FAISERVER ‘-- fai ‘-- fai.conf |-- FAISERVER ‘-- FAI_SOFTUPDATE_CLIENT
  158. 158. Adjust configspace: hooks
  159. 159. Naming scheme: <TASKNAME>.<CLASSNAME>[.source]
  160. 160. Execution before the according task
  161. 161. Examples: partition.XENU instsoft.FAIBASE savelog.LAST.source
  162. 162. Do the installation
  163. 163. Depending on chosen install type
  164. 164. Boot via PXE Bootfloppy install-CD USB Stick
  165. 165. fai dirinstall <TARGETDIR> into mounted blockdevice
  166. 166. Call dirinstall from xen-tools, Ganeti, . . .
  167. 167. Run grml-live
  168. 168. Depending on number of packages it takes 3-30 minutes
  169. 169. (automatic)Restart with production configuration
  170. 170. Functionality tests
  171. 171. Advanced stuff Outlook
  172. 172. Support stuff for more distributions: fai-distributions
  173. 173. GOSA as LDAP and FAI GUI
  174. 174. Automatic Tests of the installed systems
  175. 175. hooks/scripts could check files and configurations Crucible Test Framework
  176. 176. No LDAP? Management-Tool/lightweight GUI without GOSA
  177. 177. better configspace layout
  178. 178. Comparison with Puppet
  179. 179. LIMITED VALIDITY
  180. 180. I Only scratched Puppet's surface yet!
  181. 181. But I try to be unbiased
  182. 182. I actually like puppet quite well
  183. 183. The Points
  184. 184. Puppet has data encryption functionality! can distribute secrets!
  185. 185. FAI has a simpler file copying structure Could be „emulated“ with some code in puppet.
  186. 186. Puppet: only quot;configurationquot; FAI: also partition and base install
  187. 187. FAI has multiple specific logs Puppet logs into syslog
  188. 188. FAI: config files + scripts Puppet: everything is a script (most „config-filish“ - found some strange syntax skimming through)
  189. 189. Puppet: advanced client/server config push FAI: (scripted) ssh into amanged host, additional tool
  190. 190. FAI is a bit more mature - no youth problems
  191. 191. Puppet has some more advanced distribution abstractions
  192. 192. FAI is still lacking a nice Logo and website :)
  193. 193. BOTH: cool tools that you should use!
  194. 194. Can work together well and easy
  195. 195. Conclusions
  196. 196. FAI is a powerful tool for
  197. 197. Automatic installation
  198. 198. System-Change-Management
  199. 199. Structured approach required
  200. 200. Expect some learning curve on the way
  201. 201. The Big Reward: less worries about...
  202. 202. getting a config cloned setting up new machines restoring after a crash changing configs on multiple systems
  203. 203. Further information: http://www.informatik.uni-koeln.de/fai/ http://faiwiki.informatik.uni-koeln.de/ IRC-Channel #fai at OFTC-Network linux-fai-users and linux-fai-devel mailing list Commercial Support: multiple companies and freelancers
  204. 204. ADVERTISEMENT: to learn more or implement CALL ME! :)
  205. 205. Contact henning@sprang.de http://www.sprang.de/
  206. 206. THANKS FOR LISTENING!
  207. 207. QUESTIONS?

×