Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
Arnold gave this presentation at the Secure Linux Admin Conference in Berlin Germany. He provides an overview of what configuration management systems do, explains the fundamentals of SaltStack and provides a look inside.
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
Arnold gave this presentation at the Secure Linux Admin Conference in Berlin Germany. He provides an overview of what configuration management systems do, explains the fundamentals of SaltStack and provides a look inside.
Application construction is great with Ansible, using it for docker helps fight complexity, improves maintainability. And playbooks are portable from docker to cloud.
Title: Ansible, best practices.
Ansible has taken a prominent place in the configmanagement world. By now many people involved in DevOps have taken a look at it, or done a first project with it. Now it is time to step back and look at quality and craftmanship. Bas Meijer, Ansible ambassador, will talk about Ansible best practices, and will show tips, tricks and examples based on several projects.
About the speaker
Bas is a systems engineer and software developer and wasted decades on latenight hacking. He is currently helping out 2 enterprises with continuous delivery and devops.
Yesterday I gave presentation on Ansible and it was successful . It give basic understanding of playbook and an example implementation of jboss application from scratch
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and StatesSaltStack
This session will expand your knowledge of cutting-edge techniques for creating Salt states and formulas. Users will obtain a thorough understanding of how states interact with pillars, as well as map.jinja files. We'll discuss how to make formulas OS agnostic and show how the usage of external pillars combined with a map file can result in formulas that are easy to explain, easy to learn, and easy to update.
A revamped version of the Ansible intro talk from February 2015, brought up-to-date for the January Ansible meetup in Berlin.
Join our group: https://www.meetup.com/Ansible-Berlin
Ansible Introduction - Ansible Brno #1 - David Karbanansiblebrno
Introducing Ansible. The very first talk at the very first Ansible Brno event, presented by David Karban. It provides a great overview of what Ansible is and what its (many) use-cases are.
Chef Provisioning a Chef Server Cluster - ChefConf 2015Chef
This talk is an exploration of how to build Chef Server 12 clusters with Chef Provisioning, including premium features like Chef Reporting and Chef Analytics. I will cover several new capabilities and tools in the Chef ecosystem that makes it easier than ever before to build and manage scalable Chef Server clusters.
https://youtu.be/HUQA1Ikm5Iw
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltStack
This talk will demonstrate how to use Salt Mine leveraging Salt grains to create several environments (parallel universes) that decide how to run the same Salt formulas with different outcomes. "Roles” will be defined in an OpenStack Marconi (queuing as a service) deployment and a few formulas will be shared to demonstrate the concept.
A presentation delivered by Arctiq, onsite in Toronto, on Mar 1, 2017. The presentation discusses Ansible as an automation tool for Linux, Windows, and network devices. Reach out if you would like more information www.arctiq.ca
Foreman Discovery is the Foreman project's solution to Metal as a Service. It can discover, register, and provision bare metal systems without knowing anything about them beforehand. Now, with the latest version of Discovery, you're able to boot hosts using the Discovery image directly instead of relying on DHCP and PXE, by mounting the ISO or burning to a CD-ROM or USB stick. In this talk, we'll do a quick introduction to Discovery, before going on to cover the new PXEless features.
Salesforce at Stacki Atlanta Meetup February 2016StackIQ
Dave Peterson's presentation on how Salesforce uses Stacki and Chef to provision and manage thousands of servers. Stacki Atlanta kickoff Meetup on 2/23/16 at the Microsoft Innovation Center. Dave is a Lead Systems Engineer at Salesforce.
Application construction is great with Ansible, using it for docker helps fight complexity, improves maintainability. And playbooks are portable from docker to cloud.
Title: Ansible, best practices.
Ansible has taken a prominent place in the configmanagement world. By now many people involved in DevOps have taken a look at it, or done a first project with it. Now it is time to step back and look at quality and craftmanship. Bas Meijer, Ansible ambassador, will talk about Ansible best practices, and will show tips, tricks and examples based on several projects.
About the speaker
Bas is a systems engineer and software developer and wasted decades on latenight hacking. He is currently helping out 2 enterprises with continuous delivery and devops.
Yesterday I gave presentation on Ansible and it was successful . It give basic understanding of playbook and an example implementation of jboss application from scratch
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and StatesSaltStack
This session will expand your knowledge of cutting-edge techniques for creating Salt states and formulas. Users will obtain a thorough understanding of how states interact with pillars, as well as map.jinja files. We'll discuss how to make formulas OS agnostic and show how the usage of external pillars combined with a map file can result in formulas that are easy to explain, easy to learn, and easy to update.
A revamped version of the Ansible intro talk from February 2015, brought up-to-date for the January Ansible meetup in Berlin.
Join our group: https://www.meetup.com/Ansible-Berlin
Ansible Introduction - Ansible Brno #1 - David Karbanansiblebrno
Introducing Ansible. The very first talk at the very first Ansible Brno event, presented by David Karban. It provides a great overview of what Ansible is and what its (many) use-cases are.
Chef Provisioning a Chef Server Cluster - ChefConf 2015Chef
This talk is an exploration of how to build Chef Server 12 clusters with Chef Provisioning, including premium features like Chef Reporting and Chef Analytics. I will cover several new capabilities and tools in the Chef ecosystem that makes it easier than ever before to build and manage scalable Chef Server clusters.
https://youtu.be/HUQA1Ikm5Iw
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltStack
This talk will demonstrate how to use Salt Mine leveraging Salt grains to create several environments (parallel universes) that decide how to run the same Salt formulas with different outcomes. "Roles” will be defined in an OpenStack Marconi (queuing as a service) deployment and a few formulas will be shared to demonstrate the concept.
A presentation delivered by Arctiq, onsite in Toronto, on Mar 1, 2017. The presentation discusses Ansible as an automation tool for Linux, Windows, and network devices. Reach out if you would like more information www.arctiq.ca
Foreman Discovery is the Foreman project's solution to Metal as a Service. It can discover, register, and provision bare metal systems without knowing anything about them beforehand. Now, with the latest version of Discovery, you're able to boot hosts using the Discovery image directly instead of relying on DHCP and PXE, by mounting the ISO or burning to a CD-ROM or USB stick. In this talk, we'll do a quick introduction to Discovery, before going on to cover the new PXEless features.
Salesforce at Stacki Atlanta Meetup February 2016StackIQ
Dave Peterson's presentation on how Salesforce uses Stacki and Chef to provision and manage thousands of servers. Stacki Atlanta kickoff Meetup on 2/23/16 at the Microsoft Innovation Center. Dave is a Lead Systems Engineer at Salesforce.
A talk I gave at the recent Advanced AWS Meeup - this is a detailed guide to how I installed and set up Spinnaker to work with our infrastructure at Stitch Fix. I go over the various problems I ran into and how I solved them. I hope this can be useful for others setting up, or interested in setting up Spinnaker for their purposes.
**Big thanks to Armory for recording the talks! Video for this talk can be found here: https://youtu.be/ywzPblFpIE0 (I'm the second speaker)**
These are the slides from a presentation I gave in 1999 at the Seattle Area System Administrators Guild monthly meeting. I haven't done this in a while, so I can't say how much of this is no longer valid, but it may prove useful to someone as a reference.
Caching and tuning fun for high scalabilityWim Godden
Caching has been a 'hot' topic for a few years. But caching takes more than merely taking data and putting it in a cache : the right caching techniques can improve performance and reduce load significantly. But we'll also look at some major pitfalls, showing that caching the wrong way can bring down your site. If you're looking for a clear explanation about various caching techniques and tools like Memcached, Nginx and Varnish, as well as ways to deploy them in an efficient way, this talk is for you.
Talk given by David Petersen, Lead Systems Engineer at Salesforce, at Stacki Webinar on Nov 2016
Learn how we've integrated chef into Stacki provisioning system and how we've automated the process.
kubernetes install and practice
* Environment (bare metal installation, not using cloud service)
- VM 1 : Mater node, 30GB, 2 vCPU, 4GB Mem
- VM 2 : Worker node, 30GB, 2 vCPU, 4GB Mem
* Practice
- deploying pod, make a deployment and service
- expose service using ingress(nginx-ingress)
RAC-Installing your First Cluster and DatabaseNikhil Kumar
RAC - Installing your First RAC
Abstract : Oracle Real Application Clusters have been one of the hottest technologies in the market since 2001 prior this is know OPS in 8i. Oracle has brought revolution in the field of database by enhancing RAC technologies in it each version. This presentation will give introduction of RAC and features introduced in each version of RAC. This presentation contains the demo of building Oracle clusterware from the scratch. Also we will discuss the new components and its features during installation. This presentation and demo will be done on version 11GR2. Which will be used as a base for our next presentation Viz. Upgradation of RAC 11GR2 to 12C RAC.
This presentation will give brief insight information of RAC infrastructure setup. Sometimes DBA doesn’t fully aware of prerequisite and verification steps that needs to perform before installing clusterware, So this session will cover thing to consider before installing clusterware and best practices followed during the whole process.
Agenda
Introduction of RAC
Installation of Clusterware.
Creating diskgroup / Adding disk to Diskgroup using ASMCA.
Creation of ACFS Volume.
Installation of RAC Database using DBCA.
Installing a Cluster of Raspberry Pis with Stacki AceStackIQ
To fully utilize the power of Raspberry Pis, StackIQ ported Stacki to support the inexpensive single-board computers, creating Stacki Ace: an open-source bare-metal installer for Raspberry Pis.
With the release of Stacki 4.0 comes more improvements in Stacki Ace. The avalanche installer has been added for parallel installation and 20MB images instead of 2GB images are now used to install the backend nodes increasing the installation speed immensely.
This is Greg Bruno's presentation from his webinar on how to create a cluster of Raspberry Pis with Stacki Ace.
Presentation by StackIQ's Director of Open Source Engineering, Joe Kaiser, at StackiFest 2017.
Step 1 of every Hadoop vendor’s documentation reads something like this: “First install a cluster.” Without a consistent group of installed machines, a Hadoop installation is prone to failure. Open source Stacki installs machines to a ping and a prompt enabling the consistency and configuration required for a functioning Hadoop installation.
StackIQ released a new open source Hortonworks bridge pallet to enable the installation of Hortonworks through the Ambari appliance at the beginning of 2017. In this presentation, Joe will show you how to set-up Stacki, the HDP Bridge pallet, Ambari, and then install Hadoop on a running cluster.
Presentation by Teradata's Anthony Chen at StackiFest 2017.
Teradata is the global leader in large-scale Linux Data Warehouse and data analytics applications. Teradata’s challenges have always been how to quickly complete a massively parallel system installation from bare metal components.
For many years, Teradata has developed its own tools and methodology for the system installation but it has become obvious that we need a different approach to meet our customer’s demand and expectation. We have selected Stacki as Teradata’s tool to help us with bare metal provisioning. This presentation is to show the challenges Teradata faces today and how Teradata uses Stacki to address these challenges.
Installing a Cluster of Raspberry Pis with Stacki AceStackIQ
Presentation by StackIQ's VP Engineering/Co-Founder, Greg Bruno, at StackiFest 2017.
The Raspberry Pi was originally developed by the Raspberry Pi Foundation to promote the teaching of basic computer science in schools and developing countries. And although these little single-board computers have done just that, they have the ability to do so much more when paired with the correct tools. That’s why StackIQ ported Stacki (their original bare metal x86_64 server installer) to support Raspberry Pis, creating Stacki Ace: an open-source bare-metal installer for Raspberry Pis.
Automation of your OpenStack Infrastructure with StackiStackIQ
Presentation from StackiFest 2017 by Hugh Ma, Cloud Validation Developer at Flex Ciii.
One of the primary purposes of CloudLabs in Flex is to provide optimized rack level solutions while integrating third-party open source vendor products. With the fast growing adoption of cloud computing, many companies are looking to shift their workloads into the cloud. CloudLabs’ already established engineering and design services allow for an environment where validation and performance testing can be done in a controlled manner on a variety of cloud platforms, including OpenStack. This talk will look at how CloudLabs utilizes open source tools: a Linux provisioning software called Stacki, Ansible, and OpenStack to help the validation process of hardware and rack level solutions for cloud infrastructure.
Provisioning Heterogenous Bare Metal with StackiStackIQ
Justin Senseney of NIST's presentation from StackiFest 2017.
Stacki was used to upgrade a high-performance computing (HPC) cluster at the National Institute of Standards and Technology (NIST) in Gaithersburg, Maryland. NIST is the United States’ federal metrology institute, performing research and creating standards for measurements and technology, including materials, data, and cyber-security. A 1,200 node CentOS5 Maui/Torque cluster was upgraded to CentOS7 with a Slurm queuing system. At the same time, hundreds of servers were removed and added to this cluster. This presentation will show the application of Stacki to this HPC cluster and contrast previous methods used for provisioning. Stacki carts and pallets are used to provision role-based servers, including GPU, high-memory, and multiple login servers. Ideas are proposed to allow us to extend this application to managing multiple clusters. Any mention of commercial products within this presentation, including Stacki, is for information purposes; it does not imply recommendation or endorsement by NIST.
Stacki DC Meetup (11/30/16)
Presenter: Justin Senseney- Senior Computer Scientist, NIST
Description:Stacki was used to upgrade a high performance computing (HPC) cluster at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD. A 1,200 node CentOS5 Maui/Torque cluster was upgraded to CentOS7 with a slurm queuing system. This presentation will show the application of Stacki to this HPC cluster and contrast previous methods used for provisioning. Stacki carts and pallets are used to provision role-based servers. Ideas are presented that would make it easier for multiple clusters to be managed. Any mention of commercial products, including Stacki, within this presentation is for information only; it does not imply recommendation or endorsement by NIST.
Public vs. Private Cloud Performance by FlexStackIQ
This is a presentation given by Hugh Ma and Michael O'Rourke from Flex at the Stacki San Jose Meetup on September 15, 2016. Learn about the differences between public and private cloud performance, their OpenStack-Ansible & FlexBench environment, and how they use Stacki.
Joe Kaiser, System Engineer at StackIQ at the Seattle Scalability Meetup on April 27, 2016
This presentation was followed by a demo of Kubernetes on Stacki
Introduction to Stacki at Atlanta Meetup February 2016StackIQ
An introduction to Stacki-the fastest bare metal Linux server provisioning tool from the Stacki Atlanta kickoff meetup on 2/23/16 at the Microsoft Innovation Center. Greg Bruno is the VP Engineering at StackIQ.
The debate over whether a business should use a public or private
cloud will likely never end, but trends are showing that private
cloud-based solutions are gaining a lead.
There are some things in Stacki that you can only do with Remove commands. This tutorial takes you over the most common remove commands and offers an overview of how they work.
Download Stacki: www.stacki.com
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
StackiFest16: Stacki 1600+ Server Journey - Dave Peterson, Salesforce
1. Stacki – The 1600+ Server Journey
David Peterson
Lead Systems Engineer
david.peterson@salesforce.com
2. Agenda
▪ Why Stacki
▪ Hardware and provisioning requirements
▪ Stacki configuration with chef integration
▪ ZFS and data safe re-provisioning
▪ Detecting issues and adhoc reporting
4. Why Stacki
▪ Managing thousands of servers is easy (csv)
▪ HP raid controller support
▪ Easy out of the box provisioning but deep customization
available
▪ Ability to re-provision without losing data
▪ Easy network/subnet configuration
▪ YUM repo support
▪ Command line, command line, command line
▪ Support
9. Hardware and Provisioning Requirements
Latest LT Kernel and ZFS
▪ Kernel LT => 3.10.95-1
▪ ZFS => 0.6.5.2
10. Hardware and Provisioning Requirements
Chef Integration
▪ End to end server provisioning with chef
▪ Chef configured on each server, host added to
chef server, and a chef-client run to apply base
roles
12. Stacki Configuration
Concurrent kickstart limitation
▪ /export/stack/sbin/kickstart.cgi:L154
# Use a semaphore to restrict the number of concurrent kickstart
# file generators. The first time through we set the semaphore
# to the number of CPUs (not a great guess, but reasonable).
▪ semaphore = stack.lock.Semaphore('/var/tmp/kickstart.semaphore')
[root@stacki]# echo 200 > /var/tmp/kickstart.semaphore
23. /export/stack/carts/chef/nodes/cart-chef-backend.xml
<?xml version="1.0" standalone="no"?>
<kickstart>
<description>
chef cart backend appliance extensions
</description>
<package>chef</package>
<!-- shell code for post RPM installation -->
<post>
mkdir -p /etc/chef /var/log/chef /var/run/chef
</post>
<post cond="not ‘proxy’ in hostname">
<file name="/etc/chef/client.rb">
<![CDATA[
#
# Chef Client Config File
#
# Dynamically generated by Stacki
#
log_level :info
log_location STDOUT
chef_server_url "#CHEF_SERVER#"
validation_client_name ”chef-validator"
validation_key "/etc/chef/validation.pem"
client_key "/etc/chef/client.pem"
ssl_verify_mode :verify_none
http_proxy 'http://proxy1:3128'
https_proxy 'http://proxy2:3128'
no_proxy ’test1,localhost,127.0.0.1'
environment 'production'
# Using default node name (fqdn)
node_name "#HOSTNAME#”
Ohai::Config[:plugin_path] << '/etc/chef/ohai'
]]>
</file>
# Need to add the chef server and client hostname to the client.rb file
sed -i 's,#CHEF_SERVER#,&chef_server;,g' /etc/chef/client.rb
sed -i 's/#HOSTNAME#/&hostname;.&domainname;/g' /etc/chef/client.rb
</post>
24. /export/stack/carts/chef/nodes/cart-chef-backend.xml
<post>
<file name="/etc/chef/first-boot.json">
{
"run_list": [
"role[base_role]",
"role[dc_sfo]"
]
}
</file>
</post>
# If we are nuking disks we are assuming this is a new server
# or the chef client/node has been deleted out of the chef server if it existed.
<boot order="post" cond="nukedisks">
# Run chef-client for the first time
/usr/bin/chef-client -j /etc/chef/first-boot.json -L /var/log/chef/chef.log
# Make a backup of the chef private key in case we need to re-provision/upgrade a server
mkdir -p /data/chef-backup
chown root:root /data/chef-backup
chmod 700 /data/chef-backup
cp -a /etc/chef/* /data/chef-backup
</boot>
# If we are not nuking the disks we are assuming we are re-loading or upgrading
# the OS and need to keep the client.pem chef key so chef-client can run properly
<boot order="post" cond="not nukedisks">
cp /data/chef-backup/client.pem /etc/chef/
/usr/bin/chef-client -L /var/log/chef/chef.log
</boot>
25. Stacki Configuration
RCS Issues
▪ Stacki installs foundation-rcs package on provisioned servers
▪ Caused issues for our rsyslog daemon because of RCS config files being loaded.
Other daemons were affected as well.
▪ Let’s remove it and clean up all the RCS directories
/export/stack/site-profiles/prod/2.0/nodes/extend-backend.xml
<boot order="post">
# Remove rcs rpm and cleanup RCS directories
rpm -e foundation-rcs
find / -type d -name 'RCS' -print0 |xargs -0 rm –rf
</boot>
27. ZFS and Data Safe Provisioning
What is ZFS?
▪ A combined file system and logical volume manager
▪ Data integrity
▪ Software raid
▪ Storage pools
▪ Sophisticated caching: ARC (RAM MFU/MRU), L2ARC
(SSDs), ZIL/SLOG
▪ Snapshots and Clones
▪ Compression
28. ZFS and Data Safe Provisioning
ZFS and Latest Kernel Installation
▪ YUM repos imported into Stacki
▪ http://elrepo.org/
▪ http://zfsonlinux.org/
<?xml version="1.0" standalone="no"?>
<kickstart>
<package>kernel-lt</package>
<package>kernel-lt-devel</package>
<package>kernel-lt-headers</package>
<package>zfs</package>
/export/stack/site-profiles/prod/2.0/nodes/extend-backend.xml
30. /export/stack/site-profiles/prod/2.0/nodes/extend-backend.xml
<boot order="post" cond="nukedisks">
/sbin/modprobe zfs
/sbin/zpool create -f data sdb log sdc1 cache sdc2
/sbin/zfs set atime=off data
/sbin/zfs set compression=lz4 data
# Add /opt filesystem
/sbin/zfs create data/opt
/bin/mv /opt/* /data/opt/
/bin/rm -rf /opt
/sbin/zfs set mountpoint=/opt data/opt
# Add /var/log/httpd filesystem
/sbin/zfs create data/httpd-log
/sbin/zfs set mountpoint=/var/log/httpd data/httpd-log
chmod 700 /var/log/httpd
# Add /var/log/logstash filesystem
/sbin/zfs create data/logstash
/sbin/zfs set mountpoint=/var/log/logstash data/logstash
adduser -r logstash -U
chown logstash:logstash /var/log/logstash
echo "create zfs data pool..." > /tmp/zfs-create.log
</boot>
31. /export/stack/site-profiles/prod/2.0/nodes/extend-backend.xml
<boot order="post" cond="not nukedisks">
# We need to empty/move the data in /opt before we can import zfs
mkdir /tmp/opt
mv /opt/* /tmp/opt/
/sbin/modprobe zfs
/sbin/zpool import -d /dev/disk/by-path/ data
echo "Importing zfs data pool..." > /tmp/zfs-import.log
mv /tmp/opt/* /opt/
rm -rf /tmp/opt
</boot>
33. Detecting Issues and AdHoc Reporting
What? We have Issues?
▪ Stacki is great at provisioning but getting the status of a provisioned
or currently being provisioned server is a little harder.
▪ A couple different ways but at various stages in the provisioning
process:
1. Tailing /var/log/messages for DHCP requests and acks
2. Watching the nukecontroller and nukedisks attributes
3. Tailing /var/log/httpd/access_log for rpm downloads
4. Watching the boot action flag
5. iftop
6. Chef node entry
▪ Note: Tailing log files for a couple servers is fine but when
provisioning hundreds of servers at a time, it is not viable.
34. Detecting Issues and AdHoc Reporting
What? We have Issues?
▪ Watching the nukecontroller and nukedisks attributes
[root@stacki]# stack list host attr chef1-1 |grep nuke
chef1-1: -------------------- nukecontroller true H
chef1-1: -------------------- nukedisks true H
192.168.10.50 - - [09/Feb/2016:20:39:52 -0700] "GET /install/sbin/public/setDbPartitions.cgi HTTP/1.1" 200 1
/var/log/httpd/ssl_access_log
36. Detecting Issues and AdHoc Reporting
What? We have Issues?
▪ Watching the boot action flag
[root@stacki]# stack list host boot chef1-*
HOST ACTION
chef1-2: install
chef1-1: os
192.168.10.50 - - [09/Feb/2016:20:39:52 -0700] "GET /install/sbin/public/setPxeboot.cgi?params={"action":"os"} HTTP/1.1" 200 1
/var/log/httpd/ssl_access_log
37. Detecting Issues and AdHoc Reporting
What? We have Issues?
▪ Issues we encountered
• TORs ip helper-address not set properly
• ACL mis-match between racks causing DHCP/TFTP to be
blocked
• Mis-configured host networks causing the gateways to be wrong
which prevented DHCP/PXE from working properly
• Post boot zfs commands not running properly due to hardware
missing drives
38. Detecting Issues and AdHoc Reporting
AdHoc Reporting
▪ Find all hosts that still have the “install” flag and generate a report
for h in `stack list host boot |grep -w install|awk '{print $1}'|sed s/://`;
do for ip in `stack list host interface $h|grep eth0|awk '{print $5}'`;
do echo -e "Host: $hnChecking for IP: $ip"; echo "";
cat /var/log/messages /var/log/httpd/ssl_access_log /var/log/httpd/access_log|grep -iw $ip; echo "";
done; done > host_report.txt
39. Host: test1
Checking for IP: 192.168.10.50
Feb 9 19:32:12 stacki-host dhcpd: DHCPOFFER on 192.168.10.50 to ba:c2:3d:c3:ab:13 via 192.168.10.1
Feb 9 19:32:12 stacki-host dhcpd: DHCPOFFER on 192.168.10.50 to ba:c2:3d:c3:ab:13 via 192.168.10.1
Feb 9 19:32:16 stacki-host dhcpd: DHCPREQUEST for 192.168.10.50 (192.168.10.5) from ba:c2:3d:c3:ab:13 via 192.168.10.1
Feb 9 19:32:16 stacki-host dhcpd: DHCPACK on 192.168.10.50to ba:c2:3d:c3:ab:13 via 192.168.10.1
Feb 9 19:32:16 stacki-host dhcpd: DHCPREQUEST for 192.168.10.50 (192.168.10.5) from ba:c2:3d:c3:ab:13 via 192.168.10.1
Feb 9 19:32:16 stacki-host dhcpd: DHCPACK on 192.168.10.50 to ba:c2:3d:c3:ab:13 via 192.168.10.1
192.168.10.50 - - [09/Feb/2016:19:32:54 -0700] "GET /install/sbin/kickstart.cgi?arch=x86_64&np=40 HTTP/1.1" 200 96101
192.168.10.50 - - [09/Feb/2016:19:33:13 -0700] "GET /install/distributions/prod/x86_64/images/updates.img HTTP/1.1" 404 329 "-" "-”
192.168.10.50 - - [09/Feb/2016:19:33:33 -0700] "GET /install/distributions/prod/x86_64/images/product.img HTTP/1.1" 200 782336 "-" "-"
192.168.10.50 - - [09/Feb/2016:19:33:35 -0700] "GET /install/distributions/prod/x86_64/images/install.img HTTP/1.1" 200 236163072 "-" "-"
Host: test2
Checking for IP: 192.168.10.51
Host: test3
Checking for IP: 192.168.10.52
40. Detecting Issues and AdHoc Reporting
AdHoc Reporting
▪ Find the top racks with the most un-provisioned hosts. Helps us
identify racks with potential ACL issues.
[root@stacki]# stack list network|awk '{print $1}’
NETWORK
rack1-prod_vlan1:
rack2-prod_vlan2:
rack3-prod_vlan1:
rack4-prod_vlan2:
rack5-prod_vlan2:
[root@stacki]# for h in `stack list host boot |grep -w install|awk '{print $1}'|sed s/://`; do stack list host interface $h; done
|grep eth0|awk '{print $3}'|cut -d- -f 1|sort|uniq -c|sort -rn|head
40 rack2
9 rack3
7 rack5
6 rack1
6 rack4
41. Lessons Learned
▪ With thousands of servers, you need a standard naming convention for hosts, networks,
appliance types, etc.
▪ Standardized servers saves you time and headaches.
▪ Created custom scripts to augment stacki functionality and reduce human errors
• create-stack-appliances.sh: This script will look for appliance types in the extend-backend.xml file, check to
see if they already exist and if not, create them in Stacki.
• create-stack-networks.sh: This script will import a list of networks from a csv file you specify.
• stack-hosts.sh: This script enables or disables provisioning of hosts listed in a file and can optionally set the
nuke attributes.
▪ Stacki by default does not allow you to have a high number of concurrent kickstart
sessions.
▪ When making config changes, verify proper syntax and expected output by running:
stack list host profile <hostname> | less