Puppetconf 2013: Razor - provision like a boss
-
Upload
lutter -
Category
Technology
-
view
1.163 -
download
3
Transcript of Puppetconf 2013: Razor - provision like a boss
Razor
Provision like a boss
David Lutterkort
Principal Engineer | Puppet Labs @lutterkort
Who are you ?
Joined Puppet Labs in May
One of the first contributors to Puppet
Started Augeas
Apache Deltacloud, DMTF CIMI
email: [email protected]
IRC: lutter, twitter: @lutterkort
Razor history
Started by EMC/VMWare
Nick Weaver, Tom McSweeney
EMC World 2012
PuppetConf 2012
Existing systems: get very personal with each server
Need MACSelection out-of-band
Ingredients
ipxe
Hardware discovery and inventory
Tagging and policies
What happens when a node boots with Razor
- TFTP -> Razor server- boot MK- checkin/facts- tag & apply policy- reboot into installer- hand off to broker
Where is Razor going
Rewrite for different stack
Simplify deployment
Simplify maintenance
Simplify usage
Dont muck with the good bits
The more it changes ...
Node discovery with MK and facter
Use ipxe to control boot
Written in Ruby
Flexible tag/rule-based policy match
Simple handoff to Puppet
Manage large number of nodes
Foundations
- Deploying easy & well understood- Setup Postgres- gem install ...
Aside: Torquebox rules
Application server for Ruby
Support for Sinatra/Rails apps
jRuby
JBoss AS
Install from gem (~ 60MB)
Aside: Torquebox rules
Daemons
Scheduled Jobs
Messaging
Clustering
Integration with Java libraries
Java management
Application server for RubySupport for Sinatra/Rails appsjRubyJBoss ASInstall from gem (~ 60MB)
Components
Razor server
Razor CLI
Microkernel agent
Microkernel image
Razor UI
Microkernel
Separate MK agent from OS image
Build on EL
well-known hardware support
formal support offerings
currently ~ 150MB (unoptimized)
Enable alternative MK builds
Nodes
References policy
Keeps facts (JSON)
IP address
Store userdata via API (JSON) [TODO]
Server API
JSON everywhere
Query objects with RESTful interface
Update/modify using commands (CQRS)
all changes happen async
Authentication [TODO]
CLI
1> razor nodes2> razor tags mytag3> razor create-tag --name=any \
--rule [=, 1, 1]
4> razor create-image --name=... \
--image-url=...
5> razor create-policy --json policy.json
Tags
A named rule
Rules can have complex logic
[or, [in, [fact, macaddress, de:ad:be:ef:00:01, de:ad:be:ef:00:02]], [=, 2, [fact, processorcount]]]
Policies
# policy.json
{ name: fedora-for-any, image: { name: fedora-19 }, installer: { name: fedora-base }, broker: { name: puppet }, hostname: host${id}.example.com, root_password: secret, max_count: 20, enabled: true, line_number: 100, tags: [{ name: any }]}
Control what gets installed
match nodes and policies using tags
Tie various objects together
image/installer
some metadata (hostname/root password)IP address pool [TODO]
max. count
Installers
OS installation inherently linear
Completely in metadata
file based or in DB
Simple node/server API
evaluate and fetch ERB template
store a value (e.g., IP address)
log a message
Installer example
---
# redhat.yaml
os: Red Hat Enterprise Linuxos_version: 6description: Red Hat EL installerboot_sequence:
1: boot_install default: boot_local
Template example
# os_boot.erb
hostname
yum -y install rubygems facter[ $? -eq 0 ] && curl \ || curl
#!ipxe# boot_install.erb
kernel \ ks=
The road forward
Make release soon (~ 2 weeks)
Add lifecycle management features
Userdata for nodes
Node commands
Generate events
Possible node commands
Boot locally
Boot into MK
register
update facts
BIOS/firmware update
Reinstall OS
Unbind & run through policy table
Event generation
User-controlled actions (commands)
Possible events
node discovered
policy bound
installer finished
policy unbound
Demo time
Dont be a stranger
Github repos (will change)
Server: https://github.com/puppetlabs/razor-serverMicrokernel: https://github.com/puppetlabs/razor-el-mk
Mailing list
http://groups.google.com/group/puppet-razor
IRC:
#puppet-razor (freenode)
My email: [email protected]
Thank You
David Lutterkort
Principal Engineer | Puppet Labs @lutterkort
Collaborate. Automate. Ship.
Follow us on Twitter @puppetlabs
youtube.com/puppetlabsinc
slideshare.net/puppetlabs
Collaborate. Automate. Ship.