Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Server Provisioning - devhouse Spindle

Avatar for Henk Henk
April 06, 2017

Server Provisioning - devhouse Spindle

Server provisioning with Cobbler at devhouse Spindle.

Avatar for Henk

Henk

April 06, 2017
Tweet

More Decks by Henk

Other Decks in Technology

Transcript

  1. “I can't provide feedback because I haven't seen you in

    action yet, sorry! - A Spindle co-worker, April 2017
  2. The 10th floor test Take a random machine in your

    infrastructure, drop it from the 10th floor, and be able to recover in 10 mins.
  3. Surviving the 10th floor test JIRA [INFRA-469] - Expected Situation:

    "A procedure, assisted with tools and infrastructure, to provision, install the OS and configure the network, in a simple, secure and reliable fashion."
  4. Some considered tools 1. FAI (Fully Automatic Installation) - in

    Perl 2. Foreman - Puppet based, in Ruby 3. Cobbler - in Python 4. RackHD - Modular, API-based technology stack 5. Razor - Puppet-based, in Ruby
  5. We choose Cobbler. Why? 1. Experience within the Infra-team (Bram

    @ Kalooga) 2. Has some basic IPAM (IP Address Management) 3. Python-based templates (Cheetah) 4. Management: CLI, web, API, XMLRPC 5. Did I mention Python?
  6. Cob-bler 1. One who mends or makes boots and shoes.

    2. Archaic One who is clumsy at work; a bungler.
  7. Cobbler - under the hood 1. PXE - booting computers

    over a network 2. DHCP - dynamical distribution of network config. parameters 3. TFTP - hands booting nodes a kernel & initrd (ramdisk) 4. HTTP - serves installation-files 5. A little sniff of DNS
  8. Cobbler - under the hood 5. Kickstart-files - for Red

    Hat / CentOS distro’s 6. Preseed-files - for Debian / Ubuntu distro’s 7. Templating 8. Snippets
  9. Cobbler - under the hood • The server boots through

    PXE (enabled via DRAC) • It acquires network-info via DHCP • Fetches the kernel & initrd via TFTP • Next, fetching instructions, e.g. a preseed-file over HTTP • It gets the actual install-data (Debian-packages) and performs the installation
  10. Preseed for Debian Installer (d-i) d-i netcfg/choose_interface select eth0 d-i

    netcfg/get_hostname string $hostname d-i netcfg/get_domain string voipgrid.nl . . . ### Partitioning ### $SNIPPET('partitioning-PRD') ### End partitioning . . . #set $what = "system" #else #set $what = "profile" #end if . . . ### Finishing up the installation d-i finish-install/reboot_in_progress note d-i preseed/late_command string wget -O- \ http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default | \ chroot /target /bin/sh -s
  11. More templating, in a snippet #set breed = $getVar('breed','') #

    e.g. "debian" #set os_version = $getVar('os_version','') # e.g. "jessie" #set release = $getVar('release','') # e.g. "8" ### Install salt-minion from official SaltStack-repo: apt-key adv --fetch-keys http://repo.saltstack.com/apt/$breed/$release/amd64/latest/SALTSTACK-GPG-KEY.pub echo "deb http://repo.saltstack.com/apt/$breed/$release/amd64/latest $os_version main" > /etc/apt/sources.list.d/saltstack.list ### Finishing up apt-get update apt-get -y install salt-minion hostname -f > /etc/salt/minion_id #if $status == 'production' sed -i s/"#master: salt"/"master: salt-master.voipgrid.nl"/g /etc/salt/minion #else sed -i s/"#master: salt"/"master: dev-salt-master.voipgrid.nl"/g /etc/salt/minion #end if
  12. Fact: Cobbler needs Apache And then there was René... I

    don't want no stinkin' Apache, make it run on nginx. Now!
  13. What did I learn? Lots - to name some: •Some

    basic understanding of uWSGI •The VoIPGRID-specific VLAN's & networking •SaltStack & DVL- / TST-ing states in Vagrant •Other 3-letter words, eg. git; rbt; yak