Server Provisioning - devhouse Spindle

Transcript

1. devhouse

2. main = { content: “On server provisioning”, author: “Henk Bokhoven”

   }

3. “I can't provide feedback because I haven't seen you in

   action yet, sorry! - A Spindle co-worker, April 2017

4. The 10th floor test Take a random machine in your

   infrastructure, drop it from the 10th floor, and be able to recover in 10 mins.

5. Surviving the 10th floor test JIRA [INFRA-469] - Expected Situation:

   "A procedure, assisted with tools and infrastructure, to provision, install the OS and configure the network, in a simple, secure and reliable fashion."

6. That sounds MEETERS !

7. Some considered tools 1. FAI (Fully Automatic Installation) - in

   Perl 2. Foreman - Puppet based, in Ruby 3. Cobbler - in Python 4. RackHD - Modular, API-based technology stack 5. Razor - Puppet-based, in Ruby

8. We choose Cobbler. Why? 1. Experience within the Infra-team (Bram

   @ Kalooga) 2. Has some basic IPAM (IP Address Management) 3. Python-based templates (Cheetah) 4. Management: CLI, web, API, XMLRPC 5. Did I mention Python?

9. Cob-bler 1. One who mends or makes boots and shoes.

   2. Archaic One who is clumsy at work; a bungler.

10. First impression of Cobbler It looked FAT COOL !

11. Cobbler - under the hood 1. PXE - booting computers

    over a network 2. DHCP - dynamical distribution of network config. parameters 3. TFTP - hands booting nodes a kernel & initrd (ramdisk) 4. HTTP - serves installation-files 5. A little sniff of DNS

12. Cobbler - under the hood 5. Kickstart-files - for Red

    Hat / CentOS distro’s 6. Preseed-files - for Debian / Ubuntu distro’s 7. Templating 8. Snippets

13. Cobbler - under the hood • The server boots through

    PXE (enabled via DRAC) • It acquires network-info via DHCP • Fetches the kernel & initrd via TFTP • Next, fetching instructions, e.g. a preseed-file over HTTP • It gets the actual install-data (Debian-packages) and performs the installation

14. A QUEST FOR THE PERFECT PRESEED-FILE... ...TO SETUP A SERVER,

    NO HANDS & NO QUESTIONS ASKED.

15. “Look ma, no hands!! - Bruce Oozy

16. Preseed for Debian Installer (d-i) d-i netcfg/choose_interface select eth0 d-i

    netcfg/get_hostname string $hostname d-i netcfg/get_domain string voipgrid.nl . . . ### Partitioning ### $SNIPPET('partitioning-PRD') ### End partitioning . . . #set $what = "system" #else #set $what = "profile" #end if . . . ### Finishing up the installation d-i finish-install/reboot_in_progress note d-i preseed/late_command string wget -O- \ http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default | \ chroot /target /bin/sh -s

17. More templating, in a snippet #set breed = $getVar('breed','') #

    e.g. "debian" #set os_version = $getVar('os_version','') # e.g. "jessie" #set release = $getVar('release','') # e.g. "8" ### Install salt-minion from official SaltStack-repo: apt-key adv --fetch-keys http://repo.saltstack.com/apt/$breed/$release/amd64/latest/SALTSTACK-GPG-KEY.pub echo "deb http://repo.saltstack.com/apt/$breed/$release/amd64/latest $os_version main" > /etc/apt/sources.list.d/saltstack.list ### Finishing up apt-get update apt-get -y install salt-minion hostname -f > /etc/salt/minion_id #if $status == 'production' sed -i s/"#master: salt"/"master: salt-master.voipgrid.nl"/g /etc/salt/minion #else sed -i s/"#master: salt"/"master: dev-salt-master.voipgrid.nl"/g /etc/salt/minion #end if

18. And finish with some salt ...

19. Provisioned a new server in ~ 7 min. Really?! That's

    SUPER TOUGH !

20. Fact: Cobbler needs Apache And then there was René... I

    don't want no stinkin' Apache, make it run on nginx. Now!

21. What did I learn? Lots - to name some: •Some

    basic understanding of uWSGI •The VoIPGRID-specific VLAN's & networking •SaltStack & DVL- / TST-ing states in Vagrant •Other 3-letter words, eg. git; rbt; yak

22. And last but not least ...

23. I unleashed my skillcss BEFORE:

24. I unleashed my skillcss AFTER:

25. we are spindle.com // @we are spindle