Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine

Transcript

1. www.cfengine.com Vagrant & CFEngine Ohio Linux Fest 2013

2. Before we get started Is everyone in the right place?

   Has everyone installed Virtualbox 4.2.16 or later? VirtualBox --help | grep VirtualBox Has everyone installed Vagrant 1.2.7 or later? vagrant --version

3. Get to know each other Hi, I'm Nick SysAdmin >

   10 Years Work at CFEngine Live in Lawrence, KS Twitter: @cmdln_ IRC: nickanderson Blog: http://www.cmdln.org Who are you? What do you do? Have you used Vagrant? Have you used CFEngine? Why did you choose this session and what do you hope to get from it?

4. 9/13/13 What is Vagrant? Tool to make working with development

   environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. • Created by Mitchell Hashimoto • @mitchelh • http://www.vagrantup.com

5. 9/13/13 Provides common environment Designers Developers Operations QA

6. 9/13/13 Portable • VirtualBox • AWS • VMware • More

   • https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins

7. 9/13/13 How can it help? Developer on-boarding Quickly provision/decommission test

   environments in repeatable fashion Bug Validation Continuous Integration Ad-hoc Demos

8. 9/13/13 So what's it made of?

9. 9/13/13 Vagrantfile • Describe the type of machine(s) required for

   a project • Syntax of Vagrantfile is Ruby, but knowledge of the Ruby language is not necessary. It's mostly simple variable assignment. Vagrant.configure("2") do |config| # All Vagrant configuration is done here. The most common configuration # options are documented and commented below. For a complete reference, # please see the online documentation at vagrantup.com. # Every Vagrant virtual environment requires a box to build off of. config.vm.box = "centos-5.x-i386_nickanderson_201304271927" end

10. 9/13/13 CFEngine Provisioner: Currently Undocumented • am_policy_hub • extra_agent_args –

    Extra arguments to pass to cf-agent executions • classes – Additional classes to define when running cf-agent • deb_repo_file – The apt repository configuration file to use for configuring the repository containing the CFEngine packages • deb_repo_line – The line that specifys the repository to use for CFEngine packages • files_path – Directory to copy on top of the default masterfiles • force_bootstrap – If true, bootstrap the host even if it has been bootstrapped before • install – Install CFEngine package from repository • mode – “bootstrap” or “single_run”, determines whether CFEngine will be bootstrapped or just executed once on the host • policy_server_address • repo_gpg_key_url – http location of GPG key used for checking package signatures • run_file – Standalone CFEngine policy file to upload and execute • upload_path – Path to upload run_file • yum_repo_file – The yum repository file to use when configuring the repository containing CFEngine packages • yum_repo_url – The url of the repository containing the CFEngine packages • package_name – The cfengine package name to install

11. 9/13/13 CFEngine Provisioner: Example Use

12. 9/13/13 Boxes • Predefined operating system install • Provider specific

    • http://www.vagrantbox.es • Use veewee or packer.io (build your own automatically) – Kickstart/preseed, postinstall scripts

13. 9/13/13 Automagic • Ssh automatic port forwards • Shared project

    folder /vagrant

14. 9/13/13 Useful Plugin • vagrant-vbguest automatically installs the host's VirtualBox

    Guest Additions on the guest system. • vagrant plugin install vagrant-vbguest • https://github.com/dotless-de/vagrant -vbguest

15. 9/13/13 Getting started • vagrant box list • vagrant box

    add • vagrant init • vagrant status • vagrant up • vagrant up • vagrant status • vagrant ssh – vagrant ssh node • vagrant destroy

16. 9/13/13 Test it out • Import vagrant basebox – Locate

    CFEngine_Training.box in resources/veewee – vagrant box add CFEngine_Training CFEngine_training.box • Create a new empty directory • vagrant init CFEngine_Training • vagrant up • vagrant ssh • vagrant destroy -f

17. 9/13/13 Daily Use vagrant up vagrant {destroy, halt, suspend} !-2

18. 9/13/13 This is fantastic!

19. 9/13/13 Build base boxes for all the things!

20. None

21. Black Hole

22. 9/13/13 Automating Vagrant Provisioning • Ansible • CFEngine • Chef

    • Puppet • Salt Stack • Shell Scripts • MixnMatch!

23. 9/13/13 CFEngine • IT infrastructure automation, compliance, and knowledge management

    framework • Opensource and Commercial Software • Originally written by Mark Burgess • @markburgess_osl • http://www.cfengine.com

24. 9/13/13 CFEngine History • First released in 1993 • CFEngine

    2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. • 2003 Promise Theory work began • 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms.

25. 9/13/13 CFEngine Properties • Small

26. 9/13/13 CFEngine Properties • Small • Secure (http://web.nvd.nist.gov/view/vuln/search )

27. 9/13/13 CFEngine Properties • Small • Secure (http://web.nvd.nist.gov/view/vuln/search ) •

    Portable

28. 9/13/13 CFEngine Properties • Small • Secure (http://web.nvd.nist.gov/view/vuln/search ) •

    Portable • Resilient

29. 9/13/13 CFEngine Properties • Small • Secure (http://web.nvd.nist.gov/view/vuln/search ) •

    Portable • Resilient • Declarative

30. 9/13/13 Bootstrap a test environment

31. 9/13/13 CFEngine Demo Time • Lets try some community contributed

    policy

32. 9/13/13 cf-sketch • Log in to your policy hub, locate

    the design center repository and access the cf-sketch shell – vagrant ssh hub – sudo -i – cd /vagrant/resources/design-center/tools/cf-sketch – ./cf-sketch.pl

33. 9/13/13 Configure Timezones • search time • info -v tzconfig

    • install System::tzconfig • define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo

34. 9/13/13 Configure Timezones • search time • install System::tzconfig •

    define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo

35. 9/13/13 Configure Timezones Cont. • search time • install System::tzconfig

    • define paramset System::tzconfig – Name: US_Central_TZ – Timezone: US/Central – Zoneinfo: /usr/share/zoneinfo

36. 9/13/13 Activate and Deploy Timezone Configuration • activate System::tzconfig NO_Oslo_TZ

    hub • activate System::tzconfig US_Central_TZ node001 • deploy

37. 9/13/13 Editor War! • I prefer vim, and it's fun

    to mess with the emacs people • services/editor_war.cf

38. 9/13/13 Wage War • Remove Disallowed Packages – vagrant ssh

    hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. • Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy

39. 9/13/13 More Nodes! • Increase nodes to 2 in Vagrantfile

    • vagrant up • vagrant ssh node00{1,2}

40. 9/13/13 The Books • Learning CFEngine 3 – Diego Zamboni

    • Vagrant Up and Running – Mitchell Hashimoto

41. 9/13/13 Questions/Discussion?

42. 9/13/13 Thank You!