Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vagrant & CFEngine

Vagrant & CFEngine

LOPSA East 2013: New Brunswick, NJ

Getting started with Vagrant and CFEngine.
Walk away with a cross platform (Windows, Mac, Linux) demo environment consisting of one CFEngine hub and 2 nodes using a dynamic Vagrant configuration and some example CFEngine 3 policy to get you started.

If you attended or watched the video of this presentation (link to be added) please consider filling out the trainer survey.
http://lopsa-east.org/2013/training-survey

Nick Anderson

May 03, 2013
Tweet

More Decks by Nick Anderson

Other Decks in Technology

Transcript

  1. 5/2/13 Hi, my name is Nick. • Sysadmin > 10

    Yers • Work @CFEngine • Live in Lawrence, KS • @cmdln_ • http://ww.cmdln.org
  2. 5/2/13 Who are you? • What's your name? • Are

    you a sysadmin? • Why did you choose this session?
  3. 5/2/13 What is Vagrant? Tool to make working with development

    environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. • Created by Mitchell Hashimoto • @mitchelh • http://www.vagrantup.com
  4. 5/2/13 Portable • VirtualBox • AWS • VMware • More

    • https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins
  5. 5/2/13 How can it help? • Developer on-boarding • Quickly

    setup/tear down test environments in repeatable fashion • CI • Bug Validation • Ad-hoc Demos
  6. 5/2/13 Vagrantfile • Describe the type of machine(s) required for

    a project • Syntax of Vagrantfile is Ruby, but knowledge of the Ruby language is not necessary. It's mostly simple variable assignment. Vagrant.configure("2") do |config| # All Vagrant configuration is done here. The most common configuration # options are documented and commented below. For a complete reference, # please see the online documentation at vagrantup.com. # Every Vagrant virtual environment requires a box to build off of. config.vm.box = "centos-5.x-i386_nickanderson_201304271927" end
  7. 5/2/13 Boxes • Predefined operating system install • Provider specific

    • http://www.vagrantbox.es • Veewee (build your own) thanks @patrickdebois – Kickstart/preseed, postinstall scripts
  8. 5/2/13 vagrant-vbguest • Vagrant plug-in which automatically installs the host's

    VirtualBox Guest Additions on the guest system. • vagrant plug-in install vagrant-vbguest • If you're lucky, vagrant-vbguest does not require any configurations. However, here is an example config.vbguest.auto_update = true/false • https://github.com/dotless-de/vagrant-vbguest
  9. 5/2/13 Getting started • vagrant box list • vagrant box

    add • vagrant init • vagrant status • vagrant up • vagrant ssh • vagrant destroy • vagrant up • vagrant status • vagrant ssh – vagrant ssh node • vagrant destroy
  10. 5/2/13 Automating Vagrant Provisioning • Ansible • CFEngine • Chef

    • Puppet • Salt Stack • Shell Scripts • MixnMatch!
  11. 5/2/13 CFEngine • IT infrastructure automation, compliance, and knowledge management

    framework • Opensource and Commercial Software • Originally written by Mark Burgess • @markburgess_osl • http://www.cfengine.com
  12. 5/2/13 CFEngine History • First released in 1993 • CFEngine

    2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. • 2003 Promise Theory work began • 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms.
  13. 5/2/13 Promise Theory • A model of voluntary cooperation between

    individual, autonomous actors or agents who publish their intentions to one another in the form of promises. • A file can make promises about its own contents, permissions, existence etc … • A process can make a promise that it will be running, number of matching processes, owner etc ...
  14. 5/2/13 CFEngine Components • cf-agent – instigator of change •

    cf-execd – cf-agent launcher daemon and output processor • cf-serverd – File server, also listens for remote requests to execute cf-agent • cf-monitord – statistical information collector
  15. 5/2/13 So why is this a good thing? • Make

    changes in minutes with precision • Easier to share specific configuration details • Brings configuration knowledge to the forefront
  16. 5/2/13 Editor War! • I prefer vim, and it's fun

    to mess with the emacs people • services/editor_war.cf
  17. 5/2/13 Definitions • Policy - A policy is a set

    of intentions about the system, coded as a list of promises. A policy is not a standard, but the result of specific organizational management decisions. • Promise - The CFEngine software manages every intended system outcome as `promises' to be kept. A CFEngine Promise corresponds roughly to a rule in other software products, but importantly promises are always things that can be kept and repaired continuously, on a real time basis, not just once at install-time. • Bundle – A collection of promises that has a name • Body - A promise body is the description of exactly what is promised (as opposed to what/who is making the promise). The term `body' is used in the CFEngine syntax to mean a small template that can be used to contribute as part of a larger promise body. • Promiser – The object that makes a promise. (file, package, process, command, ect …) • Promisee (stakeholder) – Who cares about a specific promise. • Class (context) – True/False propositions. All decisions are made with classes. Hard (discovered/builtin) and soft (user-defined).
  18. 5/2/13 Wage War • Remove Disallowed Packages – vagrant ssh

    hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. • Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy
  19. 5/2/13 More Nodes! • Increase nodes to 2 in Vagrantfile

    • vagrant up • vagrant ssh node00{1,2}
  20. 5/2/13 Webserver • services/webserver.cf • Activated from bundle agent main

    in promises.cf • Lets ensure its present and on – node001 http://localhost:9003 – node002 http://localhost:9004
  21. Please fill out the Trainer Evaluation Please fill out the

    Trainer Evaluation Rate LOPSA-East ‘13 Rate LOPSA-East ‘13 http://lopsa-east.org/2013/training-survey Thank You for Attending LOPSA-East ‘13 Thank You for Attending LOPSA-East ‘13 http://www.lopsa-east.org/2013/rate-lopsa-east-13