Slide 1

Slide 1 text

www.cfengine.com Vagrant & CFEngine Ohio Linux Fest 2013

Slide 2

Slide 2 text

Before we get started Is everyone in the right place? Has everyone installed Virtualbox 4.2.16 or later? VirtualBox --help | grep VirtualBox Has everyone installed Vagrant 1.2.7 or later? vagrant --version

Slide 3

Slide 3 text

Get to know each other Hi, I'm Nick SysAdmin > 10 Years Work at CFEngine Live in Lawrence, KS Twitter: @cmdln_ IRC: nickanderson Blog: http://www.cmdln.org Who are you? What do you do? Have you used Vagrant? Have you used CFEngine? Why did you choose this session and what do you hope to get from it?

Slide 4

Slide 4 text

9/13/13 What is Vagrant? Tool to make working with development environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. ● Created by Mitchell Hashimoto ● @mitchelh ● http://www.vagrantup.com

Slide 5

Slide 5 text

9/13/13 Provides common environment Designers Developers Operations QA

Slide 6

Slide 6 text

9/13/13 Portable ● VirtualBox ● AWS ● VMware ● More ● https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins

Slide 7

Slide 7 text

9/13/13 How can it help? Developer on-boarding Quickly provision/decommission test environments in repeatable fashion Bug Validation Continuous Integration Ad-hoc Demos

Slide 8

Slide 8 text

9/13/13 So what's it made of?

Slide 9

Slide 9 text

9/13/13 Vagrantfile ● Describe the type of machine(s) required for a project ● Syntax of Vagrantfile is Ruby, but knowledge of the Ruby language is not necessary. It's mostly simple variable assignment. Vagrant.configure("2") do |config| # All Vagrant configuration is done here. The most common configuration # options are documented and commented below. For a complete reference, # please see the online documentation at vagrantup.com. # Every Vagrant virtual environment requires a box to build off of. config.vm.box = "centos-5.x-i386_nickanderson_201304271927" end

Slide 10

Slide 10 text

9/13/13 CFEngine Provisioner: Currently Undocumented ● am_policy_hub ● extra_agent_args – Extra arguments to pass to cf-agent executions ● classes – Additional classes to define when running cf-agent ● deb_repo_file – The apt repository configuration file to use for configuring the repository containing the CFEngine packages ● deb_repo_line – The line that specifys the repository to use for CFEngine packages ● files_path – Directory to copy on top of the default masterfiles ● force_bootstrap – If true, bootstrap the host even if it has been bootstrapped before ● install – Install CFEngine package from repository ● mode – “bootstrap” or “single_run”, determines whether CFEngine will be bootstrapped or just executed once on the host ● policy_server_address ● repo_gpg_key_url – http location of GPG key used for checking package signatures ● run_file – Standalone CFEngine policy file to upload and execute ● upload_path – Path to upload run_file ● yum_repo_file – The yum repository file to use when configuring the repository containing CFEngine packages ● yum_repo_url – The url of the repository containing the CFEngine packages ● package_name – The cfengine package name to install

Slide 11

Slide 11 text

9/13/13 CFEngine Provisioner: Example Use

Slide 12

Slide 12 text

9/13/13 Boxes ● Predefined operating system install ● Provider specific ● http://www.vagrantbox.es ● Use veewee or packer.io (build your own automatically) – Kickstart/preseed, postinstall scripts

Slide 13

Slide 13 text

9/13/13 Automagic ● Ssh automatic port forwards ● Shared project folder /vagrant

Slide 14

Slide 14 text

9/13/13 Useful Plugin ● vagrant-vbguest automatically installs the host's VirtualBox Guest Additions on the guest system. ● vagrant plugin install vagrant-vbguest ● https://github.com/dotless-de/vagrant -vbguest

Slide 15

Slide 15 text

9/13/13 Getting started ● vagrant box list ● vagrant box add ● vagrant init ● vagrant status ● vagrant up ● vagrant up ● vagrant status ● vagrant ssh – vagrant ssh node ● vagrant destroy

Slide 16

Slide 16 text

9/13/13 Test it out ● Import vagrant basebox – Locate CFEngine_Training.box in resources/veewee – vagrant box add CFEngine_Training CFEngine_training.box ● Create a new empty directory ● vagrant init CFEngine_Training ● vagrant up ● vagrant ssh ● vagrant destroy -f

Slide 17

Slide 17 text

9/13/13 Daily Use vagrant up vagrant {destroy, halt, suspend} !-2

Slide 18

Slide 18 text

9/13/13 This is fantastic!

Slide 19

Slide 19 text

9/13/13 Build base boxes for all the things!

Slide 20

Slide 20 text

No content

Slide 21

Slide 21 text

Black Hole

Slide 22

Slide 22 text

9/13/13 Automating Vagrant Provisioning ● Ansible ● CFEngine ● Chef ● Puppet ● Salt Stack ● Shell Scripts ● MixnMatch!

Slide 23

Slide 23 text

9/13/13 CFEngine ● IT infrastructure automation, compliance, and knowledge management framework ● Opensource and Commercial Software ● Originally written by Mark Burgess ● @markburgess_osl ● http://www.cfengine.com

Slide 24

Slide 24 text

9/13/13 CFEngine History ● First released in 1993 ● CFEngine 2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. ● 2003 Promise Theory work began ● 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms.

Slide 25

Slide 25 text

9/13/13 CFEngine Properties ● Small

Slide 26

Slide 26 text

9/13/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search )

Slide 27

Slide 27 text

9/13/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search ) ● Portable

Slide 28

Slide 28 text

9/13/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search ) ● Portable ● Resilient

Slide 29

Slide 29 text

9/13/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search ) ● Portable ● Resilient ● Declarative

Slide 30

Slide 30 text

9/13/13 Bootstrap a test environment

Slide 31

Slide 31 text

9/13/13 CFEngine Demo Time ● Lets try some community contributed policy

Slide 32

Slide 32 text

9/13/13 cf-sketch ● Log in to your policy hub, locate the design center repository and access the cf-sketch shell – vagrant ssh hub – sudo -i – cd /vagrant/resources/design-center/tools/cf-sketch – ./cf-sketch.pl

Slide 33

Slide 33 text

9/13/13 Configure Timezones ● search time ● info -v tzconfig ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo

Slide 34

Slide 34 text

9/13/13 Configure Timezones ● search time ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo

Slide 35

Slide 35 text

9/13/13 Configure Timezones Cont. ● search time ● install System::tzconfig ● define paramset System::tzconfig – Name: US_Central_TZ – Timezone: US/Central – Zoneinfo: /usr/share/zoneinfo

Slide 36

Slide 36 text

9/13/13 Activate and Deploy Timezone Configuration ● activate System::tzconfig NO_Oslo_TZ hub ● activate System::tzconfig US_Central_TZ node001 ● deploy

Slide 37

Slide 37 text

9/13/13 Editor War! ● I prefer vim, and it's fun to mess with the emacs people ● services/editor_war.cf

Slide 38

Slide 38 text

9/13/13 Wage War ● Remove Disallowed Packages – vagrant ssh hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. ● Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy

Slide 39

Slide 39 text

9/13/13 More Nodes! ● Increase nodes to 2 in Vagrantfile ● vagrant up ● vagrant ssh node00{1,2}

Slide 40

Slide 40 text

9/13/13 The Books ● Learning CFEngine 3 – Diego Zamboni ● Vagrant Up and Running – Mitchell Hashimoto

Slide 41

Slide 41 text

9/13/13 Questions/Discussion?

Slide 42

Slide 42 text

9/13/13 Thank You!