www.cfengine.com Vagrant & CFEngine

5/2/13 Hi, my name is Nick. ● Sysadmin > 10 Yers ● Work @CFEngine ● Live in Lawrence, KS ● @cmdln_ ● http://ww.cmdln.org

5/2/13 Who are you? ● What's your name? ● Are you a sysadmin? ● Why did you choose this session?

5/2/13 What is Vagrant? Tool to make working with development environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. ● Created by Mitchell Hashimoto ● @mitchelh ● http://www.vagrantup.com

5/2/13 Provides common environment Designers Developers Operations QA

5/2/13 Easy to use vagrant up vagrant destroy !-2

5/2/13 Portable ● VirtualBox ● AWS ● VMware ● More ● https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins

5/2/13 How can it help? ● Developer on-boarding ● Quickly setup/tear down test environments in repeatable fashion ● CI ● Bug Validation ● Ad-hoc Demos

5/2/13 Install Virtualbox http://www.virtualbox.org/wiki/Downloads resources/installers/virtualbox

5/2/13 Install Vagrant http://downloads.vagrantup.com resources/installers/vagrant

5/2/13 Vagrantfile ● Describe the type of machine(s) required for a project ● Syntax of Vagrantfile is Ruby, but knowledge of the Ruby language is not necessary. It's mostly simple variable assignment. Vagrant.configure("2") do |config| # All Vagrant configuration is done here. The most common configuration # options are documented and commented below. For a complete reference, # please see the online documentation at vagrantup.com. # Every Vagrant virtual environment requires a box to build off of. config.vm.box = "centos-5.x-i386_nickanderson_201304271927" end

5/2/13 Boxes ● Predefined operating system install ● Provider specific ● http://www.vagrantbox.es ● Veewee (build your own) thanks @patrickdebois – Kickstart/preseed, postinstall scripts

5/2/13 Automagic ● Ssh automatic port forwards ● Shared project folder /vagrant

5/2/13 vagrant-vbguest ● Vagrant plug-in which automatically installs the host's VirtualBox Guest Additions on the guest system. ● vagrant plug-in install vagrant-vbguest ● If you're lucky, vagrant-vbguest does not require any configurations. However, here is an example config.vbguest.auto_update = true/false ● https://github.com/dotless-de/vagrant-vbguest

5/2/13 Getting started ● vagrant box list ● vagrant box add ● vagrant init ● vagrant status ● vagrant up ● vagrant ssh ● vagrant destroy ● vagrant up ● vagrant status ● vagrant ssh – vagrant ssh node ● vagrant destroy

5/2/13 This is fantastic!

5/2/13 Build base boxes for all the things!

No content

Black Hole

5/2/13 Automating Vagrant Provisioning ● Ansible ● CFEngine ● Chef ● Puppet ● Salt Stack ● Shell Scripts ● MixnMatch!

5/2/13 CFEngine ● IT infrastructure automation, compliance, and knowledge management framework ● Opensource and Commercial Software ● Originally written by Mark Burgess ● @markburgess_osl ● http://www.cfengine.com

5/2/13 CFEngine History ● First released in 1993 ● CFEngine 2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. ● 2003 Promise Theory work began ● 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms.

5/2/13 CFEngine Properties ● Declarative syntax (Promises)

5/2/13 Promise Theory ● A model of voluntary cooperation between individual, autonomous actors or agents who publish their intentions to one another in the form of promises. ● A file can make promises about its own contents, permissions, existence etc … ● A process can make a promise that it will be running, number of matching processes, owner etc ...

5/2/13 CFEngine Properties ● Declarative syntax (Promises) ● Pull model ● Convergence

5/2/13 CFEngine Components ● cf-agent – instigator of change ● cf-execd – cf-agent launcher daemon and output processor ● cf-serverd – File server, also listens for remote requests to execute cf-agent ● cf-monitord – statistical information collector

5/2/13 So why is this a good thing? ● Make changes in minutes with precision ● Easier to share specific configuration details ● Brings configuration knowledge to the forefront

5/2/13 Bootstrap a test environment

5/2/13 Editor War! ● I prefer vim, and it's fun to mess with the emacs people ● services/editor_war.cf

5/2/13 Definitions ● Policy - A policy is a set of intentions about the system, coded as a list of promises. A policy is not a standard, but the result of specific organizational management decisions. ● Promise - The CFEngine software manages every intended system outcome as `promises' to be kept. A CFEngine Promise corresponds roughly to a rule in other software products, but importantly promises are always things that can be kept and repaired continuously, on a real time basis, not just once at install-time. ● Bundle – A collection of promises that has a name ● Body - A promise body is the description of exactly what is promised (as opposed to what/who is making the promise). The term `body' is used in the CFEngine syntax to mean a small template that can be used to contribute as part of a larger promise body. ● Promiser – The object that makes a promise. (file, package, process, command, ect …) ● Promisee (stakeholder) – Who cares about a specific promise. ● Class (context) – True/False propositions. All decisions are made with classes. Hard (discovered/builtin) and soft (user-defined).

No content

5/2/13 Wage War ● Remove Disallowed Packages – vagrant ssh hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. ● Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy

5/2/13 More Nodes! ● Increase nodes to 2 in Vagrantfile ● vagrant up ● vagrant ssh node00{1,2}

5/2/13 Webserver ● services/webserver.cf ● Activated from bundle agent main in promises.cf ● Lets ensure its present and on – node001 http://localhost:9003 – node002 http://localhost:9004

5/2/13 Questions/Discussion?

5/2/13 Thank You!

Please fill out the Trainer Evaluation Please fill out the Trainer Evaluation Rate LOPSA-East ‘13 Rate LOPSA-East ‘13 http://lopsa-east.org/2013/training-survey Thank You for Attending LOPSA-East ‘13 Thank You for Attending LOPSA-East ‘13 http://www.lopsa-east.org/2013/rate-lopsa-east-13