razor: a fresh look at provisioning by david lutterkort
DESCRIPTION
Razor is a flexible provisioning tool that makes it easy to control how machines are built based on rules and policies. It maintains an inventory of nodes and their hardware characteristics, gathered by booting each node into a discovery image. Razor is an opinionated tool that focuses narrowly on provisioning, but makes it easy to hand off a node after installation to a configuration management system like Puppet to perform more complicated setup tasks and for ongoing maintenance.This talk will give an overview of Razor's capabilities and provide some hands-on examples about its use, including how Razor can be used to build an OpenStack cloud using Puppet Labs' OpenStack modules.TRANSCRIPT
PXE provisioning – satisfaction rating
How satisfied are you with your PXE installation solution ? (representative sample of imaginary users)
3
4
Components
5
Server
Components
6
Server
Setup
7
Server
TFTP
DHCP
Client
Architecture
8
Node
Node
Node
Node
TFTP
DHCP
Server
Discovery
9
Node
Server
TFTP
DHCP
Node
Discovery
10
MK Serv
er
TFTP
DHCP
Node
Server
Client
Setup
11
Repo Broker
Policy
Tags
RE
ST
MK
TFTP
DHCP
Installer
Node
Client
Installation
12
RE
ST
MK
TFTP
DHCP
Server
Repo Broker
Policy
Tags Installer
Node
Client
Installation
13
RE
ST
TFTP
DHCP
Server
Repo Broker
Policy
Tags Installer
Node
Client
Installation
14
RE
ST
TFTP
DHCP
Server
Repo Broker
Policy
Tags Installer
Client
Installers
15
Node
Node
Node
Node
TFTP
DHCP
Server
Tags
• A named match rule
• Rules can have complex logic
16
[“or”,
[“in”, [“fact”, “macaddress”],
“de:ad:be:ef:00:01”,
“de:ad:be:ef:00:02”],
[“=”, “2”, [“fact”, “processorcount”]]]
Installer example
17
---
# redhat.yaml
os_version: 6
description: Red Hat EL
installer
boot_sequence:
1: boot_install
default: boot_local
Broker example
18
# broker.json
{
“name”: "puppet",
“broker-type”: "puppet",
“configuration”: {
“server”:
"puppet.local.watzmann.net",
“certname”: …,
“environment”:
“production”
}
}
Template example
19
# os_boot.erb
hostname <%= node.hostname %>
yum -y install rubygems
facter
[ $? -eq 0 ] && curl <%=
log_url(“ok”) %>\
|| curl <%=
log_url(“fail”, :error) %>
#!ipxe
# boot_install.erb
kernel <%=
repo_url(“/vmlinuz”) %> \
ks=<%=
file_url(“kickstart”) %>
Policy example
# policy.json
{
“name”: “centos”,
“repo”: { “name”: “centos-6.4” },
“installer”: { “name”: “centos” },
“broker”: { “name”: “puppet” },
“hostname”: “host${id}.example.com”,
“root_password”: “secret”,
“max_count”: 20,
“enabled”: true,
“rule_number”: 100,
“tags”: [{ “name”: “large-server”,
“rule”: [ … ] }]
}
21
The Cloudy Part
ESXi → vCenter
vCenter
Node
Node
Node
Node
TFTP
DHCP
Razor
GET /broker
export node details
collect
puppetlabs/ vcenter
Openstack
Cntrl
Comp
TFTP
DHCP
Razor
puppetlabs/ openstack
Openstack: Controller Policy
# controller.json
{
“name”: “controller”,
“repo”: { “name”: “fedora-19” },
“installer”: { “name”: “fedora” },
“broker”: { “name”: “puppet” },
“hostname”: “controller${id}.example.com”,
“root_password”: “secret”,
“max_count”: 1,
“enabled”: true,
“rule_number”: 100,
“tags”: [{ “name”: “controller”,
“rule”: [ … ] }]
}
Openstack: Compute Policy
# compute.json
{
“name”: “compute”,
“repo”: { “name”: “fedora-19” },
“installer”: { “name”: “fedora” },
“broker”: { “name”: “puppet” },
“hostname”: “compute${id}.example.com”,
“root_password”: “secret”,
“max_count”: 1,
“enabled”: true,
“rule_number”: 90,
“tags”: [{ “name”: “compute”,
“rule”: [ … ] }]
}
Openstack: site.pp
node /controller/ {
class { 'openstack::controller':
public_address => '192.168.100.10',
public_interface => 'eth0',
private_interface => 'eth1',
…
}
}
node /compute/ {
class { 'openstack::compute':
internal_address => $::ipaddress_eth0,
…
}
}
The Future
Client
Command and control
29
Node
Node
Node
Node
TFTP
DHCP
Server
Commands
Client
Events
30
Node
Node
Node
Node
TFTP
DHCP
Server Events
Don’t be a stranger
• Github repos (will change)
– Server: https://github.com/puppetlabs/razor-server
– Microkernel: https://github.com/puppetlabs/razor-el-mk
• Mailing list: http://groups.google.com/group/puppet-razor
• IRC: #puppet-razor (freenode)
• My email: [email protected]
31