cloudstack talk
TRANSCRIPT
Integrating CloudStack with Puppet
Saturday, December 1, 12
About me:
Dan BodeIntegration Specialist at PuppetLabs
@bodepd
bodepd <on> freenode
Saturday, December 1, 12
Who is this talk for?
current CloudStack Users
Puppet beginners
Saturday, December 1, 12
It will cover
why integrate?
explanation of Puppet’s architecture as it applies to integration
using Puppet to model VM instances
Saturday, December 1, 12
Why Integrate?
Saturday, December 1, 12
Why integrate?
CloudStack provides an API for provisioning virtual machines
Self Service API
VM1
deployVirtualMachine
Saturday, December 1, 12
Why integrate?
Puppet converts freshly provisioned VMs into functional applications
Self Service APi
VM1
PuppetMaster
Make me anapache server
Here are theinstructions forbecoming anapache server
Saturday, December 1, 12
Why integrate?
Combined, they create fully automated application stacks.
Self Service APi
Apache1
deploy me a DB,then 2 apache servers
Apache2DB1
Saturday, December 1, 12
UnderstandingPuppet
Saturday, December 1, 12
2 run modes
puppet apply - all content is stored on the individual nodes. commonly used for testing (or for scale)
client/server - content is served from a central master (this is what we will be talking about)
Saturday, December 1, 12
A Puppet client/server run
VM1
Master
Facts Catalog
ModulesClassifier
Saturday, December 1, 12
Facter returns system specificinformation
Agent
Master
Facts Catalog
ModulesClassifier
Saturday, December 1, 12
Facter
to see a system’s facts, run
$ facterarchitecture => x86_64domain => localfacterversion => 2.0.0fqdn => DansLapTop.localhardwareisa => i386hardwaremodel => x86_64id => danbode
Saturday, December 1, 12
Facter
Nodes submit their facts as a part of the request for catalog.
Available as top scope variables from manifests
ie : $::fact_name
Creating custom facts is easy.
Saturday, December 1, 12
A Puppet client/server run
VM1
Master
Facts Catalog
ModulesClassifier
Saturday, December 1, 12
Modules
Sharable content composed of classes and defined resource types (configuration interfaces).
Saturday, December 1, 12
Module Forge
http://forge.puppetlabs.com/
http://forge.puppetlabs.com/puppetlabs/apache
Saturday, December 1, 12
Classes/defines compose resources
Saturday, December 1, 12
Resources
Describe the configuration state of individual system elements.
user { ‘dan’: ensure => present, shell => ‘/bin/bash’, }
Saturday, December 1, 12
Resources
Describe the configuration state of individual system elements.
user { ‘dan’: # a user named dan ensure => present, # should exist shell => ‘/bin/bash’, # with this shell }
Saturday, December 1, 12
Resources
package { ‘apache2’: # a package named apache2 ensure => present, # should be installed }
Saturday, December 1, 12
Puppet DSL and resources
Saturday, December 1, 12
Puppet DSL and Resources
The Puppet DSL can be used to compose collections of resources into classes or defined resources.
Saturday, December 1, 12
Example apache class
class apache { package { ‘apache2’: ensure => present, } file { ‘/etc/apache2/apache2.conf’: content => template(‘apache2/apache2.erb’), require => Package[‘apache2’], } service { ‘apache2’: ensure => running subscribe => File[‘/etc/apache2/apache2.conf’] }}
Saturday, December 1, 12
A Puppet client/server run
VM1
Master
Facts Catalog
ModulesClassifier
Saturday, December 1, 12
Classification
Process that determines how Puppet maps a role to a specific instance.
Saturday, December 1, 12
Site manifest
The master utilizes code from its site manifest to figure out how to assign a role to a node.
Master/etc/puppet/manifest/site.pp
Saturday, December 1, 12
Site manifest
Node blocks map a host’s certname to content from a module
node /^my_node/ { include apache }
Saturday, December 1, 12
Determine role based on facts
Self Service APi
Apache1
deploy me an apache server
Saturday, December 1, 12
Determine role based on facts
‘deployVirtualMachine’ -> userdata -> facts
node default { if $::role == ‘apache’ { include apache } else { fail(“Undefine role: ${role}”) }}
Saturday, December 1, 12
Decouple role assignment from provisioningAfter provisioning is completed, ssh into a machine, set a custom fact (using facts.d), and trigger a puppet run.
pros - you can easily execute a script to install and bootstrap puppet
cons - extra step
Saturday, December 1, 12
facts.d
facts.d comes with stdlib (http://forge.puppetlabs.com/puppetlabs/stdlib)
it converts any ‘key=value’ pairs listed in /etc/facts.d/*.txt into facts
Saturday, December 1, 12
ENC
The master can call out to arbitrary executables to figure out how a node should be classified.
Master
ENC
Saturday, December 1, 12
ENC
You can set the ‘group’ attribute with classification information when instances are created.
The ENC can then query the ‘group’ attribute from the VM instance that needs to be classified.
Saturday, December 1, 12
A Puppet client/server run
VM1
Master
FactsCatalog
ModulesClassifier
Saturday, December 1, 12
Catalog
Collection of resources that describe how a node can achieve a specified configuration.
Saturday, December 1, 12
Catalog
Catalog
Package
Package
File
UserUserFile
ServiceService
Resources
Dependencies
Saturday, December 1, 12
VM provisioning with Puppet (experimental! use cases appreciated)
Saturday, December 1, 12
Share Application Stacks as text
class my_app_stack { cloudstack_instance { 'foo4': ensure => present, group => 'role=db', }
cloudstack_instance { 'foo3': ensure => present, group => 'role=apache', }}
Saturday, December 1, 12
Use resource defaults for common settingsCloudstack_instance { image => 'CentOS 5.6 key+pass',
flavor => 'Small Instance', zone => 'ACS-FMT-001', network => 'puppetlabs-network', keypair => 'dans_keypair4',}
cloudstack_instance { 'foo4': ensure => $::ensure, group => 'role=db',}cloudstack_instance { 'foo3':
ensure => $::ensure, group => 'role=apache',}
Saturday, December 1, 12