1. Host Orchestration with Foreman,Puppet and Gitlab20th September 2014 South Wales Linux User GroupBen Tullis: System Administrator - OpenCorporates

2. Presentation Outline Background Who and Why? Foreman What is it for and why might you want it? Puppet Integration Configuration Management Basics External Node Classification, Reporting, Smart Parameters Multiple Environment Support Configuration Version Control with Gitlab Protected Branches Towards Continuous Delivery 3. My Background Ben Tullis sysadmin for opencorporates 14+ years Linuxexperience Currently Supporting: 22 physical servers 35 virtual servers ...and counting 4. My Background Ben Tullis sysadmin for opencorporates 14+ years Linuxexperience Currently Supporting: 22 physical servers 35 virtual servers ...and counting 5. Why Bother with Host Orchestration At All?With the right processes in place, it is easier, better, andmore predictable to rebuild infrastructure than to repair ithttp://www.wikisummaries.org/Visible_OpsISBN: 978-0975568613n.b. Other good books are available to purchase 6. The Foreman An Open-Source host provisioning system A Ruby-on-Rails web front-end / API Ruby based 'Smart-Proxy' component Integrates with: DHCP Host address(es) and PXE boot options TFTP Supply boot media DNS Manages forward and reverse name records IPMI Remote console access and power control Deploys onto: Libvirt, EC2, GCE, VMware, Openstack, Ovirt/RHEV Bare Metal 7. Foreman Architecture 8. Foreman Host Provisioning Example 9. Foreman Host Provisioning Example 10. Foreman Host Provisioning Example 11. Foreman Host Provisioning Example 12. Foreman Host Provisioning Example 13. Puppet Configuration Management Terminology 14. Puppet Configuration Management Terminology Manifest declares how your systems should be configured Configuration files Software packages Users, groups, security settings Processes, services, scheduled tasks, etc... 15. Puppet Configuration Management Terminology Manifest declares how your systems should be configured Configuration files Software packages Users, groups, security settings Processes, services, scheduled tasks, etc... Agent verifies local configuration against the declaration Can apply changes automatically if desired Can notify of pending changes (no-op mode) 16. Puppet Configuration Management Terminology Manifest declares how your systems should be configured Configuration files Software packages Users, groups, security settings Processes, services, scheduled tasks, etc... Agent verifies local configuration against the declaration Can apply changes automatically if desired Can notify of pending changes (no-op mode) Master secures connection and informs agents HTTPS web service 17. Puppet Manifest ExampleKey Resource Types File Package Service User / Group Exec Mount Templateshttps://docs.puppetlabs.com/references/latest/type.htmlhttps://docs.puppetlabs.com/learning/introduction.html 18. Foreman / Puppet Integration Foreman installs and configures itself using Puppet Not mandatory to use it Can act as an External Node Classifier for Puppet e.g. This host or hostgroup has these classes applied Can supply Class Parameters into manifests Separate data from configuration instructions Acts as a Puppet dashboard Changes: succeeded, failed, pending Inventory: details of host facts 19. Foreman as Puppet ENC 20. Puppet Class ParametersParameters defined in manifests May be used in derived classes May be referenced in templates 21. Foreman as Class Parameter Data Source 22. Foreman as Class Parameter Data SourceMatch on any fact: e.g. Hostgroup Host Architecture EnvironmentSet parameter value 23. Puppet Dashboard and Reporting 24. Multiple Puppet Environments Separate sets of manifests/modules for e.g. Production Testing Development Dynamic environments for feature branches Can also share common code e.g. Well-tested modules Commonly uses a DVCS to branch and merge 25. Staging and Production Environments On-premise Service Flexible Authentication Repository Permissions 26. Puppet Manifests and Gitlab Production branch is protected 27. Aiming Towards Continuous Delivery Continuous Integration (CI) system development Further integration testing in the staging environment Rebuilding hosts using the Foreman API during CI testing Integration of existing application deployment mechanisms Tighter integration of application and platform testing Further automation Additional tools under consideration for integration Gitlab CI, Rundeck, Buildbot, Zuul, Gerrit 28. Diolch yn fawrThank you very muchAny questions?