SlideShare une entreprise Scribd logo

Mass-Migration of 5000 Servers to Foreman/Katello with bootstrap.py - Evgeni Golov

NETWAYS
NETWAYS

Foreman Birthday Event 2017: Mass-Migration of 5000 Servers to Foreman/Katello with bootstrap.py by Evgeni Golov

Logiciels
1  sur  19
Télécharger pour lire hors ligne
MASS-MIGRATION OF 5000 SERVERS TO FOREMAN/KATELLO WITH BOOTSTRAP.PY Evgeni Golov 1
$ WHOAMI Evgeni Golov Software Engineer at Red Hat ex-Consultant at Red Hat Debian and Grml Developer ♥ FOSS ♥ ♥ automation ♥ 2
SITUATION 10k RHEL (5k RHEL5, 4k RHEL6, 1k RHEL7) most of them subscribed to Satellite5/Spacewalk want to move to Satellite6/Foreman this requires a plan 3
TOOLING Satellite 6.1 (Foreman 1.7, Katello 2.2) this was done about a year ago the learnings also apply to Foreman itself bootstrap.py script for registration of machines to Foreman/Katello at that time not even part of the Katello project mimicks the idea of bootstrap.sh from Spacewalk 4
BOOTSTRAP.PY install katello-ca-consumer RPM subscribe the machine using subscription- manager or rhn-migrate-classic-to- rhsm con gure katello-agent con gure Puppet 5
STEP 1: EL5?! ain't nobody got time for that just let it bit-rot on the old infra there is an migration to EL6/7 planned anyways (guess who is still up and running today?) no need to care for the old content but also no insight if there are any gotchas 6
STEP 2: SIZE THE INFRASTRUCTURE main VM: 12vCore, 32GB RAM, 1TB ash 6 proxies: 8vCore, 24GB RAM, 500G ash rough setup: no machines connect directly to Foreman no more than 1000 clients per proxy most machines don't do Puppet 7
STEP 3: WAIT FOR FIREWALLS there is always a rewall somewhere and it for sure will make you unhappy request the new rewall rules early and broadly (allow ALL the networks!) 8
STEP 4: DESIGN CONTENT the old setup provided almost only RHEL, apps were delivered from other sources this makes an easy setup with one CCV per RHEL release, containing CVs for: RHEL + SatTools admin software (backup, monitoring, etc) 9
STEP 5: REGISTER ALL THE MACHINES piece of cake, right? 10
STEP 5.1: FIND THE RIGHT PROXY most machines are subscribed to Spacewalk nd the old Spacewalk proxy in /etc/sysconfig/rhn/up2date have a map of old proxy to new proxy machine is not subscribed? try guessing based on host/domainname try guessing based on IPv4 subnet if everything fails, use a "default" proxy 11
STEP 5.2: FIND AN EXECUTOR you need to run a script on every single machine Spacewalk has a function for that, but it was disabled when a problem occurs during migration, Spacewalk might not be able to control the machine anymore today everybody would have used Ansible we had BMC BladeLogic, as that was what the customer had for all platforms 12
STEP 5.3: CHECK THAT FIREWALL nobody wants to schedule 5000 jobs that will fail run a quick pre-check job before doing the actual work can the host resolve itself (and get a FQDN?) can the host reach the old proxy can the host reach the new proxy (on 80, 443, 5671) 13
STEP 5.4: WAIT FOR EVERYBODY the previous step will identify a lot machines as "broken" enjoy your co ee while waiting for the rewalls, machine owners, etc 14
STEP 5.5: TEST WHILE WAITING gure out which bootstrap.py parameters you need gure out which patches for bootstrap.py you need submit everything upstream become the de-facto maintainer of bootstrap.py upstream 15
STEP 5.6: REGISTER! we run batches of 1000 per day, so we would not a ect too many departments --skip foreman as we did not care for Foreman/Puppet, just content --force as we sometimes just re-run the same machine multiple times --legacy-purge to remove the machine from Spacewalk 16
STEP 5.7: COLLECT THE PIECES sometimes rhsmcertd would hang, blocking subscription-manager, blocking yum some machines have broken clocks, SSL terribly fails yes, we served "wrong" content to a couple boxes, but that was found quickly (missing repos) (broken) proxies in yum.conf make it hard to fetch packages 17
RANDOM FINDINGS BMC BladeLogic injects an own libssl using LD_LIBRARY_PATH, breaking yum EL6.4 (and older) has a nasty Python bug, making all syslog calls EMERG People hate monitoring lesystems It is considered OK to leave a machine with broken dependencies 18
THANKS!       evgeni@golov.de die-welt.net @zhenech +EvgeniGolov @evgeni zhenech 19

Recommandé

Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenRefactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenNETWAYS
 
Foreman - Advanced use cases - Timo Goebel
Foreman - Advanced use cases - Timo GoebelForeman - Advanced use cases - Timo Goebel
Foreman - Advanced use cases - Timo GoebelNETWAYS
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
A user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsA user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsSaltStack
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016effie mouzeli
 
Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Puppet
 
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltStack
 

Recommandé

Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenRefactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenNETWAYS
 
Foreman - Advanced use cases - Timo Goebel
Foreman - Advanced use cases - Timo GoebelForeman - Advanced use cases - Timo Goebel
Foreman - Advanced use cases - Timo GoebelNETWAYS
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
A user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsA user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsSaltStack
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016effie mouzeli
 
Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Puppet
 
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltStack
 
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltStack
 
JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...
JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...
JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...SaltStack
 
Foreman presentation
Foreman presentationForeman presentation
Foreman presentationGlen Ogilvie
 
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and States
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and StatesSaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and States
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and StatesSaltStack
 
OpenNebula and SaltStack - OpenNebulaConf 2013
OpenNebula and SaltStack - OpenNebulaConf 2013OpenNebula and SaltStack - OpenNebulaConf 2013
OpenNebula and SaltStack - OpenNebulaConf 2013databus.pro
 
Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Stephen Benjamin
 
Capistrano
CapistranoCapistrano
CapistranoBryan McLellan
 
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014Puppet
 
Modern Infrastructure from Scratch with Puppet
Modern Infrastructure from Scratch with PuppetModern Infrastructure from Scratch with Puppet
Modern Infrastructure from Scratch with PuppetPuppet
 
Managing Puppet using MCollective
Managing Puppet using MCollectiveManaging Puppet using MCollective
Managing Puppet using MCollectivePuppet
 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltStack
 
Salt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsSalt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsBenjamin Cane
 
Deployment with capistrano
Deployment with capistranoDeployment with capistrano
Deployment with capistranosagar junnarkar
 
CPAN Training
CPAN TrainingCPAN Training
CPAN TrainingPedro Figueiredo
 
Steve Singer - Managing PostgreSQL with Puppet @ Postgres Open
Steve Singer - Managing PostgreSQL with Puppet @ Postgres OpenSteve Singer - Managing PostgreSQL with Puppet @ Postgres Open
Steve Singer - Managing PostgreSQL with Puppet @ Postgres OpenPostgresOpen
 
Using SaltStack to orchestrate microservices in application containers at Sal...
Using SaltStack to orchestrate microservices in application containers at Sal...Using SaltStack to orchestrate microservices in application containers at Sal...
Using SaltStack to orchestrate microservices in application containers at Sal...Love Nyberg
 
Vagrant and CentOS 7
Vagrant and CentOS 7Vagrant and CentOS 7
Vagrant and CentOS 7Julien Pivotto
 
Setup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformSetup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformAjeet Singh
 
Capistrano
CapistranoCapistrano
CapistranoJason Noble
 
Fabric8 - Being devOps doesn't suck anymore
Fabric8 - Being devOps doesn't suck anymoreFabric8 - Being devOps doesn't suck anymore
Fabric8 - Being devOps doesn't suck anymoreHenryk Konsek
 
Why you should revisit mgmt
Why you should revisit mgmtWhy you should revisit mgmt
Why you should revisit mgmtJulien Pivotto
 

Contenu connexe

Tendances

SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltStack
 
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...SaltStack
 
Foreman presentation
Foreman presentationForeman presentation
Foreman presentationGlen Ogilvie
 
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and States
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and StatesSaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and States
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and StatesSaltStack
 
OpenNebula and SaltStack - OpenNebulaConf 2013
OpenNebula and SaltStack - OpenNebulaConf 2013OpenNebula and SaltStack - OpenNebulaConf 2013
OpenNebula and SaltStack - OpenNebulaConf 2013databus.pro
 
Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Stephen Benjamin
 
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014Puppet
 
Modern Infrastructure from Scratch with Puppet
Modern Infrastructure from Scratch with PuppetModern Infrastructure from Scratch with Puppet
Modern Infrastructure from Scratch with PuppetPuppet
 
Managing Puppet using MCollective
Managing Puppet using MCollectiveManaging Puppet using MCollective
Managing Puppet using MCollectivePuppet
 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltStack
 
Salt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsSalt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsBenjamin Cane
 
Deployment with capistrano
Deployment with capistranoDeployment with capistrano
Deployment with capistranosagar junnarkar
 
Steve Singer - Managing PostgreSQL with Puppet @ Postgres Open
Steve Singer - Managing PostgreSQL with Puppet @ Postgres OpenSteve Singer - Managing PostgreSQL with Puppet @ Postgres Open
Steve Singer - Managing PostgreSQL with Puppet @ Postgres OpenPostgresOpen
 
Using SaltStack to orchestrate microservices in application containers at Sal...
Using SaltStack to orchestrate microservices in application containers at Sal...Using SaltStack to orchestrate microservices in application containers at Sal...
Using SaltStack to orchestrate microservices in application containers at Sal...Love Nyberg
 
Setup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformSetup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformAjeet Singh
 

Tendances (20)

SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
 
JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...
JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...
JavaCro'15 - Conquer the Internet of Things with Java and Docker - Johan Jans...
 
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...
SaltConf14 - Ryan Lane, Wikimedia - Immediate consistency with Trebuchet Depl...
 
Foreman presentation
Foreman presentationForeman presentation
Foreman presentation
 
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and States
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and StatesSaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and States
SaltConf14 - Forrest Alvarez, Choice Hotels - Salt Formulas and States
 
OpenNebula and SaltStack - OpenNebulaConf 2013
OpenNebula and SaltStack - OpenNebulaConf 2013OpenNebula and SaltStack - OpenNebulaConf 2013
OpenNebula and SaltStack - OpenNebulaConf 2013
 
Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015
 
Capistrano
CapistranoCapistrano
Capistrano
 
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
 
Modern Infrastructure from Scratch with Puppet
Modern Infrastructure from Scratch with PuppetModern Infrastructure from Scratch with Puppet
Modern Infrastructure from Scratch with Puppet
 
Managing Puppet using MCollective
Managing Puppet using MCollectiveManaging Puppet using MCollective
Managing Puppet using MCollective
 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
 
Salt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsSalt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environments
 
Deployment with capistrano
Deployment with capistranoDeployment with capistrano
Deployment with capistrano
 
CPAN Training
CPAN TrainingCPAN Training
CPAN Training
 
Steve Singer - Managing PostgreSQL with Puppet @ Postgres Open
Steve Singer - Managing PostgreSQL with Puppet @ Postgres OpenSteve Singer - Managing PostgreSQL with Puppet @ Postgres Open
Steve Singer - Managing PostgreSQL with Puppet @ Postgres Open
 
Using SaltStack to orchestrate microservices in application containers at Sal...
Using SaltStack to orchestrate microservices in application containers at Sal...Using SaltStack to orchestrate microservices in application containers at Sal...
Using SaltStack to orchestrate microservices in application containers at Sal...
 
Vagrant and CentOS 7
Vagrant and CentOS 7Vagrant and CentOS 7
Vagrant and CentOS 7
 
Setup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformSetup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platform
 
Capistrano
CapistranoCapistrano
Capistrano
 

Similaire à Mass-Migration of 5000 Servers to Foreman/Katello with bootstrap.py - Evgeni Golov

Fabric8 - Being devOps doesn't suck anymore
Fabric8 - Being devOps doesn't suck anymoreFabric8 - Being devOps doesn't suck anymore
Fabric8 - Being devOps doesn't suck anymoreHenryk Konsek
 
Why you should revisit mgmt
Why you should revisit mgmtWhy you should revisit mgmt
Why you should revisit mgmtJulien Pivotto
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy Systemadrian_nye
 
Supercomputing by API: Connecting Modern Web Apps to HPC
Supercomputing by API: Connecting Modern Web Apps to HPCSupercomputing by API: Connecting Modern Web Apps to HPC
Supercomputing by API: Connecting Modern Web Apps to HPCOpenStack
 
Capistrano, Puppet, and Chef
Capistrano, Puppet, and ChefCapistrano, Puppet, and Chef
Capistrano, Puppet, and ChefDavid Benjamin
 
SHARE.ORG Orlando 2015
SHARE.ORG Orlando 2015SHARE.ORG Orlando 2015
SHARE.ORG Orlando 2015Filipe Miranda
 
OpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooOpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooinovex GmbH
 
PuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPhil Zimmerman
 
Iteratively introducing Puppet technologies in the brownfield; Jeffrey Miller
Iteratively introducing Puppet technologies in the brownfield; Jeffrey MillerIteratively introducing Puppet technologies in the brownfield; Jeffrey Miller
Iteratively introducing Puppet technologies in the brownfield; Jeffrey MillerPuppet
 
DevOps in PHP environment
DevOps in PHP environmentDevOps in PHP environment
DevOps in PHP environmentEvaldo Felipe
 
PUG Romagna - Pipeline + Deployer PHP
PUG Romagna - Pipeline + Deployer PHPPUG Romagna - Pipeline + Deployer PHP
PUG Romagna - Pipeline + Deployer PHPGiuseppe Morelli
 
Owasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF SessionOwasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF SessionBart Leppens
 
Practical Operation Automation with StackStorm
Practical Operation Automation with StackStormPractical Operation Automation with StackStorm
Practical Operation Automation with StackStormShu Sugimoto
 
Install MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and moreInstall MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and moreRod Flohr
 
All the Laravel things: up and running to making $$
All the Laravel things: up and running to making $$All the Laravel things: up and running to making $$
All the Laravel things: up and running to making $$Joe Ferguson
 
Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...
Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...
Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...Anne Nicolas
 
How to deploy a Java application on Google App engine Flexible environment
How to deploy a Java application on Google App engine Flexible environmentHow to deploy a Java application on Google App engine Flexible environment
How to deploy a Java application on Google App engine Flexible environmentMichelantonio Trizio
 
Ruby and Rails Packaging to Production
Ruby and Rails Packaging to ProductionRuby and Rails Packaging to Production
Ruby and Rails Packaging to ProductionFabio Kung
 

Similaire à Mass-Migration of 5000 Servers to Foreman/Katello with bootstrap.py - Evgeni Golov (20)

Fabric8 - Being devOps doesn't suck anymore
Fabric8 - Being devOps doesn't suck anymoreFabric8 - Being devOps doesn't suck anymore
Fabric8 - Being devOps doesn't suck anymore
 
Why you should revisit mgmt
Why you should revisit mgmtWhy you should revisit mgmt
Why you should revisit mgmt
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
Supercomputing by API: Connecting Modern Web Apps to HPC
Supercomputing by API: Connecting Modern Web Apps to HPCSupercomputing by API: Connecting Modern Web Apps to HPC
Supercomputing by API: Connecting Modern Web Apps to HPC
 
Capistrano, Puppet, and Chef
Capistrano, Puppet, and ChefCapistrano, Puppet, and Chef
Capistrano, Puppet, and Chef
 
SHARE.ORG Orlando 2015
SHARE.ORG Orlando 2015SHARE.ORG Orlando 2015
SHARE.ORG Orlando 2015
 
OpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooOpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, too
 
PuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With Notes
 
Iteratively introducing Puppet technologies in the brownfield; Jeffrey Miller
Iteratively introducing Puppet technologies in the brownfield; Jeffrey MillerIteratively introducing Puppet technologies in the brownfield; Jeffrey Miller
Iteratively introducing Puppet technologies in the brownfield; Jeffrey Miller
 
DevOps in PHP environment
DevOps in PHP environmentDevOps in PHP environment
DevOps in PHP environment
 
PUG Romagna - Pipeline + Deployer PHP
PUG Romagna - Pipeline + Deployer PHPPUG Romagna - Pipeline + Deployer PHP
PUG Romagna - Pipeline + Deployer PHP
 
Owasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF SessionOwasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF Session
 
Practical Operation Automation with StackStorm
Practical Operation Automation with StackStormPractical Operation Automation with StackStorm
Practical Operation Automation with StackStorm
 
Install MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and moreInstall MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and more
 
Kioptrix 2014 5
Kioptrix 2014 5Kioptrix 2014 5
Kioptrix 2014 5
 
All the Laravel things: up and running to making $$
All the Laravel things: up and running to making $$All the Laravel things: up and running to making $$
All the Laravel things: up and running to making $$
 
utf.pdf
utf.pdfutf.pdf
utf.pdf
 
Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...
Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...
Kernel Recipes 2018 - Live (Kernel) Patching: status quo and status futurus -...
 
How to deploy a Java application on Google App engine Flexible environment
How to deploy a Java application on Google App engine Flexible environmentHow to deploy a Java application on Google App engine Flexible environment
How to deploy a Java application on Google App engine Flexible environment
 
Ruby and Rails Packaging to Production
Ruby and Rails Packaging to ProductionRuby and Rails Packaging to Production
Ruby and Rails Packaging to Production
 

Dernier

2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdfAndrey Devyatkin
 
Patterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencePatterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencessuser9e7c64
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...Bert Jan Schrijver
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slidesvaideheekore1
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfRTS corp
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...OnePlan Solutions
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxAndreas Kunz
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jNeo4j
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITmanoharjgpsolutions
 

Dernier (20)

2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
 
Patterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencePatterns for automating API delivery. API conference
Patterns for automating API delivery. API conference
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slides
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh IT
 

Mass-Migration of 5000 Servers to Foreman/Katello with bootstrap.py - Evgeni Golov

  • 1. MASS-MIGRATION OF 5000 SERVERS TO FOREMAN/KATELLO WITH BOOTSTRAP.PY Evgeni Golov 1
  • 2. $ WHOAMI Evgeni Golov Software Engineer at Red Hat ex-Consultant at Red Hat Debian and Grml Developer ♥ FOSS ♥ ♥ automation ♥ 2
  • 3. SITUATION 10k RHEL (5k RHEL5, 4k RHEL6, 1k RHEL7) most of them subscribed to Satellite5/Spacewalk want to move to Satellite6/Foreman this requires a plan 3
  • 4. TOOLING Satellite 6.1 (Foreman 1.7, Katello 2.2) this was done about a year ago the learnings also apply to Foreman itself bootstrap.py script for registration of machines to Foreman/Katello at that time not even part of the Katello project mimicks the idea of bootstrap.sh from Spacewalk 4
  • 5. BOOTSTRAP.PY install katello-ca-consumer RPM subscribe the machine using subscription- manager or rhn-migrate-classic-to- rhsm con gure katello-agent con gure Puppet 5
  • 6. STEP 1: EL5?! ain't nobody got time for that just let it bit-rot on the old infra there is an migration to EL6/7 planned anyways (guess who is still up and running today?) no need to care for the old content but also no insight if there are any gotchas 6
  • 7. STEP 2: SIZE THE INFRASTRUCTURE main VM: 12vCore, 32GB RAM, 1TB ash 6 proxies: 8vCore, 24GB RAM, 500G ash rough setup: no machines connect directly to Foreman no more than 1000 clients per proxy most machines don't do Puppet 7
  • 8. STEP 3: WAIT FOR FIREWALLS there is always a rewall somewhere and it for sure will make you unhappy request the new rewall rules early and broadly (allow ALL the networks!) 8
  • 9. STEP 4: DESIGN CONTENT the old setup provided almost only RHEL, apps were delivered from other sources this makes an easy setup with one CCV per RHEL release, containing CVs for: RHEL + SatTools admin software (backup, monitoring, etc) 9
  • 10. STEP 5: REGISTER ALL THE MACHINES piece of cake, right? 10
  • 11. STEP 5.1: FIND THE RIGHT PROXY most machines are subscribed to Spacewalk nd the old Spacewalk proxy in /etc/sysconfig/rhn/up2date have a map of old proxy to new proxy machine is not subscribed? try guessing based on host/domainname try guessing based on IPv4 subnet if everything fails, use a "default" proxy 11
  • 12. STEP 5.2: FIND AN EXECUTOR you need to run a script on every single machine Spacewalk has a function for that, but it was disabled when a problem occurs during migration, Spacewalk might not be able to control the machine anymore today everybody would have used Ansible we had BMC BladeLogic, as that was what the customer had for all platforms 12
  • 13. STEP 5.3: CHECK THAT FIREWALL nobody wants to schedule 5000 jobs that will fail run a quick pre-check job before doing the actual work can the host resolve itself (and get a FQDN?) can the host reach the old proxy can the host reach the new proxy (on 80, 443, 5671) 13
  • 14. STEP 5.4: WAIT FOR EVERYBODY the previous step will identify a lot machines as "broken" enjoy your co ee while waiting for the rewalls, machine owners, etc 14
  • 15. STEP 5.5: TEST WHILE WAITING gure out which bootstrap.py parameters you need gure out which patches for bootstrap.py you need submit everything upstream become the de-facto maintainer of bootstrap.py upstream 15
  • 16. STEP 5.6: REGISTER! we run batches of 1000 per day, so we would not a ect too many departments --skip foreman as we did not care for Foreman/Puppet, just content --force as we sometimes just re-run the same machine multiple times --legacy-purge to remove the machine from Spacewalk 16
  • 17. STEP 5.7: COLLECT THE PIECES sometimes rhsmcertd would hang, blocking subscription-manager, blocking yum some machines have broken clocks, SSL terribly fails yes, we served "wrong" content to a couple boxes, but that was found quickly (missing repos) (broken) proxies in yum.conf make it hard to fetch packages 17
  • 18. RANDOM FINDINGS BMC BladeLogic injects an own libssl using LD_LIBRARY_PATH, breaking yum EL6.4 (and older) has a nasty Python bug, making all syslog calls EMERG People hate monitoring lesystems It is considered OK to leave a machine with broken dependencies 18