A brief look at the Foreman host lifecycle management system, beginning with its rapid provisioning features and moving onto its integration with the Puppet configuration management system.
GItlab is introduced to the mix and an example is given of how it can be integrated with Forman and Puppet to form an on-premise configuration versioning component. This configuration, which builds upon the Puppet multiple environments feature, is currently being employed in the task of building a test-driven continuous delivery system for the OpenCorporates project.
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Linux host orchestration with Foreman, Puppet and Gitlab
1. Host Orchestration with Foreman,
Puppet and Gitlab
20th September 2014 – South Wales Linux User Group
Ben Tullis: System Administrator - OpenCorporates
2. Presentation Outline
● Background – Who and Why?
● Foreman
– What is it for and why might you want it?
● Puppet Integration
– Configuration Management Basics
– External Node Classification, Reporting, Smart Parameters
– Multiple Environment Support
● Configuration Version Control with Gitlab
– Protected Branches
– Towards Continuous Delivery
3. My Background
● Ben Tullis – sysadmin for opencorporates
● 14+ years Linux
experience
● Currently Supporting:
– 22 physical servers
– 35 virtual servers
– ...and counting
4. My Background
● Ben Tullis – sysadmin for opencorporates
● 14+ years Linux
experience
● Currently Supporting:
– 22 physical servers
– 35 virtual servers
– ...and counting
5. Why Bother with Host Orchestration At All?
“With the right processes in place, it is easier, better, and
more predictable to rebuild infrastructure than to repair it”
http://www.wikisummaries.org/Visible_Ops
ISBN: 978-0975568613
n.b. Other good books are available to purchase
6. The Foreman
● An Open-Source host provisioning system
– A Ruby-on-Rails web front-end / API
– Ruby based 'Smart-Proxy' component
● Integrates with:
– DHCP – Host address(es) and PXE boot options
– TFTP – Supply boot media
– DNS – Manages forward and reverse name records
– IPMI – Remote console access and power control
● Deploys onto:
– Libvirt, EC2, GCE, VMware, Openstack, Ovirt/RHEV
– Bare Metal
14. Puppet Configuration Management Terminology
● Manifest declares how your systems should be configured
– Configuration files
– Software packages
– Users, groups, security settings
– Processes, services, scheduled tasks, etc...
15. Puppet Configuration Management Terminology
● Manifest declares how your systems should be configured
– Configuration files
– Software packages
– Users, groups, security settings
– Processes, services, scheduled tasks, etc...
● Agent verifies local configuration against the declaration
– Can apply changes automatically if desired
– Can notify of pending changes (no-op mode)
16. Puppet Configuration Management Terminology
● Manifest declares how your systems should be configured
– Configuration files
– Software packages
– Users, groups, security settings
– Processes, services, scheduled tasks, etc...
● Agent verifies local configuration against the declaration
– Can apply changes automatically if desired
– Can notify of pending changes (no-op mode)
● Master secures connection and informs agents
– HTTPS web service
17. Puppet Manifest Example
Key Resource Types
– File
– Package
– Service
– User / Group
– Exec
– Mount
● Templates
https://docs.puppetlabs.com/references/latest/type.html
https://docs.puppetlabs.com/learning/introduction.html
18. Foreman / Puppet Integration
● Foreman installs and configures itself using Puppet
– Not mandatory to use it
● Can act as an External Node Classifier for Puppet
– e.g. This host or hostgroup has these classes applied
● Can supply Class Parameters into manifests
– Separate data from configuration instructions
● Acts as a Puppet dashboard
– Changes: succeeded, failed, pending
– Inventory: details of host facts
24. Multiple Puppet Environments
● Separate sets of manifests/modules for e.g.
– Production
– Testing
– Development
– Dynamic environments for feature branches
● Can also share common code
– e.g. Well-tested modules
● Commonly uses a DVCS to branch and merge
25. Staging and Production Environments
● On-premise Service
● Flexible Authentication
● Repository Permissions
27. Aiming Towards Continuous Delivery
● Continuous Integration (CI) system development
– Further integration testing in the staging environment
– Rebuilding hosts using the Foreman API during CI testing
– Integration of existing application deployment mechanisms
– Tighter integration of application and platform testing
– Further automation
● Additional tools under consideration for integration
– Gitlab CI, Rundeck, Buildbot, Zuul, Gerrit
Ben Tullis will showcase some of the host life cycle management features
of The Foreman, such as rapid deployment and rebuild, then examine it's
integration with Puppet, and show examples of where this combination of
tools can provide some key benefits.
Lastly, he'll take a look at how
the use of Gitlab within this framework can form the beginnings of a
test-driven continuous deployment system.