SlideShare uma empresa Scribd logo

CloudOpen North America 2013: Vagrant & CFEngine

Nick Anderson
Nick Anderson

During this hands-on tutorial you will learn how to quickly provision local test/development/demo environments using Vagrant and Virtualbox. We will cover provisioning and configuring machines quickly using Vagrant and CFEngine. You will learn how Vagrant and Virtualbox can be used to bring up local development/test/demo environments. You will also learn how CFEngine can be leveraged to automate configuration of the environment after it has been initialized. You will take away a multi-vm test environment managed by CFEngine. This tutorial targets technical people who need repeatable test environments and are comfortable using the Linux command-line. These environments can speed developer on-boarding, play a role in continuous integration, or just provide quick sandboxes for experimentation. No previous knowledge of Vagrant or CFEngine is required.

TecnologiaDesign
1 de 86
Baixar para ler offline
www.cfengine.com Vagrant & CFEngine CloudOpen North America 2013
Before we get started Is everyone in the right place? Has everyone installed Virtualbox 4.2.16 or later? VirtualBox --help | grep VirtualBox Has everyone installed Vagrant 1.2.7 or later? vagrant –version I have USB keys with Installers and content for the tutorial, if you don't have it yet please let me know.
Get to know each other Hi, I'm Nick SysAdmin > 10 Years Work at CFEngine Live in Lawrence, KS Twitter: @cmdln_ IRC: nickanderson Blog: http://www.cmdln.org Who are you? What do you do? Have you used Vagrant? Have you used CFEngine? Why did you choose this session and what do you hope to get from it?
9/17/13 What is Vagrant? Tool to make working with development environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. ● Created by Mitchell Hashimoto ● @mitchelh ● http://www.vagrantup.com
9/17/13 How can it help? Developer on-boarding Quickly provision/decommission test environments in repeatable fashion Bug Validation Continuous Integration Ad-hoc Demos
9/17/13 Provides common environment Designers Developers Operations QA
9/17/13 Portable ● VirtualBox ● AWS ● VMware ● More ● https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins
9/17/13 So what's it made of?
9/17/13 Vagrantfile
9/17/13 Boxes ● Base operating system image ● Provider specific ● http://www.vagrantbox.es ● Use veewee or packer.io (build your own automatically) – Kickstart/preseed, postinstall scripts
9/17/13 Magic ● Ssh port forwards ● Shared project folder /vagrant
9/17/13 Useful Plugin ● vagrant-vbguest automatically installs the host's VirtualBox Guest Additions on the guest system. ● vagrant plugin install vagrant-vbguest ● https://github.com/dotless-de/vagrant -vbguest
9/17/13 CFEngine Provisioner: Currently Undocumented ● am_policy_hub ● extra_agent_args – Extra arguments to pass to cf-agent executions ● classes – Additional classes to define when running cf-agent ● deb_repo_file – The apt repository configuration file to use for configuring the repository containing the CFEngine packages ● deb_repo_line – The line that specifys the repository to use for CFEngine packages ● files_path – Directory to copy on top of the default masterfiles ● force_bootstrap – If true, bootstrap the host even if it has been bootstrapped before ● install – Install CFEngine package from repository ● mode – “bootstrap” or “single_run”, determines whether CFEngine will be bootstrapped or just executed once on the host ● policy_server_address ● repo_gpg_key_url – http location of GPG key used for checking package signatures ● run_file – Standalone CFEngine policy file to upload and execute ● upload_path – Path to upload run_file ● yum_repo_file – The yum repository file to use when configuring the repository containing CFEngine packages ● yum_repo_url – The url of the repository containing the CFEngine packages ● package_name – The cfengine package name to install
9/17/13 CFEngine Provisioner: Example Use
9/17/13 Getting started ● vagrant box ● vagrant init ● vagrant status ● vagrant up ● vagrant ssh – vagrant ssh node ● vagrant destroy
9/17/13 Daily Use vagrant up vagrant {destroy, halt, suspend} !-2
9/17/13 This is fantastic!
9/17/13 Build base boxes for all the things!
Black Hole
9/17/13 Automating Vagrant Provisioning ● Ansible ● CFEngine ● Chef ● Puppet ● Salt Stack ● Shell Scripts ● MixnMatch!
9/17/13 CFEngine ● IT infrastructure automation, compliance, and knowledge management framework ● Opensource and Commercial Software ● Originally written by Mark Burgess ● @markburgess_osl ● http://www.cfengine.com
9/17/13 CFEngine History ● First released in 1993 ● CFEngine 2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. ● 2003 Promise Theory work began ● 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms.
9/17/13 CFEngine Properties ● Small
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search)
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative
9/17/13 Bootstrap a test environment
9/17/13 Get Going ● Import vagrant basebox – cd resources/veewee – vagrant box add CFEngine_Training CFEngine_Training.box ● Bring up environment – vagrant status – vagrant up – vagrant status
9/17/13 More Nodes! ● Increase nodes in Vagrantfile ● vagrant up ● vagrant ssh node00{1,2}
9/17/13 CFEngine Design Center ● Community contributed reusable policy ● Curated Repository ● Cli and GUI (enterprise) clients
9/17/13 Using cf-sketch to configure infrastructure ● Log in to your policy hub, locate the design center repository and access the cf-sketch shell – vagrant ssh hub – sudo -i – cd /vagrant/resources/design-center/tools/cf-sketch – ./cf-sketch.pl
9/17/13 Configure Timezones ● search time ● info -v tzconfig ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo
9/17/13 Configure Timezones ● search time ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo
9/17/13 Configure Timezones Cont. ● define paramset System::tzconfig – Name: US_Central_TZ – Timezone: US/Central – Zoneinfo: /usr/share/zoneinfo
9/17/13 Activate and Deploy Timezone Configuration ● activate System::tzconfig NO_Oslo_TZ hub ● activate System::tzconfig US_Central_TZ node001 ● deploy
9/17/13 Editor War! ● Which side are you on? ● services/editor_war.cf
9/17/13 Wage War ● Remove Disallowed Packages – vagrant ssh hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. ● Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy
9/17/13 The Books ● Learning CFEngine 3 – Diego Zamboni ● Vagrant Up and Running – Mitchell Hashimoto
9/17/13 Questions/Discussion?
9/17/13 Thank You!
www.cfengine.com Vagrant & CFEngine CloudOpen North America 2013
Before we get started Is everyone in the right place? Has everyone installed Virtualbox 4.2.16 or later? VirtualBox --help | grep VirtualBox Has everyone installed Vagrant 1.2.7 or later? vagrant –version I have USB keys with Installers and content for the tutorial, if you don't have it yet please let me know.
Get to know each other Hi, I'm Nick SysAdmin > 10 Years Work at CFEngine Live in Lawrence, KS Twitter: @cmdln_ IRC: nickanderson Blog: http://www.cmdln.org Who are you? What do you do? Have you used Vagrant? Have you used CFEngine? Why did you choose this session and what do you hope to get from it?
9/17/13 What is Vagrant? Tool to make working with development environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. ● Created by Mitchell Hashimoto ● @mitchelh ● http://www.vagrantup.com Questions? Stop me
9/17/13 How can it help? Developer on-boarding Quickly provision/decommission test environments in repeatable fashion Bug Validation Continuous Integration Ad-hoc Demos
9/17/13 Provides common environment Designers Developers Operations QA Really any person that needs to have a functional test environment.
9/17/13 Portable ● VirtualBox ● AWS ● VMware ● More ● https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins Take it with you (offline) VirtualBox Vmware Use someone else's infrastructure AWS Rackspace
9/17/13 So what's it made of?
9/17/13 Vagrantfile ●Vagrantfile describes machine configurations ●Syntax is Ruby, but knowledge of the Ruby language is not necessary. It's mostly simple variable assignment.
9/17/13 Boxes ● Base operating system image ● Provider specific ● http://www.vagrantbox.es ● Use veewee or packer.io (build your own automatically) – Kickstart/preseed, postinstall scripts Veewee written by Patrick Debois Packer.io written by Mitchell Hashimoto Leverage your existing infrastructure. Use the same (or very similar) kickstart/preseed and postinstall scripts that you use in your production env.
9/17/13 Magic ● Ssh port forwards ● Shared project folder /vagrant Automatically forwards Local port to 22 on the host Automatically mounts the directory that the Vagrantfile lives in (Vagrant Project Dir) on each host. Add your own custom Problems with automagic? Check the tools version. Not required to match but it helps
9/17/13 Useful Plugin ● vagrant-vbguest automatically installs the host's VirtualBox Guest Additions on the guest system. ● vagrant plugin install vagrant-vbguest ● https://github.com/dotless-de/vagrant -vbguest ● Sometimes there are issues if the version of virtualbox tools does not match the currently running version. ● This plugin will detect if the guest tools are outdated, download build, install, restart the guest ● If you're lucky, vagrant-vbguest does not require any configurations.
9/17/13 CFEngine Provisioner: Currently Undocumented ● am_policy_hub ● extra_agent_args – Extra arguments to pass to cf-agent executions ● classes – Additional classes to define when running cf-agent ● deb_repo_file – The apt repository configuration file to use for configuring the repository containing the CFEngine packages ● deb_repo_line – The line that specifys the repository to use for CFEngine packages ● files_path – Directory to copy on top of the default masterfiles ● force_bootstrap – If true, bootstrap the host even if it has been bootstrapped before ● install – Install CFEngine package from repository ● mode – “bootstrap” or “single_run”, determines whether CFEngine will be bootstrapped or just executed once on the host ● policy_server_address ● repo_gpg_key_url – http location of GPG key used for checking package signatures ● run_file – Standalone CFEngine policy file to upload and execute ● upload_path – Path to upload run_file ● yum_repo_file – The yum repository file to use when configuring the repository containing CFEngine packages ● yum_repo_url – The url of the repository containing the CFEngine packages ● package_name – The cfengine package name to install The CFEngine provisioner is currently undocumented. This is a great opportunity for someone to contribute. I already did part of the work right here in this slide ;) Options for Package Source/install Extra Arguments Bootstrap or Standalone oneshot policy
9/17/13 CFEngine Provisioner: Example Use
9/17/13 Getting started ● vagrant box ● vagrant init ● vagrant status ● vagrant up ● vagrant ssh – vagrant ssh node ● vagrant destroy
9/17/13 Daily Use vagrant up vagrant {destroy, halt, suspend} !-2 There are more commands, but you use vagrant up to bring up an environment, and vagrant destroy to delete the vms.
9/17/13 This is fantastic!
9/17/13 Build base boxes for all the things! You can have too much of a good thing.
Black Hole There are so many places where configurations can hide. I think of Vms as kind of a black hole of knowledge.
9/17/13 Automating Vagrant Provisioning ● Ansible ● CFEngine ● Chef ● Puppet ● Salt Stack ● Shell Scripts ● MixnMatch! Automate configuration on top of base image. There are valid reasons for baking config into a basebox, usually for speed of deployment. Not a replacement for good configuration management.
9/17/13 CFEngine ● IT infrastructure automation, compliance, and knowledge management framework ● Opensource and Commercial Software ● Originally written by Mark Burgess ● @markburgess_osl ● http://www.cfengine.com
9/17/13 CFEngine History ● First released in 1993 ● CFEngine 2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. ● 2003 Promise Theory work began ● 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms. CFEngine has a solid history. Its been around for 20 years. Runs on over 10 million servers in over 10 thousand companies Promises are a declaration of intent
9/17/13 CFEngine Properties ● Small CFEngine is written in C ~ 100k lines of code (remember its a 20 year old project) ~ 5M single package install ~ 15-25M memory consumption (depends on your policy of course)
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) Security is a core focus. The voluntary cooperation principal of Promise Theory and the pull model are important for this. Great track record CFEngine hasn't had a published security vulnerability since 2005 (CFEngine 2) 0 since CFEngine 3 was released in 2009
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable Because its written in C it runs on just about anything. Linux, BSDs, AIX, HPUX, Solaris even Windows Storage Devices (Qnap) Switches (Cisco, Arista, Juniper) Embedded Devices Raspburry Pi Robot bottom of the ocean Water testing devices in fields with cows Laser cutters (that make puppets)
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient CFEngine works when other things are broken. CFEngine tries to fix itself – failsafe.cf Decisions are made by the agents running on individual hosts. If the network is down they continue to apply the policy they have. These policies can be extremely dynamic since all decisions are made by the individual agent. They can use external sources of information if desired or required. Convergence – continual repair of system state toward desired specification If something can't be fixed track it and move on (usually) If installing httpd fails, it could continue on and ensure that SSH is hardened. Or if you desire all execution could stop at that point.
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative CFEngines policy language is declarative in nature. This allows you to focus on the goals of how things should be and converge towards this desired state. It works kind of like a GPS. It doesn't matter where you start, it will continually re-route to reach the destination. For example Apache promises to be installed on webservers. Not install apache on host x,y,z Httpd process promises to be running in production during non maintenance hours Sshd process promises to not be running, and completely fire-walled off when the number of SSH sessions into or out of a host are 3 standard deviations higher than normal
9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative CFEngines policy language is declarative in nature. This allows you to focus on the goals of how things should be and converge towards this desired state. It works kind of like a GPS. It doesn't matter where you start, it will continually re-route to reach the destination. For example Httpd config file promises to have this configuration for hosts running application x Httpd process promises to be running on web servers Sshd process promises to not be running when the number of SSH sessions into or out of a host are 3 standard deviations higher than normal
9/17/13 Bootstrap a test environment Examine Vagrantfile Shell provisioner to prep the environment for offline use. Dynamic multi-vm configuration Host only network for vms to communicaate on Forward ports Synced files for hub masterfiles (normally, you would update your masterfiles from a version control repository) CFEngine policy Splay set to 0 Runs every minute (body executor control) Emails root@localhost Pre-written demo policy
9/17/13 Get Going ● Import vagrant basebox – cd resources/veewee – vagrant box add CFEngine_Training CFEngine_Training.box ● Bring up environment – vagrant status – vagrant up – vagrant status We need to add it manually because conference INTERNET
9/17/13 More Nodes! ● Increase nodes in Vagrantfile ● vagrant up ● vagrant ssh node00{1,2} Increase nodes to 1 or 2 (dependent on resources) Verify that you can ssh to them Check out shared directory support Look in /vagrant Update a file from inside the vm, check from workstation, vice versa
9/17/13 CFEngine Design Center ● Community contributed reusable policy ● Curated Repository ● Cli and GUI (enterprise) clients When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/synced_masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
9/17/13 Using cf-sketch to configure infrastructure ● Log in to your policy hub, locate the design center repository and access the cf-sketch shell – vagrant ssh hub – sudo -i – cd /vagrant/resources/design-center/tools/cf-sketch – ./cf-sketch.pl When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
9/17/13 Configure Timezones ● search time ● info -v tzconfig ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo You may want to have terminal open
9/17/13 Configure Timezones ● search time ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
9/17/13 Configure Timezones Cont. ● define paramset System::tzconfig – Name: US_Central_TZ – Timezone: US/Central – Zoneinfo: /usr/share/zoneinfo When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
9/17/13 Activate and Deploy Timezone Configuration ● activate System::tzconfig NO_Oslo_TZ hub ● activate System::tzconfig US_Central_TZ node001 ● deploy When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
9/17/13 Editor War! ● Which side are you on? ● services/editor_war.cf Stop here, take a look at the file. Who can tell what the policy is doing without having it explained to them first?
9/17/13 Wage War ● Remove Disallowed Packages – vagrant ssh hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. ● Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy How was this policy executed? See body common control inputs and bundlesequence. Try playing around and manually removing packages
9/17/13 The Books ● Learning CFEngine 3 – Diego Zamboni ● Vagrant Up and Running – Mitchell Hashimoto
9/17/13 Questions/Discussion?
9/17/13 Thank You!

Recomendados

Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngineOhio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Nick Anderson
 
Vagrant step-by-step guide for Beginners
Vagrant step-by-step guide for BeginnersVagrant step-by-step guide for Beginners
Vagrant step-by-step guide for Beginners
Sagar Acharya
 
Vagrant and CentOS 7
Vagrant and CentOS 7Vagrant and CentOS 7
Vagrant and CentOS 7
Julien Pivotto
 
Vagrant are you still develop in a non-virtual environment-
Vagrant are you still develop in a non-virtual environment-Vagrant are you still develop in a non-virtual environment-
Vagrant are you still develop in a non-virtual environment-
Anatoly Bubenkov
 
Meetup C++ Floripa - Conan.io
Meetup C++ Floripa - Conan.ioMeetup C++ Floripa - Conan.io
Meetup C++ Floripa - Conan.io
Uilian Ries
 
Vagrant 101 Workshop
Vagrant 101 WorkshopVagrant 101 Workshop
Vagrant 101 Workshop
Liora Milbaum
 
Vagrant
Vagrant Vagrant
Vagrant
Akshay Siwal
 
Vagrant
VagrantVagrant
Vagrant
Evans Ye
 

Recomendados

Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngineOhio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Nick Anderson
 
Vagrant step-by-step guide for Beginners
Vagrant step-by-step guide for BeginnersVagrant step-by-step guide for Beginners
Vagrant step-by-step guide for Beginners
Sagar Acharya
 
Vagrant and CentOS 7
Vagrant and CentOS 7Vagrant and CentOS 7
Vagrant and CentOS 7
Julien Pivotto
 
Vagrant are you still develop in a non-virtual environment-
Vagrant are you still develop in a non-virtual environment-Vagrant are you still develop in a non-virtual environment-
Vagrant are you still develop in a non-virtual environment-
Anatoly Bubenkov
 
Meetup C++ Floripa - Conan.io
Meetup C++ Floripa - Conan.ioMeetup C++ Floripa - Conan.io
Meetup C++ Floripa - Conan.io
Uilian Ries
 
Vagrant 101 Workshop
Vagrant 101 WorkshopVagrant 101 Workshop
Vagrant 101 Workshop
Liora Milbaum
 
Vagrant
Vagrant Vagrant
Vagrant
Akshay Siwal
 
Vagrant
VagrantVagrant
Vagrant
Evans Ye
 
Vagrant hands on workshop for beginners
Vagrant hands on workshop for beginnersVagrant hands on workshop for beginners
Vagrant hands on workshop for beginners
Liora Milbaum
 
EuroBSDCon 2021 - (auto)Installing BSD Systems
EuroBSDCon 2021 - (auto)Installing BSD SystemsEuroBSDCon 2021 - (auto)Installing BSD Systems
EuroBSDCon 2021 - (auto)Installing BSD Systems
Vinícius Zavam
 
Helpful pre commit hooks for Python and Django
Helpful pre commit hooks for Python and DjangoHelpful pre commit hooks for Python and Django
Helpful pre commit hooks for Python and Django
roskakori
 
FreeBSD hosting
FreeBSD hostingFreeBSD hosting
FreeBSD hosting
punkt.de GmbH
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applications
Terry Chen
 
Vagrant
VagrantVagrant
Vagrant
ProfessionalVMware
 
Beyond Puppet
Beyond PuppetBeyond Puppet
Beyond Puppet
Kris Buytaert
 
Develop QNAP NAS App by Docker
Develop QNAP NAS App by DockerDevelop QNAP NAS App by Docker
Develop QNAP NAS App by Docker
Terry Chen
 
Developing and Deploying PHP with Docker
Developing and Deploying PHP with DockerDeveloping and Deploying PHP with Docker
Developing and Deploying PHP with Docker
Patrick Mizer
 
Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ...
Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ... Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ...
Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ...
HighSolutions Sp. z o.o.
 
Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3
Jean-Frederic Clere
 
OpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooOpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, too
inovex GmbH
 
Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015
Stephen Benjamin
 
[MeetUp][2nd] 컭on턺
[MeetUp][2nd] 컭on턺[MeetUp][2nd] 컭on턺
[MeetUp][2nd] 컭on턺
InfraEngineer
 
Docker and fig for dev
Docker and fig for devDocker and fig for dev
Docker and fig for dev
pranas_algoteq
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web apps
Tomislav Raseta
 
Docker in Production: Reality, Not Hype - DevOps Chicago
Docker in Production: Reality, Not Hype - DevOps ChicagoDocker in Production: Reality, Not Hype - DevOps Chicago
Docker in Production: Reality, Not Hype - DevOps Chicago
bridgetkromhout
 
Docker in Production: Reality, Not Hype
Docker in Production: Reality, Not HypeDocker in Production: Reality, Not Hype
Docker in Production: Reality, Not Hype
bridgetkromhout
 
Conan a C/C++ Package Manager
Conan a C/C++ Package ManagerConan a C/C++ Package Manager
Conan a C/C++ Package Manager
Uilian Ries
 
Snaps on open suse
Snaps on open suseSnaps on open suse
Snaps on open suse
Zygmunt Krynicki
 
Vagrant & CFEngine - LOPSA East 2013
Vagrant & CFEngine - LOPSA East 2013Vagrant & CFEngine - LOPSA East 2013
Vagrant & CFEngine - LOPSA East 2013
Nick Anderson
 
Toronto VMware User Group Opening - Angelo Luciani
Toronto VMware User Group Opening - Angelo LucianiToronto VMware User Group Opening - Angelo Luciani
Toronto VMware User Group Opening - Angelo Luciani
Angelo Luciani
 

Mais conteúdo relacionado

Mais procurados

EuroBSDCon 2021 - (auto)Installing BSD Systems
EuroBSDCon 2021 - (auto)Installing BSD SystemsEuroBSDCon 2021 - (auto)Installing BSD Systems
EuroBSDCon 2021 - (auto)Installing BSD Systems
Vinícius Zavam
 
Developing and Deploying PHP with Docker
Developing and Deploying PHP with DockerDeveloping and Deploying PHP with Docker
Developing and Deploying PHP with Docker
Patrick Mizer
 
Docker in Production: Reality, Not Hype - DevOps Chicago
Docker in Production: Reality, Not Hype - DevOps ChicagoDocker in Production: Reality, Not Hype - DevOps Chicago
Docker in Production: Reality, Not Hype - DevOps Chicago
bridgetkromhout
 

Mais procurados (20)

Vagrant hands on workshop for beginners
Vagrant hands on workshop for beginnersVagrant hands on workshop for beginners
Vagrant hands on workshop for beginners
 
EuroBSDCon 2021 - (auto)Installing BSD Systems
EuroBSDCon 2021 - (auto)Installing BSD SystemsEuroBSDCon 2021 - (auto)Installing BSD Systems
EuroBSDCon 2021 - (auto)Installing BSD Systems
 
Helpful pre commit hooks for Python and Django
Helpful pre commit hooks for Python and DjangoHelpful pre commit hooks for Python and Django
Helpful pre commit hooks for Python and Django
 
FreeBSD hosting
FreeBSD hostingFreeBSD hosting
FreeBSD hosting
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applications
 
Vagrant
VagrantVagrant
Vagrant
 
Beyond Puppet
Beyond PuppetBeyond Puppet
Beyond Puppet
 
Develop QNAP NAS App by Docker
Develop QNAP NAS App by DockerDevelop QNAP NAS App by Docker
Develop QNAP NAS App by Docker
 
Developing and Deploying PHP with Docker
Developing and Deploying PHP with DockerDeveloping and Deploying PHP with Docker
Developing and Deploying PHP with Docker
 
Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ...
Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ... Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ...
Laravel Poznań Meetup #12 - "Speed up web API with Laravel and Swoole using ...
 
Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3
 
OpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooOpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, too
 
Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015
 
[MeetUp][2nd] 컭on턺
[MeetUp][2nd] 컭on턺[MeetUp][2nd] 컭on턺
[MeetUp][2nd] 컭on턺
 
Docker and fig for dev
Docker and fig for devDocker and fig for dev
Docker and fig for dev
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web apps
 
Docker in Production: Reality, Not Hype - DevOps Chicago
Docker in Production: Reality, Not Hype - DevOps ChicagoDocker in Production: Reality, Not Hype - DevOps Chicago
Docker in Production: Reality, Not Hype - DevOps Chicago
 
Docker in Production: Reality, Not Hype
Docker in Production: Reality, Not HypeDocker in Production: Reality, Not Hype
Docker in Production: Reality, Not Hype
 
Conan a C/C++ Package Manager
Conan a C/C++ Package ManagerConan a C/C++ Package Manager
Conan a C/C++ Package Manager
 
Snaps on open suse
Snaps on open suseSnaps on open suse
Snaps on open suse
 

Destaque

Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016
Nick Anderson
 
The Heisenberg Uncertainty Principle[1]
The Heisenberg Uncertainty Principle[1]The Heisenberg Uncertainty Principle[1]
The Heisenberg Uncertainty Principle[1]
guestea12c43
 

Destaque (14)

Vagrant & CFEngine - LOPSA East 2013
Vagrant & CFEngine - LOPSA East 2013Vagrant & CFEngine - LOPSA East 2013
Vagrant & CFEngine - LOPSA East 2013
 
Toronto VMware User Group Opening - Angelo Luciani
Toronto VMware User Group Opening - Angelo LucianiToronto VMware User Group Opening - Angelo Luciani
Toronto VMware User Group Opening - Angelo Luciani
 
Spoofing - o retorno
Spoofing - o retornoSpoofing - o retorno
Spoofing - o retorno
 
2016-02-01_dark
2016-02-01_dark2016-02-01_dark
2016-02-01_dark
 
Ppt Flor S
Ppt Flor SPpt Flor S
Ppt Flor S
 
Bicing Analysis - Villes Cyclables
Bicing Analysis - Villes CyclablesBicing Analysis - Villes Cyclables
Bicing Analysis - Villes Cyclables
 
P P T Flor S
P P T Flor SP P T Flor S
P P T Flor S
 
Maximize Community Toronto VMUG - Mike Preston
Maximize Community Toronto VMUG - Mike PrestonMaximize Community Toronto VMUG - Mike Preston
Maximize Community Toronto VMUG - Mike Preston
 
Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016
 
Green
GreenGreen
Green
 
OpenStack and the Industry Shift with Open Cloud - Eric Wright
OpenStack and the Industry Shift with Open Cloud - Eric WrightOpenStack and the Industry Shift with Open Cloud - Eric Wright
OpenStack and the Industry Shift with Open Cloud - Eric Wright
 
The Heisenberg Uncertainty Principle[1]
The Heisenberg Uncertainty Principle[1]The Heisenberg Uncertainty Principle[1]
The Heisenberg Uncertainty Principle[1]
 
Stephen Covey The 90/10 Principle
Stephen Covey The 90/10 PrincipleStephen Covey The 90/10 Principle
Stephen Covey The 90/10 Principle
 
Green Technology Powerpoint
Green Technology PowerpointGreen Technology Powerpoint
Green Technology Powerpoint
 

Semelhante a CloudOpen North America 2013: Vagrant & CFEngine

Take Home Your Very Own Free Vagrant CFML Dev Environment
Take Home Your Very Own Free Vagrant CFML Dev Environment Take Home Your Very Own Free Vagrant CFML Dev Environment
Take Home Your Very Own Free Vagrant CFML Dev Environment
ColdFusionConference
 
Take home your very own free Vagrant CFML Dev Environment - Presented at dev....
Take home your very own free Vagrant CFML Dev Environment - Presented at dev....Take home your very own free Vagrant CFML Dev Environment - Presented at dev....
Take home your very own free Vagrant CFML Dev Environment - Presented at dev....
Gavin Pickin
 
Speed up your development environment PHP + Nginx + Fedora + PG
Speed up your development environment PHP + Nginx + Fedora + PGSpeed up your development environment PHP + Nginx + Fedora + PG
Speed up your development environment PHP + Nginx + Fedora + PG
Marcus Sá
 
Vagrant for Virtualized Development
Vagrant for Virtualized DevelopmentVagrant for Virtualized Development
Vagrant for Virtualized Development
Adam Culp
 
Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013
Arpad Szasz
 
Useful Vim Plugins
Useful Vim PluginsUseful Vim Plugins
Useful Vim Plugins
anveo
 

Semelhante a CloudOpen North America 2013: Vagrant & CFEngine (20)

Take Home Your Very Own Free Vagrant CFML Dev Environment
Take Home Your Very Own Free Vagrant CFML Dev Environment Take Home Your Very Own Free Vagrant CFML Dev Environment
Take Home Your Very Own Free Vagrant CFML Dev Environment
 
Take home your very own free Vagrant CFML Dev Environment - Presented at dev....
Take home your very own free Vagrant CFML Dev Environment - Presented at dev....Take home your very own free Vagrant CFML Dev Environment - Presented at dev....
Take home your very own free Vagrant CFML Dev Environment - Presented at dev....
 
Installing nagios core_from_source
Installing nagios core_from_sourceInstalling nagios core_from_source
Installing nagios core_from_source
 
Vagrant workshop 2015
Vagrant workshop 2015Vagrant workshop 2015
Vagrant workshop 2015
 
Containerized IDEs.pdf
Containerized IDEs.pdfContainerized IDEs.pdf
Containerized IDEs.pdf
 
Automating with ansible (Part B)
Automating with ansible (Part B)Automating with ansible (Part B)
Automating with ansible (Part B)
 
Wrangling 3rd Party Installers from Puppet
Wrangling 3rd Party Installers from PuppetWrangling 3rd Party Installers from Puppet
Wrangling 3rd Party Installers from Puppet
 
Vagrant up-and-running
Vagrant up-and-runningVagrant up-and-running
Vagrant up-and-running
 
Speed up your development environment PHP + Nginx + Fedora + PG
Speed up your development environment PHP + Nginx + Fedora + PGSpeed up your development environment PHP + Nginx + Fedora + PG
Speed up your development environment PHP + Nginx + Fedora + PG
 
ITB2019 Scaling with CommandBox in Production! - Brad Wood
ITB2019 Scaling with CommandBox in Production! - Brad WoodITB2019 Scaling with CommandBox in Production! - Brad Wood
ITB2019 Scaling with CommandBox in Production! - Brad Wood
 
Vagrant for Virtualized Development
Vagrant for Virtualized DevelopmentVagrant for Virtualized Development
Vagrant for Virtualized Development
 
Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013Perl hosting for beginners - Cluj.pm March 2013
Perl hosting for beginners - Cluj.pm March 2013
 
Warden @ Meet magento Romania 2021
Warden @ Meet magento Romania 2021Warden @ Meet magento Romania 2021
Warden @ Meet magento Romania 2021
 
Os dev tool box
Os dev tool boxOs dev tool box
Os dev tool box
 
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3 Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
 
Crikeycon 2019 Velociraptor Workshop
Crikeycon 2019 Velociraptor WorkshopCrikeycon 2019 Velociraptor Workshop
Crikeycon 2019 Velociraptor Workshop
 
Useful Vim Plugins
Useful Vim PluginsUseful Vim Plugins
Useful Vim Plugins
 
How tos nagios - centos wiki
How tos nagios - centos wikiHow tos nagios - centos wiki
How tos nagios - centos wiki
 
Keep calm and vagrant up
Keep calm and vagrant upKeep calm and vagrant up
Keep calm and vagrant up
 
Android Platform Debugging and Development
Android Platform Debugging and DevelopmentAndroid Platform Debugging and Development
Android Platform Debugging and Development
 

Último

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Último (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

CloudOpen North America 2013: Vagrant & CFEngine

  • 2. Before we get started Is everyone in the right place? Has everyone installed Virtualbox 4.2.16 or later? VirtualBox --help | grep VirtualBox Has everyone installed Vagrant 1.2.7 or later? vagrant –version I have USB keys with Installers and content for the tutorial, if you don't have it yet please let me know.
  • 3. Get to know each other Hi, I'm Nick SysAdmin > 10 Years Work at CFEngine Live in Lawrence, KS Twitter: @cmdln_ IRC: nickanderson Blog: http://www.cmdln.org Who are you? What do you do? Have you used Vagrant? Have you used CFEngine? Why did you choose this session and what do you hope to get from it?
  • 4. 9/17/13 What is Vagrant? Tool to make working with development environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. ● Created by Mitchell Hashimoto ● @mitchelh ● http://www.vagrantup.com
  • 5. 9/17/13 How can it help? Developer on-boarding Quickly provision/decommission test environments in repeatable fashion Bug Validation Continuous Integration Ad-hoc Demos
  • 7. 9/17/13 Portable ● VirtualBox ● AWS ● VMware ● More ● https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins
  • 10. 9/17/13 Boxes ● Base operating system image ● Provider specific ● http://www.vagrantbox.es ● Use veewee or packer.io (build your own automatically) – Kickstart/preseed, postinstall scripts
  • 11. 9/17/13 Magic ● Ssh port forwards ● Shared project folder /vagrant
  • 12. 9/17/13 Useful Plugin ● vagrant-vbguest automatically installs the host's VirtualBox Guest Additions on the guest system. ● vagrant plugin install vagrant-vbguest ● https://github.com/dotless-de/vagrant -vbguest
  • 13. 9/17/13 CFEngine Provisioner: Currently Undocumented ● am_policy_hub ● extra_agent_args – Extra arguments to pass to cf-agent executions ● classes – Additional classes to define when running cf-agent ● deb_repo_file – The apt repository configuration file to use for configuring the repository containing the CFEngine packages ● deb_repo_line – The line that specifys the repository to use for CFEngine packages ● files_path – Directory to copy on top of the default masterfiles ● force_bootstrap – If true, bootstrap the host even if it has been bootstrapped before ● install – Install CFEngine package from repository ● mode – “bootstrap” or “single_run”, determines whether CFEngine will be bootstrapped or just executed once on the host ● policy_server_address ● repo_gpg_key_url – http location of GPG key used for checking package signatures ● run_file – Standalone CFEngine policy file to upload and execute ● upload_path – Path to upload run_file ● yum_repo_file – The yum repository file to use when configuring the repository containing CFEngine packages ● yum_repo_url – The url of the repository containing the CFEngine packages ● package_name – The cfengine package name to install
  • 15. 9/17/13 Getting started ● vagrant box ● vagrant init ● vagrant status ● vagrant up ● vagrant ssh – vagrant ssh node ● vagrant destroy
  • 16. 9/17/13 Daily Use vagrant up vagrant {destroy, halt, suspend} !-2
  • 18. 9/17/13 Build base boxes for all the things!
  • 19.
  • 21. 9/17/13 Automating Vagrant Provisioning ● Ansible ● CFEngine ● Chef ● Puppet ● Salt Stack ● Shell Scripts ● MixnMatch!
  • 22. 9/17/13 CFEngine ● IT infrastructure automation, compliance, and knowledge management framework ● Opensource and Commercial Software ● Originally written by Mark Burgess ● @markburgess_osl ● http://www.cfengine.com
  • 23. 9/17/13 CFEngine History ● First released in 1993 ● CFEngine 2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. ● 2003 Promise Theory work began ● 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms.
  • 25. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search)
  • 26. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable
  • 27. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient
  • 28. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative
  • 29. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative
  • 31. 9/17/13 Get Going ● Import vagrant basebox – cd resources/veewee – vagrant box add CFEngine_Training CFEngine_Training.box ● Bring up environment – vagrant status – vagrant up – vagrant status
  • 32. 9/17/13 More Nodes! ● Increase nodes in Vagrantfile ● vagrant up ● vagrant ssh node00{1,2}
  • 33. 9/17/13 CFEngine Design Center ● Community contributed reusable policy ● Curated Repository ● Cli and GUI (enterprise) clients
  • 34. 9/17/13 Using cf-sketch to configure infrastructure ● Log in to your policy hub, locate the design center repository and access the cf-sketch shell – vagrant ssh hub – sudo -i – cd /vagrant/resources/design-center/tools/cf-sketch – ./cf-sketch.pl
  • 35. 9/17/13 Configure Timezones ● search time ● info -v tzconfig ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo
  • 36. 9/17/13 Configure Timezones ● search time ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo
  • 37. 9/17/13 Configure Timezones Cont. ● define paramset System::tzconfig – Name: US_Central_TZ – Timezone: US/Central – Zoneinfo: /usr/share/zoneinfo
  • 38. 9/17/13 Activate and Deploy Timezone Configuration ● activate System::tzconfig NO_Oslo_TZ hub ● activate System::tzconfig US_Central_TZ node001 ● deploy
  • 39. 9/17/13 Editor War! ● Which side are you on? ● services/editor_war.cf
  • 40. 9/17/13 Wage War ● Remove Disallowed Packages – vagrant ssh hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. ● Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy
  • 41. 9/17/13 The Books ● Learning CFEngine 3 – Diego Zamboni ● Vagrant Up and Running – Mitchell Hashimoto
  • 45. Before we get started Is everyone in the right place? Has everyone installed Virtualbox 4.2.16 or later? VirtualBox --help | grep VirtualBox Has everyone installed Vagrant 1.2.7 or later? vagrant –version I have USB keys with Installers and content for the tutorial, if you don't have it yet please let me know.
  • 46. Get to know each other Hi, I'm Nick SysAdmin > 10 Years Work at CFEngine Live in Lawrence, KS Twitter: @cmdln_ IRC: nickanderson Blog: http://www.cmdln.org Who are you? What do you do? Have you used Vagrant? Have you used CFEngine? Why did you choose this session and what do you hope to get from it?
  • 47. 9/17/13 What is Vagrant? Tool to make working with development environments easy. Create, configure, destroy lightweight, reproducible, and portable environments. ● Created by Mitchell Hashimoto ● @mitchelh ● http://www.vagrantup.com Questions? Stop me
  • 48. 9/17/13 How can it help? Developer on-boarding Quickly provision/decommission test environments in repeatable fashion Bug Validation Continuous Integration Ad-hoc Demos
  • 49. 9/17/13 Provides common environment Designers Developers Operations QA Really any person that needs to have a functional test environment.
  • 50. 9/17/13 Portable ● VirtualBox ● AWS ● VMware ● More ● https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Plugins Take it with you (offline) VirtualBox Vmware Use someone else's infrastructure AWS Rackspace
  • 52. 9/17/13 Vagrantfile ●Vagrantfile describes machine configurations ●Syntax is Ruby, but knowledge of the Ruby language is not necessary. It's mostly simple variable assignment.
  • 53. 9/17/13 Boxes ● Base operating system image ● Provider specific ● http://www.vagrantbox.es ● Use veewee or packer.io (build your own automatically) – Kickstart/preseed, postinstall scripts Veewee written by Patrick Debois Packer.io written by Mitchell Hashimoto Leverage your existing infrastructure. Use the same (or very similar) kickstart/preseed and postinstall scripts that you use in your production env.
  • 54. 9/17/13 Magic ● Ssh port forwards ● Shared project folder /vagrant Automatically forwards Local port to 22 on the host Automatically mounts the directory that the Vagrantfile lives in (Vagrant Project Dir) on each host. Add your own custom Problems with automagic? Check the tools version. Not required to match but it helps
  • 55. 9/17/13 Useful Plugin ● vagrant-vbguest automatically installs the host's VirtualBox Guest Additions on the guest system. ● vagrant plugin install vagrant-vbguest ● https://github.com/dotless-de/vagrant -vbguest ● Sometimes there are issues if the version of virtualbox tools does not match the currently running version. ● This plugin will detect if the guest tools are outdated, download build, install, restart the guest ● If you're lucky, vagrant-vbguest does not require any configurations.
  • 56. 9/17/13 CFEngine Provisioner: Currently Undocumented ● am_policy_hub ● extra_agent_args – Extra arguments to pass to cf-agent executions ● classes – Additional classes to define when running cf-agent ● deb_repo_file – The apt repository configuration file to use for configuring the repository containing the CFEngine packages ● deb_repo_line – The line that specifys the repository to use for CFEngine packages ● files_path – Directory to copy on top of the default masterfiles ● force_bootstrap – If true, bootstrap the host even if it has been bootstrapped before ● install – Install CFEngine package from repository ● mode – “bootstrap” or “single_run”, determines whether CFEngine will be bootstrapped or just executed once on the host ● policy_server_address ● repo_gpg_key_url – http location of GPG key used for checking package signatures ● run_file – Standalone CFEngine policy file to upload and execute ● upload_path – Path to upload run_file ● yum_repo_file – The yum repository file to use when configuring the repository containing CFEngine packages ● yum_repo_url – The url of the repository containing the CFEngine packages ● package_name – The cfengine package name to install The CFEngine provisioner is currently undocumented. This is a great opportunity for someone to contribute. I already did part of the work right here in this slide ;) Options for Package Source/install Extra Arguments Bootstrap or Standalone oneshot policy
  • 58. 9/17/13 Getting started ● vagrant box ● vagrant init ● vagrant status ● vagrant up ● vagrant ssh – vagrant ssh node ● vagrant destroy
  • 59. 9/17/13 Daily Use vagrant up vagrant {destroy, halt, suspend} !-2 There are more commands, but you use vagrant up to bring up an environment, and vagrant destroy to delete the vms.
  • 61. 9/17/13 Build base boxes for all the things! You can have too much of a good thing.
  • 62.
  • 63. Black Hole There are so many places where configurations can hide. I think of Vms as kind of a black hole of knowledge.
  • 64. 9/17/13 Automating Vagrant Provisioning ● Ansible ● CFEngine ● Chef ● Puppet ● Salt Stack ● Shell Scripts ● MixnMatch! Automate configuration on top of base image. There are valid reasons for baking config into a basebox, usually for speed of deployment. Not a replacement for good configuration management.
  • 65. 9/17/13 CFEngine ● IT infrastructure automation, compliance, and knowledge management framework ● Opensource and Commercial Software ● Originally written by Mark Burgess ● @markburgess_osl ● http://www.cfengine.com
  • 66. 9/17/13 CFEngine History ● First released in 1993 ● CFEngine 2 released in 1998, self healing computer immunology. Added machine learning and anomaly detection. ● 2003 Promise Theory work began ● 2008 CFEngine 3 released. Integrates knowledge management and discovery mechanisms. CFEngine has a solid history. Its been around for 20 years. Runs on over 10 million servers in over 10 thousand companies Promises are a declaration of intent
  • 67. 9/17/13 CFEngine Properties ● Small CFEngine is written in C ~ 100k lines of code (remember its a 20 year old project) ~ 5M single package install ~ 15-25M memory consumption (depends on your policy of course)
  • 68. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) Security is a core focus. The voluntary cooperation principal of Promise Theory and the pull model are important for this. Great track record CFEngine hasn't had a published security vulnerability since 2005 (CFEngine 2) 0 since CFEngine 3 was released in 2009
  • 69. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable Because its written in C it runs on just about anything. Linux, BSDs, AIX, HPUX, Solaris even Windows Storage Devices (Qnap) Switches (Cisco, Arista, Juniper) Embedded Devices Raspburry Pi Robot bottom of the ocean Water testing devices in fields with cows Laser cutters (that make puppets)
  • 70. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient CFEngine works when other things are broken. CFEngine tries to fix itself – failsafe.cf Decisions are made by the agents running on individual hosts. If the network is down they continue to apply the policy they have. These policies can be extremely dynamic since all decisions are made by the individual agent. They can use external sources of information if desired or required. Convergence – continual repair of system state toward desired specification If something can't be fixed track it and move on (usually) If installing httpd fails, it could continue on and ensure that SSH is hardened. Or if you desire all execution could stop at that point.
  • 71. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative CFEngines policy language is declarative in nature. This allows you to focus on the goals of how things should be and converge towards this desired state. It works kind of like a GPS. It doesn't matter where you start, it will continually re-route to reach the destination. For example Apache promises to be installed on webservers. Not install apache on host x,y,z Httpd process promises to be running in production during non maintenance hours Sshd process promises to not be running, and completely fire-walled off when the number of SSH sessions into or out of a host are 3 standard deviations higher than normal
  • 72. 9/17/13 CFEngine Properties ● Small ● Secure (http://web.nvd.nist.gov/view/vuln/search) ● Portable ● Resilient ● Declarative CFEngines policy language is declarative in nature. This allows you to focus on the goals of how things should be and converge towards this desired state. It works kind of like a GPS. It doesn't matter where you start, it will continually re-route to reach the destination. For example Httpd config file promises to have this configuration for hosts running application x Httpd process promises to be running on web servers Sshd process promises to not be running when the number of SSH sessions into or out of a host are 3 standard deviations higher than normal
  • 73. 9/17/13 Bootstrap a test environment Examine Vagrantfile Shell provisioner to prep the environment for offline use. Dynamic multi-vm configuration Host only network for vms to communicaate on Forward ports Synced files for hub masterfiles (normally, you would update your masterfiles from a version control repository) CFEngine policy Splay set to 0 Runs every minute (body executor control) Emails root@localhost Pre-written demo policy
  • 74. 9/17/13 Get Going ● Import vagrant basebox – cd resources/veewee – vagrant box add CFEngine_Training CFEngine_Training.box ● Bring up environment – vagrant status – vagrant up – vagrant status We need to add it manually because conference INTERNET
  • 75. 9/17/13 More Nodes! ● Increase nodes in Vagrantfile ● vagrant up ● vagrant ssh node00{1,2} Increase nodes to 1 or 2 (dependent on resources) Verify that you can ssh to them Check out shared directory support Look in /vagrant Update a file from inside the vm, check from workstation, vice versa
  • 76. 9/17/13 CFEngine Design Center ● Community contributed reusable policy ● Curated Repository ● Cli and GUI (enterprise) clients When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/synced_masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
  • 77. 9/17/13 Using cf-sketch to configure infrastructure ● Log in to your policy hub, locate the design center repository and access the cf-sketch shell – vagrant ssh hub – sudo -i – cd /vagrant/resources/design-center/tools/cf-sketch – ./cf-sketch.pl When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
  • 78. 9/17/13 Configure Timezones ● search time ● info -v tzconfig ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo You may want to have terminal open
  • 79. 9/17/13 Configure Timezones ● search time ● install System::tzconfig ● define paramset System::tzconfig – Name: NO_Oslo_TZ – Timezone: Europe/Oslo – Zoneinfo: /usr/share/zoneinfo When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
  • 80. 9/17/13 Configure Timezones Cont. ● define paramset System::tzconfig – Name: US_Central_TZ – Timezone: US/Central – Zoneinfo: /usr/share/zoneinfo When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
  • 81. 9/17/13 Activate and Deploy Timezone Configuration ● activate System::tzconfig NO_Oslo_TZ hub ● activate System::tzconfig US_Central_TZ node001 ● deploy When I am talking about paths to cfengine configuration files in these examples they are relative to masterfiles So the synced vagrant directory is resources/overlay_var_cfengine/masterfiles Edit there and the policy will get synchronized to the hubs masterfiles directory
  • 82. 9/17/13 Editor War! ● Which side are you on? ● services/editor_war.cf Stop here, take a look at the file. Who can tell what the policy is doing without having it explained to them first?
  • 83. 9/17/13 Wage War ● Remove Disallowed Packages – vagrant ssh hub – watch rpm -q emacs-nox – Uncomment disallowed_packages to activate policy. Watch it get fixed. ● Install Required Packages – watch rpm -q vim-enhanced – Uncomment required_packages to activate policy How was this policy executed? See body common control inputs and bundlesequence. Try playing around and manually removing packages
  • 84. 9/17/13 The Books ● Learning CFEngine 3 – Diego Zamboni ● Vagrant Up and Running – Mitchell Hashimoto