In a lot of companies, machine deployment is a delicate subject: every administrator has his own recipe, using CD-ROMs, static binary images deployed via the network, peer delegation ...
However, one solution makes the consensus when it comes to automated mass deployments ( except in the Cloud ): PXE boot. The main cons are that the deployment and the management of such a service is a pain, and every OS has its own installation automation system.
This is where Cobbler saves the day: it enables a painless and reliably to create a PXE service, usable on either virtual or physical machines, while beeing the most agnostic possible towards the target OSes and its preconfiguration system (preseed, kickstart, sysprep, ...) while offering the possibility to handle lots of configuration parameters in a modular fashion (network, partitionning, user accounts, configuration management agent...)
This conference aims to introduce the audience to the general concepts of Cobbler, and some scenarios where it would be a useful solution.
2. Normation – Tous droits réservés
normation.com
Who are you
Job System administrator
Phone: +33 6 30 53 40 00
Email : matthieu.cerda@normation.com
Web site : www.normation.com
@Kegeruneku
3. Normation – CC-BY-SA
normation.com 3
Problem
● Problem : Deploying new VMs is a painfully heavy and error-prone process.
● Solution: A tool able to automatize this the best way possible !
4. Normation – CC-BY-SA
normation.com 4
PXE
● “The Preboot eXecution Environment (PXE, also known as Pre-
Execution Environment; sometimes pronounced "pixie") is an
environment to boot computers using a network interface
independently of data storage devices (like hard disks) or installed
operating systems.” (Thanks Wikipedia)
●Created to respond to a simple problem: before it, even with
automated installations, the administrator needed to move towards
the machine, and boot it manually with a media.
● Administrators are lazy (well, I am), and thus needed something to
install a machine from the boot to the login prompt, with the least
human interference possible.
5. Normation – CC-BY-SA
normation.com 5
Problem (again)
●
PXE boot needs a tight and coherent integration of all these
services:
● DHCP
● TFTP
● HTTP
● (DNS, optionnal)
● Installing them and setting them requires specific experience,
skills and time.
● Time + skills = investment (either from people or from the wallet)
●
1st
problem: PXE is expensive
6. Normation – CC-BY-SA
normation.com 6
Problem (this is getting annoying !!!)
●
PXE boot needs a tight and coherent integration of all these
services:
● DHCP
● TFTP
● HTTP
● (DNS, optionnal)
● Keeping them in sync is horrifyingly painful, you KNOW
something will break one day or another (typos, forgot to copy a
file ...)
●
So, 2nd
trouble: PXE is hard to manage
7. Normation – CC-BY-SA
normation.com 7
Context
ID Card
● Name :
● Birthdate : 2007
● Language : Python
● Licence : GPL
● Author : Michael DeHaan ( You went to the Ansible
presentation this morning, did you ? )
● Dependencies : DHCP/TFTP/[DNS]
● Disponibility : Packages ( or sources )
● Tested and approved™ :
8. Normation – CC-BY-SA
normation.com 8
A little project history
Birth
2011: Site
switching
from Fedora
hosting to
Github
2012: Used
by
Canonical
for
OpenStack
tests
9. Normation – CC-BY-SA
normation.com 9
Global architecture
Distributions
Kernel Initrd Arguments Classes
Profiles
Repositories Network Proxy Classes
System
LDAP RHN/RHM Network Virtualization Puppet
REST API
10. Normation – CC-BY-SA
normation.com 10
Global architecture
CLI Koan
LibVirt
API
Cobbler
PXE
DNS TFTP DHCP
Physical
machines
Virtual
machines
HTTP
Web UI
12. Normation – CC-BY-SA
normation.com 12
Profile
●Abstraction layer between distros ans systems
●Can be used to define roles, for example: web_server, dns_server...
13. Normation – CC-BY-SA
normation.com 13
System
●The most important part, what the user will see !
●Will define physical or virtual entities, like a libvirt VM or a plain
computer. The MAC address serves as a binding between the low
level PXE and the system definition.
16. Normation – CC-BY-SA
normation.com 16
Configuration
●
/etc/cobbler/settings
● YAML file, setting global variables and special cobblerd specific
parameters
● Can then be overriden by other abstraction layers
● /etc/cobbler/modules
● Defines which services will be managed (and how)
● Also defines how authentication will be done (for web UI for
example)
● /var/lib/cobbler/...
● Stores all the distro/profile/system/... configurations
17. Normation – CC-BY-SA
normation.com 17
Usefulness
●
“So, why is Cobbler so useful for you ?”
● Aptitude/yum install cobbler, as simple as that
● Just works, out of the box
● Easy integration with Virtualization software
● Seriously, managing PXE by hand is a pain in the neck...
● “Remember when we used to manage kickstart files by hand ?”
● “Yeah, so many hours I could have used to slack looking at cat
videos...”
18. Normation – CC-BY-SA
normation.com 18
Usefulness
●
“Can I deploy this in my company / home / toaster now ?”
● Yes ! It actually integrates well with existing machines/services.
● Just works, out of the box
● All you need is a machine, a distro CD / ISO and you're done.
● Can by used as an emergency crash recovery solution
● Used in a french company after a natural catastrophe (flood) to
restore quickly a new bunch of machines back to an
operationnal state. [reference needed]
19. Normation – CC-BY-SA
normation.com 19
Integration with existing services
●
Cobbler can integrate with services like:
● Local repository mirrors
● Local DNS / TFTP / ... services
● Configuration management: CFEngine / Puppet / Chef /
Ansible / ...
20. Normation – CC-BY-SA
normation.com 20
Protips
●
When you install Cobbler, remember some important points
● SELinux is tricky
● DISABLE STP ON YOUR BRIDGES !!!
● If something fails, check your firewall. If it still fails, check again.
● Always have a sandbox environment to play with.
● KVM is a great tool, especially with libvirt
● Keep It Simple and Safe
21. Normation – CC-BY-SA
normation.com 21
Extensibility
●
We develop Rudder, an IT automatization and conformity tool.
● Goal: Add a support for Cobbler
● Problem: Cobbler only supports Cobbler at this time !
● Solution: Add the necessary bindings ourselves ! (All hail Python
o/)
Let us take a slightly more complex case...
System
LDAP RHN/RHM Network Virtualization Puppet Rudder