Integrating cloud stack with puppet
0 likes1,442 views
This document summarizes a presentation about integrating the configuration management tool Puppet with the cloud computing platform CloudStack. The key points are: 1) Puppet is configured to provision virtual machines launched in CloudStack without requiring manual intervention or Puppet's auto-signing certificate feature, which poses a security risk. 2) User data passed to instances at launch is used to dynamically set Puppet facts like role and environment without needing separate node definitions. 3) Cleanup scripts remove nodes from Puppet's database and monitoring systems when their corresponding virtual machines in CloudStack are terminated to avoid alerting on missing hosts.
![[gn]
aet
..
.
crnm =cmue0
etae opt01
nd_ae=fce
oenm atr
nd_aefc =fd
oenm_at qn
The n d _ a e
o e n m and n d _ a e f c settings
oenm_at
were necessary because the Puppet client thought it's
node name was "compute001".
Had to modify /etc/puppet/auth.conf on the Puppet
master. Details about why and what to change found
in issue 2128:
#alwndst rtiv teronctlg
lo oe o eree hi w aao
#(etercniuain
i hi ofgrto)
#ah~^ctlg(^])
pt /aao/[/+$
#ehdfn
mto id
#lo $
alw 1
#Ti cag alw u t ueacmo
hs hne los s o s omn
#criiaears mlil nds
etfct cos utpe oe.
pt ~/aao/+
ah ctlg.
alw*
lo
Enable Puppet to run as soon as](https://image.slidesharecdn.com/integratingcloudstackwithpuppet-120612161711-phpapp02/85/Integrating-cloud-stack-with-puppet-3-320.jpg)
Integrating cloud stack with puppet
- 1. Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation. For the best experience please use the latest Chrome or Safari browser. Firefox 10 (to be released soon) will also handle it. Integrating CloudStack With Puppet Jason Hancock [email protected] @jsnby http://geek.jasonhancock.com May 2012 Goals: Do NOT use Puppet's autosigning feature Instances receive all config via Puppet Minimize the number of CloudStack templates No manual intervention
- 3. [gn] aet .. . crnm =cmue0 etae opt01 nd_ae=fce oenm atr nd_aefc =fd oenm_at qn The n d _ a e o e n m and n d _ a e f c settings oenm_at were necessary because the Puppet client thought it's node name was "compute001". Had to modify /etc/puppet/auth.conf on the Puppet master. Details about why and what to change found in issue 2128: #alwndst rtiv teronctlg lo oe o eree hi w aao #(etercniuain i hi ofgrto) #ah~^ctlg(^]) pt /aao/[/+$ #ehdfn mto id #lo $ alw 1 #Ti cag alw u t ueacmo hs hne los s o s omn #criiaears mlil nds etfct cos utpe oe. pt ~/aao/+ ah ctlg. alw* lo Enable Puppet to run as soon as
- 4. the box starts: Turn off splay! chkconfig Puppet on! Passing a $ : o e : r l (and other facts) to Puppet. We use CloudStack's userdata to store key=value pairs (up to 2KB) that get loaded into facts on the client Code to load userdata into facts is available on Github. Implementing $ : o e : r l on the Puppet side.
- 5. Everyone is a default node. We don't have to worry about adding nodes to site.pp, conforming to a host naming convention, or adding metadata to an ENC. Our simplified* site.pp: ipr 'ae mot bs' nd dfut{ oe eal icuebs nld ae } *Irrelevant stuff omitted for clarity Excerpts from base.pp: casbs { ls ae .. . #Icue ta apyt almcie nlds ht pl o l ahns
- 6. .. . #rl-pcfcicue oeseii nlds cs $:oe{ ae :rl 'oeoe:{ smrl' icuesmrl nld oeoe } 'terl' { ohroe: icueohroe nld terl } } } What about $ : n i o m n ? Don't :evrnet forget dev/qa/staging nodes! You can pass the environment the same way we set $::role, by adding another key/value pair to the user data. There is a catch though... It is impossible to know during the pluginsync stage what environment a node belongs to.