Abstract image of a woman sitting on books and studying on a laptop

Automated Deployment using Open Source

Download as ODP, PDF
D
duskglow

The document provides an overview of how to build a fully automated server deployment system using open source tools such as Request Tracker, Nictool/djbdns, dhcpd, PXEboot, Httpd, a yum repository, and Puppet. Key aspects include using an asset tracker (Request Tracker) to store server information and trigger automated builds. A PXE boot script generates configuration files using data from the asset tracker. A CGI script generates customized Kickstart files which install servers. Puppet then configures and deploys applications to servers based on their roles defined in the asset tracker. The goal is to achieve repeatable, consistent server builds from bare metal to a live application server within an hour with no

Technology
1 of 30
Downloaded 90 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
How to build a fully automated (or nearly so) deployment system using open source tools. Russell Miller SCALE 8x 2010 (16,080, in case you were wondering) [email_address]
Overview This talk will concentrate on a CentOS/RHEL/Fedora environment.
The methods discussed in this talk will use only open source tools. You don't have to pay for anything I mention here unless you want to. In which case...
My paypal address is...
My qualifications Sysadmin/Developer for 12 years
Worked on many different kinds of environments
Maintained deployment system for 4,000 server environment for leading Internet Shopping Comparison company in West Los Angeles.
Instrumental in bringing up two datacenters of about 300 servers each from scratch for leading Internet Advertising company in Irvine, including building the entire deployment system from metal to application.
The second datacenter, once all the physical hardware was there, took live traffic in less than two weeks from bare metal.
What I am not good at Managers
Powerpoint/OpenOffice Impress presentations
Funny jokes.
Keeping an audience awake
And, of course, self-deprecating humor.
Why a deployment system? If you have one server, you don't need one.
Deploying servers manually usually mean many cycles of going back and forth with the application owners to validate. For each server. This eats up time and means bringing up servers can take up to or more than two weeks...
And consistency is a lost cause.
You've already lost control the minute the OS is installed.
It's too easy to miss little things.
System Administrators are TERRIBLE at documentation.
Admit it... you are. No use denying it.
What about server spec sheets?
NO!
Why not? It is practically impossible to get application owners to tell you what they need – if they understand what they need in the first place.
It's not their fault. Their focus is on the application. They are not System Administrators. That is why you are paid.
They do not accurately represent server builds
They often contain incorrect or useless information
Frankly, they serve no function other than to waste time and sow confusion, while providing an easily shattered veneer of repeatability.
So, naturally, they're usually the first thing tried.
How does it benefit you? Very, very fast deployment times (metal to live server in less than an hour, and deploy as many servers as you can get open terminals to at once – I've done 20 in an hour. And unlimited if you can get the serial consoles to work via expect.)

More Related Content

PPT
Free tools for rapidly deploying software
Concentrated Technology
 
ODP
System Imager.20051215
guest95b42b
 
PPT
Prepping software for w7 deployment
Concentrated Technology
 
PDF
There is No Server: Immutable Infrastructure and Serverless Architecture
Sonatype
 
PPTX
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
Rob Fuller
 
PPTX
Incorporating PowerShell into your Arsenal with PS>Attack
jaredhaight
 
PDF
Metasploit magic the dark coners of the framework
Rob Fuller
 
PPT
PowerShell Remoting
Concentrated Technology
 
Free tools for rapidly deploying software
Concentrated Technology
 
System Imager.20051215
guest95b42b
 
Prepping software for w7 deployment
Concentrated Technology
 
There is No Server: Immutable Infrastructure and Serverless Architecture
Sonatype
 
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
Rob Fuller
 
Incorporating PowerShell into your Arsenal with PS>Attack
jaredhaight
 
Metasploit magic the dark coners of the framework
Rob Fuller
 
PowerShell Remoting
Concentrated Technology
 

What's hot (20)

PPTX
PowerShell crashcourse for sharepoint
Concentrated Technology
 
PPTX
Virtualization
Yansi Keim
 
PPT
Free tools for win server administration
Concentrated Technology
 
PDF
Automated Amazon EC2 Cloud deployments with openQRM
openQRM Enterprise GmbH
 
PDF
Characterizing and Contrasting Kuhn-tey-ner Awr-kuh-streyt-ors
Sonatype
 
PPT
Top ESXi command line v2.0
Concentrated Technology
 
PDF
Simplify and run your development environments with Vagrant on OpenStack
B1 Systems GmbH
 
PPTX
Introducing PS>Attack: An offensive PowerShell toolkit
jaredhaight
 
PPTX
Get-Help: An intro to PowerShell and how to Use it for Evil
jaredhaight
 
PDF
Simplify and run your development environments with Vagrant on OpenStack
B1 Systems GmbH
 
PDF
Windows Attacks AT is the new black
Rob Fuller
 
PDF
High Stakes Continuous Delivery in the Real World #OpenWest
Joshua Warren
 
PPTX
Android System Image Modification
Mir Saman Tajbakhsh
 
PDF
Timings of Init : Android Ramdisks for the Practical Hacker
Stacy Devino
 
DOCX
UNTI 2 P7
OriginalGSM
 
PPT
Apache Flink Crash Course by Slim Baltagi and Srini Palthepu
Slim Baltagi
 
ODT
openQRM how-to: Setup UEC and openQRM cloud
openQRM Enterprise GmbH
 
PDF
Automated everything - Setting up an openQRM Cloud
openQRM Enterprise GmbH
 
PPTX
Android internals By Rajesh Khetan
Rajesh Khetan
 
ODP
OpenSolaris 2009.06 Workshop
Iban Nieto Castillero
 
PowerShell crashcourse for sharepoint
Concentrated Technology
 
Virtualization
Yansi Keim
 
Free tools for win server administration
Concentrated Technology
 
Automated Amazon EC2 Cloud deployments with openQRM
openQRM Enterprise GmbH
 
Characterizing and Contrasting Kuhn-tey-ner Awr-kuh-streyt-ors
Sonatype
 
Top ESXi command line v2.0
Concentrated Technology
 
Simplify and run your development environments with Vagrant on OpenStack
B1 Systems GmbH
 
Introducing PS>Attack: An offensive PowerShell toolkit
jaredhaight
 
Get-Help: An intro to PowerShell and how to Use it for Evil
jaredhaight
 
Simplify and run your development environments with Vagrant on OpenStack
B1 Systems GmbH
 
Windows Attacks AT is the new black
Rob Fuller
 
High Stakes Continuous Delivery in the Real World #OpenWest
Joshua Warren
 
Android System Image Modification
Mir Saman Tajbakhsh
 
Timings of Init : Android Ramdisks for the Practical Hacker
Stacy Devino
 
UNTI 2 P7
OriginalGSM
 
Apache Flink Crash Course by Slim Baltagi and Srini Palthepu
Slim Baltagi
 
openQRM how-to: Setup UEC and openQRM cloud
openQRM Enterprise GmbH
 
Automated everything - Setting up an openQRM Cloud
openQRM Enterprise GmbH
 
Android internals By Rajesh Khetan
Rajesh Khetan
 
OpenSolaris 2009.06 Workshop
Iban Nieto Castillero
 
Ad

Similar to Automated Deployment using Open Source (20)

PPT
Deploying datacenters with Puppet - PuppetCamp Europe 2010
Puppet
 
PDF
New Jersey Red Hat Users Group Presentation: Provisioning anywhere
Rodrique Heron
 
PDF
Belvedere
Colin Panisset
 
PPTX
Learning Puppet basic thing
DaeHyung Lee
 
PPTX
One click deployment
Alex Su
 
DOCX
Kickstart
Dhananjayan Ezhumalai
 
PDF
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Pablo Godel
 
PDF
Deployment of WebObjects applications on CentOS Linux
WO Community
 
PDF
SymfonyCon Madrid 2014 - Rock Solid Deployment of Symfony Apps
Pablo Godel
 
PDF
Austin Web Architecture
joaquincasares
 
PDF
How to Build a Compute Cluster
Ramsay Key
 
PPTX
Systems administration for coders presentation
Matt Willsher
 
PDF
Asiabsdcon2013
krispcbsd
 
PPTX
Ansible: How to Get More Sleep and Require Less Coffee
Sarah Z
 
PPTX
Workstations-02.pptx
Dorcask3
 
PDF
Setting Up a Cloud Server - Part 1 - Transcript.pdf
ShaiAlmog1
 
PDF
What we Learned Implementing Puppet at Backstop
Puppet
 
PDF
linux installation.pdf
MuhammadShoaibHussai2
 
PDF
Running CentOS on the Facebook fleet
Davide Cavalca
 
PDF
Pilot Tech Talk #10 — Practical automation by Kamil Cholewiński
Pilot
 
Deploying datacenters with Puppet - PuppetCamp Europe 2010
Puppet
 
New Jersey Red Hat Users Group Presentation: Provisioning anywhere
Rodrique Heron
 
Belvedere
Colin Panisset
 
Learning Puppet basic thing
DaeHyung Lee
 
One click deployment
Alex Su
 
Kickstart
Dhananjayan Ezhumalai
 
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Pablo Godel
 
Deployment of WebObjects applications on CentOS Linux
WO Community
 
SymfonyCon Madrid 2014 - Rock Solid Deployment of Symfony Apps
Pablo Godel
 
Austin Web Architecture
joaquincasares
 
How to Build a Compute Cluster
Ramsay Key
 
Systems administration for coders presentation
Matt Willsher
 
Asiabsdcon2013
krispcbsd
 
Ansible: How to Get More Sleep and Require Less Coffee
Sarah Z
 
Workstations-02.pptx
Dorcask3
 
Setting Up a Cloud Server - Part 1 - Transcript.pdf
ShaiAlmog1
 
What we Learned Implementing Puppet at Backstop
Puppet
 
linux installation.pdf
MuhammadShoaibHussai2
 
Running CentOS on the Facebook fleet
Davide Cavalca
 
Pilot Tech Talk #10 — Practical automation by Kamil Cholewiński
Pilot
 
Ad

Recently uploaded (20)

PDF
Altius execution marketplace concept.pdf
Wandor
 
PDF
“Introduction to Designing with AI Agents,” a Presentation from Amazon Web Se...
Edge AI and Vision Alliance
 
PPTX
Information-Technology-in-Human-Society.pptx
744tusharsingh094
 
PDF
TicketRoot: Event Tech Solutions Deck 2025
TicketRoot
 
PDF
Decision Optimization - From Theory to Practice
Eray Cakici
 
PDF
NewMind AI Journal Monthly Chronicles - August 2025
NewMind AI
 
PDF
EGCB_Solar_Project_Presentation_and Finalcial Analysis.pdf
TaukirIslam
 
PPTX
Rise of the Digital Control Grid Zeee Media and Hope and Tivon FTWProject.com
hopegirl587
 
PDF
Streamline Vulnerability Management From Minimal Images to SBOMs
Anchore
 
PDF
FASHION-DRIVEN TEXTILES AS A CRYSTAL OF A NEW STREAM FOR STAKEHOLDER CAPITALI...
IJMIT JOURNAL
 
PDF
Human Computer Interaction Miterm Lesson
JasperGarcia9
 
PDF
Domain-specific knowledge and context in large language models: challenges, c...
IAESIJAI
 
PPTX
maintenance powerrpoint for adaprive and preventive
aladortigabu
 
PPTX
Presentation - Principles of Instructional Design.pptx
Ntokozo Mhlongo
 
PDF
CCUS-as-the-Missing-Link-to-Net-Zero_AksCurious.pdf
AkarshaSrivastava1
 
PDF
EIS-Webinar-Regulated-Industries-2025-08.pdf
Earley Information Science
 
PPTX
CRM(Customer Relationship Managmnet) Presentation
udaykiranuk1822
 
PDF
Addressing the challenges of harmonizing law and artificial intelligence tech...
IAESIJAI
 
PDF
Introduction to c language from lecture slides
sharmatribhuvnesh
 
PPTX
Blending method and technology for hydrogen.pptx
PradipChanda5
 
Altius execution marketplace concept.pdf
Wandor
 
“Introduction to Designing with AI Agents,” a Presentation from Amazon Web Se...
Edge AI and Vision Alliance
 
Information-Technology-in-Human-Society.pptx
744tusharsingh094
 
TicketRoot: Event Tech Solutions Deck 2025
TicketRoot
 
Decision Optimization - From Theory to Practice
Eray Cakici
 
NewMind AI Journal Monthly Chronicles - August 2025
NewMind AI
 
EGCB_Solar_Project_Presentation_and Finalcial Analysis.pdf
TaukirIslam
 
Rise of the Digital Control Grid Zeee Media and Hope and Tivon FTWProject.com
hopegirl587
 
Streamline Vulnerability Management From Minimal Images to SBOMs
Anchore
 
FASHION-DRIVEN TEXTILES AS A CRYSTAL OF A NEW STREAM FOR STAKEHOLDER CAPITALI...
IJMIT JOURNAL
 
Human Computer Interaction Miterm Lesson
JasperGarcia9
 
Domain-specific knowledge and context in large language models: challenges, c...
IAESIJAI
 
maintenance powerrpoint for adaprive and preventive
aladortigabu
 
Presentation - Principles of Instructional Design.pptx
Ntokozo Mhlongo
 
CCUS-as-the-Missing-Link-to-Net-Zero_AksCurious.pdf
AkarshaSrivastava1
 
EIS-Webinar-Regulated-Industries-2025-08.pdf
Earley Information Science
 
CRM(Customer Relationship Managmnet) Presentation
udaykiranuk1822
 
Addressing the challenges of harmonizing law and artificial intelligence tech...
IAESIJAI
 
Introduction to c language from lecture slides
sharmatribhuvnesh
 
Blending method and technology for hydrogen.pptx
PradipChanda5
 

Automated Deployment using Open Source

  • 1. How to build a fully automated (or nearly so) deployment system using open source tools. Russell Miller SCALE 8x 2010 (16,080, in case you were wondering) [email_address]
  • 2. Overview This talk will concentrate on a CentOS/RHEL/Fedora environment.
  • 3. The methods discussed in this talk will use only open source tools. You don't have to pay for anything I mention here unless you want to. In which case...
  • 6. Worked on many different kinds of environments
  • 7. Maintained deployment system for 4,000 server environment for leading Internet Shopping Comparison company in West Los Angeles.
  • 8. Instrumental in bringing up two datacenters of about 300 servers each from scratch for leading Internet Advertising company in Irvine, including building the entire deployment system from metal to application.
  • 9. The second datacenter, once all the physical hardware was there, took live traffic in less than two weeks from bare metal.
  • 10. What I am not good at Managers
  • 14. And, of course, self-deprecating humor.
  • 15. Why a deployment system? If you have one server, you don't need one.
  • 16. Deploying servers manually usually mean many cycles of going back and forth with the application owners to validate. For each server. This eats up time and means bringing up servers can take up to or more than two weeks...
  • 17. And consistency is a lost cause.
  • 18. You've already lost control the minute the OS is installed.
  • 19. It's too easy to miss little things.
  • 20. System Administrators are TERRIBLE at documentation.
  • 21. Admit it... you are. No use denying it.
  • 22. What about server spec sheets?
  • 23. NO!
  • 24. Why not? It is practically impossible to get application owners to tell you what they need – if they understand what they need in the first place.
  • 25. It's not their fault. Their focus is on the application. They are not System Administrators. That is why you are paid.
  • 26. They do not accurately represent server builds
  • 27. They often contain incorrect or useless information
  • 28. Frankly, they serve no function other than to waste time and sow confusion, while providing an easily shattered veneer of repeatability.
  • 29. So, naturally, they're usually the first thing tried.
  • 30. How does it benefit you? Very, very fast deployment times (metal to live server in less than an hour, and deploy as many servers as you can get open terminals to at once – I've done 20 in an hour. And unlimited if you can get the serial consoles to work via expect.)
  • 31. The code is the documentation. Server specs can never go out of sync because the server specs are actively deployed.
  • 32. Very tight control over anything that is deployed to the servers.
  • 33. (This means that even if someone installs something you don't want them to, you can simply have it removed within 10 minutes with no manual intervention.)
  • 35. And most importantly, astonished and very happy managers.
  • 36. So do I have your attention? :)
  • 37. So which open source tools? You will need the following tools: Request Tracker (or an asset tracker with a command line interface)
  • 38. Nictool/djbdns (Bind and any other manager will work too, but this is what I use, because nictool has a simple schema and is scriptable)
  • 39. dhcpd
  • 41. Httpd (you will see why in a moment)
  • 43. And... puppet (cfengine or another configuration management tool will probably work, but I prefer puppet.)
  • 44. How does this work? The simple flow is: Enter the information for the server into your Asset Tracker. The most important part is the MAC Address, though you can add other things as required. In multiple datacenters you might want a “Location” field, for example.
  • 45. Make sure the DNS info is properly entered into your DNS server in whatever way.
  • 46. Tell your DHCP server you want to allow the server to PXE boot. This can happen manually or automatically.
  • 47. I prefer manually simply because if you set the server up to boot automatically – you can get into a situation where the server accidentally reboots and rebuilds itself. This tends to make app owners unhappy.
  • 48. And.... let it install. An hour later you have a full build with no further manual intervention.
  • 49. How does this work behind the scenes? Magic?
  • 50. No?
  • 51. Guess I'll have to tell you the super-secret explanation.
  • 52. Behind the scenes... The RT server is the bedrock of the system. It contains all of the information needed to successfully build the system. A command line interface is absolutely required so that the scripts that actually do the build can get access to the info.
  • 53. For example, at a minimum you'll want to put the MAC Address into the RT system. You may even want to populate DNS from an IP field. Every step of this process uses the info from RT.
  • 54. There may be site-specific stuff you need to use. Don't be afraid to add or use it. This is only a framework.
  • 55. Behind the scenes You will next need a script to build the pxelinux.cfg file for pxebooting. This script pulls all of the required info out of AT (such as the MAC address, location, etc) and generates the appropriate file. This is a custom script and is by no means one size fits all, but is fairly easy to write. The output of this script is a working pxelinux.cfg file.
  • 56. What about kickstart? Oh, here comes the genius part. (And I can say that because I didn't invent it, but I have it down to an art!)
  • 57. The kickstart file is not a file at all. It is a CGI script. It goes to RT and DNS and gathers all of the information required, makes decisions on how to build the servers, and then custom generates a kickstart file.
  • 58. It should at minimum take one argument – the RT asset ID. This is a unique identifier and allows all the information to be pulled out of the asset tracker to be used in the script.
  • 59. Be careful! This script is one of the bedrocks of what you are trying to do. It is also dangerous. It is dangerous because you are essentially trying to generate a script in one language (kickstart/bash) using another language (perl, python, whatever), so it rapidly becomes unmaintainable.
  • 60. I recommend something like Template::Toolkit to make it more manageable.
  • 61. Build maintainability in from the beginning! You may not get another chance!
  • 62. Yum repository You'll also need a yum repository at this point.
  • 63. DO NOT USE EXTERNAL REPOSITORIES.
  • 64. Pull down an internal mirror and use that.
  • 65. The reason for this is: control. If you use external repositories, you are putting control of releases and upgrades into their hands, not yours.
  • 66. And while Centos, Fedora, etc., are fairly good about it, they make mistakes – and you do not want your production site to go down because of someone else's mistake. It's still your fault for not taking my advice. :)
  • 67. Control As you might have gathered from now, as an aside...
  • 68. I am a control freak.
  • 69. At least when it comes to System Administration.
  • 70. But this is a good thing...
  • 71. Because if you are in complete control of your environment, you reduce the chances of surprises.
  • 72. And surprises are your worst enemy.
  • 73. ... well, maybe not your WORST...
  • 74. Check-in At this point, you have: An RT server with all of the info you need
  • 75. A pxelinux.cfg generation script that will point to a custom kickstart script, which pulls the necessary info from RT..
  • 76. ... which is generated by a CGI script, which pulls the necessary info from RT..
  • 77. And a yum repository which has all of the packages you need for a kickstart install.
  • 78. Congratulations... You can now build a server.
  • 79. But what about configuration management and application deployment?
  • 80. Oops. Looks like there's more to do.
  • 81. The rest of the story Now that you have a server that is up and on the network, it needs to be configured.
  • 82. Each server will likely have a base config that every server needs. For example, snmp, ntp, etc., etc.
  • 83. But each server also has an individual role. Application server, database server, facebook browser, Quake Server, pr0n datastore...
  • 84. Can you deploy these roles automatically too?
  • 85. YES!
  • 86. Configuration Management For this task, you will want a configuration management system.
  • 88. Puppet is a configuration management system
  • 89. It controls what is deployed and what is NOT deployed.
  • 90. It can deploy a package to one or a thousand servers at the same time.
  • 91. And it slices, it dices, it writes bad checks...
  • 92. Facter Facter is puppet's best-kept little secret.
  • 93. Facter executes little bits of ruby code in order to determine facts about the system. OS release is one example, etc.
  • 94. But the facts that it determines are not limited to that...
  • 95. The snippets of ruby code can also call AT and pull facts out of AT and make them available to puppet.
  • 96. AT and facter This gives you the ability to dynamically decide what puppet installs simply by changing fields in the asset tracker.
  • 97. Putting it all together... Here is a sample workflow to building a server. This is not theoretical, it is working at my workplace.
  • 98. Put server in DNS, and in AT.
  • 99. Set the fields appropriately. For example, Server Function is DB server, build is Centos 5.4, network role is vmware, mac address is correct.
  • 100. Run a command to add server to dhcp server (pulling info from DNS and AT).
  • 102. Wait for it to build out.
  • 104. Wait for puppet to run
  • 105. Hand off fully built server .
  • 106. Can it be more automated? Indeed.
  • 107. For example, you could automate the server restart by using a serial port and expect. For many enterprise-class servers this isn't reliable, but it'll work for some. Many servers use CLP-SM. This is great for consistent command lines. Doesn't work so well for programmatic resetting. You could also set AT to automatically kick off a rebuild on setting a field.
  • 108. You could have AT automatically populate DNS using the SOAP client for nictool...
  • 109. It's not out of the realm of possibility that you could set up a server from bare metal all the way to application deployment simply by setting the fields correctly in AT and then setting a special field using this infrastructure.