• No results found

How To Boot A Cloud Instance On Ubuntu (Oracle) On Ubuntusa (Orca) On A Ubuntu Cloud Instance (Ora) On An Ubuntu 3.5

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "How To Boot A Cloud Instance On Ubuntu (Oracle) On Ubuntusa (Orca) On A Ubuntu Cloud Instance (Ora) On An Ubuntu 3.5"

Copied!
29
0
0

Loading.... (view fulltext now)

Download now ( 29 Page )

Full text

(1)

Bootstrapping servers with cloud-init

John Leach

Brightbox

February 2013

(2)

Introduction

Bootstrapping servers

Customise image before server build

Partitions, filesystems etc.

Where do you do the build securely?

Big, slow

Immature toolkit

Debian live-build

Guestfish

Customise image after server build

On boot, in the virtual machine

Small, fast, re-useable

(3)

What is cloud-init?

early initialisation of a cloud instance

runs early in boot process

installed in generic Ubuntu Cloud Images (and Brightbox, EC2

images)

Python, Upstart

(4)

Introduction

What is cloud-init?

$ cat /etc/rc.local

(5)

The basics

retrieves metadata in various ways

sets default locale

sets hostname

resizes filesystem to fill partition

generates sshd private ssh keys

installs public ssh keys for login

(6)

Introduction

Metadata and configuration

you (or your cloud) provide the metadata

cloud-init retrieves the metadata

(7)

DataSource

get_hostname

get_instance_id

get_locale

get_public_ssh_keys

get_userdata

(8)

Retrieving metadata

EC2 DataSource

http://169.254.169.254/latest

$ curl http://169.254.169.254/latest/meta-data/instance-id srv-hd3iu $ curl http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key ssh-dss AAAAB3NzaC1k...QL+ecQ2nNNU3pI8= public key

$ curl http://169.254.169.254/latest/user-data arbitrary data you can provide, up to 16k in size.

(9)

CloudStack DataSource

http://<default-gateway-ip>/latest/

(10)

Retrieving metadata

MAAS DataSource

MAAS is part of Ubuntu’s “Orchestra” server management system

Physical server support

(11)

NoCloud DataSource

Retrieves metadata from local filesystem

You have to get the metadata in there somehow

Retrieves metadata via an iso mounted as a CDROM

cloud-localds tool for creating the iso

## create the iso disk with NoCloud data on it. $ cloud-localds my-seed.img my-user-data.txt ## Boot a kvm

$ kvm -hda disk.img -hdb my-seed.img

(12)

Providing metadata with Brightbox

Providing metadata with Brightbox

$ brightbox-servers create --user-data="Hello World" img-mvunm

Creating a nano server with image Ubuntu Precise with 0.02k of user data id status type zone created_on image_id cloud_ip_ids name

---srv-6uo7o creating nano gb1-a 2013-02-20 img-mvunm

---$ ssh [email protected]

ubuntu@srv-6uo7o:~$ curl http://169.254.169.254/latest/meta-data/instance-id srv-6uo7ou

ubuntu@srv-6uo7o:~$ curl http://169.254.169.254/latest/user-data Hello World

(13)

simple shell script as user data

cat <<EOF config.txt

#!/bin/sh

echo "I’m running on boot"

echo "I’m basically /etc/rc.local"

EOF

$ brightbox-servers create --user-data=config.txt img-mvunm

(14)

Doing things with metadata

users and passwords

#cloud-config

chpasswd:

ssh_pwauth: false

list: |

ubuntu:mysecret

root:RANDOM

(15)

write files

#cloud-config

write_files:

content: Hello World

path: /etc/motd

perm: ’0644’

(16)

Doing things with metadata

ssh key installation from launchpad

https://launchpad.net/˜ johnleach/+sshkeys

#cloud-config

user: root

(17)

ssh configuration

#cloud-init

ssh_deletekeys: false

disable_root: true

(18)

Doing things with metadata

install packages with apt

#cloud-config

apt_sources:

- source: "ppa:brightbox/ruby-ng"

apt_update: true

apt_upgrade: true

packages:

- ruby1.9

- nginx-full

(19)

rsyslog

#cloud-config

rsyslog:

- "*.* @@10.55.66.77"

(20)

Doing things with metadata

phone home

#cloud-init

phone_home:

url: http://example.com/callback

tries: 3

(21)

combine them

cat <<EOF cloudconfig.txt

#cloud-config

user: root

ssh_import_id: johnleach

apt_sources:

- source: "ppa:brightbox/ruby-ng"

apt_update: true

apt_upgrade: true

packages:

- ruby1.9

- nginx-full

rsyslog:

- "*.* @@10.55.66.77"

EOF

$ brightbox-servers create --user-data=cloudconfig.txt img-mvunm

(22)

Doing things with metadata

shit puppet

(23)

puppet

#cloud-init

conf:

agent:

server: "puppetmaster.example.com"

ca_cert: ...

(24)

Doing things with metadata

chef

#cloud-init

chef:

server_url: "https://chef.example.com:4000"

environment: production

run_list:

- "recipe[apache2]"

(25)

mcollective

#cloud-config

mcollective:

conf:

plugin.stomp.host: 10.88.44.33

public-cert: ...

private-cert: ...

(26)

Doing things with metadata

Salt

#cloud-config

salt_minion:

conf:

master: 10.88.44.33

public_key: ...

private_key: ...

(27)

puppetapply code

def handle(_name, cfg, cloud, log, _args): if ’puppetapply’ not in cfg:

return

puppet_cfg = cfg[’puppetapply’] cc.install_packages(("puppet",))

puppet_data_dir = tempfile.mkdtemp(’cloud-init-puppetapply’) manifests_dir = puppet_data_dir + ’/manifests’

if ’modules_git_url’ in puppet_cfg: cc.install_packages(("git",))

cmd = [’git’, ’clone’, puppet_cfg[’modules_git_url’], puppet_data_dir] subprocess.check_call(cmd)

if ’manifest’ in puppet_cfg:

if not os.path.exists(manifests_dir): os.makedirs(manifests_dir)

manifest_fh = open(manifests_dir + ’/site.pp’, ’w’) manifest_fh.write(puppet_cfg[’manifest’])

manifest_fh.close()

# Apply the manifests using puppet

cmd = [’puppet’, ’apply’, ’--confdir=’+puppet_data_dir, manifests_dir+’/site.pp’] subprocess.check_call(cmd)

(28)

puppetapply module

puppetapply example

#cloud-init

puppetapply:

modules_git_url: https://github.com/brightbox/puppet.git

manifest: |

include apt

include apache

class { "elasticsearch":

minimum_master_nodes => 2,

discovery_hosts => ["srv-aaaaa", "srv-bbbbb"]

}

(29)

user-data formatting

base64 encoding

gzip

multi-part archive

write-mime-multipart tool

include file

#include https://raw.github.com/gist/3129203/puppet-git-receiver-install
http://169.254.169.254/latest http://<default-gatew https://launchpad.net/˜ johnleach/+sshkeys

References

Download now ( PDF - 29 Page - 333.65 KB )

Related documents

perjanjian waralaba

[r]

Statistical analysis of the ionospheric response during storm conditions over South Africa using ionosonde and GPS data

Single disturbance ionospheric storms refer to positive (P) and neg- ative (N) ionospheric storms observed separately, while double disturbance storms refer to negative and

Critical Reflection and Community Education Values

We then describe the process of introducing Critical Reflection into team processes using Reflective Circles and our evaluation of it, focusing on the use of Community

A complete product line of rotary and electro-optic solutions for the most demanding applications.

From design to deployment, our experienced team of professionals specializes in providing custom electrical slip rings, fiber optic rotary joints, hydraulic utility swivels and

Wyoming Department of Education Chapter 31. Graduation Requirements

(iii) General endorsement which requires a student to demonstrate proficient performance in a majority of the areas of the common core of knowledge and skills, which include

Common Audit Findings and Recommendations

Subsidiary work order ledger does not agree with general ledger telephone plant under construction account..

API Failures in Openstack Cloud Environments

Our findings in a qualitative empirical study about the impact of API failures in OpenStack cloud environments show that (1) small faults are the most common faults that impact

Building a project ontology with extreme collaboration and virtual design and construction

This paper defines the concept of the ‘tripod’ method of design that uses VDC modeling (multi-disciplinary performance-based virtual design and construction modeling), an integrated