All I Ever Wanted Is A Composable RunDeck

I love RunDeck. It’s just enough orchestration to get many jobs done in such an easy way. I can take whatever’s working for me, wrap it up in RunDeck and give it to someone. I wrote a long writeup on hooking it to your Active Directory, through OpenLDAP. I’m old school.  But all I’ve ever wanted is a composable RunDeck.  To bring inter-tool composition right into my face.

So then I fell in love with Chef and Puppet as they grabbed the very necessary spotlight. Suddenly, arising from the past of CFEngine, I could now code my infrastructure! Different parts of the system worked predictably, across platforms, and with such clarity and simplicity. Chef saves me thousands of lines of code, and helps me reason about my systems on a whole other level.

But these two worlds never really fit together very well. I want my “just enough orchestration,” but with the little bit of smarts necessary to interact intelligently with the abstract resources.

I was thinking, “Yeah, sure, it runs.  But how does it all fit together?  I want to compose!” OMG, then all sorts of other little tools that control other things came around, and I wanted to wrap them up in a big hug. A big smart hug, that knows just how they like to be hugged.

Crowbar 1.x originally only hugged Chef. And even only hugging Chef, it did MORE than Razor and Cobbler do (still today) combined.  And it did it all in a way that’s not “enterprisey” and is just clear and makes sense. But it didn’t get all the way to that “composable RunDeck” thing that I was looking for.

So we wrote OpenCrowbar. And now it does.

OpenLDAP pass-through auth to Active Directory

Yes, this is hysterically historical.  I’m keeping it here for safe keeping.

Control Tier Authentication and Authorization: Files, OpenLDAP, and Pass Through to Active Directory

in brief
You want to enable flexible authentication and authorization schemes for your Control Tier server.
*# Control Tier first checks the “fileRealm” files for usernames, passwords and roles.
*# On failure, Control Tier then checks against an OpenLDAP server which is setup to acts as a proxy for the corporate Active Directory, while also providing it’s own branches for Control Tier roles (and any other apps.)

 

Control Tier --> files -> OpenLDAP --> Active Directory
(users (roles) (users)
and
roles)
 ou=roles,dc=corp,dc=example,dc=net <-- OpenLDAP
ou=people,dc=corp,dc=example,dc=net <-- Active Directory

Continue reading “OpenLDAP pass-through auth to Active Directory”

Mayfiles and Dinosaurs – Metamorphosis and Epigenetics in Devops

Well, I guess it had to come to this.  Rob Hirschfeld brought up the wonderfully preposterous notion of puppies growing up to be dinosaurs.  And as a good scientist, and a profound thinker in DevOps, Rob’s statement is based upon his direct observation.  He states that our most beloved pets can become tyrants (Tyrannosaurus Rex, aptly named) in our lives in operations.

Continue reading “Mayfiles and Dinosaurs – Metamorphosis and Epigenetics in Devops”

Development Foo – using vim and sshfs to propel development

Ahoy, mateys!

I hack on Crowbar a lot. And here’s how I run my show:

1) dev/build box running ubuntu-12.04
2) Crowbar Admin box running whatever latest stuff i just built – and mostly works
3) a test node box, where I used Crowbar to deploy whatever I’m working on
4) another test node box, where I’ve used crowbar to deploy what I’ve been working on.

Continue reading “Development Foo – using vim and sshfs to propel development”

The Image/Config Event Horizon

Here’s a few paragraphs of my thoughts about Functional Operations. By Functional Operations I mean that which emerges out of the meeting of “golden images” (delicately crafted base images that once deployed need config management) and “config management” (the config data and rules for applying it to a live golden image.)

As the “golden” image itself becomes integrated into the config management, it changes just like any other variable in the config management database. What’s changed in our toolkit?  What benefits do we get?

Continue reading “The Image/Config Event Horizon”

FuncOps: Orchestration and The Mothership Connection

It’s going to take some time to understand and articulate the full awesomeness of Crowbar 2’s approach to DevOps. One of the ways is to envision “Functional Operations,” similar to “Functional Programming”… this is early, but it’s a peek at our thinking. Paraphrasing Parliament Funcadelic: “Make my Func the FuncOps, I want to get FuncOps.”

What Erlang teaches us about orchestration.

Erlang’s design allows for intergalactic scalability and concurrency. Let’s riff off of a great design!

Continue reading “FuncOps: Orchestration and The Mothership Connection”

Docker and the Image/Config Event Horizon – 3 Thoughts

As tools like Docker eliminate much of the slowness and immutability of “golden images” and more robust config managers like Enterprise Chef reach further out across the datacenter, three thoughts come to mind:

Continue reading “Docker and the Image/Config Event Horizon – 3 Thoughts”

If you’re not using an Object Store, you’re not writing cloud software

As I listen to my esteemed colleagues in the OpenStack world, and the DevOps and Cloud world in general, say that there is no demand for Object Storage, I get all sad. Why? Because that means that they’re mounting volumes. It means they’re mounting volumes and storing their precious there. That means that the cloud platform is most likely doing something complicated and expensive to replicate this data. That means that Amazon’s S3 didn’t really change anything and we’re just developing enterprise software again.

The great limitation of Object Storage is doing seek operations on files. Seeks break down into reads and writes.

Reads include the CDNs aplenty that have solved this problem, but it’s a read-only solution for jumping around in video. I don’t have a problem with that, as it’s an API based service that is easily implemented and accessed.

However, the other big use case is writes, and the culprit is SQL (and some NoSQL) Database Files. Seeks through those files are critical to their operation.

I’m interested in what other requirements are driving the mounting of block devices, and what’s distracting app developers from the great awesomeness of Object Stores like Swift.

Building Crowbar “Pebbles”

Getting Going with Pebbles and Grizzly

On Ubuntu 12.04

Prep your environment

apt-get install rpm2cpio rpm build-essentials python-dev python-pip libxslt

Echo the /etc/sudoers partial into place so you can run all the commands as your user:

echo "<your username> ALL = NOPASSWD: /bin/mount, /bin/umount, /usr/sbin/debootstrap, /bin/cp, /usr/sbin/chroot" >> /etc/sudoers

Clone the repo, doing a git pull if you already have the repo, and would like all the great changes and fixes we’ve made recently. When running ./dev setup you’ll need your github username and password, so we can make a scratch space for you. PLUS, if you git init your .crowbar_build_cache, you can go a long way to saving yourself worry. There’s plenty of information on that in the README.* files once you clone the Crowbar repo in the first step.

git clone https://github.com/crowbar/crowbar.git
./dev setup
./dev fetch
./dev sync

Switch to the Pebbles release, and the OpenStack branch.

./dev switch pebbles/openstack-os-build
./dev clone-barclamps
./dev fetch
./dev sync
./dev switch pebbles/openstack-os-build

Run the build. Nota Bene: indicating --pfs is a bit dangerous. It indicates that the latest stable OpenStack code will be pulled from the Internet and cached in your Crowbar.ISO. With that, you’ll be installing the latest stable bits. The more conservative approach is to install from packages, omiting the --pfs

./dev build --update-cache --pfs --os ubuntu-12.04

It will take FOREVER, unless you’re on a massively powerful machine and an OC48. 🙂

In my experience, Python’s pip system failed quite regularly to get the bits it was looking for. It doesn’t have a retry mechanism as far as I can tell.

In my next blog entry I’ll discuss install of the ISO, setup of Crowbar and the deployment of OpenStack Grizzly!