puppet

Yesterday, VMware Automation gurus Nick Weaver and Nan Liu just announced the release of four awesome new VMware Puppet modules that can help you manage and configure vCenter Server (including ESXi) and vCloud Networking & Security (vShield). You can read all about the details here and here and if you were lucky enough to have attended PEX (Partner Exchange) you might even have caught the demo given by Nick in his session.

I have used Puppet in the past, but it was pretty limited and specifically in How to Deploy ESXi 5 Using Razor & Puppet. I thought this might be a good time to revisit Puppet and try out the new VMware Puppet modules. I took a look at some of the examples provided by Nan on his blog but for new users to Puppet, it may not provide enough details to quickly get started (including myself). I thought I document the minimal steps I took to quickly get started (I also ran into a few bugs which Nan has fixed).

Step 1 - Install Ubuntu Precise (Ubuntu Server 12.04 LTS - See more at: http://www.virtuallyghetto.com/2012/05/how-to-deploy-esxi-5-using-razor-puppet.html

Step 1 - Install Ubuntu Precise (Ubuntu Server 12.04 LTS). You can use other distros, I just choose Ubuntu as I had the image lying around.

Step 2 - Download Puppet Labs package repository by running the following commands:

wget http://apt.puppetlabs.com/puppetlabs-release-$(lsb_release -c | cut -f 2).deb
dpkg -i puppetlabs-release-$(lsb_release -c | cut -f 2).deb
apt-get update

Step 3 - Install all the necessary packages such as Ruby, Ruby Gems, Puppet, etc. by running the following commands:

apt-get install -y libxslt-dev libxml2-dev ruby rubygems puppet
gem install nokogiri
gem install net-ssh

Step 4 - Install the VMware Puppet modules by running the following command:

puppet module install vmware/vcsa
puppet module install vmware/vcenter
puppet module install vmware/vshield

To start using the VMware Puppet modules, you will need to create what's known as a manifest file that contains the resources which maps to the actions you wish to perform (e.g. configure a newly deployed VCSA appliance or create a Cluster in vCenter Server and add an ESXi host to that cluster). You can find a bunch of example manifest files in each of the Puppet modules, here is the path to each:

/etc/puppet/modules/vcsa/tests/
/etc/puppet/modules/vcenter/tests/
/etc/puppet/modules/vshield/tests/

You will see in some of the examples, they import a file in each directory called data.pp which contains the actual definitions of your VCSA, vCNS and ESXi hosts but you can also just specify that in the main manifest file as well for simplicity. The latter option provides more flexibility as you can easily reference various configurations for different environments. For your convenience, I have created the following manifest files that you can use and you just need to modify them to fit your environment.

Here is what my lab environment looks like and their respective IP Addresses for your reference (these must already be deployed and vCenter & vCNS does not need to be configured but just accessible over network):

vCenter Server = 172.30.0.135
vCloud Networking and Security = 172.30.0.136
ESXi Host = 172.30.0.137

Step 5 - As mentioned by Nan, a custom Rbvmomi was used and we will need to ensure our Puppet management host (Ubuntu system we are on) includes it. To ensure all the necessary packages are downloaded for us, we will use the rbvmomi.pp manifest file for our host and use Puppet to apply the policy. Replace management_server in rbvmomi.pp with the hostname or IP Address of your Ubuntu host and then run the following command:

puppet apply rbvmomi.pp

Note: You can safely ignore the red warnings, it must not have liked something in my environment.

Step 6 - We will start off by configuring the VCSA so we can then perform operations such as adding in Datacenters, Clusters, ESXi hosts, etc. We will use the configure-vcsa.pp manifest file by running the following command:

puppet apply configure-vcsa.pp

Step 7 - Next we will create a Datacenter, Cluster and add our ESXi host by using the setup-vcenter.pp manifest file by running the following command:

puppet apply setup-vcenter.pp

Step 8 - We are now onto configuring vCloud Networking and Security and we will also associate it with our vCenter Server by using the configure-vcns.pp manifest file and running the following command:

puppet apply configure-vcns.pp

Step 9 - After configuring vCloud Networking and Security, we can now deploy a vCloud Networking and Security Edge Gateway to provide various networking services to our vSphere environment using the deploy-edge.pp and by running the following command:

puppet apply deploy-edge.pp

In about 5-10 minutes, you will have a fully configured vSphere environment that contains your vCenter Server, vCloud Networking and Security Manager and Edge Gateway and ESXi hosts all ready to start providing compute and networking services for your virtual machines and applications! I want to stress the above is a very simplistic example of what you can do with the new VMware Puppet modules. There are definitely more advanced capabilities provided in the modules and I would recommend you take a look in the samples directory of each module for more details.

Overall, I was pretty impressed with the VMware integration that Nick, Nan and team built with Puppet. This was a great learning experience for myself, I learned quite a bit with just trying out these modules and I think I might have found a reason to dive more into Puppet! 🙂

Big thanks to Nan for helping me out with some of my Puppet questions!

Earlier this week the extraordinary uber super star Nicholas Weaver released a new open source project that he's been working on called Razor (not related to vShaving). I would highly recommend you check out his blog post here for more details about the project. Since Razor deals with Automation which I am always interested, I decided to give Razor a try and see how easy it is to install, configure and deploy.

I also want to mention that this was my first time using Puppet and though there are some videos and guides, it still may not be trivial for new users on what is needed. I thought I walk you through the steps I took to quickly stand up several ESXi 5 hosts in minutes using Razor.

Step 1 - Install Ubuntu Precise (Ubuntu Server 12.04 LTS) which will be your Razor server

Step 2 - For a clean installation of Precise, you will need two additional packages: git and make as well as Puppet. Using the following command, it will pull down the latest updates as well as adding the apt.puppetlabs.com repot to install Puppet:
Note: Thanks to Nan Liu for this quick snippet!

Step 3 - You will need to change the ownership of puppet module directory by running the following command:

chown -R puppet:puppet /etc/puppet/modules

Step 4 - To verify that you have successfully installed Puppet 2.7.14, you can run the following command which should return you the version:

puppet --version

Step 5 - Now you will install the Razor module using puppet by running the following command:

puppet module install puppetlabs/razor

Step 6 - Next you will initialize and setup Razor by running the following command (this will take a few minutes to complete):

puppet apply /etc/puppet/modules/razor/tests/init.pp --verbose

Step 7 - Now to verify that Razor has been properly installed, we will go ahead and run it and it should return you the usage options. The path to the razor command is under /opt/razor/bin/razor and we will go ahead and add it to our system path so we can just run "razor". Run the following commands:

export PATH=$PATH:/opt/razor/bin
razor

Step 8 - Finally we also need to ensure that the Razor web services is running, this is currently a known issue which hopefully will be fixed very soon. By default, the web service should automatically start by itself, but currently you need to manually start it. You can run the following commands to verify the status and then start it:

/opt/razor/bin/razor_daemon.rb status
/opt/razor/bin/razor_daemon.rb start

Step 9 - When you power on your host, Razor will need to load a micro-kernel (MK) image for it to register with the Razor server and provide information about your bare metal host or VM. The following command will download and import the MK ISO image into Razor:

wget https://github.com/downloads/puppetlabs/Razor/rz_mk_dev-image.0.8.8.0.iso
razor image add mk ./rz_mk_dev-image.0.8.8.0.iso

Step 10 - Razor automatically comes with a TFTP server, you just need to have a DHCP server which will forward the request to the Razor server. I will assume you have or know how to setup a DHCP server and here is an example of what my DHCP configuration looks like for several "virtual" ESXi Shells which I plan on provisioning with ESXi 5:

Note: You just need to set the next-server stanza to your Razor server and the filename to "pxelinux.0" which exists on Razor server

Step 11 - To verify we have no nodes that have registered with Razor, we can run the following command:

razor node

Step 12 - To deploy ESXi 5 on our hosts, we will need a copy of the ESXi 5.0 ISO. In this example I am importing the latest ESXi 5.0 Update 1 image using the following command (you will need to download and upload the ISO to your Razor server via SCP/WinSCP):

razor image add esxi VMware-VMvisor-Installer-5.0.0.update01-623860.x86_64.iso

Note: You will notice the type for the image is "esxi" versus "os" if you are planning on installing regular guestOSes.

Step 13 - Next we will create a Model which describes an ESXi 5 install and it's configurations. You will need to make a note of the UUID of the ISO we just uploaded from the previous step. Run the following command to create the model:

razor model add template=vmware_esxi_5 label=install_esxi5 image_uuid=5JC9GT8GToMak0DD3Uivke

Note: You will also be asked to fill out a few properties such as the license and password for your ESXi host as well as the network information. If you are interested in the kickstart that is being used for the ESXi deployments, you can take a look at /opt/razor/lib/project_razor/model/esxi/5/kickstart.erb. If you would like to adjust the kickstart file, be sure to take a look here.

Step 14 - Okay, we are almost done! Now we just need to create a policy which binds the model to some set of attributes, such as the tags on our ESXi hosts that we wish to build. In my lab, I created a few vESXi hosts using steps found here and then creating a few Linked Clones so I did not have to waste any storage space using this script here. If you are using a vESXi host, by default you will get the vmware_vm tag which is what our base our policy on. Run the following command to create the policy:

razor policy add template=vmware_hypervisor label=install_esxi5 model_uuid=2w1QEGbkoXDELc6ndXb13A broker_uuid=none tags=vmware_vm enabled=true

Note: You will need the UUID of the model you just created which is highlighted in blue in the previous screenshot when creating the policy.

Step 15 - We can check our policy and confirm there are no nodes registered to Razor again, by running the following commands:

razor policy
razor node

Step 16 - Now you are ready to power on your hosts and they should automatically get an IP Address from your DHCP server and forward your request to Razor and perform an iPXE boot.

Step 17 - Once the hosts have booted up the MK image and register with Razor, you should be able to run the following commands to see the nodes and their states:

razor policy
razor policy active

As you can see from the screenshots, I have 5 nodes that have registered and 4 of them are already in the postinstall process and the ESXi installation should be completely very shortly. If you head over to your hosts, you see that ESXi is completely installed and ready for use:

So there you have it, you can quickly provision from bare metal to a fully functional working ESXi 5 hosts literally within minutes (after the config setup of course). I still think there could be some improvements on the CLI help options (though Razor is still in beta), it was not always intuitive on the options for the commands and luckily I had Nick's video and the Wiki to help out with the options. All in all, Razor was very easy to use (especially for a first timer like myself) and though I was not able to get the vCenter Server modules to work ... since they haven not been released yet ;). I am really looking forward to seeing those modules get released soon by Puppetlabs.

If you are interested in learning more about Razor, I highly recommend you check out Nick's blog here as well as the Razor project's Wiki on Github here and help provide feedback or even contribute code back to the project. Great job again Nick and team!