OpenPCF: An Open Provisioning and Control Framework
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 97 | |
| Author | ||
| License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/45735 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
FOSDEM 201040 / 97
1
2
4
5
6
8
14
15
16
17
23
29
38
41
42
44
46
47
48
50
53
54
62
63
64
65
66
71
74
75
77
78
79
80
82
84
85
94
00:00
Software frameworkControl flowOpen setMatching (graph theory)Context awarenessVirtual machineOpen sourceIntegrated development environmentOcean currentSoftware frameworkData centerResultantSoftware industrySoftware developerCircleProduct (business)BootingShared memoryCuboidComputer animationLecture/Conference
01:14
Context awarenessIntegrated development environmentDegree (graph theory)VarianceSoftware frameworkConfiguration spaceSoftwareSystem programmingComputing platformMiniDiscComputing platformWeb serviceDynamic Host Configuration ProtocolSoftwareFluid staticsComputing platformInstallation artOperating systemInterface (computing)Web pageWeb serviceImplementationVirtual machineStandard deviationSystem programmingQuicksortIntegrated development environmentLink (knot theory)Different (Kate Ryan album)Set (mathematics)Computing platformComplete metric spaceAutomationOperator (mathematics)SpacetimeFraction (mathematics)WindowGoodness of fitData storage deviceSoftware frameworkData centerRevision controlEndliche ModelltheorieVarianceDirect numerical simulationSurfaceInformationOnline helpConfiguration spaceAbstractionGroup actionComputerMultiplication signDegree (graph theory)Module (mathematics)Latent heatTotal S.A.DivisorProduct (business)BitSquare numberTask (computing)1 (number)State of matterSubject indexingFamilyOutlierWebsiteData managementSpeech synthesisCollisionRing (mathematics)Lattice (order)Linear complementarity problemCASE <Informatik>Form (programming)Roundness (object)NeuroinformatikMusical ensembleData structureFreezingForestRenewal theoryDemo (music)Single-precision floating-point formatServer (computing)Physical law40 (number)Mixture modelOperating systemClient (computing)Clique problemOpen sourceEvent horizonLeakPosition operatorWordVideo game consoleComputer clusterCycle (graph theory)Hydraulic jumpCellular automatonOffice suiteMereologyInternet service providerCountingProjective planeGamma functionSeries (mathematics)CoalitionStatement (computer science)Discounts and allowancesInternetworkingElectronic mailing listObservational studyComputer animationLecture/Conference
09:23
Software frameworkComputing platformConfiguration spaceOpen setGroup actionFinite differenceInformationPublic key certificateComputing platformSurfaceBuildingConfiguration spaceComputer networkRootkitSystem programmingAxiom of choiceType theoryAuditory maskingEntire functionData centerPhysicalismComputer fileVirtual machineAssociative propertyOperating systemLatent heatOcean currentComputing platformResultantWeb serviceData managementCommitment schemeServer (computing)NP-hardYouTubeFood energyMachine visionPairwise comparisonMetropolitan area networkProjective planeInternetworkingLink (knot theory)Medical imagingRothe-VerfahrenGroup actionSystem callOpen setComplete metric spaceSign (mathematics)Incidence algebraFrequencyComputer animation
11:55
Configuration spaceVirtual machineHost Identity ProtocolSoftwareData storage deviceSystem programmingData centerWeb serviceData storage deviceLevel (video gaming)Auditory maskingMultiplication signComputer fileAssociative propertySoftware testingKeyboard shortcutCuboidFirewall (computing)System programmingAreaDifferent (Kate Ryan album)Computer networkDynamic Host Configuration ProtocolConfiguration spaceVirtual machineINTEGRALInstallation artSoftwareComputing platformIntegrated development environmentSymmetric matrixFinite differenceBitRepository (publishing)Domain nameConnected spaceUtility softwareModule (mathematics)Open setData managementInformationState of matterPhysical lawGroup actionServer (computing)WordPlastikkarteHand fanIndependence (probability theory)Food energyWage labourCovering spaceMereologyRow (database)Category of beingSubject indexingStandard deviationLattice (order)CodeLink (knot theory)Reading (process)Selectivity (electronic)VotingCoalitionUniqueness quantificationProjective planeFine-structure constantCASE <Informatik>Bridging (networking)PlanningOnline helpCircleComputer animation
15:49
Software testingPhase transitionComputing platformWeb serviceRepository (publishing)SoftwareGroup actionDynamic Host Configuration ProtocolLoop (music)Open setSystem programmingDisintegrationEmailComputer animationLecture/Conference
16:56
Computer animation
Transcript: English(auto-generated)
00:09
Oh, there's one, oh, yeah, of course. So, yes, that's me, Ruben, these are my colleagues. I work for a software company called Raft Technology who specializes in open source data center automation.
00:25
And OpenPCF is our main product, our main open source thingy. And I'm going to tell you today about OpenPCF, about what it is. I'm gonna show you how the framework works. I'm gonna show how you can use it in practice, how you can use it on a machine
00:41
and to configure it automatically. And I'm gonna show you how you can use these results to bootstrap an empty data center. So to use a machine as a beginning to automate the rest of your environment. I will close my talk with a quick overview of current features, upcoming features. And before I start delving into OpenPCF itself,
01:03
I wanna give you a quick overview of the context. Why did we develop something like OpenPCF? So, context. Anyone who has been involved with data centers or large rooms filled with computer systems will have noticed that data centers have many different platforms.
01:23
If you're walking into a data center, you will see Linux systems, Windows systems, AIX systems, Solaris systems, different versions of these operating systems. Underneath the operating systems, you will see different architectures, Spark, Itanium, x86-64, whatever. So lots of different platforms
01:40
and this difference sort of hurts, of course. You know, it's a given, but you have to deal with it. But even though you have to deal with it, these platforms have common needs. They need to be installed and they need to be configured. And to do this, we hire departments of people to do installations.
02:00
And these installations give you varying and often isolated degrees of automation for these needs. Yes, so what you see happening, for example, is that if you look at two data centers next to each other, let's say, for example, a Philips data center and a Nuon data center, you will notice that these people are essentially doing the same thing,
02:21
only they're going about it in their own way. They don't have any way of sharing implementation ideas, maybe by coincidence when they meet each other at FOSDEM, but not structurally. So there's lots of variance in how these tasks are done. So this variance in how what is automated
02:42
is also compounded by a few obvious facts and a few less obvious ones. First thing is, of course, that different peoples do things differently. If you're not thinking about storing what you are doing to change the machine in software somehow, then you automatically
03:03
become dependent upon people itself. And what that means is that the individual neatness of the person, the individual skill of the person becomes a factor in the product that the data center delivers. So it will have effect on if you are able to actually deliver a system on time
03:23
or to be predictable in your time. Now, different teams do things differently also. So if your data center has thought about, for example, saying, okay, let's segment in a Linux team or let's segment in a Windows team and a HPUX team, then these teams will do what you ask them to do,
03:43
like automate installation configuration, but they will usually do it with their backs towards each other. The HPUX guys will go about it the way they know, the Windows guys will go about it the way they know, Linux guys, same story. So all this leads to variance in delivery times
04:00
and variance in implementation. And when we were thinking about, couldn't we create a piece of software that somehow abstracts this difference in platforms away so that you can more easily capture the expertise needed to configure services and then reuse that expertise
04:20
on different platforms? So what is OpenPCF then? OpenPCF, first and foremost, is an extensible framework. It's something that a human can use to store expertise, create a service like a DHCP3 service or a BIND9 service, write it once, and then for every platform that OpenPCF knows about,
04:43
never rewrite the service, simply lift the service, run it on the other platform. Because of this, obviously, it is an automated service configuration tool. This is maybe the first thing that OpenPCF is actually. We do automated service configuration in a cross-platform way.
05:01
And because of this, it becomes a software provisioning tool as a result. This is an important distinction. If you have worked with installation systems like maybe Space Walk or if you're more into the commercial things like HPSA, Radia, Altiris, what these guys are doing is that essentially they take a big set of standard services
05:22
like DHCP, PXE, BIND, NFS, CIFS, HTTP, put them all together in some sort of static thing, and then put an interface on top of it and then tell you that you can install, for example, Linux and Solaris with it. Well, we wanted to take another approach to this and say, what if you could generate
05:41
all these services you need and then have OpenPCF help you with using the services you generate to do installation? We aim to support all operating systems. This is our credo. When we develop something new for OpenPCF, when we think about changing the model
06:01
or changing interfaces, we think to ourself, can it still match this credo? And it's a lofty goal and maybe an impossible one to reach, but it's a noble goal, so we keep it in the back of our minds. So it's written in POSIX SH. Now, POSIX SH is cool because POSIX SH is a very low common denominator. It's something that runs on 95%
06:22
of the operating systems out there nowadays, and even the systems that don't have it by default, like Windows or DOS, have good upstream implementations for it, like Cygwin and services for Unix or whatever they call it nowadays, because they've changed the name so often on Windows, and you have DGGPP on DOS, which is actually also on a complete POSIX environment.
06:44
It's licensed under GPLv3, so it's open source, and at the end of my talk, I will give you, obviously, a link to the webpage where you can download it and check it out. So let's take a look at the framework. The framework, first and foremost,
07:00
exists from platforms. Don't try to read this. This might be a little bit difficult to read, but it's just for illustrative purposes. Now, a platform in OpenPCF is an abstraction that tells it about a specific operating system. For example, here we have four little squares,
07:21
and these squares are different variants of Red Hat. So you have version four, version five, i3-86, x86-64, and here we have an example one called RL5-86-64. It tells OpenPCF about what kind of init system is used, where is data stored for bind, where is data stored for some other service modules.
07:41
It tells it about specifics of that platform, and we currently have quite a few platform descriptors. This is the current stable version, five operating systems on a lot of different architectures, totaling 16 platform descriptors that we currently know about. On these platforms, we can set up surfaces.
08:01
Here we have a surface, and if you look at this surface, you can see, for example, this is a DHCP surface which has an implementation in it called ISC-DHGP3. Of course, it's insinuated that any surface you can make a machine provide can be implemented by multiple systems.
08:21
It doesn't have to be ISC-DHGP3. You can create an MS-DHGP module, and then create a Microsoft service. So currently, we have 15 surfaces in the main distribution, so there's things here like bind-9, DNS surface,
08:40
SMTP by Post62, IMAP, POP, SASL, SMB, LDAP, NFS, all kinds of surfaces with 18 implementations in total. Here you will actually see the example of having multiple implementations for a single surface, which actually has to do with the fact that certain surfaces are not available on all platforms, so you have to take that into consideration.
09:03
So these surfaces can be grouped, and they can be grouped in roles. It's obviously very convenient because if you don't have roles, then you cannot easily group machines functionality-wise. So these roles are associated with configurations.
09:22
A configuration stores information about your landscape. What does your data center look like? How many networks does this have, one, five, 10? How big are these networks? How are there sitter masks and net masks associated? Names of companies and company information that is used to generate certificates. That's all stored in a configuration.
09:42
And lastly, a configuration associates a platform. So if you look at this example, here you have an example of a complete configuration, and this is a configuration where OpenPCF has enough information to actually configure the surfaces defined in the role on the platform of choice. And the nice thing about this
10:00
is that you can switch, like this, your entire configuration to different operating systems. I think that here we switched quickly from Red Hat to Debian to NetBSD, and it will give you the results you expect. It will configure these surfaces according to the specifications in your configuration and set these surfaces up automatically.
10:22
So then, you as a human, what can you do with OpenPCF then? What commands can you actually run with OpenPCF if you have a complete configuration like this running? Well, you can build configurations, obviously, clean them, install them, uninstall them, start them, and stop them. This is what you actually type in the command prompt
10:42
to generate configuration and make it active or take it away. So knowing having this quick overview of the framework, how would this work on a physical machine? So let's take a look at automated surface configuration in practice. We take an empty machine. Suppose we're on an island. We only have a couple of CDs with us,
11:00
and coincidentally, these CDs are the current platform descriptors, of course, and you want to install your machine. So there's no luxury like PXE available yet or something, so we insert the CD, install the operating system of choice. We place OpenPCF on the system in, say, slash root OpenPCF or slash OpenPCF, whatever.
11:20
You can actually leave it. You can actually take OpenPCF off if you're ready with a machine, by the way. You place a small configuration file, which is really small. This is actually the entire configuration file for an OpenPCF run if you don't have to change anything, if you can work with existing platforms
11:41
and existing roles. So here, we associate a role with here, the universal role. Here, we associate a platform, and here, we have our company, Global Information, and here, we have our networking details, which is an array of networks which are named and which have a sitter mask.
12:01
This array can be as long as you want, and this will take care of, for example, DHCP ranges that are surfaced, binds domains that are surfaced, et cetera. So when you've done all this, your services are ready to be staged. They're ready to, they're configured. You can do something with them.
12:20
So when you use the build command, the service configuration and data will enter OpenPCF staging area. When it's in the OpenPCF staging area, you can actually install and start it after you've inspected it and you like it. So if you install and start, it's active on the machine, but the nice thing, of course, is that if you don't like it, you can go back. You can actually clean.
12:41
When you uninstall, you get back to the staging area, and when you clean, you're back at the beginning again, and you can repeat this as many times as you want, which is very convenient if you're developing services and you're working with it. So these services here are the services we set up automatically with that configuration file.
13:02
So we have this machine. It's running all the services we actually need for deployment of operating systems. So let's see how we can use this machine then. Software provisioning then. We have a data center, 120 machines, made with Inkscape, by the way, and we zoom in a little, and we take this first machine
13:22
that's running all those services. Only it's running services, but it doesn't have data yet, so let's associate the data store. Can be a USB disk, it can be a symmetrics if you like your storage a little bit bigger, and you put some ESOs on this. Now, OpenPCF has the tools and utilities that can help you with connecting those ESOs
13:42
to HTTP, NFS, SIF, TFTP, DXP, DHCP, and make sure that you can install it. It also has tools that allow you to register machines in the installation system. So when you've done that, you can actually install your operating systems, just F12 installers machines,
14:01
push OpenPCF to these boxes using things like CF Engine, SCP, Puppet, if you want, and then have OpenPCF run its build install start routines, and you're running your different services, different roles on different operating systems times the entire data center. This is actually stuff we test for real
14:20
in our testing environment. So having all this in overview now, I wanna give you a really quick, because I don't have too much time, I see, overview of features. We support many operating systems. We do automatic connection to needed third-party repositories. Truck is not in Red Hat 4. OpenPCF knows about it, will connect to extra repositories
14:42
and warn you that you're not connected. Automated dependency checking, so it knows which packages to install to provide a certain service. Open port detection, you accidentally left port 25 open, you're trying to install postfix, you can't. OpenPCF knows about it, warns you about it. And RBAC and firewall detection.
15:00
Upcoming features, more platform descriptors, HPU XLRs and AIX, and LDAP service integration for modules. That's my talk. 15 minutes is up. Wait a second, thank you. Have a look at OpenPCF.org. And I hope I got the idea across.