Application centric deployment with foreman / katello
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 637 | |
| Author | ||
| Contributors | ||
| License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/53625 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
FOSDEM 2021513 / 637
1
2
7
8
10
11
12
17
29
33
35
38
40
44
48
50
54
59
63
65
85
87
91
95
97
105
108
114
115
119
120
122
126
127
129
130
133
137
140
142
143
147
149
151
156
159
160
161
168
169
170
175
176
177
178
179
182
183
184
187
189
191
193
197
198
204
206
209
212
220
222
224
227
230
233
235
238
242
243
245
247
252
253
255
258
260
261
262
263
264
265
272
273
278
281
282
285
286
287
288
289
294
295
296
302
304
305
308
310
316
320
323
324
328
330
332
335
338
342
343
347
348
349
350
351
360
361
365
368
370
372
374
377
378
380
381
382
383
386
390
392
395
398
402
405
407
408
409
414
419
420
422
425
427
430
439
451
452
453
458
460
461
464
468
470
471
472
473
475
478
485
486
487
491
492
493
495
496
498
509
510
511
512
516
532
534
538
543
548
550
551
554
556
557
559
563
568
570
572
574
575
577
583
585
588
591
593
595
597
601
602
603
604
605
606
607
610
611
617
627
633
634
00:00
Configuration spaceStack (abstract data type)Shift operatorPresentation of a groupVector potentialSoftware developerSpacetimeOperating systemConfiguration managementSimilarity (geometry)Software bugData centerPhysical systemAxiom of choiceProduct (business)Group actionContent (media)Configuration spaceGame controllerForm (programming)Computer animation
02:04
Computer animation
02:27
Open sourcePoint cloudGoogolStack (abstract data type)OracleIntegrated development environmentConfiguration spaceOperations researchSystem programmingUser interfaceOperating systemConfiguration managementInformation securityIncidence algebraSemiconductor memoryDifferent (Kate Ryan album)Physical systemMultiplication signTime zoneForm (programming)WritingPresentation of a groupService (economics)Data storage deviceIntegrated development environmentNeuroinformatikBit rateGroup actionLink (knot theory)Proxy serverWeb pageComputing platformOpen sourceOracleProjective planeVariable (mathematics)State observerAdditionCASE <Informatik>Client (computing)State of matterDatabaseSound effectData managementFitness functionRuby on RailsCartesian coordinate systemServer (computing)Configuration spacePlug-in (computing)Web 2.0Module (mathematics)Web applicationCloud computingQuicksortParameter (computer programming)Partition (number theory)Table (information)Computer animation
08:22
Web applicationParameter (computer programming)Server (computing)Service (economics)Replication (computing)Computer animation
08:55
Template (C++)Process (computing)Configuration spaceEquals signGradientLocal GroupWeb 2.0Parameter (computer programming)Variable (mathematics)Template (C++)Instance (computer science)Group actionCivil engineeringUniformer RaumTunisService (economics)Menu (computing)InformationData storage deviceIncidence algebraBit rateHeegaard splittingMultiplication signWordPhysical systemSemiconductor memoryApproximationProxy serverSurfaceRule of inferenceDirectory serviceMereologyDifferent (Kate Ryan album)GodRight angleQuicksortCartesian coordinate systemVariable (mathematics)BefehlsprozessorNeuroinformatikServer (computing)Parameter (computer programming)Maxima and minimaWeb 2.0Computer filePlug-in (computing)Web applicationHard disk driveSet (mathematics)Computer animation
15:33
Group actionService (economics)SummierbarkeitVariable (mathematics)Local GroupInstance (computer science)Cellular automatonTemplate (C++)Query languageBookmark (World Wide Web)PasswordBroadcast programmingState diagramGreatest elementTask (computing)FluxComputer iconVariable (mathematics)Physical lawPhysical systemSemiconductor memoryGastropod shellRoundness (object)Service (economics)Right angleDifferent (Kate Ryan album)Web 2.0Multiplication signServer (computing)Table (information)Endliche ModelltheorieInstallation artInstance (computer science)Web applicationOperator (mathematics)Plug-in (computing)2 (number)Cartesian coordinate systemGroup actionInterface (computing)Function (mathematics)Remote procedure callComputer animation
20:27
Process (computing)Configuration spaceTemplate (C++)Software testingLink (knot theory)Cartesian coordinate systemWeb pageForm (programming)Physical systemState of matterInstance (computer science)InformationSoftware testingTemplate (C++)Condition numberSystem callWebsiteRepetitionAdditionFile formatOpen sourceService (economics)1 (number)Translation (relic)CuboidCodeOcean currentRepository (publishing)Directory serviceServer (computing)TwitterEmailPlug-in (computing)Computer animation
26:16
Element (mathematics)Phase transitionFreewareArmForm (programming)CASE <Informatik>Software maintenanceCartesian coordinate systemComputer animationMeeting/Interview
28:52
Element (mathematics)Physical lawComputer animation
Transcript: English(auto-generated)
00:07
Welcome everyone to my presentation about application-centered deployment with Foreman and Cartello. My name is Bernhard Sotner and I'm leading the software development department at Attix.
00:21
Attix is a company located in Munich and it helps customers to run Linux-based data centers and to do automation. So if you need to run Docker containers, we help customers to use tools like Red Hat OpenShift through the CAS platform, Rancher or Kubernetes.
00:44
If they need to use a configuration management tool, we help them to use tools like Solstack and similar Puppet. And we are creating our own product called Ocarino. Ocarino is a tool based on Foreman and Cartello.
01:04
I will tell you a lot of more things about Foreman and Cartello later on. In summary, Ocarino can deploy, run and control your data center, your infrastructure and your hosts.
01:23
The target of Ocarino is to be independent from manufacturers. So whatever operating system a customer wants to use, we help them to deploy hosts and to manage these hosts. For example, on SLES or on Debian or on Ubuntu.
01:44
We don't tell the customer you need to use Ansible or Puppet. The customer should free in his choice to select the preferred configuration management system. So we try to do a lot of automation because we think manual work is a bug or it is often a bug if I do manual steps.
02:15
Therefore, we try that customers are able to automate things.
02:20
And one of the preferred tools we help them is Foreman. The Foreman project was initiated by Uhat Levi in 2009. The Foreman project is based on Ruby on Rails.
02:43
And currently the user interface is moving towards React and JavaScript. Previously it was Puppet E&C, so it can store variables, which then can be used on the Puppet module side.
03:01
It can show reports and facts. Foreman is also a platform, so it can be extended with plugins. Like plugins for different compute resources, like Ovid or Microsoft Azure.
03:25
So if you want to deploy hosts, the first thing what you need to do is to choose the operating system. And Foreman supports a lot of them, like Oracle or Red Hat, Debian, SUSE.
03:40
If you have configured that, you want to deploy that operating system on a host. And now you need to choose, should it be a bare metal server or should it be a virtual machine, maybe on Proxmox or maybe on Ovid or on VMware?
04:02
Or should it be even deployed on a cloud service like Microsoft Azure or the Amazon cloud? After that server is deployed, you need to configure them. So you can choose from different configuration management tools, like Puppet, Ansible or SourceStack.
04:26
And you can use these tools to configure hosts. After you have configured them, hopefully your server is up and running. And during the time, maybe a security incident will be found and you want to see the state of your servers.
04:49
So are they affected from that security incident? And if that is the case, how can I update a package or some packages to fix that security issue?
05:03
For doing this, you maybe want to have a look at the plugin called Cartello. A lot of things are just plugins in Foreman, like Ansible or SourceStack or Proxmox. And we have created a new plugin called Application-Centric Deployment.
05:26
So let's see what we want to achieve in that presentation. So later on, we will have a live demonstration of Application-Centric Deployment plugin. And in that presentation, we want to set up a web application.
05:44
That web application should use PostgreSQL as a database. And we want to have a proxy and two web servers and three Tomcat servers. So if a user is using his browser, he sends the request to proxy.
06:09
The proxy forwards the request to two different Apache servers. And Apache server is using Tomcat as its application server.
06:21
And the application server needs to be able to use the Postgres database. How can that be achieved with Foreman? So in the end, we will need six new servers, a proxy to Apache servers and three Tomcat servers.
06:45
Currently, what I need to do is I need to set up the environment first. So we need to specify which operating system should be used, which host group should be used. And that host group is mentioned, how many CPUs, how many memory a host should have,
07:10
which partition table to use, et cetera, et cetera. Then I need to create six new hosts. So I need to press the Create Host button for six times.
07:21
And hopefully I can already configure these hosts. So configure these hosts, these six new hosts with different parameters. And well, maybe it will do that manually or I will choose configuration management tool, like Ansible sort or Puppet.
07:43
In the end, I need to make sure that all hosts are up and running and they are connected to each other. So that the proxy is able to forward the requests to the Apache web servers. The Apache web server need to forward the request to the application server.
08:01
And the application server need to be able to contact the database. And you need to make sure that all is linked together. So that is done six times for six different servers. Well, I don't want to do that.
08:20
Actually, what I want to do is this. I want to press a button. And to be able to do that, we choose a template. And that template defines everything. Then I maybe add some more parameters and I press that button. And in the end, it will create these six new servers and configure these six new servers.
08:45
And they are up and running and the web application can be used. That's a target what application-centric deployment should look like. How to achieve that? So, as I said, we are using Ansible playbooks for that.
09:07
So the first thing I need to do is to create an Ansible playbook. To write an Ansible playbook which can configure all these services. That Ansible playbook is then stored in application definition.
09:23
So that's my template. And that template can then be used multiple times in an application instance. That application instance will be deployed. So all these six servers are set up and they are asked but not linked.
09:42
They are configured. If you are in a big company, maybe you have two different departments. One department which is responsible for creating that application template. So that department will write the Ansible playbook and it will set up application definition.
10:04
Another department will pick that application definition and will simply use it and create new instances of it. Deploy the servers and then they are configured with Ansible.
10:24
Now I want to show you how that looks like in Foreman. So, if you install the plugin Foreman Application and Deployment, you will have a new menu item called Applications.
10:47
And here you have the three items. Ansible playbooks, application definitions and application instances. Let's go to the Ansible playbooks. So the first thing you need to do is to store an Ansible playbook on your Foreman.
11:07
So on the hard disk of your Foreman. And then you need to set up that Ansible playbook in your Foreman. So I will have a look at this one.
11:22
So that's my web app. It's located in this path. And if I want to run the Ansible playbook a bit, I need to use set play file. An Ansible playbook has some groups.
11:43
So as I said, we need to have a proxy, we need to have web servers and we need to have Tomcat servers. And these groups will have group variables. And to import these groups and group variables, I need to press this button.
12:01
This will go to the directory, read the groups and the group variables and import them. Let's have a look at the application definition side. So we need to create a new application definition.
12:22
So my web app. I need to select the Ansible playbook. So the web app. And now I need to configure three different services. First service is my HR proxy.
13:04
The Ansible group is HR proxies. Now let's save it. And we need to have web servers. We need to choose the host group. The host group is specified, which operating system, CPU, the minimum amount of servers is two.
13:42
Last but not least, I need Tomcat servers. We also should use CentOS and we want to have three of them.
14:01
Let's save it. Now we want to specify or we can specify some parameters. For example, the HR proxy should be a big server. Compute profile, that's information which needs to be set if I want to make sure that it's a big server with a lot of CPU and a lot of memory.
14:31
Save it. We can also set some Ansible variables. For example, on Tomcat, we can override the amount of memory which is available.
14:50
Any other Ansible variable, which is part of that Ansible playbook which we have imported before.
15:02
And you can also set group variables of the group all, which affects all different services. You can also override these parameters. I'll do that right now.
15:20
Let's save the application definition. Last but not least, the application instance. Create a new application instance. So that's my web. Now I can do that multiple times.
15:43
Maybe I will have five different web applications which are using the same application definition. And here you see that I need to have these services and I need to have a different amount of them.
16:07
So for the web server, I need to have at least two hosts in that group and I need three different Tomcat servers. So let's create these hosts.
16:24
A proxy, a proxy, one web server, next web server, service again, second Tomcat server and the last one.
17:30
Here it is. Now you see that I have three Tomcat servers and I request at least three of them. And now I can override some variables again.
17:44
So maybe I want to override the memory of the Tomcat server. 600 megabyte, save that.
18:03
And well, I decided that it's not such a large installation. So I will override this one. It's not a large server. It's just a medium server. And I want to hide my HTTP port.
18:21
Oh, that's quite not possible. That's fine. Okay. But I can also override group variables here. Submit. Now we have that web application instance and I can deploy that.
18:42
If I would now press the deploy button, it will take a long time because it will set up six different servers, install the operating system, install all packages, et cetera, et cetera. In the end, everything is fine.
19:00
I can also run the Ansible playbook or I can press run Ansible playbook and customize the request first. If I would choose that, it will use the remote execution plugin to run that job.
19:24
So we can use this one, customize first. Now you will see the interface of that remote execution plugin. I maybe can set some advanced variables like we want to run it verbose.
19:54
And now I can run that job. So it will try to run that Ansible playbook.
20:05
You will see the output here. Currently, that Ansible playbook is failing because it cannot install certain packages. But what you see is that it tries to run that Ansible playbook for different hosts.
20:23
So the same would happen if I would run that Ansible playbook after I have created all that service. Okay, what else can be done in application definitioner?
20:40
It's possible to export that definition. And of course, that exported and definition can then be imported. Let's go back to the presentation.
21:02
What you have done now, we have created an Ansible playbook. We have created a definitioner. We've set up an instance and we would be able to deploy that instance and to configure that.
21:27
So what we need to do with the application-centered deployment, it's not completely done right now. What we need to do, we need to complete the current work.
21:40
So what is really necessary is that after the servers were deployed, the Ansible playbook should run automatically. We need to add some translations and we want that the code is of course tested. So we need to do a lot of or add a lot of more tests.
22:04
If you think about the application definitions, I have shown you that it's possible to export them. Whether it will use or it will just export the application definition. What it should normally do is it should also export the used Ansible playbook.
22:25
So it should be possible to have something like an application template, which can be provided maybe on a website. You can download that application template. That includes the playbook and the definition.
22:42
If I import that application template, I can simply deploy a new application, maybe like a Kubernetes cluster. Also the Ansible playbook. The Ansible playbook is currently just a directory which exists on your format.
23:10
What you want is that there is fully Git support. So on the Ansible playbook side, there should be the possibility that I choose a Git repository.
23:27
I save that entry and in the end it's possible to synchronize that Git repository, to update that Git repository, etc.
23:41
Currently we are supporting Ansible, but it should also be possible to use salt for these tasks. So why not choose salt as a second system? So instead of using Ansible playbook, we can use salt and salt stack states.
24:08
So some more information about Foreman can be found at this page on theforeman.org. On the community site, communitas.foreman.org, you can raise questions, ask questions about Foreman.
24:29
As I said, we are doing a lot of open source things and you will find a lot of repositories out there at our GitHub instance.
24:43
So github.com.atix.com. And of course you will also find that new plugin called Foreman ACD at this GitHub instance. So if you want to contribute some ideas or if you want to contribute some code, you
25:06
can go to that directory or at that URL, create an issue or create a pull request. And of course we can also help you to run Foreman ACD.
25:26
So those ideas are very appreciated that we can improve Foreman ACD. Last but not least, if you want to contact me, you will find me at the Foreman dev channel on the IRC.
25:44
You can follow me at GitHub or at Twitter. And of course you can send an email to me if you have some question to my work at Atix or how I'm contributing at Foreman or some ideas about Foreman ACD, just send me a mail or contact me somehow.
26:09
Then thank you much for your attention and have a great day. Thank you very much.
26:43
Hello, everyone. Thank you very much for sticking with us towards the end of the day. As you're aware, this is our last talk and we're the only thing preventing you from starting your Belgian beers if you haven't already. So just ask, we've had one question so far from Christian, but that was answered at the end of the talk.
27:07
So if any of you have any additional questions, we'd be happy to answer them. So as a Foreman maintainer, I would love to, or Foreman salt maintainer,
27:23
I would love to add Foreman salt to the application centered deployment plugin.
28:11
Have you already used this in customer use cases for, for, for customer use cases as Christian corrected?
28:21
Not yet. So we are still in a phase where we need to add some features and fix some bugs. But later on, we are pretty sure that it will help our customers to make the deployment of whole applications easier.
28:48
So, any final questions for the day?