Deploying CoreOS with Foreman Johannes Maximilian Scheuermann, Nils Domrose Gent , 02.02.2015 Agenda ‣ About us ‣ CoreOS ‣ CoreOS components ‣ How to deploy CoreOS with pre 1.8 foreman ‣ Building a POC ‣ Create a PR ‣ Deploying a CoreOS Cluster About us A brief introduction Nils: ● Senior Linux Systems Engineer / Architect at inovex GmbH http://github.com/endyman IRC @__endy__ Johannes: ● Computer Science Student working at inovex GmbH http://github.com/johscheuer IRC @johscheuer CoreOS Linux for Massive Server Deployments ● ● ● ● ● ● ● ● ● ChromeOS Fork Minimal Linux – uses ~40% less RAM Painless update – update OS as single unit Docker Container Clustered By Default Cluster Management with fleet fleet - a distributed init system Service Discovery with etcd Systemd as init-system image: https://coreos.com/assets/images/media/Host-Diagram.png CoreOS Components How is CoreOS shipped ● ● ● coreos_production_pxe_image.cpio.gz (initrd) coreos_production_pxe.vmlinuz (kernel) cloud-config (cloudinit) ● ● ● ● PXE boot file has to provide a cloud-config Install options (in memory, disk) Boot options (images, iso, PXE) coreos.autologin opens a Shell without prompting for a password -> troubleshooting cloud-config-url for provisioning Post-Boot Actions via systemd units defined in cloud-config ● ● CoreOS Components How is CoreOS configured ● ● ● ● ● Cloud-Config is used to configure CoreOS during each boot ○ Invalid Cloud-Configs won’t be processed but will be logged in the journal -> sadly you can’t access the journal CoreOS validater https://coreos.com/validate is a helpful tool to check your Cloud-Config syntax YAML-Style Has to start with #cloud-config or #! Example: #cloud-config coreos: etcd: name: node001 discovery: https://discovery.etcd.io/<token> addr: $public_ipv4:4001 peer-addr: $private_ipv4:7001 ● Pass Cloud-Config as parameter e.g. PXE Boot cloud-config-url or in foreman as provision template source: https://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config How to deploy CoreOS with pre 1.8 foreman ● ● ● ● Create a Dummy OS Select Red-Hat as OS family manually downloaded kernel + ram disk to your TFTP Servers /boot dir create custom templates for your cloud configs Drawbacks: now proper versioning, no auto download of coreos, no out-of-the box templates…. Building a POC ...in 4 hours ● ● ● ● ● ● ● ➔ ➔ ➔ ➔ look at other OS implementation in the source play around with current foreman installation modified the source on disk challenge to get information passed to the CoreOS installer script developed nested cloud config concept fun to get patches out :-) started using git with proper remotes at this point CoreOS downloaded from the inet (everytime) Full auto install (with minor glitches) ssh access deployment of multi nodes available in fleet (fleetctl list-machines w/o manual steps) create Patches and PR ● ● ● created patch from POC applied Patch to fork created external templates for Patch ● PR for foreman ○ created app/models/operatingsystems/coreos.rb ○ added CoreOS on multiple places in foreman ○ added unit test for CoreOS ○ added CoreOS logo after triggering the CoreOS Team to add License PR for communinty-templates ○ provision.erb (cloud-config) ○ PXELinux.erb (PXE boot) ○ disklayout_CoreOS.erb (not supported) ○ coreos_cloudconfig.erb (snippet, cloud-config applied at installation PR for coreos :-) ○ allow to override the base-url ○ CoreOS created their own Patch based on the idea ● ● optimizing the PR getting the code in ● ● ● ● comments code style re-factoring template optimization ● ● support for coreOS mirror only in CoreOS > 557.0.0 Source: http://github.com Deploying a CoreOS Cluster CoreOS discovery 101 ● ● ● Tested with etcd 0.4.6, 2.0.0 release at 28.01 not yet in CoreOS discovery token ○ get new token from https://discovery.etcd.io/new ○ set token in Cloud-Config ○ start cluster ○ + easy setup for tests/fast deployment ○ - needs internet access ○ - everybody could see the cluster at https://discovery.etcd.io/$token ○ - and could also connect to the cluster (static) etcd node as entrypoint ○ start up an etcd node (entrypoint) ○ enter IP-Address of entrypoint into Cloud-Config as -peers ○ start up other etcd nodes ○ + only intern communication is necessary ○ - entrypoint has to be available if a new etcd node will join Deploying a CoreOS Cluster CoreOS discovery logical workflow 1. if log data is found by etcd: a. Try to join via peers in previous cluster b. Try to join via peers found in discover URL c. Try to join via peers in peer list d. Restart the previous cluster which is down e. return 2. If discover URL is found: a. Fetch peers through discover URL b. If Success: i. Join peers found ii. return 3. If peer list is given: a. Join as follower via peers in peer list b. return 4. Start as the leader of a new Cluster source: https://github.com/coreos/etcd/blob/v0.4.6/Documentation/design/cluster-finding.md Deploying a CoreOS Cluster ● Create a host group coreos_cluster ○ host param etcd_discovery_url for an easy setup with an discovery URL ○ or create an etcd node as entrypoint ○ add install-disk as hosts parameter pointing to your target device ○ add ssh_authorized_keys as host param ■ if you forget this step the host root password will be deployed for the core user ■ the CoreOS way is to work with SSH keys Deploying a CoreOS Cluster Deploying a CoreOS Cluster Demo ?! Deploying a CoreOS Cluster ● Validate that the cluster is deployed ○ fleetctl list-machines -> list of all deployed CoreOS nodes ○ journalctl shows entire system log ○ journalctl -u test.service show system log for specific service ○ good for debugging ○ Quick debugging with toolbox -> installs a Fedora Docker container What’s next SkyDNS … and many more simply via systemd-units in your cloud-config template Logos: http://deis.io, http://kubernetes.io, http://mesos.apache.org, http://mesossphere.com Thank you for listening! Kontakt Nils Domrose Johannes Maximilian Scheuermann [email protected] [email protected] inovex GmbH Office Karlsruhe Ludwig-Erhard-Allee 6 76131 Karlsruhe
© Copyright 2024