table of contents - vmware · table of contents lab overview.....2 hol-prt-1307 - provisioning and...
TRANSCRIPT
Table of ContentsLab Overview .................................................................................................................... 2
HOL-PRT-1307 - Provisioning and Management vSphere with Puppet Enterprise....3Rainpole: A case for lifecycle management using Puppet Enterprise......................5
Module 1 - Automating VMware vSphere Provisioning and Management with PuppetEnterprise ......................................................................................................................... 6
Reviewing the Puppet Master configuration............................................................ 7Getting help within puppet ................................................................................... 10Listing Virtual Machines ........................................................................................ 11Deploying a new Virtual Machine from a template ............................................... 12Installing Puppet on the newly Provisioned Node.................................................. 14Power up the existing application VM ................................................................... 17Classify the app10 server to install Jenkins........................................................... 18Deploying a Puppet Enterprise template and migrating to VMware vCloud HybridService .................................................................................................................. 24Conclusion............................................................................................................. 25
Module 2 - Puppet Labs integration with vCHS ............................................................... 26Deploying Puppet Enterprise to vCHS ................................................................... 27Rainpole Solution Overview .................................................................................. 28Lab Architecture Overview.................................................................................... 29Navigating the Lab environment........................................................................... 30Working with vFabric Application Director............................................................. 31Deploy Puppet Enterprise Master vApp................................................................. 32Login to the Puppet Enterprise Console ................................................................ 44Conclusion............................................................................................................. 49
HOL-PRT-1307
Page 1VMware Beta Program CONFIDENTIAL
Lab Overview
HOL-PRT-1307
Page 2VMware Beta Program CONFIDENTIAL
HOL-PRT-1307 - Provisioning andManagement vSphere with PuppetEnterpriseLab Introduction and Overview
Introduction
The sheer volume and dynamic nature of data center nodes makes managing thelifecycle of VMware virtual machines a challenge. In particular, keeping configurationsconsistent across development, test, and production environments while rapidlyprovisioning, configuring, updating, and terminating virtual nodes requires automationin order to scale without impacting quality of service.
Puppet Enterprise can help. With its numerous integrations with VMware products,Puppet Enterprise enables IT teams to automate tasks associated with the lifecyclemanagement of their virtual machine infrastructure, allowing them to scale services andapplications quickly, reliably, and efficiently.
This lab will walk you through some common steps to automate repetitive tasks aroundlifecycle management of VMware virtual infrastructure.
This lab is appropriate for IT Systems Administrators who want to learn about PuppetEnterprise features in a VMware environment.
Module Overview
The concepts introduced in HOL-PRT-1307 are divided up into two modules. Eachmodule is independent and can be completed in any order within the allotted time.
Module 1 - Automating VMware vSphere Provisioning andManagement with Puppet Enterprise
Description: This module demonstrates the automation of common administrative taskswithin a vSphere environment including VM provisioning and applying Puppet Modulesto your VM inventory.
Duration: 30 minutes
HOL-PRT-1307
Page 3VMware Beta Program CONFIDENTIAL
Module 2 - Puppet Labs Integration with vCHS
Description: This module will lead you through the process of deploying a vApp into avCHS environment and will demonstrate Puppet Labs integrations with both VMwarevCHS as well as vCloud Application Director.
Duration: 45 minutes
HOL-PRT-1307
Page 4VMware Beta Program CONFIDENTIAL
Rainpole: A case for lifecyclemanagement using Puppet EnterpriseRainpole IT is providing Cloud and IaaS for internal departments. The Accounting grouphas requested that IT host their infrastructure and they will need virtual infrastructure atmoments notice. Rainpole IT admins will be expected to have great depth of visibilityand control surrounding the virtual infrastructure, deploying applications/vmsdynamically and know the state of the environment at all times. Since the vApp isleveraging Puppet Enterprise, IT admins should be able to list and deploy virtualinfrastructure to include applications being installed in the virtual machine and deploythe virtual infrastructure as well. The Accounting group will often request IT to start andstop virtual machines at any time and often make very obscure lifecycle managementrequests.
Additionally, some of the Rainpole IT functionality is being deployed into the VMwarevCloud Hybrid Service and needs to be automated using vCloud Application Director tostreamline the process and ensure both application and management consistencyacross the vApps that are deployed into the IT environment.
HOL-PRT-1307
Page 5VMware Beta Program CONFIDENTIAL
Module 1 - AutomatingVMware vSphereProvisioning and
Management with PuppetEnterprise
HOL-PRT-1307
Page 6VMware Beta Program CONFIDENTIAL
Reviewing the Puppet MasterconfigurationYou can find some helpful scripts in Root's home directory.
Copying and Pasting throughout the lab
During this lab we will have to enter some long commands on the command line andalso take notes of some information so we can use it later. To make this job easy, youwill find a file named Key-In-Help.txt on the Dekstop. This file has all the passwords,command lines and information that we will need in this lab, so you can open this fileand copy/paste from it. To paste into the Putty session simply copy from the txt file andthen right-click in the Putty window.
Logging in to the Puppet Master VM
Use Putty to connect to the Puppet Master VM by double-clicking on the Putty icon onthe desktop, select the master (1) and then click Open (2).
User name: root
Password: VMware1!
HOL-PRT-1307
Page 7VMware Beta Program CONFIDENTIAL
HOL-PRT-1307
Page 8VMware Beta Program CONFIDENTIAL
List the HOL scripts directory
List the directory contents of '/root/HOL' to see the helper scripts. Remember, if youwould like, you can open the Key-In-Help.txt file on the Desktop and copy/paste thesecommands into the Putty session.
ls -l /root/HOL
The various articles throughout this lab will reference some puppet commands. If youever get stuck, or a command doesn't behave like you expect it to, you can refer to thecontents of these scripts as a reference. Please note, the IP addresses and names usedin these reference scripts may not always be exactly what you need, and may needmodification to work verbatim.
HOL-PRT-1307
Page 9VMware Beta Program CONFIDENTIAL
Getting help within puppetGetting help in puppet is as easy as typing "puppet help".
Viewing help of the 'puppet node_vmware' command
To get help on any particular puppet command, you can just type the following.Remember, you can copy the following commands from the Key-In-Help.txt file on theDesktop and paste them into the Putty session.
puppet help <command>
In this case, since we are working with the 'node_vmware' sub command, to get helptype the following.
puppet help node_vmware
This command will print a list of available options and parameters with a briefdescription of what each command does.
HOL-PRT-1307
Page 10VMware Beta Program CONFIDENTIAL
Listing Virtual MachinesOne of the sub commands of the "node_vmware" command is "list".
Viewing the list of Virtual Machines
Running "list" will produce a list of the virtual machines for the given vSphere server.
puppet node_vmware list | less -r
We use 'less' here because the output may exceed the terminal space available to workwith. You can hit the <Spacebar> to continue scrolling through the data and 'q' to exitless at any time and return to the command line.
Here we can see that we have three VM instances: First, a centos6 template that we canuse to provision new VMs; Second we have a powered off application server namedapp10; Finally our master server that we are logged into. Take note of the "path" toeach of these VMs, as we will make use of them in future sections, i.e./Datacenters/Datacenter Site A/vm/XYZ.
HOL-PRT-1307
Page 11VMware Beta Program CONFIDENTIAL
Deploying a new Virtual Machine froma templateIf you noticed in the previous section, we have a "centos6" template that we canprovision. Here we will deploy a new VM from that template so that we get Puppetinstalled and attached to our infrastructure.
Create a new node
Templates can be deployed with a single command. Here we run the following:
puppet node_vmware create --name=app02 --template="/Datacenters/Datacenter Site A/vm/centos6"
Once the task has been added to vSphere, Puppet Cloud Provisioner returns you to thecommand prompt after printing out some summary information of the requested action.Notice that most of this information is blank. The reason for this is that Puppet does notwait for the Virtual Machine to finish deploying. If you have a look back at vSphere, youcan get a sense of how quickly the VM is deploying in the HOL. This has been takingup to 15 minutes in the HOL environment. Puppet Cloud Provisioner will use theLinked Clones feature if its available for your storage backend, so speed here will varyfrom environment to environment.
Listing the VMs
Once control is returned to you, listing the virtual machines can be done with thefollowing command.
HOL-PRT-1307
Page 12VMware Beta Program CONFIDENTIAL
puppet node_vmware list | less -r
We use 'less' here because the output may exceed the terminal space available to workwith. You can hit the <Spacebar> to continue scrolling through the data and 'q' to exitless at any time and return to the command line.
Once the app02 VM displays an IP address you will know that it is booted, networkedand ready to use. Record the IP address of the new node for use in future steps.
HOL-PRT-1307
Page 13VMware Beta Program CONFIDENTIAL
Installing Puppet on the newlyProvisioned NodeNow that the node has been provisioned in VMware, we are ready to install puppet on it.To do that, we tell puppet node what credentials to use, and the IP of the new machine.
Install Puppet on the new node
Once we have the IP address, then we can run "puppet node install" to install puppet onthe remote VM.
puppet node install --keyfile=/root/.ssh/id_rsa --login=root <IP address from previous step>
Note that the template we deployed is configured to accept authentication from thekeyfile located at /root/.ssh/id_rsa. This is baked into the template, so there is no extrawork you have to do to get authentication. Also note, that the IP address shown inthe graphic may be different than what is being used in the lab environment.
HOL-PRT-1307
Page 14VMware Beta Program CONFIDENTIAL
Log in to the Puppet Enterprise Console
Now we need to authenticate to the Puppet Enterprise console so that we can sign thecertificate and add the node to a class. Open Internet Explorer using the Desktopshortcut and click on the Puppet Master bookmark in the toolbar. Click "Continue to thiswebsite" to bypass any certificate issues.
You can log in using...
User: [email protected]
Password: VMware1!
Sign the SSL Certificate Request
Before we can do anything useful with our new node, we must establish trust. Click thenode requests link in the top right hand corner of the PE Console to view the pendingcertificate signing request. Click accept next to the node to sign the request.
View the new node
Once the certificate is signed, the node is now able to request a catalog from the masterand apply its configuration. In a few moments, the new node should be listed in thenode list. Click Nodes in the top left hand corner of the PE console. You should now seeyour newly provisioned node checking into Puppet, waiting to be classified. This cantake a moment depending on the speed of the environment.
This is the final step to getting Puppet running on the machine. Now the node is readyto do your bidding.
HOL-PRT-1307
Page 15VMware Beta Program CONFIDENTIAL
Note that the hostname of this node is based on the UUID of the node combined with itsmac address. In a regular environment, You could assign this hostname using DHCP, orperhaps bake something in the template so that the node has a more readable name.
HOL-PRT-1307
Page 16VMware Beta Program CONFIDENTIAL
Power up the existing application VMSince there is no Internet access available in the HOL, we have created a node inadvance that has the packages cached locally to facilitate the rest of this demo.Normally, if a node has access to the Internet, we would be able to use the node wecreated in the previous chapters of this HOL.
The VM "app10" has been prepared to deploy the Jenkins CI application on. Due to thelimited Internet connectivity in the HOL, this VM was built to cache all the packages thatwould get installed by the Puppet module.
Power on the node
We now want to power up the "app10" node, so we can deploy our application to it. Youcan do so with the following command.
puppet node_vmware start "/Datacenters/Datacenter Site A/vm/app10"
HOL-PRT-1307
Page 17VMware Beta Program CONFIDENTIAL
Classify the app10 server to installJenkinsClassifying a node is a means of telling that node what to do. What classes should beapplied to a node can be done in a variety of ways. In this lab, we will be using thePuppet Enterprise Console.
Visit the Puppet Enterprise Console
Open the Puppet Enterprise Console window that you were using in the previous step orbegin a new session by opening Internet Explorer from the Desktop shortcut andclicking on the Puppet Master bookmark in the toolbar.
Log in to the Puppet Enterprise Console
Log in with the following credentials if needed...
User: [email protected]
Password: VMware1!
HOL-PRT-1307
Page 18VMware Beta Program CONFIDENTIAL
Select the node
Note that app10 has already been checking into Puppet, but it has not been classified todo anything useful. Click the name of the node to get more detailed information aboutthe node.
View the node
Here you can see lots of information about this particular node. From here, click the Editbutton in the top right hand corner to edit certain aspects of a node.
HOL-PRT-1307
Page 19VMware Beta Program CONFIDENTIAL
Edit the node groups
In the Groups text box, type the group jenkins and click Save changes
HOL-PRT-1307
Page 20VMware Beta Program CONFIDENTIAL
The node has been classified
Note that after we added the jenkins group to the node, we can see that the jenkinsclass has been added to the nodes classes. This is because the class is already assignedto the group, so any nodes that include the group will also get the class applied as partof their catalog.
HOL-PRT-1307
Page 21VMware Beta Program CONFIDENTIAL
View the fact list
Scroll down in the node view. Now you can begin to see all of the facts associated withthis node including the IP address. Note that the IP address for app10 reported hereshould match that reported by the puppet node_vmware list command that we ran ina previous step. If you go to validate the IP address information, ensure thatyou are looking at the app10 VM.
Execute Puppet on the application server
Switch back to the master console, and "su" to the "peadmin" user. Then run "mcopuppetd runonce", specifying the "-F" flag to target only that node. This will tell thenode to run puppet one time, and in the process it will apply the jenkins class to thenode, which installs, and starts the Jenkins CI application.
su - peadminmco puppetd runonce -F fqdn=app10.corp.local
HOL-PRT-1307
Page 22VMware Beta Program CONFIDENTIAL
Gather the IP address from the node using MCollective
Still using the 'peadmin' account, use MCollective to get the IP of the app10 server.
mco inventory app10.corp.local | grep ipaddress
You can now exit from the peadmin account by typing exit
Browse to the Jenkins web URL
After a minute or so, you should be able to visit the dashboard of the Jenkins applicationby clicking on the Jenkins bookmark in the toolbar or browsing to the URL,http://192.168.110.137:8080
HOL-PRT-1307
Page 23VMware Beta Program CONFIDENTIAL
Deploying a Puppet Enterprisetemplate and migrating to VMwarevCloud Hybrid ServiceThis demo video depicts the step-by-step process for deploying a node with a PuppetEnterprise template and then migrating that virtual node to the VMware vCloud HybridService. Most all of the procedures are being completed in the Puppet Enterpriseconsole however many of these steps can also be done at the command line as well.
Migrating a Puppet Enterprise node to VMware vCloudHybrid Service
Video Source: http://www.youtube.com/embed/hEOjNs41O9M
HOL-PRT-1307
Page 24VMware Beta Program CONFIDENTIAL
ConclusionToday we have walked through the process of using Puppet Cloud Provisioner to deploytemplates and begin using them with Puppet, but that is just the beginning. Puppet is animmensely powerful automation and configuration management framework. What youhave seen here is just the tip of the iceberg in what puppet can do in your environment.
If you'd like to know more about Puppet or Puppet Labs, please visit the Puppet Labswebsite and download Puppet Enterprise today!
NOTE: Would you like to be entered into a raffle for a chance to win anunlocked iPhone? Following the lab please click on the Help button to get acontest card from a Puppet Labs proctor. The proctors managing the rafflewill have a Puppet Labs shirt on. Requirements for the contest are outlinedon the card.
HOL-PRT-1307
Page 25VMware Beta Program CONFIDENTIAL
Module 2 - Puppet Labsintegration with vCHS
HOL-PRT-1307
Page 26VMware Beta Program CONFIDENTIAL
Deploying Puppet Enterprise to vCHSThe sheer volume and dynamic nature of data center nodes makes managing thelifecycle of VMware virtual machines a challenge. In particular, keeping configurationsconsistent across development, test, and production environments while rapidlyprovisioning, configuring, updating, and terminating virtual nodes requires automationin order to scale without impacting quality of service.
Puppet Enterprise can help.
Puppet Enterprise is a client/server model configuration management solution, whichactively maintains and verifies desired-state configuration on tens to thousands of clientsystems, controlled from a central management server called a Puppet Enterprisemaster.
This lab will walk the participant through deploying a Puppet Enterprise master to thevCloud Hybrid Service (vCHS) using vFabric Application Director, in order to enableproactive maintainance and configuration of other vApps deployed in vCHS.
This lab is appropriate for IT Systems Administrators who want to learn about usingPuppet Enterprise in conjunction with vCHS.
HOL-PRT-1307
Page 27VMware Beta Program CONFIDENTIAL
Rainpole Solution OverviewRainpole IT is providing Cloud and IaaS for internal departments. The Accounting grouphas requested that IT provide externally accessible infrastructure, and they will needvirtual infrastructure at moments notice. Rainpole IT admins will be expected to havegreat depth of visibility and control surrounding the virtual infrastructure, deployingapplications/vms dynamically and know the state of the environment at all times. TheAccounting group will often request IT to make very obscure lifecycle managementrequests which affect new and existing virtual machines.
Rainpole IT has opted to provide the requested services through vCloud Hybrid Services(vCHS), rather than expanding their on-premise resources. vFabric Application Directorwill be used to provision and deploy virtual machines, while Puppet Enterprise is used todefine configuration, enabling continuous configuration management and visiblity.
Since the vApps will be leveraging Puppet Enterprise, a Puppet Enterprise infrastructuremust be available in vCHS. IT admins will start by deploying a Puppet Enterprise masterto the cloud, using their existing in-house VMware tools.
This lab should be relatively quick, so there's no need to rush. Enjoy!
HOL-PRT-1307
Page 28VMware Beta Program CONFIDENTIAL
Lab Architecture OverviewThis lab will involve interaction with the following components.
• vFabric Application Director• vCloud Hybrid Service• Puppet Enterprise
vFabric Application Director is deployed on-premise at Rainpole.
vCHS is a cloud computing service. For this lab, a microcosm of vCHS has beensimulated, and will be available to interact with through the vCHS web interface and theappropriate vFabric Application Director Cloud Connector.
Puppet Enterprise is available from www.puppetlabs.com, and is freely licensed for up to10 nodes.
HOL-PRT-1307
Page 29VMware Beta Program CONFIDENTIAL
Navigating the Lab environment
HOL-PRT-1307
Page 30VMware Beta Program CONFIDENTIAL
Working with vFabric ApplicationDirector
HOL-PRT-1307
Page 31VMware Beta Program CONFIDENTIAL
Deploy Puppet Enterprise Master vAppOpen a Browser
The lab manual will use Firefox, but you are free to choose Internet Explorer as well.
HOL-PRT-1307
Page 32VMware Beta Program CONFIDENTIAL
Login to vFabric Application Director
The URL for vFabric Application Director is
https://apd-l-01a:8443/darwin
There is also a link in the favorites bar of the browser. The credentials are
Username: adminPassword: VMware1!
HOL-PRT-1307
Page 33VMware Beta Program CONFIDENTIAL
Select a vApp
Select Puppet Enterprise Master application. To find it quickly, search for "PuppetEnterprise", then click on the "Puppet Enterprise Master" vApp.
HOL-PRT-1307
Page 34VMware Beta Program CONFIDENTIAL
Select Blueprint
Select the blueprint.
HOL-PRT-1307
Page 35VMware Beta Program CONFIDENTIAL
Deploy Blueprint
The blueprint shows that the vApp consists of a single CentOS virtual machine with thePuppet Enterprise Master service. Select the "Deploy" option in the upper right corner ofthe interface.
HOL-PRT-1307
Page 36VMware Beta Program CONFIDENTIAL
Choose Deployment Profile
Deployment profiles let you configure settings such as cloud templates, networks, andapplication configuration values that are allowed for use in specific deploymentenvironments.
In this lab, the vCHS deployment profile has been configured to deploy the selectedvApp to the vCloud Hybrid Service. Select the existing deployment profile "vCHS" andpress "Deploy".
HOL-PRT-1307
Page 37VMware Beta Program CONFIDENTIAL
Review Deployment Environment
The vCHS Deployment Environment is displayed, showing the Logical Template that willbe used, the Cloud Templates they map to, and the same mapping for Logical to Cloudnetworks. After reviewing this information press "Next".
HOL-PRT-1307
Page 38VMware Beta Program CONFIDENTIAL
Review Application Properties
The Application Properties step allows you to adjust parameters specific to the vAppinstance. Depending on the services being deployed, various options might be available.
For the Puppet Enterprise Master vApp used in the lab, there are no configurableproperties. Press "Next".
HOL-PRT-1307
Page 39VMware Beta Program CONFIDENTIAL
Review Execution Plan
Review the Execution Plan presented by vFabric Application Director. The Execution Planpresents what actions vFabric Application Director will take during provisioning.
Again there are no changes to be made, so after reviewing the plan, press "Next".
HOL-PRT-1307
Page 40VMware Beta Program CONFIDENTIAL
Deploy Application
The final screen is a summary of the planned deployment. Press "Deploy" to provision anew Puppet Enterprise master using the vCloud Hybrid Service.
HOL-PRT-1307
Page 41VMware Beta Program CONFIDENTIAL
View Deployment Status
It will take awhile for the deployment to complete. You can observe the progress of thedeployment by expanding the Execution Plan while viewing the deployment.
HOL-PRT-1307
Page 42VMware Beta Program CONFIDENTIAL
Wait For Deployment To Complete
At this point you are nearly finished. The Puppet Enterprise Master vApp is beingdeployed to vCHS.
The limitations of this lab (three layers of virtualization deep with limited virtualizedmemory and compute resources) mean that actually waiting for the deployment tocomplete will require a little over 15 minutes of waiting. The total time to deploy in thelab is shown below.
You can wait for your deployment to complete, or you can move on to the next sectionusing a pre-staged deployment of the same vApp. Instructions will be available for bothoptions.
HOL-PRT-1307
Page 43VMware Beta Program CONFIDENTIAL
Login to the Puppet Enterprise ConsoleDetermine IP Address
In vFabric Application Director, view available Deployments and select the one that youwould like to login to. There should be two Deployments available; a pre-staged PuppetMaster, and the Puppet Master created during this lab. The procedure will be the sameregardless of which you choose. Just make sure the Deployment you choose hascompleted!
HOL-PRT-1307
Page 44VMware Beta Program CONFIDENTIAL
In the Deployment view, zoom in on the VM Details.
The IP address for the instance is displayed on the right.
HOL-PRT-1307
Page 45VMware Beta Program CONFIDENTIAL
Accept Self-Signed SSL Certificate
In a web browser, enter the discovered IP address in the address bar. For example, usingthe IP address 192.168.210.105, in the address bar enter:
https://192.168.210.105
Note specifically the https protocol.
The Puppet Enterprise master will be using a self-signed certificate, so your browser willprompt you to confirm the security exception before proceeding. Go ahead and followyour browser's prompts to allow the connection.
HOL-PRT-1307
Page 46VMware Beta Program CONFIDENTIAL
Login
The Puppet Enterprise Console login page will be presented. Enter the credentials asgiven below.
Username: [email protected]: VMware1!
HOL-PRT-1307
Page 47VMware Beta Program CONFIDENTIAL
Summary
That's it! Logging in verifies that your Puppet Enterprise master has been successfullydeployed.
HOL-PRT-1307
Page 48VMware Beta Program CONFIDENTIAL
ConclusionToday we have walked through the process of using vFabric Application Director todeploy a Puppet Enterprise Master to the vCloud Hybrid Service, but that is just thebeginning. Now that a Puppet Enterprise master has been deployed, services and vAppsdeployed in vCHS can be defined and managed using Puppet's easy to use declarativelanguage.
If you'd like to know more about Puppet or Puppet Labs, please visit the Puppet Labswebsite and download Puppet Enterprise today!
HOL-PRT-1307
Page 49VMware Beta Program CONFIDENTIAL
ConclusionThank you for participating in the VMware 2013 Hands-on Labs. Be sure to visithttp://hol.vmware.com/ to continue your lab experience online.
Lab SKU: HOL-PRT-1307
Version: 20140213-184236
HOL-PRT-1307
Page 50VMware Beta Program CONFIDENTIAL