Puppet Razor
Requirements:
1 Puppet Master server running on any supported OS
1 Razor server running on Centos/Redhat 7
Separate DHCP network
Setup Razor server :
Setup Razor server on a separate server from Puppet Master.
On a Centos/Redhat 7, setup the following:
Step: 1 install dnsmasq
yum install dnsmasq
Step:2 create a directory for tftp boot
mkdir /var/lib/tftpboot
chmod 655 /var/lib/tftpboot/
STEP:3 disable SELinux if necessary,
sestatus
if enabled, you can disable it
vi /etc/sysconfig/selinux
SELINUX=disabled
STEP:4 set hostname
Hostnamectl set-hostname razor.zippyops.com
STEP: 5 Once up, modify the /etc/dnsmaq.conf and add an IP address range, with a 12 or 24 hr lease.
In this example, the range is from .20 - .50
# Uncomment this to enable the integrated DHCP server, you need
# to supply the range of addresses available for lease and optionally
# a lease time. If you have more than one network, you will need to
# repeat this for each network on which you want to supply DHCP service.
dhcp-range=10.0.0.20,10.0.0.50,24h
edit the same file to enable PXE boot
conf-dir=/etc/dnsmasq.d
STEP:6 Create the file /etc/dnsmasq.d/razor and add the following configuration information:
# This works for dnsmasq 2.45
# iPXE sets option 175, mark it for network IPXEBOOT
dhcp-match=IPXEBOOT,175
dhcp-boot=net:IPXEBOOT,bootstrap.ipxe
dhcp-boot=undionly-20140116.kpxe
# TFTP setup
enable-tftp
tftp-root=/var/lib/tftpboot
STEP: 7 Enable dnsmaq on boot
systemctl enable dnsmasq.service
STEP: 8 Start dnsmasq service
systemctl start dnsmasq.service
STEP:8 make sure dnsmasq is running
[root@razor tftpboot]# systemctl status dnsmasq.service
● dnsmasq.service - DNS caching server.
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2019-08-25 17:10:11 EDT; 4s ago
Main PID: 22241 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─22241 /usr/sbin/dnsmasq –k
install Razor server
on the same Centos/Redhat server, install Razor
Step1: edit env vars
edit ~/.bash_profile, add to the end of file
RAZOR_HOSTNAME=`hostname`
HTTP_PORT=8150
HTTPS_PORT=8151
Step2: Install Razor on the node, open Console, create a new Node Group called Razor
First, you can add razor server as a node to the puppet master,
So, you can run unsigned certificate in razor server,
curl -k https://puppetmaster.zippyops.com:8140/packages/current/install.bash | sudo bash
After that accept the certificate,
You can go to console -> classification,
You can add the new group as a razor,
To click add a new group.
To click razor group,
Here you can pin razor node in it,
Next , go to configuration
on Class tab, add "pe_razor" class and commit change.
Go back to razer server , to run puppet agent ,
[root@razor ~]# puppet agent –t
This will take time depending on network
Step 3: Once Razor is installed, check that it's working
wget https://razor.zippyops.com:8151/api -O test.out --no-check-certificate
This will generate a JSON out file
Check:
[root@razor ~]# systemctl status pe-razor-server
● pe-razor-server.service - Razor Server
Loaded: loaded (/usr/lib/systemd/system/pe-razor-server.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2019-04-26 11:33:44 IST; 1h 32min ago
Main PID: 3067 (standalone.sh)
CGroup: /system.slice/pe-razor-server.service
├─3067 /bin/sh /opt/puppetlabs/server/apps/razor-server/share/torquebox/jboss/bin/standalone.sh -Djboss.server.log.dir=/var/log/puppetlabs/razor-server -Dhttp.port=8150 -Dhttps.port=8...
└─3461 /opt/puppetlabs/server/bin/java -D[Standalone] -server -XX:+UseCompressedOops -Xms128m -Xmx1024m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Dorg.jboss.boot.log.file=...
STEP 4: Check that Razor server RPM is installed
[root@razor ~]# rpm -qa | grep razor
pe-razor-server-1.9.3.0-1.el7.noarch
pe-razor-libs-1.0.1-9.pe.el7.noarch
Install Razor client
On Razor machine, install gem for pe_razor_client
gem install pe-razor-client
check Razor version
[root@razor ~]# razor -v
Razor Server version: 1.9.3
Razor Client version: 1.3.0
check any existing nodes using Razors API
[root@razor tftpboot]# razor --url https://razor.zippyops.com:8151/api nodes
From https://razor:8151/api/collections/nodes:
There are no items for this query
Stock the TFTP dir with iPXE boot image
Step 1: Download iPXE boot image and move it to /var/lib/tftpboot directory on Razor machine
wget https://s3.amazonaws.com/pe-razor-resources/undionly-20140116.kpxe
After that copy undionly-20140116.kpxe ,
cp undionly-20140116.kpxe /var/lib/tftpboot
step 2: Download the PXE bootstrap script from localhost, here Im using --no-check-certificate due to cert issues
wget "https://razor.zippyops.com:8151/api/microkernel/bootstrap?nic_max=1&http_port=8150" -O /var/lib/tftpboot/bootstrap.ipxe --no-check-certificate
step 3: check your /var/lib/tftpboot, there should be 2 files there now,
[root@razor tftpboot]# ls
bootstrap.ipxe undionly-20140116.kpxe
SETp 4: file permission
chmod 655 on both files
chmod 655 /var/lib/tftpboot/*
create an OS Repo
On Razor machine, create a new Repo for Ubuntu
razor create-repo --name ubuntu-14.04 --task ubuntu/trusty --iso url http://releases.ubuntu.com/trusty/ubuntu-14.04.6-server-amd64.iso
This will download the ISO and create a new repo in /opt/puppetlabs/server/data/razor-server/repo/ubuntu14.04
[root@razor ~]# ls /opt/puppetlabs/server/data/razor-server/repo/ubuntu14.04/
boot disks doc EFI install isolinux md5sum.txt pics pool preseed README.disk defines Ubuntu
To check all your REPOS :
[root@razor repo]# razor repos
From https://localhost:8151/api/collections/repos:
To delete a repo, use razor delete-repo –name
To query all repos, razor repos
Create a tag
Here we can use the mac address for the Ubuntu tag,
razor create-tag --name ubuntu --rule '["=", ["fact", "macaddress"], "08:00:27:df:a4:10"]'
Tasks
PE Razor comes with bunch of pre-built Tasks (directions on how to provision)
on Razor, run razor tasks
[root@razor ~]# razor tasks
From https://localhost:8151/api/collections/tasks:
Query an entry by including its name, e.g. `razor tasks centos`
check to make sure the Ubuntu 14.04 REPO is linked up to this correct task
[root@razor repo]# razor update-repo-task --repo ubuntu-14.04 --task ubuntu/trusty
From https://localhost:8151/api/commands/update-repo-task:
result: repo ubuntu-14.04 updated to use task ubuntu/trusty
command: https://localhost:8151/api/collections/commands/5
Broker
To hand off the new VM for Config Management, configure the Broker to be PE Master. Here the hostname of PE Master is 'puppetmaster.zippyops.com'
[root@razor]# razor create-broker --name pe --broker-type puppet-pe --configuration server=puppetmaster.zippyops.com
From https://localhost:8151/api/collections/brokers/pe:
name: pe
broker_type: puppet-pe
configuration:
server: puppetmaster.zippyops.com
policies: 0
command: https://localhost:8151/api/collections/commands/4
Policy
create a new policy to tie all the elements together
check existing settings
razor repos
razor brokers
razor tags
razor tasks
razor policies
razor create-policy --name ubuntuTest --repo ubuntu-14.04 --broker pe --tag ubuntutest --hostname 'ubuntu-test' --root-password myPassword
test booting VM to Razor's TFTP and PXE
clear pre-existing safety flags on the node
razor reinstall-node
boot up a new Linux VM with at least 2GB of RAM, configure the network to be the same as Razor
if using Virtualbox, disable VirtualBox DHCP service, to make the VM boot into PXE, power it off, Settings > System > Boot Order > Network
Boot the node, it should hit Razor's TFTP and DHCP
Note: if the VM cant load the kernel due to timeout, check the /var/lib/tftpboot/bootstrap.ipxe, change the Razor hostname to a direct IP, this could be related to DNS not resolving the hostname
Relevant Blogs:
Terraform execution in pipeline
Types of Openstack configuration
Recent Comments
No comments
Leave a Comment
We will be happy to hear what you think about this post