number 9

My (tiny) Cobbler VM is almost full but I need to try out deployment of SLES/OpenSUSE.
I’m going to attach a few extra chunks of storage to make room for ‘cobbler distro add’.

You can do this with the GUI, but unless you’re allergic to CLIs I highly recommend the ‘VBoxManage’ section of the VirtualBox manual (or ‘VboxManage -h’).
These commands can create dozens of devices for testing RAID configs, and the VDI images can be detached, cloned, snapshotted, attached to other VMs, etc.(really useful if you split server builds along ‘/’ and ‘/data’ lines ).

create 2 more devices

VBoxManage createhd --filename sm-pv2.vdi -size 2048 -register
VBoxManage createhd --filename sm-pv3.vdi -size 2048 -register

fit the devices

VBoxManage controlvm shoemaker  acpipowerbutton # turn off the box
VBoxManage modifyvm shoemaker -sataportcount 3 # enable the extra port
# attach the disk
VBoxManage modifyvm shoemaker -sataport2 sm-pv2.vdi -sataport3 sm-pv3.vdi
VBoxManage startvm shoemaker

log onto the vm and do the LVM thing

parted -l # get the device names
pvcreate /dev/sdb /dev/sdc
vgextend VolGroup00 /dev/sdb /dev/sdc
# give the LV all the new space
lvextend  -l +100%FREE /dev/VolGroup00/LogVol00
# grow the filesystem on top
resize2fs /dev/VolGroup00/LogVol00
df -h # w00t.

Like ‘normal’ VirtualBox VDI disks, these are lazily allocated (by default), so there’s no harm in overprovisioning them. If I’d known that when I built the shoemaker VM, there’d be no need for this blog post

Cobbler handles kickstarts on my VirtualBox network , but I need it to take care of Puppet too.

setup puppetmasterd

I’ll run puppetmasterd on my Kickstart server (’shoemaker’, also my Cobbler server).

By default, puppetd expects puppetmasterd to be on a host called ‘puppet’. That’s easy to arrange.

  # setup a CNAME of 'puppet' that points to shoemaker (the puppetmaster)
  echo 'puppet	IN	CNAME	shoemaker' >> /etc/cobbler/zone.template
  cobbler sync

Now enable puppetmasterd on shoemaker (autosigning makes unattended installs much simpler).

  # install and enable puppetmaster
  yum install -y puppet-server ruby-rdoc
  chkconfig puppetmaster on
  /etc/init.d/puppetmaster start
  # turn on autosigning for our domain
  echo '*.pixie' > /etc/puppet/autosign.conf

puppet aware kickstarts

To tailor a kickstart using Cobbler, you :

1. setup a distro (make install media available to kickstarting machines)
2. (optionally) define extra repos (for 3rd party RPMs)
3. create a profile (a custom kickstart) that uses your distro and repos
4. define a system (MAC address/IP) that uses that profile

In my case

• distro == CentOS
• repo == EPEL (for Puppet RPMs)
• profile == puppet.ks (installs/enables puppetd on a kickstarted VM)
• system == toy VMs to play around with

1. setup a distro

I did that last post using ‘cobbler import’ and a CentOS DVD.

2. setup centos and EPEL repos

Tell cobbler about CentOS (OS updates) and EPEL (puppet RPMs). On a ‘real’ system, I’d make local mirrors for consistency (—mirror-locally=1); I’m cheating to save disk and time.

cobbler repo add --name=centos5-updates
  --mirror=http://www.mirrorservice.org/sites/mirror.centos.org/5.2/updates/i386/
  --mirror-locally=0
cobbler repo add --name=centos5-epel
  --mirror=http://www.mirrorservice.org/sites/download.fedora.redhat.com/pub/epel/5/i386/
  --mirror-locally=0
cobbler reposync; cobbler sync

3. build a puppet.ks and profile

You can use my puppet.ks. or just tweak the latest Cobbler  one (in case they added features):

cd /var/lib/cobbler/kickstarts
cp sample.ks puppet.ks

The only differences are we add ‘puppet’ to the packagelist and enable puppet at system boot.  The puppet wiki has voodoo to set the hostname during kickstart so puppet generates a good keypair. I skipped that; puppet will do that when it starts at first boot anyway.

Next, we need to make a profile that uses this kickstart.

cobbler profile add --name=puppet
 --repos=’centos5-updates centos5-epel’ --distro=centos52-i386
 --kickstart=/var/lib/cobbler/kickstarts/puppet.ks
cobbler sync

(the  ‘–repos’ clause tells Cobbler to take care of making those repos available during kickstart).

4. define some systems and boot them

I’ll build 3 systems in cobbler  (node01, node02, and node03) by running this on shoemaker

for i in 01 02 03
do
  NAME=node$i
  cobbler system add --name=$NAME --profile=puppet --dns-name=$NAME.pixie
  cobbler system edit --name=$NAME --ip=10.0.0.2$i --mac=aa:aa:bb:bb:ff:$i
done
cobbler sync

Cobbler will sort out DNS, PXE and puppetd-enabled kickstart configs for them.

NB: you can make the puppet profile the default by running

cobbler system edit --name=default --profile=puppet

I prefer explicitly defining systems when I’m in Virtualbox, since Cobbler is managing DHCP/BIND. In my ‘real’ system, Cobbler is independant of DNS/DHCP so a default profile is probably worthwhile.

Now build 3 VMs with the right MAC addresses and boot them:

for i in 01 02 03
do
  NAME=node$i
  VBoxManage createvm -name $NAME -ostype RedHat -register
  VBoxManage modifyvm $NAME -memory 256 -boot1 disk -boot2 net -nic1 intnet -intnet1 pxeland
  # no colons in the MAC address her
  VBoxManage modifyvm $NAME -macaddress1 aaaabbbbff$i
  VBoxManage createhd -filename  $NAME.vdi -size 6000 -register
  VBoxManage modifyvm $NAME -sata on -sataport1 $NAME.vdi -sataportcount 1
  VBoxManage startvm $NAME
done

And off they go :

All three build and auto-register with puppetmaster in under 30 minutes, and I’ve got 3 puppet nodes I can carry around on my Mac along with the puppetmaster (which is handy, as I’m off to darkest West Wales tomorrow morning where dialup still rules the Earth).

A while back I set up a virtual kickstart network with VMware Fusion and Cobbler on my Mac.

But Fusion (unlike VMware server/workstation) made tweaking low-level settings hard, so I’ve switched to  VirtualBox, which is free (for non-commercial/eductional use), has a kick-ass command line interface and much better networking options.

Here’s a revised howto.

why?

I’ll just cover the install of Cobbler, NAT, and BIND , along with a quick ‘hey look, it works’ test.

Cobbler is a toolkit for kickstarting servers, building package repos, etc. The plan is to kickstart the bare minimum so that Puppet or Chef can take over and do configuration management.

The ‘master’ server, shoemaker will run Cobbler (and eventually puppetmasterd/chef-server) and NAT out to the world via VirtualBox.app. The Mac sees traffic as coming from that process.

shoemakers other interface is on a virtual VLAN (or ‘intnet’), where the kickstarted VMs will live. For bonus points, they’ll all route and do DNS queries via  shoemaker. It looks a bit like:

Once we’re done, we’ll have an easy way to kickstart test CentOS servers on a private test network. I’m going to use that to finally master chef/puppet.

get VirtualBox and CentOS

Get Virtualbox here – it’s a straightforward install. I used the full CentOS DVD.

build a VM to run Cobbler

The “VBoxManage” command lets you build VMs on the commandline (the GUI exposes these settings if you’d rather). Open Terminal.app and run this:

VBoxManage createvm -name shoemaker -ostype RedHat -register -memory 512
# NIC1 (eth0) is NATted, NIC2 (eth1) is on the 'pxeland' intnet
VBoxManage modifyvm shoemaker -nic1 nat -nic2 intnet -intnet2 pxeland
# make a 10Gb disk image
VBoxManage createhd -filename  shoemaker.vdi -size 10240 -register
# attach the disk to the VM : '-sataportcount 1' stops linux probing 30-odd virtual SATA ports
VBoxManage modifyvm shoemaker -sata on -sataport1 shoemaker.vdi -sataportcount 1
# attach a CentOS ISO and boot the VM
VBoxManage modifyvm shoemaker -dvd ~/Downloads/CentOS-5.2-i386-bin-DVD.iso
VBoxManage startvm shoemaker

The install shouldn’t be too suprising; let eth0 DHCP and set eth1 to a static IP (10.0.0.254/24):

2 NICs

Once you’re done, eject the dvd (‘VBoxManage modifyvm centos -dvd none’) and reboot. On first boot, you get the chance to disable SELinux; I’d take it, unless you enjoy cryptic errors.

install Cobbler (from EPEL)

Now we can login to shoemaker and setup Cobbler.

Tell yum about the EPEL repo we’ll pull Cobbler from:

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
yum update -y
yum install -y cobbler

and install some other bits too:

yum install -y dhcp yum-utils bind
for i in xinetd cobblerd httpd named dhcpd
do
chkconfig $i on
/etc/init.d/$i start
done

Then you configure Cobbler, which involves running “cobbler check” and making the changes it suggests, and repeating until it stops moaning

I did:

• /etc/xinetd.d/tftp : “disable : yes” -> ‘disable : no’
• /etc/cobbler/settings : set “server : 10.0.0.254” and “next_server : 10.0.0.254”
• /etc/cobbler/settings: “manage_dhcp : 0” -> “manage_dhcp : 1”
• /etc/cobbler/settings: “manage_dns : 0” -> “manage_dns : 1”
• /etc/cobbler/settings: (watch out for whitespace, it’s YAML: 3 spaces then a ’-’)

  manage_forward_zones:
     - 'pixie'
  manage_reverse_zones:
     - '10.0.0'
  

Just use my files if you like : here’s cobbler.settings . We’ll also run DHCP, DNS and NAT for the other boxes on the network,so I setup the subnet 10.0.0/24 in /etc/cobbler/dhcp.template. tweaked /etc/cobbler/named.template and added an A record for shoemaker itself to /etc/cobbler/zone.template . I’d like shoemaker to find hosts in the ‘.pixie’ domain (the internal network), I point it at its own (Cobbler-managed) BIND with

echo 'prepend domain-name-servers 10.0.0.254;' >> /etc/dhclient-eth0.conf

/etc/init.d/xinetd restart
cobbler sync

and that should be it. I ran NAT with this /etc/sysconfig/iptables

chkconfig iptables on
# edit /etc/sysctl.conf and set "net.ipv4.ip_forward = 0" -> "net.ipv4.ip_forward = 1"
reboot

create a test PXE VM

First, have Cobbler ‘import’ the CentOS 5.2 DVD. This creates a repository and some default kickstart profiles.

# shell into the shoemaker VM and import the repo
mount /dev/cdrom /mnt
cobbler import --mirror=/mnt --name=centos52
cobbler sync

Next, we define a system that is based off the centOS profile (by default a kickstarting system presents a menu of available profiles, we’re tying this one down) :

cobbler system add --name=clobberella --profile=centos52-i386 --dns-name clobberella.pixie
cobbler system edit --name=clobberella --ip=10.0.0.250 --mac=aa:aa:bb:bb:cc:01
cobbler sync # to regenerate DHCP tables

Finally we build a VM with the right MAC address (note there are no colons in this one) and boot it. Back to Terminal.app :

VBoxManage createvm -name clobberella -ostype RedHat -register
VBoxManage modifyvm clobberella -memory 512 -boot1 disk -boot2 net -nic1 intnet -intnet1 pxeland
VBoxManage modifyvm clobberella -macaddress1 aaaabbbbcc01
# make a disk image and attach it to SATA port 1
VBoxManage createhd -filename  clobberella.vdi -size 6000 -register
VBoxManage modifyvm clobberella -sata on -sataport1 clobberella.vdi -sataportcount 1
VBoxManage startvm clobberella

‘clobberella’ should boot, get the IP you specified for it, PXE down a kickstart and install a base CentOS build. “tail -f /var/log/cobbler/syslog/10.0.0.200” lets you track the install process from shoemaker.

The clobberella root password defaults to ‘cobbler’ when it’s done.

next?

Next job is to build a custom Cobbler profile (kickstart, essentially) that will get puppet or chef installed on freshly PXEed VMs.  UPDATE: here’s how to kickstart Puppet using Cobbler.

Wow, I haven’t posted much lately, have I? I have the attention span of a goldfish.

I’ve been looking at a few things but none of them quite made a full post.

A quick list of time sinks; some of which may make it to an article eventually.

• merb (merb-core is beautifully designed; I still think rolling it into rails3 is a mistake)
• JRuby (and WARbler to deploy Ruby code to Glassfish)
• Rack (the UNIX command line of HTTP, and Rails grew Rack support since I found it)
• Erlang (Sapir-Whorf say it’s good for me)
• JEE (I know. But it has improved a lot since I last used it, and it’s for work)
• document databases like CouchDB , JCR and Sling ( switching CMS for the third time makes you wonder if there’s a better way to do it )
• performance and functional testing with Grinder / httperf / Celerity / Selenium / FireWatir (still trying to find The Right One)
• Netbeans (come for the Java, stay for the kickass Ruby support – beats Textmate for code browsing)
• load balancers (if anyone has a BIG-IP vs. ZXTM opinion, get in touch)
• Wii ( timeslicing de Blob, World of Goo and Guitar Hero World Tour )
• Arduino (atoms make a refreshing change from bits)

For updates more frequent than a quarterly linkdump see to my Twitter feed.

NetBeans 6.5 just came out, so I worked through a JQuery tutorial to try its JavaScript support.

If you make a new web project, you can specify a folder to hold the project and a URL to view it at. This lets you do live debugging of webapps, etc.

FileVault makes your home directory mode 700 (which is perfectly sensible), so OSXs Apache can’t see my Sites folder.

My workaround was to create another directory I could use :

sudo mkdir -p /Users/rasputnik-pub/docroot
sudo chown -R rasputnik /Users/rasputnik-pub

and then point apache to that by creating /etc/apache2/other/fix-filevault.conf that looks like :

Alias /rasputnik/ /Users/rasputnik-pub/docroot/
<Directory /Users/rasputnik-pub/docroot>
  Allow from all
</Directory>
# advertise via Bonjour, like a 'real' Sites directory
RegisterResource "Rasputnik" /rasputnik

Now kick apache

sudo apachectl restart

and content under /Users/rasputnik-pub/docroot should be visible at http://localhost/rasputnik/ (or http://hostname.local/rasputnik/).