nico
/
www.nico.schottelius.org
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
www.nico.schottelius.org/blog/sexy-and-cdist-at-local.ch....

135 lines
4.6 KiB
Markdown
Raw Permalink Blame History

[[!meta title="Sexy and cdist @ local.ch"]]
## Introduction
This article describes the real world setup of
[[sexy|software/sexy]] and
[[cdist|software/cdist]] at [local.ch](http://www.local.ch).
Sexy and cdist are used to configure
* dhcp servers
* dns servers
* KVM hosts
at local.ch.
As I am soon leaving local.ch, this blog post is written for
those interested in sexy and cdist, as well as the other
sysadmins at local.ch to remember how things are setup.
The following picture will give you a general impression how things
are setup.
[[!img sexy-cdist-interaction-local.ch.png alt="How cdist and sexy act at local.ch"]]
## Sexy installation
As you may be aware, sexy is an inventory management utility. It manages
**hosts** and **IPv4 networks** (IPv6 support planned - but currently not required).
Sexy uses a [[cconfig|docs/cconfig]] database, which is stored at **~/.sexy**.
At local.ch, almost all important configurations are backed up at
[github](http://www.github.com). The sexy database is backed up there in a private
repository named **sexy-database**.
Sexy requires only Python 3 to be installed.
### Sexy database
[[!img sexy-database-overview.png alt="Overview of the sexy database"]]
As you can see in the above image,
the sexy database contains three databases:
* host
* mac
* net-ipv4
The **host** database contain all hosts, including mac addresses, host type (VM or hardware),
network cards, etc.
The **mac** database contains the prefix for generating new mac addresses (we are using 00:16:3e -
guess which vendor it is!) and the used mac addresses. The mac database is essentially used
for generating mac addresses for virtual machines.
The **net-ipv4** database contains the configured **IPv4 networks**.
Each IPv4 network contains
* the network mask
* last used address
* list of free addresses
* list of hosts
Every hosts in an **IPv4 network** contains
* an IPv4 address
* a mac address
### Sexy backends
Sexy uses backends to interact with other systems. As can be seen
below, both the **host** and **net-ipv4** backends write configuration
files in cdist.
[[!img sexy-backends-local.ch.png alt="Sexy backends @local.ch"]]
Sexy outputs the VM to KVM host mapping into a cdist manifest stored in
**cdist/manifest/kvm-hosts**. The cdist type **\_\_localch_kvm_vm** is
being used to create VMs.
Sexy also generates [BIND](https://www.isc.org/downloads/bind/) zone files
as well as [DHCP](https://www.isc.org/downloads/DHCP/) configuration files.
These files are stored within the cdist types
**\_\_localch_bind** and **\_\_localch_dhcpd**.
## cdist installation
Similar to sexy, cdist requires only Python 3 to be installed, but only on the
computer you use to configure the target hosts. The target hosts only require
shell and ssh.
cdist normally reads its configuration from **~/.cdist**. As the
current installation is old-style, the custom configuration and cdist code
is both stored at **~/localch/vcs/cdist**, which is also backed up
as a private repository named **cdist** at github.
cdist is currently being used directly from the sysadmin notebooks and thus
requires to synchronise the repository before running.
cdist is being utilised using scripts from the **sysadmin-logs** repository,
which are stored in the **cdist** folder. They mainly wrap around
**cdist config -vp <hostnames...>**.
## Interaction with other systems
### Sexy connection to cdist
To be able to interact with cdist, the sexy backends do have some paths hardcoded.
One of them being **~/localch/vcs/cdist**, which refers to the cdist installation.
On **sexy host apply --all**, sexy will regenerate the
cdist manifest **~/localch/vcs/cdist/conf/manifest/kvm-hosts**, which contains
the configuration for all kvm hosts.
### cdist with dhcp and dns servers
To configure the dhcp servers, the script **sysadmin-logs/cdist/dhcp-servers** can
be used, to configure the dns servers, the script
**sysadmin-logs/cdist/dns-servers** can be used.
If you want to change both systems at the same time, the
script **sysadmin-logs/cdist/dhcp-dns-together**.
All three scripts depend on sexy and the sexy database being installed, as they lookup
the host names using sexy.
### cdist creates virtual machines
The KVM infrastructure is based on very simple assumptions: All files are contained
on the host, machines are started from simple shell scripts. The shell scripts are
maintained or created within cdist. Virtual machines are not started by default,
because the installation process is triggered manually at PXE bootup.
## Outlook
In one of the next articles I'll cover the KVM VM infrastructure of local.ch.
Reference in New Issue View Git Blame Copy Permalink