Empty Boxes for things like PXE provisioning?

[Sean Alderman]

Hi Everyone!

I'm new to the vagrant world and find all of this quite fascinating!

Anyway, I'm interested in trying to setup a multi-vm vagrant environment that looks something like this:

Box 1: Runs some kind of enterprise linux, TheForeman, puppet-master, dhcpd, tftp and postgres - perhaps puppetdb but I don't think that's required.
Box 2: Begins as just a blank VM, then PXE provisioned by Box 1 according to user choices in Foreman.

Is this possible?

Thanks for your advice!

[Alvaro Miranda Aguilera]

can you share the final goal?

Do you want to do a LAB of Vagrant

or do you want to do a LAB of Foreman/puppet ?

If the second is the goal, not sure if vagrant (a tool to deploy VMS
from template) would be the right tool.

With a script and virtualbox, you can create empty VMS and you will
have more flexibility.

Vagrant by default will set first nic as eth0/nat, so all the vms will
have the same NAT'd ip.

So. not sure Vagrant is the best tool for that usecase

Alvaro.

> --
> You received this message because you are subscribed to the Google Groups
> "Vagrant" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vagrant-up+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[Sean Alderman]

Hi, thanks for the reply!

I wanted to setup a safe playground for the how we manage the life cycle of servers.  It's not easy to setup a lab in our datacenter that's 1) reproducible and 2) built for stuff like PXE boot provisioning.  It is pretty easy to use something like: https://github.com/elasticdog/puppet-sandbox and develop/tweak/test puppet modules for our systems, but it doesn't cover the complexities that we have like using an ENC and exported resources.

First, I wanted to build a Multi-Box Vagrantfile that sets up a basic CentOS vm which would eventually run Foreman, Foreman Smart-Proxy, Puppetmaster, PuppetCA, PuppetDB, TFTP, DHCP, DNS, and PostgreSQL.  Lab users would have to setup and configure Foreman, dhcp, dns, etc.  I think I've got this under control.

Secondly, I was trying to figure out how to get Vagrant to manage an initially empty VM that could be used to learn Foreman's provisioning mechanisms.  Like the puppet-sandbox I referred to, each box would need to have two NICs.  So the lab user could grab the MAC address from the vagrant file, use it to "add a new host" in Foreman, then run vagrant up on that box and it would PXE boot, provision, then deploy the puppet manifests.

This would also give me an environment where I could test upgrades for Foreman, Puppetmaster and PuppetDB....which I've had problems with in the past :)

Again thanks for replying, I appreciate the advice!

[Alvaro Miranda Aguilera]

First, try to see what other people is doing:

https://github.com/npwalker/pe-razor-vagrant-stack

http://www.jedi.be/blog/2011/11/04/vagrant-virtualbox-hostonly-pxe-vlans/

https://github.com/virtualles/vagrant-pxe

https://github.com/simonjohansson/pxe-coreos-vagrant/blob/master/Vagrantfile


Or, consider using nested virtualization , but please share more
information.. you want to run this on virtualbox/vmware/kvm/xen ?

on a baremetal desktop/laptop/remote server?

[Sean Alderman]

Overall, I'm guessing the answer to my query is NO.  The examples you've linked, like the pe-razor-vagrant-stack git repo are asking the user to create empty boxes from within VirtualBox. 
The pe-razor repo you linked is interesting though!

I run my VirtualBox lab on my laptop.  Some folks around here use VMWare, but I wasn't initially going to look at supporting multiple virtualization platforms.

Here's what my VirtualBox only lab looks like:

Foreman Box - eth0 = vbox nat
                     - eth1 = vbox internal vlan called lab (192.168.100.1/255.255.255.0)
                              22       - sshd
                              69       - tftpd
                              80/443 - Apache/Passenger - Foreman
                              5432    - PostgreSQL (puppetdb, foremandb)
                              8081    - puppetdb
                              8140    - Apache/Passenger - PuppetMaster
                              8443    - Foreman Smart Proxy

Lubuntu desktop box - eth0 = vbox internal lab
empty box                - eth0 = vbox internal lab
empty box                - eth0 = vbox internal lab
empty box                - eth0 = vbox internal lab

Basic idea is that I use the desktop box simply as a web browser to the foreman ui and to ssh into the various boxes.  The empty boxes are manual defined in Foreman, using their MAC addresses then provisioned using PXEboot, kickstart, etc.  From there they could be setup for whatever else the end-user desires to test.  I've tested exporting resources, setting up multiple puppet masters, nagios, icinga, provisioning new operating systems (like centos7), puppet on windows, homegrown puppet modules, and more.

When I started using vagrant, I found that because of the host only network, I could reasonably do away with the desktop.  Vagrant can allow me to ssh into each box, and point my browser at the foreman ui, and keep the whole configuration in a few files that I can reproduce and pass along to other folks for testing or training.

Thanks for your replies Alvaro, I appreciate your guidance and insight!  I'll send an update to the list with a git repo once I get things rolling with my Vagrant file.

[Sher Chowdhury]

Hi Sean,

I'm interested in doing the same thing as you have described.

If you have made any progress with this then I would love to here from you.

So far I have only managed to create build a foreman vm and puppet agent:

https://github.com/Sher-Chowdhury/vagrant-foreman

But I really want to pxe boot a second puppet agent via foreman's built in dhcp,pxe,tftp services.

Kind regards,
Sher

[Nimon Ambient]

I'm no expert but the only way I can see this working is to create a deliberately non-bootable packer image, but then probably vagrant would throw a wobbly once it tried intial config. I guess the other worry is if you use vagrant to do this, depepnding on how long foreman takes to come up the build of the 2nd box might appear before it's fully up so you might need to bounce it anyway.

I know it's non-vagrant but have you tried using the virtualbox commandline tool to create a machine in the right network once everything is up? https://www.virtualbox.org/manual/ch08.html

I appreciate it's a work-round but you could script it and it'd be functionally there.

[Nimon Ambient]

Ooh.. or maybe this image:

https://atlas.hashicorp.com/clink15/boxes/pxe or this one. https://atlas.hashicorp.com/steigr/boxes/pxe

[Nimon Ambient]

Ok I've run into the problem I thought I might, it builds the boxes then sits there trying to ssh to the blank box

 I don't know if there's a disable option for config.vm.communicator, as far as I'm aware it's either "ssh" or "winrm"

[Alvaro Miranda Aguilera]

What's your Vagrantfile?

disable the plugins you may have.

put config.ssh.insert_key to false, and If you only have
config.vm.box, and nothing particular like hostname, it shouldn't try
to ssh to the box

Alvaro

> --
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/mitchellh/vagrant/issues
> IRC: #vagrant on Freenode
> ---

> You received this message because you are subscribed to the Google Groups
> "Vagrant" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vagrant-up+...@googlegroups.com.

> To view this discussion on the web visit
> https://groups.google.com/d/msgid/vagrant-up/0ad562d4-ee64-4467-b2cd-ce81e5b735d1%40googlegroups.com.

[Nimon Ambient]

Here's the part for that box. I may have used ssh_insert key wrong, I don't know.

config.vm.define "blanky" do |b|

b.vm.provider "virtualbox" do |v|

v.name = "blank"

v.gui = "true"

end

b.vm.box = "steigr/pxe"

b.ssh.insert_key = "false"

b.vm.network "private_network", type: "dhcp"

end

I am attaching it to the network, which could be why it then tries to connect. However:

==> blanky: Booting VM...

==> blanky: Waiting for machine to boot. This may take a few minutes...

    blanky: SSH address: 127.0.0.1:2201

    blanky: SSH username: vagrant

    blanky: SSH auth method: private key

    blanky: Warning: Connection timeout. Retrying...

    blanky: Warning: Connection timeout. Retrying...

    blanky: Warning: Connection timeout. Retrying...

But I'm not sure if there's maybe a virtualbox command that would be better to connect it to the network because the mere act of saying "dhcp" is probably enough for it to want to configure something.

Apologies Sean, I didn't mean to completely derail your thread.

[Simon McCartney]

When I’m testing PXE work in Vagrant, I just live with those timeouts - Vagrant will always try & connect to the box to validate that it booted correctly, and as we’re using an out-of-scope base box, which we can’t SSH to, it just fails there.  Fletcher Nichol did some work for an older version of vagrant to monkey patch the ssh checks out, but it hasn’t been updated recently: https://github.com/blueboxgroup/razor-vagrant-lab/blob/master/lib/lab/vagrant_middleware.rb

 (that razor-vagrant-lab is what I use as a basis for my own PXE/iPXE/SSTK lab)

Simon.

-- 
Simon McCartney
+447710836915

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/vagrant/issues
IRC: #vagrant on Freenode
---
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/d03e9bfd-f662-47bb-a02b-9f8fa416147b%40googlegroups.com.

[Alvaro Miranda Aguilera]

Hello

probably is the network


add auto_config: false

config.vm.define "blanky" do |b|
b.vm.provider "virtualbox" do |v|
v.name = "blank"
v.gui = "true"
end
b.vm.box = "steigr/pxe"
b.ssh.insert_key = "false"

b.vm.network "private_network", type: "dhcp", auto_config: false
end

Or comment that line out..

whats your vagrant plugin list ??

some plugins like vb-guest will connect to the guest to check the
version of virtualbox additions

> --
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/mitchellh/vagrant/issues
> IRC: #vagrant on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Vagrant" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vagrant-up+...@googlegroups.com.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/vagrant-up/d03e9bfd-f662-47bb-a02b-9f8fa416147b%40googlegroups.com.

[Nimon Ambient]

Exactly the same output with auto_config. I commented out the line and it still tried.

Plugins are:

C:\Vagrantfiles\VagrantFiles\foreman>vagrant plugin list

oscar (0.4.2)

vagrant-share (1.1.3, system)

Full vagrant file (foreman, puppet client, blank box) is:

# -*- mode: ruby -*-

# vi: set ft=ruby :

#

SUBNET="10.0.10"

#

vmcount=1

Vagrant.configure(2) do |config|

  foremanIP = "#{SUBNET}.100"

$foremanInstall= <<SCRIPT

sudo apt-get -y install ca-certificates

sudo wget https://apt.puppetlabs.com/puppetlabs-release-jessie.deb

sudo dpkg -i puppetlabs-release-jessie.deb

sudo echo "deb http://deb.theforeman.org/ jessie 1.8" > /etc/apt/sources.list.d/foreman.list

sudo echo "deb http://deb.theforeman.org/ plugins 1.8" >> /etc/apt/sources.list.d/foreman.list

sudo wget -q http://deb.theforeman.org/pubkey.gpg -O- | apt-key add -

sudo apt-get update && apt-get -y install foreman-installer

sudo foreman-installer --foreman-admin-password=bogroll

sudo puppet agent --test

sudo echo "#{SUBNET}.101 client.myhouse.local client" |sudo tee -a /etc/hosts

SCRIPT

$clienthelper= <<SCRIPT

sudo echo "#{foremanIP} foreman.myhouse.local foreman puppet" |sudo tee -a /etc/hosts

sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm

sudo yum install -y puppet

sudo chkconfig puppet on

sudo service puppet start

SCRIPT

config.vm.define "foreman_server" do |f|

f.vm.provider "virtualbox" do |v|

v.name = "Foreman Server"

end

f.vm.box = "mokote/debian-8"

f.vm.hostname = "foreman.myhouse.local"

f.vm.network "private_network", ip: "#{foremanIP}"

f.vm.network :forwarded_port, guest: 80, host: 8082

f.vm.network :forwarded_port, guest: 443, host: 8083

f.vm.network :forwarded_port, guest: 8443, host: 8443

f.vm.provision "shell", inline: $foremanInstall

end

config.vm.define "client" do |c|

c.vm.provider "virtualbox" do |v|

v.name = "puppet client"

end

c.vm.box = "chef/centos-6.5"

c.vm.hostname = "client.myhouse.local"

c.vm.network "private_network", ip: "#{SUBNET}.101"

c.vm.provision "shell", inline: $clienthelper

end

config.vm.define "blankMachine" do |b|

b.vm.provider "virtualbox" do |v|

v.name = "blank"

v.gui = "true"

end

b.vm.box = "steigr/pxe"

b.ssh.insert_key = "false" 

# b.vm.network "private_network", type: "dhcp", auto_config: false

end

end