Re: [Blind-sysadmins] Access to VMware ESX 5.5 (both gui and VM guest console)
Hi, When I am talking about Packer, I am talking about Hashicorp's Packer that builds the image. When working with VMWare, it has two options, either to start from an ISO image or a VMX file. The thing I like about Packer on ESX is it gets you past the boring part of logging onto the console, pressing escape at the right time etc. You then get a predictable image every time that can be used in other places later on. This saves you time as it means that you don't need to provision a new machine and wait for that to complete etc. How many times have you tried to provision a new machine and have some part of it fail as it couldn't access a network file, or something went wrong with deployment etc.? I realise that in most enterprises this type of technology is seen as very new and certainly in the place where I work the team I am in are the only ones using this type of workflow, the rest of the teams are still using older ways to get machines up which are not as usable. I think that in time we will see a lot more of this automation which is good news for us.
From an AWS point of view you need to think about servers very differently, the servers I spin up in AWS last only for a few weeks, and in AWS terminology for a lot of places that is a long time. I am different in that I am working with a Windows stack, although I do use some Redhat in some places.
The AWS console is not too bad, but the real power comes from automating the provisioning of the network and the systems. I typically make heavy use of the AWS PowerShell, and Hashicorp Terraform to build the infrastructure. I am building the infrastructure from the networks, each subnet, connectivity between the subnets, firewalls, network appliances etc., all controlled via Terraform. In terms of the machines itself I have set things up so I never really need to log into a machine, the machines have health checks to identify whether specific services and files are in place, and if these fail the machines are killed. I know a machine is up properly because at the end of the Chef run the system calls out to a deployment server and so I can see the machine requesting application code and the code going on the server. All very accessible and no interacting with a server rack or network cable!
I realise a lot of enterprises are a long way from this, where I work we have an enormous amount of ground to make up in getting other parts of the business on-board with the new technology, and it changes fundamentally the way in which a team works. For example I am having to do a lot of architecture work, as well as work on lower levels of the network stack, for example creating and testing the firewall rules, whereas before I was only working on the server side. I don't know how long I will be able to continue this, as there are lots of changes being proposed, so for now I am trying to learn as much as I can until I have to move.
Hope this helps,
Andrew.
-----Original Message-----
From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Hutchings
Sent: 01 April 2017 22:56
To: 'Blind sysadmins list'
From an AWS point of view you need to think about servers very differently,
Hi Andrew,
Thanks for the below info.
The way we have things setup here is that we have iso images which are on a
network server, along with kickstart files, (which are generated by packer)
- the same packer you refer to.
We use the kickstart files to essentially provide an "unattended" install
when provisioning machines.
However, sometimes, the kickstart process can't find a file, or the dhcp
server fails to provide an IP address, or the machine half installs and then
bails, forcing the need for machine console access.
Depending on how far machine config has got, sometimes I can log in with ssh
and troubleshoot, but if ssh isn't available I have to ask a colleague.
I will look deepper into packer to see if it maybe provides features to
further automate our kickstart process to minimise the need for console
access before ssh comes up.
Thanks again,
Ryan
-----Original Message-----
From: Blind-sysadmins
[mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Andrew
Hodgson
Sent: 01 April 2017 23:21
To: Blind sysadmins list
From an AWS point of view you need to think about servers very differently,
Hi Andrew,
I looked more into packer, it looked like a possible solution, until I got
to the point in the documentation that said that output of the OS
installation is sent via vnc, which, as far as I know, is not useable by
someone with a screen reader, so it still presents the same problem in terms
of having access to the install process to troubleshoot any issues during
the initial install of the OS.
Thanks for the pointer to packer anyway,
Ryan
-----Original Message-----
From: Blind-sysadmins
[mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Andrew
Hodgson
Sent: 01 April 2017 23:21
To: Blind sysadmins list
participants (2)
-
Andrew Hodgson
-
Ryan Hutchings