Puppet: System Administration Automated

Support

Kinial Specification

Kinial is a RESTful web service for storing information about nodes. It's designed to integrate with Puppet, but is likely useful by itself.

Kinial is designed to handle the central logic around node classification, and to provide an interface that's flexible enough to allow many tools to be created that utilize it. Some of those tools might be:

  1. A Web Frontend, for assigning attributes and assigning classes.
  1. A Command Line DSL parser. (basically the same as puppets current node clasification language)
  1. A Classification Agent, running on many hosts and reporting about their

status. (A Facter + Procmail mashup)

  1. Puppet, which should be able to query Kinial for node information.
  1. A command line query tool, for printing lists of "webservers"

Definitions

  • Node: A node is an entity capable of containing classes and attributes. (ie: the same as a puppet node)
  • Classes: Classes are buckets that nodes can be sorted into. For example, "webserver". (ie: the same as a puppet class)
  • Attributes: Information about this specific node. (ie: puppet variables, as defined in the node)
  • Parent: Nodes can descend from other Nodes.

Nodes

A Node is the basic entity in Kinial. Each node can have inherit from many parent nodes. It will inherit the classes and attributes of it's parents. Any classes added to the node will be added to the total class list. Any attributes with the same name will *override* the attributes of the parents. In the case of multiple inheritence, the order in which the parents are listed will determine which attributes override.

Example:

Parent 

---
node_id: base_node
class:
  - a
  - b
attribute:
  zen: monkey
  hindu: cows

Child 

---
node_id: child_node
parent_id: base_node
class:
  - c
  - d
attribute:
  zen: plant
  tropical: fruit

The resulting complete Child entry would look like: 

---
node_id: child_node
parent: http://localhost/node/base_node
class:
  - a
  - b
  - c
  - d
attribute:
  zen: plant
  hindu: cows
  tropical: fruit

In the case of multiple inheritence: 

---
node_id: many_parents
parent:
  - http://localhost/node/base_node
  - http://localhost/node/child_node
class:
  - e
  - f
attribute:
  hindu: coffee

Would result in: 

---
node_id: many_parents
parent:
  - http://localhost/node/base_node
  - http://localhost/node/child_node
class:
  - a
  - b
  - c
  - d
  - e
  - f
attribute:
  zen: plant
  hindu: coffee
  tropical: fruit

If you were to reverse the order of his parents, zen would switch to monkey.

The Kinial service would expose node information in the following way:

* /node

  • GET: Lists all the available nodes URIs.

* /node/node_id

  • GET: Show this nodes information.
  • PUT: Create a new node at this location, or update an existing node.
  • POST: Identical to PUT, for all practical purposes.
  • DELETE: Remove this node.

Classes

Classes are just arbitrary terms, like a tag. Kinial should keep a list of all the classes it has seen, so that it's easy to create user interfaces that reference them. 

class:
  - a
  - b
  - c
  - d

Classes will be exposed by Kinial in the following way:

  • /class
    • GET: List all the classes in use.
  • /class/class_id
    • GET: List all the nodes that are members of this class.
    • PUT/POST: Create a new class at this URI, with possible list of members.
    • DELETE: Remote a class

Attributes

Attributes are one or more values for a variable. An example would be: 

key: value

Over time, Hash support could be added.

A list of all the Attributes will be exposed by Kinial in the following way:

* /attribute

  • GET: List all the attributes in use.

* /attribute/attribute_id

  • GET: List all the values for this attribute for each node.

A full text search interface will be created using Ferret or Solr. This will let you do queries against the node database, such as: 

class:webserver
class:ldap-auth -class:rails
attr:value -otherattr:somevalue

It would be exposed by Kinial as:

* /search?q=querystring

  • GET: Return all the node entries that match

Implementation

Work on Kinial will begin with the core service. Once the web services spec is completed, work on a simple Classification Agent will begin. This first pass will simply be taking the standard set of Facter facts and reporting them to the service. It will assign classes to the node based on simple regular expressions. A possible configuration: 

ipaddress:
  - 
    regex: /192.168/
    class: 
      - private

This classification tool will provide two things:

1. A Ruby based API to the Kinial Web Service

2. A simple way for nodes to pre-register themselves with Kinial, for later classification.

The next steps should proceed in parallel:

1. Creating a basic Web Interface for node definition, classification, and attribute setting.

2. Integrating the Kinial web service with Puppets external node support.

Summary

The above was generated from my conversation with Luke, and from my own thoughts on how a general node classification system should work. By putting the bulk of the node logic into a centralized service, and letting the API provide for the creation of the more complex tools, we'll be able to create all kinds of neat ways to dynamically classify nodes in puppet.

Feel free to edit, alter, and otherwise munge this to your hearts content. The more the merrier. :)