NTTLimitedRD / plumbery

Cloud automation at Dimension Data with Apache Libcloud
Apache License 2.0
14 stars 9 forks source link

manage MCP 1.0 acl lists with plumbery? #47

Open andyhird opened 8 years ago

andyhird commented 8 years ago

Hi there.

Apologies if this isn't the right place to ask general plumbery questions - couldn't find anywhere else specific though.

I'm looking to use plumbery to manage several networks running in a MCP 1 cloud (EU3 - Jersey) and one of the things I'd like it to do is manage the acl rules set on the firewalls. Is that possible with plumbery - I can't see anything specific in the documents or plumber-contrib addressing that?

A bonus question - I can see an ansible link in there. We use ansible pretty heavily for provisioning and managing some of our servers and wondering what points of integration plumbery / ansible have

Thanks in advance! Andy

bernard357 commented 8 years ago

Hello Andy, thanks for reaching out. You are at at the right place to talk about plumbery.

At this stage plumbery is only adapted to MCP 2.0 resources. It cannot be used on MCP 1, unfortunately.

For teams who are using ansible, plumbery generates inventory of hosts out of the configuration files. In that case the workflow has two phases. 1- Edit configuration files and ask plumbery to deploy them, including servers bootstrapping. 2- Ask plumbery to generate an inventory file that can be used by ansible for anything else: system configuration, application deployment, etc.

tintoy commented 8 years ago

If it helps at all, the Libcloud driver for Dimension Data still supports MCP 1.x (although not for long, I'm told).

andyhird commented 8 years ago

Thanks for the replies.

From what I've been told by the other folks at Jersey Telecom where the Jersey EU3 install is running (I work for them, although I'm based in Melbourne) there's no intention of upgrading the deployment to MCP 2 at the moment, which is sad (well for me).

I spent a bit of time at the weekend reading the plumbery code and figured out how it was using libcloud so started to look at that. Using it to get a list of compute nodes appears to work with EU3 but I have tried the extra functionality for getting a list of firewall ACLs with (which was one of the main things I wanted to manage). I'll give that a go.

I'm guessing the terraform driver is similar - MCP 2 only, or will be?

Thanks for your help!

tintoy commented 8 years ago

Yes, sorry about that - Terraform provider is also MCP2 only :-/

Let me know if you have problems with Libcloud; I can probably ask around for sample code if you get stuck.

Otherwise if your client platform is Windows, I believe the Powershell module supports both MCP 1.0 and 2.0. And it’s pretty easy to script. If you’re interested, let me know and I’ll ask the team who maintain it for details.

tintoy commented 8 years ago

BTW, if you do wind up wanting to use Terraform for anything, you’ll find it here:

https://github.com/DimensionDataResearch/dd-cloud-compute-terraform#readme

For example, here’s how firewall rules work:

https://github.com/DimensionDataResearch/dd-cloud-compute-terraform/blob/development/v1.0/docs/resource_types/firewall_rule.md

bernard357 commented 7 years ago

Andy, how have you solved your initial problem? Thanks for sharing