homeblogbringing razor into puppet enterprise

Bringing Razor into Puppet Enterprise

The release of Puppet Enterprise 3.2 is a major milestone in the life of Razor: It is now included in Puppet Enterprise. Razor’s features make it possible to automate going from a newly racked machine to one fully installed and managed by Puppet without any human intervention, solving the “first mile” problem that many Puppet users have had to solve themselves up to now.

Since this is the first time we have included Razor in a product, we have provided training wheels and labeled it as a tech preview. In a nutshell, this means that Razor is now available in an easy-to-consume form within Puppet Enterprise, ready to install and use by early adopters and those keen to investigate the technology, understanding that we do not deem it quite ready for production use, and therefore provide only limited support for it. Nonetheless, inclusion of Razor in Puppet Enterprise is an advance I am very excited about, and I know many of you have been waiting for it.

Since its inception, Razor has generated an immense amount of interest, no doubt in large part due to some of the key insights that original creators Nick Weaver and Tom McSweeney had. Because of them, Razor represents a major leap in how PXE provisioning is done, and what is possible with that technology.

The first key idea in Razor is that it uses iPXE’s capabilities to back provisioning decisions with a modern web service, rather than restricting itself to the rather crusty mechanisms of DHCP and TFTP alone. A second key idea is the discovery and inventorying of hardware brought under Razor’s control via its “Microkernel,” a small Linux image, that is booted on each node and discovers the characteristics of the node using Facter. A third key idea is to drive provisioning using policies that express the intent of how machines should be used based on the hardware characteristics that Razor has discovered.

Last but not least is the balance that Razor strikes between doing too little and doing too much when building a machine: Actual installation is kept to the minimum necessary to allow a Puppet agent to run, and any personalization of the machine is performed by Puppet. Razor simplifies both the minimal installation of an operating system, and the installation and configuration of the Puppet agent, so that a machine can go from blank to fully installed and managed by Puppet with nothing more than the act of turning the machine on and PXE booting it.

We have learned a lot from the community since Razor’s initial announcement, both in terms of features and in terms of operational concerns. Operational concerns clearly indicated that we needed to rewrite Razor from scratch, an effort which culminated in our decision to include Razor in Puppet Enterprise. Razor is now based on a stack commonly used by web services: We use PostgreSQL as the database, and the service is entirely written in Ruby, using the Sinatra framework. Furthermore, by using Torquebox, deploying and managing the service is greatly simplified.

The rewrite was an opportunity to make a few beneficial changes to Razor:

  • The Microkernel is now built using a widely supported Linux distribution for better hardware support.
  • Custom installers can now be easily added to your Razor server, as they consist almost entirely of the files that are necessary to automate the installation of your target operating system. The only Razor-specific items needed here are a short metadata description, and some small changes to the installation scripts to make them contact the Razor server at key moments of the installation process. In particular, there is no need to write additional code.
  • The rule language in which provisioning policy is expressed is much more flexible; the language allows complex boolean expressions which can base their decisions on both hardware facts and node metadata. Node metadata, a new concept, consists of arbitrary key/value pairs that can be manipulated through the server’s REST API and from installers.
  • The public API can easily be secured and connected to common authentication solutions.

With all these changes, there is a lot to explore in this release of Razor. There’s an exciting road ahead for it, and we hope you’ll join the conversation by providing us feedback with your experience using Razor, either through Puppet Enterprise’s normal support channels or by getting involved in the upstream community.

Here's a demo video that shows the process of testing Razor within a Vagrant environment.

David Lutterkort is a principal software engineer at Puppet Labs.

Learn More