Hybrid Static Cloud

Perhaps you have on-premise & remote servers that you wish to use within the same installation.

In this example, we’ll populate one namespace with an on-premise fileserver, and another with a few servers from GCP. As a final step, a merged inventory is created demonstrating how to interact with all the servers at once.

Directory structure

└── bcome
    └── networks.yml
    └── static-cache.yml

Static Cache Manifest

Here we define a single local server:

- identifier: fserver_a
  local_network: yes
  description: Central store
      environment: office
      function: filestore
      group: administrative

Network Configuration

The network.yml configuration specifies three inventories: One populated from the cloud, a second populated from a static cache, and a third merging cloud & static.

  type: collection
  description: Entire WBZ estate

  type: inventory
  description: on-premise infrastructure

  type: inventory
  description: GCP machines
    type: gcp
    project: wbznet
    zone: europe-west1-b
    authentication_scheme: oauth
    secrets_filename: wbz-net-oauth-secrets.json
    - https://www.googleapis.com/auth/compute.readonly
    - https://www.googleapis.com/auth/cloud-platform
    filters: status:running

      - host_lookup: by_bcome_namespace
        namespace: gcp:bastion

  override_identifier: "[a-z]*_[a-z]*_(.+)"

  type: inventory-merge
  description: GCP & on-premise infrastructure
  - gcp
  - on_premise

Tree Hierarchy

Illustrated below is the installation’s tree structure. The “gcp” namespace contains servers populated from Google Cloud Platform. The “on_premise” is a local fileserver, whilst the “hybrid” namespace merges both allowing orchestration of all at the same time.

▐▆   Namespace tree wbz
├───╸ inventory gcp
│         ├───╸ server bastion
│         ├───╸ server puppet
│         └───╸ server wbzsite_app_sq6v
├───╸ inventory-merge hybrid
│         ├───╸ server wbz_gcp_bastion
│         ├───╸ server wbz_gcp_puppet
│         ├───╸ server wbz_gcp_wbzsite_app_sq6v
│         └───╸ server wbz_on_premise_fserver_a
└───╸ inventory on_premise
          └───╸ server fserver_a


Note how the merged inventory retains the full server identifiers. This prevents name conflicts when similar inventories are used as contributors to a merge.

SSH Routing Tree

The following routing tree (generated using Bcome’s routes command) illustrates how the system will connect to the servers within it.

▐▆   Ssh connection routes wbz
├───╸ server
│     namespace: wbz:on_premise:fserver_a
│     ip address
│     user guillaume
└───╸ proxy [1]
      bcome node wbz:gcp:bastion
      user guillaume

          ├───╸ server
          │     namespace: wbz:gcp:bastion
          │     ip address
          │     user guillaume
          ├───╸ server
          │     namespace: wbz:gcp:puppet
          │     ip address
          │     user guillaume
          └───╸ server
                namespace: wbz:gcp:wbzsite_app_sq6v
                ip address
                user guillaume

Ascii Cast


To replay this Asciicast in your own terminal, install the asciinema package from https://asciinema.org/, and then enter the following in your terminal:

asciinema play https://asciinema.org/a/HJWt7HSZCLnth823FhyVcje85