Puppet in EC2An implementation       By Luc Suryo     February 8, 2011
About Me• An Unix and Operation guy since ’77• Been doing Linux since ’92• Been doing Puppet since Nov ’10 (pretty  newbie...
Goal• Able to launch and maintain an instance  with minimal effort• Better and centralized change control
Choice• Puppet, it’s mature and past experience• Build and maintenance AMI with predefines  and preinstalled software to mi...
AMI & Puppet• AMI has all software installed but not  activated nor configured• Puppet controls what piece of software is  ...
Puppet Class the Idea• Each package is split into 4 parts• Software• Services• Control and Configure• Monitor (if applicable)
Class package• Make sure the software is installed• Does not define nor controls the service    class ntp::package {       ...
Class Service• Controls service, make sure the service is  in the correct state           class ntp::service {            ...
Control and Configure • Controls, restart • Configures, configures files define ntp::ntp_conf ( $network = , $ntpservers ) {   ...
Monitor             • Nagios or/and Munin to monitor serviceclass ntp::munin {     enable_munin_plugin { [ “ntp_kernel_err...
class fly::ntp {    include ntp::package    include ntp::munin    include ntp::nagios      case $hostname {           # NTP...
• Know and accepted issues and risk• = package update ; amount and time• Always can be improved... and thanks for  coming
Upcoming SlideShare
Loading in …5
×

Luc Suryo - Puppet on EC2

7,934 views
7,848 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
7,934
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
43
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Luc Suryo - Puppet on EC2

    1. 1. Puppet in EC2An implementation By Luc Suryo February 8, 2011
    2. 2. About Me• An Unix and Operation guy since ’77• Been doing Linux since ’92• Been doing Puppet since Nov ’10 (pretty newbie)• contact luc@suryo.com• Works at http://friend.ly
    3. 3. Goal• Able to launch and maintain an instance with minimal effort• Better and centralized change control
    4. 4. Choice• Puppet, it’s mature and past experience• Build and maintenance AMI with predefines and preinstalled software to minimize Puppet’s run time• Security using EC2 and allowing auto signing
    5. 5. AMI & Puppet• AMI has all software installed but not activated nor configured• Puppet controls what piece of software is activated and how it is to configured
    6. 6. Puppet Class the Idea• Each package is split into 4 parts• Software• Services• Control and Configure• Monitor (if applicable)
    7. 7. Class package• Make sure the software is installed• Does not define nor controls the service class ntp::package { $ntp_uid_gid = "ntp" case $operatingsystem { "centos" : { $packages_list = [ "ntp" ] } "ubuntu" : { $packages_list = [ "ntp", "ntpdate" ] } } package { $packages_list : ensure => "installed", } }
    8. 8. Class Service• Controls service, make sure the service is in the correct state class ntp::service { service { "ntp::service" : name => $operatingsystem ? { "centos" => "ntpd", "ubuntu" => "ntp", }, enable => "true", ensure => "running", } }
    9. 9. Control and Configure • Controls, restart • Configures, configures files define ntp::ntp_conf ( $network = , $ntpservers ) { file { "/etc/ntp.conf" : mode => 0444, owner => root, group => root, content => template ("ntp/etc/ntp.conf.erb"), } } define ntp::restart () { Exec { logoutput => "on_failure", path => [ "/bin", "/usr/bin", "/sbin", "/usr/sbin", "/usr/local/bin", "/usr/local/sbin" ], } exec { "ntp_restart" : command => $operatingsystem ? { "centos" => "/etc/init.d/ntpd restart", "ubuntu" => "/etc/init.d/ntp restart", }, subscribe => File [ "/etc/ntp.conf" ], refreshonly => "true", } }
    10. 10. Monitor • Nagios or/and Munin to monitor serviceclass ntp::munin { enable_munin_plugin { [ “ntp_kernel_err”, “ntp_kernel_pll_freq”, “ ntp_kernel_pll_off”,“ntp_offset” ] : }}class ntp::nagios { enable_nagios_service { “ntp” : }}
    11. 11. class fly::ntp { include ntp::package include ntp::munin include ntp::nagios case $hostname { # NTP Server "puppet", : { $ntpservers => "us.pool.ntp.org" } # NTP Client default : { $ntpservers => [ "10.168.101.111" ] } } ntp::ntp_conf { "fly-ntp" : $ntpservers => $ntpservers } case $hostname { "base" : { service { "ntp" : name => $operatingsystem ? { "centos" => "ntpd", "ubuntu" => "ntp", }, enable => "false", ensure => "stopped", } } default : { include ntp::service ntp::restart { "fly-ntp" : } } }}
    12. 12. • Know and accepted issues and risk• = package update ; amount and time• Always can be improved... and thanks for coming

    ×