Your SlideShare is downloading. ×
Porting Puppet to OpenBSD
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Porting Puppet to OpenBSD

463
views

Published on

"Porting Puppet to OpenBSD" presented at Puppet Camp Berlin 2014 by Jasper Lievisse Adriaanse of m:tier

"Porting Puppet to OpenBSD" presented at Puppet Camp Berlin 2014 by Jasper Lievisse Adriaanse of m:tier

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
463
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Porting Puppet to OpenBSD Jasper Lievisse Adriaanse Engineering team, m:tier Puppet Camp Berlin 2014 April 11th, 2014
  • 2. Puppet Camp Berlin 2014 Agenda ● Introduction ● OpenBSD ● General considerations ● Puppet stack ● Current challenges ● Best practices ● Closing
  • 3. Puppet Camp Berlin 2014 Introduction
  • 4. Puppet Camp Berlin 2014 Who? ● Who am I? ● Jasper Lievisse Adriaanse – OpenBSD – Puppet – GNOME ● OpenBSD developer since 2006
  • 5. Puppet Camp Berlin 2014 m:tier
  • 6. Puppet Camp Berlin 2014 m:tier ● Who are we? ● OpenBSD developers ● Breathe open source ● Secure system architects
  • 7. Puppet Camp Berlin 2014 m:tier ● What do we do? ● OpenBSD ● Puppet ● Zabbix ● Bacula ● Open Source Software consultancy / implementation
  • 8. Puppet Camp Berlin 2014 m:tier ● But also ● OpenBSD Long Term Support ● Binary patches ● Thin Client ● GNOME for OpenBSD ● GNOME automounter for BSD – opensource.mtier.org
  • 9. Puppet Camp Berlin 2014 OpenBSD
  • 10. Puppet Camp Berlin 2014 OpenBSD ● OpenBSD? ● Unix-like, multi-platform operating system ● Derived from 4.4BSD, NetBSD fork ● Kernel + userland + documentation maintained together ● 3rd party applications available via the ports system ● Anoncvs, OpenSSH, OpenBGPD, OpenSMTPD strlcpy(3)/strlcat(3), etc ● Runs on many platforms...
  • 11. Puppet Camp Berlin 2014 OpenBSD ● Platforms ● 21 supported platforms – from amd64to mvme88kto zaurus
  • 12. Puppet Camp Berlin 2014 OpenBSD
  • 13. Puppet Camp Berlin 2014 OpenBSD
  • 14. Puppet Camp Berlin 2014 OpenBSD
  • 15. Puppet Camp Berlin 2014 General considerations or “OpenBSD oddities”
  • 16. Puppet Camp Berlin 2014 OpenBSD “oddities” ● No root:root ● instead root:wheel ● UID < 500 ● vs. UID < 1000 ● package takes “favors”
  • 17. Puppet Camp Berlin 2014 OpenBSD “oddities” ● The world isn't i386^Wamd64-only ● Stuck with Ruby 1.9 ● until exotic alphaand hppaare fxed for 2.0 ● 2.1 is still miles away (mips64broken too)
  • 18. Puppet Camp Berlin 2014 Puppet stack
  • 19. Puppet Camp Berlin 2014 Ruby ● Ruby ● Actually, Ruby was in a pretty good shape of modern architectures... ● ...slightly less so onsparc64.
  • 20. Puppet Camp Berlin 2014 libshadow ● libshadow ● enables usage of theuser's passwordproperty ● didn't support non-Linux a few years ago – did support non-Linux a few month ago ● free ride for us
  • 21. Puppet Camp Berlin 2014 Facter ● Facter ● Added OpenBSD support for various facts ● New SSH key facts fored25519keys ● Minor *BSD-related cleanups
  • 22. Puppet Camp Berlin 2014 Puppet ● Puppet ● Package provider – pkg.confsupport – Features: ● :purgeable ● :install_options ● :uninstall_options
  • 23. Puppet Camp Berlin 2014 Puppet ● Puppet (cont.) ● remountssupport for *BSD ● SSHed25519key support to various types
  • 24. Puppet Camp Berlin 2014 PuppetDB ● PuppetDB ● Path and shell command tweaks ● OpenBSDrc.dscript
  • 25. Puppet Camp Berlin 2014 mcollective ● Puppet MCollective module ● user/group/package made configurable
  • 26. Puppet Camp Berlin 2014 Current challenges
  • 27. Puppet Camp Berlin 2014 Challenges ● package ● ensure => 'latest'
  • 28. Puppet Camp Berlin 2014 Challenges ● service ● rc.d provider recently added
  • 29. Puppet Camp Berlin 2014 Challenges ● Ruby > 1.9 ● 3.5.x supports 2.1 ● OpenBSD not ready yet
  • 30. Puppet Camp Berlin 2014 Challenges ● Submit outstanding patches ● Facter – Fix virtualfact – Add swap{free,size}_mbfacts ● Puppet – UID < 1000 – Use passwd(1)for expiry
  • 31. Puppet Camp Berlin 2014 Best practices or, low hanging fruit
  • 32. Puppet Camp Berlin 2014 Best practices ● root group Bad group => 'root' Good group => 0 or group => $root_group
  • 33. Puppet Camp Berlin 2014 Best practices ● user/group names Bad user { 'activemq': … } Good user { $activemq_user: … }
  • 34. Puppet Camp Berlin 2014 Best practices ● Package names Bad package { 'activemq': … } Good package { $package: … }
  • 35. Puppet Camp Berlin 2014 Best practices ● No default fail in case Bad case $operatingsystem { 'RedHat': { $www = 'httpd' } 'Debian': { $www = 'apache' } default: { $www = 'this-may-work-yay' } } Good case $operatingsystem { 'RedHat': { $www = 'httpd' } 'Debian': { $www = 'apache' } default: { fail('Unrecognized platform.') } }
  • 36. Puppet Camp Berlin 2014 Closing
  • 37. Puppet Camp Berlin 2014 Thank you, Eric Sorensen (ahpook) Adrien Thebo (athebo) Ken Barber (kbarber)
  • 38. Puppet Camp Berlin 2014 Thank you! mail: jasper@{openbsd,mtier}.org www:www.mtier.org twitter: @jasper_la / @mtierltd