Puppet at janrain

Puppet at Janrain James Loope

In the beginning...

Awesomeness

More awesomeness

Less awesome

Opposite of awesome

Totally awesome

Wagons Ho!

Were not in Kansas Anymore

On demand resources! Features! APIs!

Impermanence! Competition! APIs!

Sometimes you have to let go its not your puppy, its just an instance

Persistence does not make it better Entropy will get you in the end

Do it right the first time, make it repeatable

Puppet keeps us saneclass apps::zookeeper-server ( $nodes ) { package { "zookeeperd" : ensure => installed } service { "zookeeper": ensure => running, enable => true, hasstatus => true, pattern => "zookeeper", require => Package["zookeeperd"] } file { "/etc/zookeeper/conf/zoo.cfg" : content => template("apps/zookeeper/zoo.cfg.erb") }}

Version control lets us work together>git branch -rorigin/HEAD -> origin/masterorigin/developmentorigin/master

Environments keep us safe development > staging > production

Scary APIs?

Simple tools keep us efficient> createaserver.rb -a ami-e2af508b -n test1.janrain.com -SFog launches an Ubuntu base amiserver = compute.servers.create(:image_id => options[:ami], :flavor_id =>options[:type], :groups => options[:groups], :user_data => puppet: conf: agent: server: puppet.janrain.com certname: "test1.janrain.com" environment: "development" pluginsync: true waitforcert: true

● Ubuntu cloud-init installs puppet ○ https://help.ubuntu.com/community/CloudInit ○ also: work around for provider prerequisite problem ● Puppet starts up and waits for signing ○ our utility signs the cert over the REST api ■ http://docs.puppetlabs.com/guides/rest_api.htmlcurl -i --cert ~/.puppetcred/puppet.crt --key ~/.puppetcred/puppet.key --cacert ~/.puppetcred/ca_crt.pemhttps://puppet.janrain.com/development/certificate_status/test1.janrain.com -H Content-Type: text/pson -X PUT --data{"desired_state":"signed"}

● Puppet starts up and installs our base from common modules ○ users ○ groups ○ ssh pubkeys ○ common apps ○ metrics and monitors ■ collectd ■ nagios ■ mcollective

● Puppet sets up the DNS ○ via REST API ○ http://dyn.com/dns/dynect-managed-dns/● Puppet manages our instance volumes with lvm ○ https://github.com/puppetlabs/puppet-lvm● Puppet deploys application code with vcsrepo ○ https://github.com/puppetlabs/puppet-vcsrepo

Tadah!ssh test1.janrain.comWelcome to Ubuntu 11.04 (GNU/Linux 2.6.38-8-virtual i686)jloope@test1.janrain.com:~$

The dashboard gives us insight

Avoiding the Stampede ● Its hard to keep the PuppetMasters load predictable ● Puppetcommander ● Initiates runs in an orderly fashion ● Can be globally disabledhttps://github.com/puppetlabs/mcollective-plugins/tree/master/agent/puppetd/commander/

Whats next?● External Node classifier● LXC Development Environment● Build => Bundle => Scale● Puppet and Zookeeper via Facter

In conclusion

Puppet at janrain

by Puppet Labs on Sep 29, 2011

Accessibility

Categories

Tags

Upload Details

Usage Rights

Statistics

Puppet at janrain — Presentation Transcript