Cloud building talk

  • 318 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
318
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
5
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Integrating the Cloud with PuppetTuesday, February 26, 13
  • 2. About me: Dan Bode Some Dude at PuppetLabs @bodepd bodepd <on> freenodeTuesday, February 26, 13
  • 3. Who is this talk for? Cloud Users Puppet beginnersTuesday, February 26, 13
  • 4. It will cover why integrate? explanation of Puppet’s architecture as it applies to integration using Puppet to model VM instancesTuesday, February 26, 13
  • 5. Why Integrate?Tuesday, February 26, 13
  • 6. Cloud Provisions virtual machines deployVirtualMachine Self Service API VM1Tuesday, February 26, 13
  • 7. Puppet VMs -> Applications deployApacheServer Self Service API VM1 Make me an apache server Here are your instructions Puppet MasterTuesday, February 26, 13
  • 8. Together PaaS deployAppStack Self Service API DB1 Apache1 Apache2 LBTuesday, February 26, 13
  • 9. PuppetTuesday, February 26, 13
  • 10. 2 run modes puppet apply client/serverTuesday, February 26, 13
  • 11. Puppet Client/Server Classifier Modules Master Facts Catalog VM1Tuesday, February 26, 13
  • 12. Facter Classifier Modules Master Facts Catalog VM1Tuesday, February 26, 13
  • 13. Facter $ facter architecture => x86_64 domain => local fqdn => DansLapTop.local id => danbode ec2_instance_id => abc123abc123abc123 operatingsystem => ‘Ubunbtu’ osfamily => ‘Debian’ .....Tuesday, February 26, 13
  • 14. Facter Available as top scope variables from manifests ie : $::fact_name Creating custom facts is easy.Tuesday, February 26, 13
  • 15. Modules Modules Classifier Master Facts Catalog VM1Tuesday, February 26, 13
  • 16. Modules Sharable Puppet contentTuesday, February 26, 13
  • 17. Module Forge http://forge.puppetlabs.com/puppetlabs/apache I get all of my content from the forge!Tuesday, February 26, 13
  • 18. Classes/defines compose resourcesTuesday, February 26, 13
  • 19. Resources Describe the configuration state of individual system elements.Tuesday, February 26, 13
  • 20. user { ‘dan’: # a user named dan ...Tuesday, February 26, 13
  • 21. user { ‘dan’: # a user named dan ensure => present, # should exist ...Tuesday, February 26, 13
  • 22. user { ‘dan’: # a user named dan ensure => present, # should exist shell => ‘/bin/bash’, # with this shell }Tuesday, February 26, 13
  • 23. Puppet DSL and resourcesTuesday, February 26, 13
  • 24. Puppet DSL Composes collections of resources.Tuesday, February 26, 13
  • 25. Package/File/Service class webserver { package { ‘apache2’: ... } file { ‘/etc/apache2/apache2.conf’: ... require => Package[‘apache2’], } service { ‘apache2’: ... subscribe => File[‘/etc/apache2/apache2.conf’] } }Tuesday, February 26, 13
  • 26. configure a node include webserverTuesday, February 26, 13
  • 27. Classification (maps roles as classes) Classifier Modules Master Facts Catalog VM1Tuesday, February 26, 13
  • 28. Site manifest (/etc/puppet/manifests/site.pp) Map a host’s certname to content from a module node /^my_node/ { include apache }Tuesday, February 26, 13
  • 29. ENC ENC Master The master can call out to arbitrary executables to figure out how a node should be classified.Tuesday, February 26, 13
  • 30. Puppet Client/Server Classifier Modules Master Facts Catalog VM1Tuesday, February 26, 13
  • 31. Catalog Resources Package Package File File Dependencies User User Service ServiceTuesday, February 26, 13
  • 32. Integration is all about ClassificationTuesday, February 26, 13
  • 33. Using metadata/userdata deployApacheServer (with metadata=’puppet_class=apache’) Self Service API VM1 Puppet MasterTuesday, February 26, 13
  • 34. Using metadata/userdata deployApacheServer (with metadata=’puppet_class=apache’) Self Service API I was provisioned with metadata VM1 puppet_class=apache Puppet MasterTuesday, February 26, 13
  • 35. Using metadata/userdata deployApacheServer (with metadata=’puppet_class=apache’) Self Service API I was provisioned with metadata VM1 puppet_class=apache Oh cool! You must be an Puppet apache server MasterTuesday, February 26, 13
  • 36. Determine role based on facts deployVirtualMachine (with metadata)Tuesday, February 26, 13
  • 37. Determine role based on facts deployVirtualMachine (with metadata) populate facter metadata serviceTuesday, February 26, 13
  • 38. Determine role based on facts deployVirtualMachine (with metadata) populate facter metadata service use fact for classification node default { include $::meta_data_role }Tuesday, February 26, 13
  • 39. Pros - simple - classification information set during provisioning processTuesday, February 26, 13
  • 40. Cons - hosts become authoritative over their role - a single rooted host can pretend to be anyone else - metadata/userdata is not always read/writeTuesday, February 26, 13
  • 41. Using instance annotation data deployApacheServer (with group=‘apache’) Self Service API here is my id VM1 Let me consult the cloud system Puppet Master You were provisioned as an apache serverTuesday, February 26, 13
  • 42. Using instance annotation data deployApacheServer (with group=‘apache’) Self Service API VM1Tuesday, February 26, 13
  • 43. Using instance annotation data deployApacheServer (with group=‘apache’) Self Service API here is my id VM1 Puppet MasterTuesday, February 26, 13
  • 44. Using instance annotation data deployApacheServer (with group=‘apache’) Self Service API here is my id VM1 Let me lookup your role based on your id Puppet MasterTuesday, February 26, 13
  • 45. Using instance annotation data deployApacheServer (with group=‘apache’) Self Service API here is my id VM1 Let me lookup your role based on your id Puppet Master You were provisioned as an apache serverTuesday, February 26, 13
  • 46. Pros - provisioning credentials are used to determine role - annotation field likely updatableTuesday, February 26, 13
  • 47. Cons - puppetmaster must have API credentials - may require a custom ENCTuesday, February 26, 13
  • 48. Decouple role assignment from provisioning After provisioning is completed, ssh into a machine, set a custom fact (using facts.d), and trigger a puppet run. pros - you can easily execute a script to install and bootstrap puppet cons - extra stepTuesday, February 26, 13
  • 49. facts.d facts.d comes with stdlib (http://forge.puppetlabs.com/puppetlabs/stdlib) it converts any ‘key=value’ pairs listed in /etc/ facts.d/*.txt into factsTuesday, February 26, 13
  • 50. VM provisioning with Puppet (experimental! use cases appreciated)Tuesday, February 26, 13
  • 51. Share Application Stacks as text class my_app_stack { cloudstack_instance { foo4: ensure => present, group => role=db, } cloudstack_instance { foo3: ensure => present, group => role=apache, } }Tuesday, February 26, 13
  • 52. Use resource defaults for common settings Cloudstack_instance { image => CentOS 5.6 key+pass, flavor => Small Instance, zone => ACS-FMT-001, network => puppetlabs-network, keypair => dans_keypair4, } cloudstack_instance { foo4: ensure => $::ensure, group => role=db, } cloudstack_instance { foo3: ensure => $::ensure, group => role=apache, }Tuesday, February 26, 13
  • 53. More issues of trustTuesday, February 26, 13