Your SlideShare is downloading. ×
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. © 2009 VMware Inc. All rights reservedPuppet PrimerRobbie Jerrom – Solution Architect VMwareTwitter- @robbiej
  • 2. DisclaimerThe material in the presentation is based from my exploration andlearning of puppet.My views are my own and not necessarily shared by PuppetLabs orVMware.2 Confidential
  • 3. About me..I’m a Solution Architect at VMware.Ex- IBM where I did many things.. The most relevant to this presentationis running the WebSphere build team for 2 years.... And it hurt.. Every version of AIX / Solaris / Windows & Early Linuxenvironments.. All from a single build environment .. Distributed aroundthe globe.I wish Puppet had existed back then !3 Confidential
  • 4. Software Eats the World..“Puppet Labs Secures $30 MillionInvestment From VMware”4 Confidential
  • 5. 5
  • 6. So what is Puppet.. And why would I care ?Old school software deployment..• Production• Dev / Test• Service Support• Many of the challenges are the same and our solutions very similar.. Scripts… lots and lots of them..- Perl / PowerShell / Bash / SH / Make / Awk- Whatever your particular poison was you or your team created scripts to makethings easier.- Then you left.. Or got promoted.. And the next guy did the same.. Probably intheir favourite scripting language.6 Confidential
  • 7. Result… script hell..Growing complexity..Inherited ‘mess’, undocumented and unmanageable.7 Confidential
  • 8. As a concept.. A script is ‘how to do something’Scripts of any variety typically fall into describing how to perform atask.• Copy file a to location b If that fails log an error and stop.• Compile file a found in location b If that fails log an error and stop• Start Application server Call deploy script for myapplication found in location b.And they usually spawn more scripts !8 Confidential
  • 9. A new way..Puppet takes a different approach..Puppet is a state machine, it takes a declarativeapproach to configuration management.You tell puppet ‘what’ and it works out the ‘how’.With Puppet you are providing a definition of what it means to be:• A Webserver• An Application server• A Proxy server9 Confidential
  • 10. Puppet Operating Layers10 ConfidentialDeploymentConfiguration & Resource AbstractionTransactional Layer
  • 11. Deployment LayerClient Server Architecture11 ConfidentialNode Node NodeNodeNodeNode(Puppet) Master
  • 12. Configuration & Resource Abstraction LayerMuch more on this shortly..12 ConfidentialConfiguration & Resource AbstractionModules Classes Packages Files ServicesResources
  • 13. Transaction Layer
  • 14. To complete the picture..14 ConfidentialPuppet Enterprise
  • 15. Everything to Puppet is a resource15 Confidential[root@puppet ~]# puppet resource user robbieuser { robbie:ensure => present,comment => Robbie,gid => 500,groups => [sudoers],home => /home/robbie,password => $1$W3RSF$sQhH9VeK1f5IwR.TNCj8y1,password_max_age => 99999,password_min_age => 0,shell => /bin/bash,uid => 500,}
  • 16. Doing something in Puppet..Simple example – Single machine not client server.16 Confidential
  • 17. Doing something in Puppet..A puppet managed environment consists of a number of core files.• site.pp - starting point for Puppet default configurations.• node.pp – file host descriptions.• modules - collection of .pp files to define your environment.17 Confidential
  • 18. site.ppimport "templates.pp"import "node.pp"# global defaultsPackage {provider => $operatingsystem ? {debian => aptitude,redhat => up2date }}18 Confidential
  • 19. include vimnode basenode{service {“telnet":ensure => "stopped", }}node ‘’ inherits basenode{ include proxy }node /^ inherits basenode{ include webserver }node /^ inherits basenode{ include appserverpackage {‘vim’ : ensure => present }}node basenode{service {“telnet":ensure => "stopped", }}node.pp19 Confidentialnode ‘’ inherits basenode{ include proxy }node /^ inherits basenode{ include webserver }Regex to include…. etc.node /^ inherits basenode{ include appserverpackage {‘vim’ : ensure => present }}Regex to include…. etc.
  • 20. Package/File/Servicefile – Manage Local Files• ensure { present, absent, file, directory, link }• source• Content• purgepackage – Package management• ensure {present, latest, version, absent, purged }• Name• source20 Confidential
  • 21. Package/File/Serviceservice – System services management• ensure {running, stopped}• enable {true, false}• hasrestart {true,false}Notify – log a message• message {“hello world!”}21 Confidential
  • 22. Simple Puppet Example – Part of SSH Module22 Confidentialpackage { ssh:ensure => latest,}file { /etc/ssh/sshd_config:source => puppet:///modules/ssh/sshd_config,require => Package[ssh],notify => Service[sshd],}service { sshd:ensure => running,subscribe => Package[ssh],}
  • 23. Modules23 Confidential
  • 24. Apply to a node..Lets make a webserver then an app server.24 Confidential
  • 25. The new platform scenarioPuppet makes things far quicker..1. Add the new node..• And any variations or missing configurations will be reported.• Factor will pull the new platform specifics and report up to puppetmaster.• Puppet will deploy & configure software as per the node policy.2. Update App Specific Manifests & Configs if new platform.3. Done !25 Confidential
  • 26. Things I’ve learnt..SSL Cert’s are a pain anytime and place.• The Puppet Labs site has some great guides on configuration andmanagement of these but I still spent a reasonable amount of time fighting withthem.• Make sure DNS is working .. See above.. If your hostnames don’t match certsget upset – For local testing /etc/hosts might be easier.• Start small.. SSH / Tomcat are great little examples.. WebSphere or JBoss notso much. Apache is a good learning exercise.• MS Windows adds complexity, consider each windows version a completelydifferent platform. Some services provided by puppet do not work on Windowsyet.26 Confidential
  • 27. Final words.. Questions ?VMware & PuppetLabs.. working together on some ‘cool stuff’.Right now vCloud Automation Centre & AppDirector products cantake advantage of Puppet.If you’re a VMware person, its worth becoming a Puppet person too.27 Confidential
  • 28. Thanks for listening..Special thanks to the guys at PuppetLabs; Reid & Chris fortechnical support, t-shirts, stickers and books.28 Confidential