20120331 - Expanded Intro to Puppet for LOAD

1,988 views

Published on

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,988
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
60
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • Audience: from not knowing why a configuration management tool is even important to those who have already implemented puppet\n
  • \n
  • \n
  • \n
  • \n
  • you can provision tons of machines, so what?\n
  • why is mail27 so fragile?\n
  • quickly recreate systems in other environments\n
  • who changed what, when, why, and how\n
  • use proven tools and concepts\nleverage your VCS for change management\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Those in blue either are currently supported with Puppet Enterprise or will be soon.\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Audience: from not knowing why a configuration management tool is even important to those who have already implemented puppet\n
  • 20120331 - Expanded Intro to Puppet for LOAD

    1. 1. ExpandedIntroduction to Puppet LOAD Garrett Honeycutt Professional Services Consultant garrett@puppetlabs.comhttp://linkedin.com/in/garretthoneycutt
    2. 2. The one-off myth Your systems are not beautiful snowflakesphoto from http://
    3. 3. The one-off myth• Only temporary
    4. 4. The one-off myth• Only temporary• Replicas for pre-production environments
    5. 5. The one-off myth• Only temporary• Replicas for pre-production environments• Disaster recovery
    6. 6. Why?
    7. 7. Why?• reduce entropy
    8. 8. Why?• reduce entropy• disaster recovery
    9. 9. Why?• reduce entropy• disaster recovery• change management
    10. 10. Why?• reduce entropy• disaster recovery• change management• infrastructure as code
    11. 11. Puppet Open Source Ecosystem Puppet Distribution
 Bundled with major OS ! 3,000 person mailing list
 2,000 messages a month
 Puppet Community
 300 people at all times in IRC Active participation ! (#puppet on freenode.net) 100+ people 100+ modules Puppet Contributors
contributing to contributed to Frameworkdocumentation Puppet Module enhancements and code Forge !
    12. 12. Puppet is Pervasive Web Entertainment TechnologyFinancial Defense
    13. 13. Puppet EnterpriseWhat it is:• Puppet and related components packaged and integrated in one install: • Puppet • Puppet Master • Dashboard • Facter • Ruby • Apache • Passenger, etc.
    14. 14. Puppet Enterprise• Fully QA’d stack of Puppet and dependencies• Simplified installation• Ease of maintenance• Pre-configured for scalability and performance• Predictable enhancement delivery• Enhanced enterprise class Support
    15. 15. How Puppet Works 1 Define: With Puppets declarative language you design a graph of relationships between resources within reusable modules. These modules define your infrastructure in its desired state. GE E RA C OV SE EA CR IN ND E A I T E R AT4 Report: Puppet Dashboard reports 2 Simulate: With this resource track relationships between graph, Puppet is unique in itscomponents and all changes, allowing ability to simulate deployments, enablingyou to keep up with security and you to test changes without disruptioncompliance mandates. And with the to your infrastructure.open API you can integrate Puppet withthird party monitoring tools. CURRENT 3 Enforce: Puppet compares your STATE system to the desired state as you define it, and automatically enforces it DESIRED STATE to the desired state ensuring your system is in compliance.
    16. 16. Use Puppet to create composable configurationsModules and manage the enterprise infrastructure 1 Define Your Resources in Modules. ! "#$%!&(()$*!+,!-).#/)!+,0!1,-2)3!4+!/,-)! 9GHGAG7D "DA!7DEFDE G&&!7DEFDE 7D?MEJH = 52633#.#56$#,/3*!35%!63!")4!7)08)0!,0!96$6463)*!622,:#/;! +,!$,!-).#/)!0)26$#,/3%#(3!4)$:))/!0)3,05)3!6/-! 5,/.#;0)!$%,36/-3!,.!3)08)03!6$!,/5)<! Via Custom Assign resource relationships automatically.! Puppet Dashboard External Source (CMDB, LDAP, etc.) 2 ! =,!56/!$%)/!633#;/!6/-!-)(2,+!5,/.#;06$#,/3! 8#6!&(()$!963%4,60-*!,0!:#$%!+,0!,:/!53$,1#>)-! ?@9A!$,,23< "DA!7DEFDE7 9GHGAG7D!7DEFDE7 G&&IJ?GHJKL!7DEFDE7 LK9D LK9D LK9D 3 Reusable, composable configurations. ! ! "#$%!&(()$!+,!56/!0)B3)!1,-2)3!650,33!12$#(2)! /,-)3*!#/!:%6$)8)0!5,14#/6$#,/!+,!/))-*!0)-5#/;! 0)()$#$#8)!$63C3!6/-!)2#1#/6$#/;!)00,0B(0,/)!350#($3<! LK9D LK9D LK9D Multi Node
    17. 17. Puppet Assigns andMaintains a Node’s
    18. 18. Managing Configuration Drift
    19. 19. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts The node sends normalized data about itself to the Puppet Master. SSL secure 2 Catalog Puppet uses the Facts to encryption compile a Catalog that on all data specifies how the node transport should be configured.Report 3The nodereports backto Puppetindicating theconfiguration iscomplete, whichis visible in the PuppetPuppet Dashboard. Master 4 Report Collector (Puppet or 3rd party tool) Report can also send data to third party tools.
    20. 20. Facts AutomaticallyMaintained Asset Inventory
    21. 21. domain => localfacterversion => 1.5.8fqdn => sliver.localhardwaremodel => i386hostname => sliverinterfaces => lo0,gif0,stf0,en0,en1,fw0,vmnet1,vboxnet0ipaddress => 192.168.174.1ipaddress_lo0 => 127.0.0.1ipaddress_vmnet1 => 192.168.174.1kernel => Darwinkernelmajversion => 10.6kernelrelease => 10.6.0macosx_productname => Mac OS Xmacosx_productversion => 10.6.6netmask => 255.255.255.0netmask_lo0 => 255.0.0.0netmask_vmnet1 => 255.255.255.0network_lo0 => 127.0.0.0network_vmnet1 => 192.168.174.0operatingsystem => Darwinoperatingsystemrelease => 10.6.0path => /opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin:/Users/gh/bin:/Users/gh/.gem/ruby/1.8/bin/ps => ps auxwwwpuppetversion => 2.6.4rubysitedir => /opt/local/lib/ruby/site_ruby/1.8timezone => PSTuptime => 1 dayrubyversion => 1.8.7sp_bus_speed => 1.07 GHz
    22. 22. Custom Facts
    23. 23. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts The node sends normalized data about itself to the Puppet Master. SSL secure 2 Catalog Puppet uses the Facts to encryption compile a Catalog that on all data specifies how the node transport should be configured.Report 3The nodereports backto Puppetindicating theconfiguration iscomplete, whichis visible in the PuppetPuppet Dashboard. Master 4 Report Collector (Puppet or 3rd party tool) Report can also send data to third party tools.
    24. 24. Catalog• Automatically maintained comprehensive resource list• Easilyvalidated against compliance requirements prior to client configuration
    25. 25. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts The node sends normalized data about itself to the Puppet Master. SSL secure 2 Catalog Puppet uses the Facts to encryption compile a Catalog that on all data specifies how the node transport should be configured.Report 3The nodereports backto Puppetindicating theconfiguration iscomplete, whichis visible in the PuppetPuppet Dashboard. Master 4 Report Collector (Puppet or 3rd party tool) Report can also send data to third party tools.
    26. 26. Report• Comprehensive report of every change ever made, correlated to every resource being managed• Easily validated against compliance requirements after reach run
    27. 27. Report•http•log•store•tagmail
    28. 28. Report
    29. 29. What not How
    30. 30. What not how
    31. 31. Example Resource• cron Types• exec• file• group• host• zfs• mount• package• service• sshkey
    32. 32. Package-File- Service
    33. 33. File Serving
    34. 34. Templates
    35. 35. Templates - Advanced
    36. 36. Syntax Checking
    37. 37. StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy
    38. 38. StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy • MySQL • SQLite3 • PostgreSQL • Oracle
    39. 39. Storeconfigs
    40. 40. External Node Classifier•Puppet Dashboard•Your own CMDB
    41. 41. External Node ClassifierA script that takes $certname asan argument and outputs YAML toSTDOUT
    42. 42. External Node Classifier
    43. 43. External Node Classifier
    44. 44. ExpandedIntroduction to Puppet LOAD Garrett Honeycutt Professional Services Consultant garrett@puppetlabs.comhttp://linkedin.com/in/garretthoneycutt

    ×