Puppet: Eclipsecon ALM 2013

1,129 views
1,045 views

Published on

Introductory talk on Puppet I gave at Eclipsecon ALM 2013

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,129
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Puppet: Eclipsecon ALM 2013

  1. 1. Less talk, more rockPuppet ALM Connect 2013
  2. 2. deepakgiridharagopaldeepak@puppetlabs.com@grim_radical [github twitter freenode]
  3. 3. Let’s talk about...
  4. 4. Immutability is great!
  5. 5. Classes should be immutable unlesstheres a very good reason to make -- Joshua Bloch, “Effective Java”them mutable....If a class cannot bemade immutable, limit its mutabilityas much as possible.
  6. 6. Immutability allowsfor invariants, whichhelp you reason aboutcorrectness
  7. 7. Immutability preventsspooky action at adistance
  8. 8. Immutability fostersmodular, composableabstractions
  9. 9. (this shouldn’t be a tough sell to developers)
  10. 10. That’s great fordeveloment, but how about operations?
  11. 11. Immutability forinfrastructure?Because operations is in thesame boat as development
  12. 12. Everyone who’s gottheir app running ona fleet of servers hasexperienced spookyaction at a distance
  13. 13. Known, good state iscritical for reliableupgrades
  14. 14. A lack of predictabilityin your systemsruins automation andabstraction
  15. 15. The problem is that: Systems are inherently mutable!But ideally: Systems should behave as though they weren’t!
  16. 16. façade of immutability. Immutability
  17. 17. Computer systems are in many waysopen systems, providing the keys tothe vault if one is so inclined to grabthem. But in order to foster an air ofimmutability in our own systems,its of utmost importance to create afaçade of immutability. Immutability -- The Joy of Clojurerequires that we layer over andabstract the parts of our system thatprovide unrestrained mutability.
  18. 18. Describe how you’dlike your systems tolook, and Puppetdoes all the hardwork for you!
  19. 19. Example: Inquirea simple service forexposing systemmetrics
  20. 20. Example: Inquirehttp://box/inquire/disk_usage
  21. 21. install apache create apache usercreate apache config file cgi script for “df -h” correct perms for script start apacherestart if config changes!
  22. 22. Once you’ve got aspec for your service,you can see if a givenmachine is up to code
  23. 23. • Packages: • Data files: • apache • /var/www/cgi-bin/• Users: disk_usage • apache • executable, owned by apache• Config files: • apache’s httpd.conf • does “df -h”• Services: • apache should be running • restart if config file changes
  24. 24. class inquire_server { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }  file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache];  "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; }}
  25. 25. class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }  file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; }} class inquire_disk_usage { include inquire_bootstrap file { "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; }}
  26. 26. class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }  file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; }} define inquiry($command) { include inquire_bootstrap file { "/var/www/cgi-bin/$name.sh": owner => apache, mode => 755, content => $command; }}
  27. 27. node “appserver.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}
  28. 28. node “appserver1.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}node “appserver2.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}
  29. 29. class instrumentation { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}node “appserver1.mydomain.com” { include instrumentation}node “appserver2.mydomain.com” { include instrumentation}
  30. 30. Rich set of primitives,and make your own.Can use existingmodules andabstractions, andmake your own.
  31. 31. netmask_lo: 255.0.0.0 ipaddress: 172.16.245.128 augeasversion: 0.10.0 processor0: Intel(R) Core(TM) fqdn: pe-debian6.localdomain i7-2635QM CPU @ 2.00GHz manufacturer: "VMware, Inc." lsbdistrelease: 6.0.2 processorcount: "1" uniqueid: 007f0101 productname: VMware Virtual hardwaremodel: i686Platform kernelversion: 2.6.32 physicalprocessorcount: 1 operatingsystem: Debian facterversion: 1.6.7 architecture: i386 boardproductname: 440BX Desktop lsbdistdescription: Debian GNU/Reference Platform Linux 6.0.2 (squeeze) kernelmajversion: "2.6" lsbmajdistrelease: "6" hardwareisa: unknown interfaces: "eth0,lo" timezone: PDT ipaddress_lo: 127.0.0.1 puppetversion: 2.7.12 (Puppet uptime_days: 0Enterprise 2.5.1) lsbdistid: Debian lsbdistcodename: squeeze rubysitedir: /opt/puppet/lib/ is_virtual: "true" site_ruby/1.8 operatingsystemrelease: 6.0.2 rubyversion: 1.8.7 virtual: vmware osfamily: Debian type: Other memorytotal: &id001 502.57 MB domain: localdomain memorysize: *id001 hostname: pe-debian6 boardmanufacturer: Intel selinux: "false" Corporation kernel: Linux path: /usr/local/sbin:/usr/
  32. 32. file { “/etc/issue”: content => “Got an issue? Here’s a tissue!”,}file { “/etc/motd”: content => template(“Welcome to $hostname!”),}
  33. 33. file { "/etc/sudoers": owner => root, group => root, mode => 440, source => "puppet:///modules/sudo/sudoers"}
  34. 34. class ntp { package { ntp: ensure => installed, } service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf], } file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf", }}
  35. 35. node “webserver.mydomain.com” { include ntp}node “appserver.mydomain.com” { include ntp}node “database.mydomain.com” { include ntp}
  36. 36. class ssh { @@sshkey { $hostname: type => dsa, key => $sshdsakey } Sshkey <<| |>>}
  37. 37. File “/tmp/foo/bar” User “deepak” Dir “/tmp/foo” Dir “/tmp”
  38. 38. Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  39. 39. Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  40. 40. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  41. 41. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  42. 42. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  43. 43. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  44. 44. Idempotent, andonly does what’snecessary
  45. 45. Compensates for theinherent mutabilityof systems
  46. 46. Combats spookyaction at a distancewith automaticrepair
  47. 47. Brings predictabilityto your systems
  48. 48. A foundation ofpredictability andreliability lets youperform higher-leveloperations on yourinfrastructure
  49. 49. Code all the way down
  50. 50. Software-definedinfrastructure is...justsoftware.Infrastructure ascode is...just code.
  51. 51. Thus, you can treat itlike the other code inyour application
  52. 52. Scary, but liberating!
  53. 53. Maintaining thestate of your systemsis the foundationupon whicheverything rests
  54. 54. Start small, and startsomewhere. :)
  55. 55. deepakgiridharagopaldeepak@puppetlabs.com@grim_radical [github twitter freenode] We’re hiring!

×