Your SlideShare is downloading. ×
Puppet: Eclipsecon ALM 2013
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Puppet: Eclipsecon ALM 2013

953

Published on

Introductory talk on Puppet I gave at Eclipsecon ALM 2013

Introductory talk on Puppet I gave at Eclipsecon ALM 2013

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
953
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Less talk, more rockPuppet ALM Connect 2013
  • 2. deepakgiridharagopaldeepak@puppetlabs.com@grim_radical [github twitter freenode]
  • 3. Let’s talk about...
  • 4. Immutability is great!
  • 5. Classes should be immutable unlesstheres a very good reason to make -- Joshua Bloch, “Effective Java”them mutable....If a class cannot bemade immutable, limit its mutabilityas much as possible.
  • 6. Immutability allowsfor invariants, whichhelp you reason aboutcorrectness
  • 7. Immutability preventsspooky action at adistance
  • 8. Immutability fostersmodular, composableabstractions
  • 9. (this shouldn’t be a tough sell to developers)
  • 10. That’s great fordeveloment, but how about operations?
  • 11. Immutability forinfrastructure?Because operations is in thesame boat as development
  • 12. Everyone who’s gottheir app running ona fleet of servers hasexperienced spookyaction at a distance
  • 13. Known, good state iscritical for reliableupgrades
  • 14. A lack of predictabilityin your systemsruins automation andabstraction
  • 15. The problem is that: Systems are inherently mutable!But ideally: Systems should behave as though they weren’t!
  • 16. façade of immutability. Immutability
  • 17. Computer systems are in many waysopen systems, providing the keys tothe vault if one is so inclined to grabthem. But in order to foster an air ofimmutability in our own systems,its of utmost importance to create afaçade of immutability. Immutability -- The Joy of Clojurerequires that we layer over andabstract the parts of our system thatprovide unrestrained mutability.
  • 18. Describe how you’dlike your systems tolook, and Puppetdoes all the hardwork for you!
  • 19. Example: Inquirea simple service forexposing systemmetrics
  • 20. Example: Inquirehttp://box/inquire/disk_usage
  • 21. install apache create apache usercreate apache config file cgi script for “df -h” correct perms for script start apacherestart if config changes!
  • 22. Once you’ve got aspec for your service,you can see if a givenmachine is up to code
  • 23. • Packages: • Data files: • apache • /var/www/cgi-bin/• Users: disk_usage • apache • executable, owned by apache• Config files: • apache’s httpd.conf • does “df -h”• Services: • apache should be running • restart if config file changes
  • 24. class inquire_server { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }  file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache];  "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; }}
  • 25. class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }  file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; }} class inquire_disk_usage { include inquire_bootstrap file { "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; }}
  • 26. class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }  file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; }} define inquiry($command) { include inquire_bootstrap file { "/var/www/cgi-bin/$name.sh": owner => apache, mode => 755, content => $command; }}
  • 27. node “appserver.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}
  • 28. node “appserver1.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}node “appserver2.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}
  • 29. class instrumentation { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; }}node “appserver1.mydomain.com” { include instrumentation}node “appserver2.mydomain.com” { include instrumentation}
  • 30. Rich set of primitives,and make your own.Can use existingmodules andabstractions, andmake your own.
  • 31. netmask_lo: 255.0.0.0 ipaddress: 172.16.245.128 augeasversion: 0.10.0 processor0: Intel(R) Core(TM) fqdn: pe-debian6.localdomain i7-2635QM CPU @ 2.00GHz manufacturer: "VMware, Inc." lsbdistrelease: 6.0.2 processorcount: "1" uniqueid: 007f0101 productname: VMware Virtual hardwaremodel: i686Platform kernelversion: 2.6.32 physicalprocessorcount: 1 operatingsystem: Debian facterversion: 1.6.7 architecture: i386 boardproductname: 440BX Desktop lsbdistdescription: Debian GNU/Reference Platform Linux 6.0.2 (squeeze) kernelmajversion: "2.6" lsbmajdistrelease: "6" hardwareisa: unknown interfaces: "eth0,lo" timezone: PDT ipaddress_lo: 127.0.0.1 puppetversion: 2.7.12 (Puppet uptime_days: 0Enterprise 2.5.1) lsbdistid: Debian lsbdistcodename: squeeze rubysitedir: /opt/puppet/lib/ is_virtual: "true" site_ruby/1.8 operatingsystemrelease: 6.0.2 rubyversion: 1.8.7 virtual: vmware osfamily: Debian type: Other memorytotal: &id001 502.57 MB domain: localdomain memorysize: *id001 hostname: pe-debian6 boardmanufacturer: Intel selinux: "false" Corporation kernel: Linux path: /usr/local/sbin:/usr/
  • 32. file { “/etc/issue”: content => “Got an issue? Here’s a tissue!”,}file { “/etc/motd”: content => template(“Welcome to $hostname!”),}
  • 33. file { "/etc/sudoers": owner => root, group => root, mode => 440, source => "puppet:///modules/sudo/sudoers"}
  • 34. class ntp { package { ntp: ensure => installed, } service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf], } file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf", }}
  • 35. node “webserver.mydomain.com” { include ntp}node “appserver.mydomain.com” { include ntp}node “database.mydomain.com” { include ntp}
  • 36. class ssh { @@sshkey { $hostname: type => dsa, key => $sshdsakey } Sshkey <<| |>>}
  • 37. File “/tmp/foo/bar” User “deepak” Dir “/tmp/foo” Dir “/tmp”
  • 38. Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  • 39. Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  • 40. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  • 41. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  • 42. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  • 43. package { ntp: ensure => installed,}service { ntpd: ensure => running, enable => true, subscribe => File[/etc/ntp.conf],}file { /etc/ntp.conf: ensure => file, require => Package[ntp], source => "puppet:///modules/ntp/ntp.conf",}
  • 44. Idempotent, andonly does what’snecessary
  • 45. Compensates for theinherent mutabilityof systems
  • 46. Combats spookyaction at a distancewith automaticrepair
  • 47. Brings predictabilityto your systems
  • 48. A foundation ofpredictability andreliability lets youperform higher-leveloperations on yourinfrastructure
  • 49. Code all the way down
  • 50. Software-definedinfrastructure is...justsoftware.Infrastructure ascode is...just code.
  • 51. Thus, you can treat itlike the other code inyour application
  • 52. Scary, but liberating!
  • 53. Maintaining thestate of your systemsis the foundationupon whicheverything rests
  • 54. Start small, and startsomewhere. :)
  • 55. deepakgiridharagopaldeepak@puppetlabs.com@grim_radical [github twitter freenode] We’re hiring!

×