Puppet Systems Infrastructure Construction Kit

Alessandro Franceschi
Alessandro FranceschiFounder @ Lab42
Puppet Systems Infrastructure Construction Kit Alessandro Franceschi
 @alvagante
Puppet masters' dilemmas
Make sense of the whole: Language, resources, classes, modules, facts, variables, templates, hiera... Decide how to classify nodes Manage configurations variety Find and integrate existing modules:
 Try, integrate, use, wrap.
 Adapt, fight, fork.
 Or write from them scratch. Design Hiera hierarchies. What's data.
 How's data.
 Who uses data. Puppet masters' dilemmas
10 years of public Puppet ramblings
2008 Example(42) Puppet infrastructures
 First set of example42 modules 2010 Puppi 2010 Example42 NextGen modules 2012 Puppet Playground 2014 Tiny Puppet 2016 Reusable control-repo 2017 PSICK module and control-repo 10 years of public
 Puppet ramblings
A state of the (current) art
 Puppet control-repo
 github.com/example42/psick An Infrastructure
 Puppet module
 github.com/example42/puppet-psick Requires Puppet 4.6 or later Usable (cherry picking single elements) by:
 - Puppet Beginners who can cope with just [YAML] data over DSL
 - Experienced Sysadmins who know how to configure their files - Puppet Experts interested in radically alternative approaches to Puppet dilemmas
A control-repo with psick powers

Support for Linux, Windows [and...]
 Toolset for the Puppet developer
 Multi OS Puppet installer
 CI with GitLab, Travis, Jenkins
 Sample hiera datasets 
 Docker image building
 Testing local code on containers
 Testing local code on Vagrant VMs
 Multiple configurable Vagrant env
 Multi OS Vagrant boxes
 Automatic control-repo docs
 Noop and no-noop management
 Control-repo spec tests
 Control-repo integration tests
 Quick Puppet Enterprise test env
 Fabric integration [...] A control-repo with
 psick powers
 github.com/example42/psick
An Infrastructure puppet module

What is an Infrastructure module?! Install: puppet module install example42/psick Usage: include psick Nothing is done by default.
 Everything is configured via Hiera. It has 3 opt-in functions:
 - classification
 - base profiles for common use cases
 - tp profiles for [any] application An Infrastructure
 puppet module
 github.com/example42/puppet-psick
Classification with psick module
Phased classification:
 [firstrun] -> pre -> base -> profiles
 
 Hiera deep merge lookup to OS dependent hashes
 with the classes to include in each phase psick::enable_firstrun: true #Def: false
 psick::firstrun::linux_classes:
 aws_sdk: psick::aws::sdk
 psick::firstrun::windows_classes:
 hostname: psick::hostname
 
 psick::pre::linux_classes:
 repo: psick::repo
 users: psick::users
 psick::base::linux_classes:
 mail: psick::postfix::tp
 ssh: psick::openssh
 sudo: psick::sudo
 network: network
 
 psick::pre::windows_classes:
 hosts: psick::hosts::resource
 psick::base::windows_classes:
 features: psick::windows::features
 registry: psick::windows::registry Classification with psick
psick profiles
Ready for use and cherry pick profiles to manage common system and applications configurations. Alternative to dedicated modules psick::profiles::linux_classes:
 time: psick::time
 
 psick::time::servers: - pool.ntp.org A partial list of base profiles for common settings: - psick::hosts - Manage /etc/hosts - psick::motd - Manage /etc/motd and /etc/issue - psick::nfs - Manage NFS client and server - psick::sudo - Manage sudo configuration - psick::sysctl - Manage sysctl settings - psick::firewall - Manage firewalling - psick::openssh - tp profile and keygen define - psick::hardening - Manage system hardening - psick::network - Manage networking - psick::puppet - Manage Puppet components - psick::users - Manage users - psick::time - Manage time and timezones A list of application specific profiles: - psick::ansible - Manage Ansible installation - psick::aws - Manage AWS client tools and VPC setup - psick::bolt - Manage Bolt installation - psick::docker - Docker installation and build tools - psick::foreman - Foreman installation - psick::git - Git installation and configuration - psick::gitlab - GitLab installation and config - psick::mariadb - Manage Mariadb - psick::mysql - Manage Mysql - psick::mongo - Manage Mongo - psick::php - Manage php and modules - psick::oracle - Manage Oracle prereq and setup - psick::sensu - Manage Sensu psick profiles
Tiny Puppet and tp profiles
Standard set of profiles to manage applications with Tiny Puppet (tp). 
 psick::profiles::linux_classes:
 web: psick::apache::tp
 
 psick::apache::tp::resources_hash: tp::conf: apache::openkills.info.conf: base_dir: conf template: psick/apache/vh.conf.erb options_hash: ServerName: openskills.info ServerAlias: - openskills.info AddDefaultCharset: ISO-8859-1 apache::deny_git.conf: base_dir: conf source: puppet:///modules/psick/ apache/deny_git.conf tp::dir: apache::openskills.info: vcsrepo: git source: git@git:alvagante/osk.git path: /var/www/html/openskills.info Tiny Puppet and tp profiles
demo
Start to play around git clone https://github.com/example42/psick cd psick
 bin/puppet_install.sh # To install latest Puppet agent 
 bin/puppet_setup.sh # Installs required gems and runs r10k cd vagrant/environment/<env>/
 vagrant status [vm]
 vagrant up [vm]
 vi ../../../hieradata/* ...
 vagrant provision [vm] Work on a new control-repo based on psick git clone https://github.com/example42/psick cd psick ./psick create cd /path/to/yournew_control-repop git status vi ...
 git add [...] demo
Explore the control-repo # The first manifest parsed by Puppet server
 manifests/site.pp # r10k Puppetfile and directory for public modules
 Puppetfile modules/ # Sample Hiera configuration file and data directory hiera.yaml hieradata/ # Directory with different Vagrant environments vagrant/ 
 # Tools for various tasks (used in dev and CI) bin/ # CI integration .gitlab-ci.yml Jenkinsfile .travis.yml # Control repo spec tests spec/ Gemfile Rakefile # Local profiles site/ demo
Test local code with Vagrant • Multiple Vagrant environments ls -l vagrant/environments/ • Each one customisable via config.yaml cd vagrant/environments/ostest
 vi config.yaml • Start the Vagrant VM you want host $ cd vagrant/environments/ostest
 host $ vagrant status
 host $ vagrant up centos7.ostest.psick.io • Test your code and data host $ vi ../../../hieradata/nodes/ centos7.ostest.psick.io.yaml
 host $ vagrant ssh centos7.ostest.psick.io
 vm $ sudo su -
 vm # /vagrant_puppet/bin/papply.sh demo
Where to customise • Psick control-repo is just the starting point for a greenfield modern Puppet setup • Define a way to set your nodes defining variables (the ones used in hiera.yaml) • Decide how to manage classification • For each element to configure choose:
 1 - Use a public module (add it to Puppetfile)
 2 - Use a psick profile
 3 - Write a custom profile (add to Puppetfile or directly in site/ profile/) • Review hiera.yaml logic and customise data in hieradata/ • Customise your Vagrant environments • Customise CI pipelines
PSICK the control-repo github.com/example42/psick The psick Puppet module github.com/example42/puppet-psick
 forge.puppet.com/example42/psick Interested? Weekly Puppet Tips
 example42.com/blog Graphics: tatlin.net
1 of 22

Puppet Systems Infrastructure Construction Kit

Download to read offline
Technology

A presentation of PSICK, a Puppet control repo and a module to speedup the setup of a smart and extensible infrastructure.

Alessandro Franceschi
Alessandro FranceschiFounder @ Lab42

Recommended

Developing IT infrastructures with Puppet by
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with PuppetAlessandro Franceschi
4.2K views30 slides
Puppet Continuous Integration with PE and GitLab by
Puppet Continuous Integration with PE and GitLabPuppet Continuous Integration with PE and GitLab
Puppet Continuous Integration with PE and GitLabAlessandro Franceschi
1.1K views11 slides
Puppet camp2021 testing modules and controlrepo by
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
1.5K views41 slides
Puppet Camp Paris 2016 Data in Modules by
Puppet Camp Paris 2016 Data in ModulesPuppet Camp Paris 2016 Data in Modules
Puppet Camp Paris 2016 Data in ModulesMartin Alfke
1.4K views43 slides
Modules of the twenties by
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
848 views27 slides
Can you upgrade to Puppet 4.x? by
Can you upgrade to Puppet 4.x?Can you upgrade to Puppet 4.x?
Can you upgrade to Puppet 4.x?Martin Alfke
2.3K views43 slides

More Related Content

What's hot

Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016) by
Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)
Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)Robert Nelson
1.3K views31 slides
Puppet @ Seat by
Puppet @ SeatPuppet @ Seat
Puppet @ SeatAlessandro Franceschi
5.9K views45 slides
Puppet modules: A Holistic Approach - Geneva by
Puppet modules: A Holistic Approach - GenevaPuppet modules: A Holistic Approach - Geneva
Puppet modules: A Holistic Approach - GenevaAlessandro Franceschi
1.4K views26 slides
Troubleshooting Puppet by
Troubleshooting PuppetTroubleshooting Puppet
Troubleshooting PuppetThomas Howard Uphill
294 views48 slides
Auto Deploy Deep Dive – vBrownBag Style by
Auto Deploy Deep Dive – vBrownBag StyleAuto Deploy Deep Dive – vBrownBag Style
Auto Deploy Deep Dive – vBrownBag StyleRobert Nelson
10.1K views25 slides
Our Puppet Story (Linuxtag 2014) by
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)DECK36
2.9K views49 slides

What's hot(20)

Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016) by Robert Nelson
Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)
Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)
Robert Nelson1.3K views
Puppet @ Seat by Alessandro Franceschi
Puppet @ SeatPuppet @ Seat
Puppet @ Seat
Alessandro Franceschi5.9K views
Puppet modules: A Holistic Approach - Geneva by Alessandro Franceschi
Puppet modules: A Holistic Approach - GenevaPuppet modules: A Holistic Approach - Geneva
Puppet modules: A Holistic Approach - Geneva
Alessandro Franceschi1.4K views
Troubleshooting Puppet by Thomas Howard Uphill
Troubleshooting PuppetTroubleshooting Puppet
Troubleshooting Puppet
Thomas Howard Uphill294 views
Auto Deploy Deep Dive – vBrownBag Style by Robert Nelson
Auto Deploy Deep Dive – vBrownBag StyleAuto Deploy Deep Dive – vBrownBag Style
Auto Deploy Deep Dive – vBrownBag Style
Robert Nelson10.1K views
Our Puppet Story (Linuxtag 2014) by DECK36
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)
DECK362.9K views
Test Driven Development with Puppet - PuppetConf 2014 by Puppet
Test Driven Development with Puppet - PuppetConf 2014Test Driven Development with Puppet - PuppetConf 2014
Test Driven Development with Puppet - PuppetConf 2014
Puppet5.4K views
Puppet for Sys Admins by Puppet
Puppet for Sys AdminsPuppet for Sys Admins
Puppet for Sys Admins
Puppet5.3K views
Packaging perl (LPW2010) by p3castro
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
p3castro2.1K views
PuppetConf 2016: The Future of Testing Puppet Code – Gareth Rushgrove, Puppet by Puppet
PuppetConf 2016: The Future of Testing Puppet Code – Gareth Rushgrove, PuppetPuppetConf 2016: The Future of Testing Puppet Code – Gareth Rushgrove, Puppet
PuppetConf 2016: The Future of Testing Puppet Code – Gareth Rushgrove, Puppet
Puppet501 views
Writing Custom Puppet Types and Providers to Manage Web-Based Applications by Tim Cinel
Writing Custom Puppet Types and Providers to Manage Web-Based ApplicationsWriting Custom Puppet Types and Providers to Manage Web-Based Applications
Writing Custom Puppet Types and Providers to Manage Web-Based Applications
Tim Cinel1.8K views
Python at Facebook by Angelo Failla
Python at FacebookPython at Facebook
Python at Facebook
Angelo Failla4.6K views
Creating a mature puppet system by rkhatibi
Creating a mature puppet systemCreating a mature puppet system
Creating a mature puppet system
rkhatibi284 views
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ... by Puppet
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
Orchestrated Functional Testing with Puppet-spec and Mspectator - PuppetConf ...
Puppet3K views
Unit Testing Lots of Perl by Workhorse Computing
Unit Testing Lots of PerlUnit Testing Lots of Perl
Unit Testing Lots of Perl
Workhorse Computing140 views
Beaker: Automated, Cloud-Based Acceptance Testing - PuppetConf 2014 by Puppet
Beaker: Automated, Cloud-Based Acceptance Testing - PuppetConf 2014Beaker: Automated, Cloud-Based Acceptance Testing - PuppetConf 2014
Beaker: Automated, Cloud-Based Acceptance Testing - PuppetConf 2014
Puppet18.1K views
Effective testing with pytest by Hector Canto
Effective testing with pytestEffective testing with pytest
Effective testing with pytest
Hector Canto625 views
Shared Object images in Docker: What you need is what you want. by Workhorse Computing
Shared Object images in Docker: What you need is what you want.Shared Object images in Docker: What you need is what you want.
Shared Object images in Docker: What you need is what you want.
Workhorse Computing799 views
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013 by Puppet
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Puppet6.6K views
PyCon Taiwan 2013 Tutorial by Justin Lin
PyCon Taiwan 2013 TutorialPyCon Taiwan 2013 Tutorial
PyCon Taiwan 2013 Tutorial
Justin Lin290.9K views

Similar to Puppet Systems Infrastructure Construction Kit

Puppet control-repo 
to the next level by
Puppet control-repo 
to the next levelPuppet control-repo 
to the next level
Puppet control-repo 
to the next levelAlessandro Franceschi
2.1K views17 slides
Automate drupal deployments with linux containers, docker and vagrant by
Automate drupal deployments with linux containers, docker and vagrant Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant Ricardo Amaro
9.8K views43 slides
Lean Drupal Repositories with Composer and Drush by
Lean Drupal Repositories with Composer and DrushLean Drupal Repositories with Composer and Drush
Lean Drupal Repositories with Composer and DrushPantheon
1.6K views40 slides
Puppet: From 0 to 100 in 30 minutes by
Puppet: From 0 to 100 in 30 minutesPuppet: From 0 to 100 in 30 minutes
Puppet: From 0 to 100 in 30 minutesAlessandro Franceschi
1.6K views25 slides
Drupalcamp es 2013 drupal with lxc docker and vagrant by
Drupalcamp es 2013 drupal with lxc docker and vagrant Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant Ricardo Amaro
3.8K views45 slides
Workflow story: Theory versus practice in Large Enterprises by
Workflow story: Theory versus practice in Large EnterprisesWorkflow story: Theory versus practice in Large Enterprises
Workflow story: Theory versus practice in Large EnterprisesPuppet
3.1K views44 slides

Similar to Puppet Systems Infrastructure Construction Kit(20)

Puppet control-repo 
to the next level by Alessandro Franceschi
Puppet control-repo 
to the next levelPuppet control-repo 
to the next level
Puppet control-repo 
to the next level
Alessandro Franceschi2.1K views
Automate drupal deployments with linux containers, docker and vagrant by Ricardo Amaro
Automate drupal deployments with linux containers, docker and vagrant Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant
Ricardo Amaro9.8K views
Lean Drupal Repositories with Composer and Drush by Pantheon
Lean Drupal Repositories with Composer and DrushLean Drupal Repositories with Composer and Drush
Lean Drupal Repositories with Composer and Drush
Pantheon1.6K views
Puppet: From 0 to 100 in 30 minutes by Alessandro Franceschi
Puppet: From 0 to 100 in 30 minutesPuppet: From 0 to 100 in 30 minutes
Puppet: From 0 to 100 in 30 minutes
Alessandro Franceschi1.6K views
Drupalcamp es 2013 drupal with lxc docker and vagrant by Ricardo Amaro
Drupalcamp es 2013 drupal with lxc docker and vagrant Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant
Ricardo Amaro3.8K views
Workflow story: Theory versus practice in Large Enterprises by Puppet
Workflow story: Theory versus practice in Large EnterprisesWorkflow story: Theory versus practice in Large Enterprises
Workflow story: Theory versus practice in Large Enterprises
Puppet3.1K views
Workflow story: Theory versus Practice in large enterprises by Marcin Piebiak by NETWAYS
Workflow story: Theory versus Practice in large enterprises by Marcin PiebiakWorkflow story: Theory versus Practice in large enterprises by Marcin Piebiak
Workflow story: Theory versus Practice in large enterprises by Marcin Piebiak
NETWAYS504 views
Lab docker by Bruno Cornec
Lab dockerLab docker
Lab docker
Bruno Cornec1.6K views
Kubernetes Story - Day 1: Build and Manage Containers with Podman by Mihai Criveti
Kubernetes Story - Day 1: Build and Manage Containers with PodmanKubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with Podman
Mihai Criveti177 views
Inside Docker for Fedora20/RHEL7 by Etsuji Nakai
Inside Docker for Fedora20/RHEL7Inside Docker for Fedora20/RHEL7
Inside Docker for Fedora20/RHEL7
Etsuji Nakai39.9K views
ABCs of docker by Sabyrzhan Tynybayev
ABCs of dockerABCs of docker
ABCs of docker
Sabyrzhan Tynybayev887 views
Dockerizing a Symfony2 application by Roman Rodomansky
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
Roman Rodomansky3K views
Princeton Wintersession: Software Quality Assurance Tooling by Henry Schreiner
Princeton Wintersession: Software Quality Assurance ToolingPrinceton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance Tooling
Henry Schreiner125 views
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011) by Fabrice Bernhard
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Fabrice Bernhard3.8K views
Learn enough Docker to be dangerous by David Tan
Learn enough Docker to be dangerousLearn enough Docker to be dangerous
Learn enough Docker to be dangerous
David Tan215 views
Digital RSE: automated code quality checks - RSE group meeting by Henry Schreiner
Digital RSE: automated code quality checks - RSE group meetingDigital RSE: automated code quality checks - RSE group meeting
Digital RSE: automated code quality checks - RSE group meeting
Henry Schreiner424 views
sphinx demo by ak013
sphinx demosphinx demo
sphinx demo
ak0132.2K views
Instalando Cacti no CentOS 5 by Carlos Eduardo
Instalando Cacti no CentOS 5Instalando Cacti no CentOS 5
Instalando Cacti no CentOS 5
Carlos Eduardo1.6K views
Through the firewall with miniCRAN by Revolution Analytics
Through the firewall with miniCRANThrough the firewall with miniCRAN
Through the firewall with miniCRAN
Revolution Analytics24.8K views
What's new in Docker - InfraKit - Docker Meetup Berlin 2016 by Patrick Chanezon
What's new in Docker - InfraKit - Docker Meetup Berlin 2016What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
Patrick Chanezon1.8K views

More from Alessandro Franceschi

DevOps - Evoluzione della specie - DevOps Heroes.pdf by
DevOps - Evoluzione della specie - DevOps Heroes.pdfDevOps - Evoluzione della specie - DevOps Heroes.pdf
DevOps - Evoluzione della specie - DevOps Heroes.pdfAlessandro Franceschi
31 views30 slides
Tiny Puppet Can Install Everything. Prove me wrong! by
Tiny Puppet Can Install Everything. Prove me wrong!Tiny Puppet Can Install Everything. Prove me wrong!
Tiny Puppet Can Install Everything. Prove me wrong!Alessandro Franceschi
43 views20 slides
ReUse Your (Puppet) Modules! by
ReUse Your (Puppet) Modules!ReUse Your (Puppet) Modules!
ReUse Your (Puppet) Modules!Alessandro Franceschi
992 views45 slides
Ten years of [Puppet] installations. What now? by
Ten years of [Puppet] installations. What now?Ten years of [Puppet] installations. What now?
Ten years of [Puppet] installations. What now?Alessandro Franceschi
585 views26 slides
Tp install anything by
Tp install anythingTp install anything
Tp install anythingAlessandro Franceschi
1.6K views20 slides
Puppet evolutions by
Puppet evolutionsPuppet evolutions
Puppet evolutionsAlessandro Franceschi
10.3K views27 slides

More from Alessandro Franceschi(13)

DevOps - Evoluzione della specie - DevOps Heroes.pdf by Alessandro Franceschi
DevOps - Evoluzione della specie - DevOps Heroes.pdfDevOps - Evoluzione della specie - DevOps Heroes.pdf
DevOps - Evoluzione della specie - DevOps Heroes.pdf
Alessandro Franceschi31 views
Tiny Puppet Can Install Everything. Prove me wrong! by Alessandro Franceschi
Tiny Puppet Can Install Everything. Prove me wrong!Tiny Puppet Can Install Everything. Prove me wrong!
Tiny Puppet Can Install Everything. Prove me wrong!
Alessandro Franceschi43 views
ReUse Your (Puppet) Modules! by Alessandro Franceschi
ReUse Your (Puppet) Modules!ReUse Your (Puppet) Modules!
ReUse Your (Puppet) Modules!
Alessandro Franceschi992 views
Ten years of [Puppet] installations. What now? by Alessandro Franceschi
Ten years of [Puppet] installations. What now?Ten years of [Puppet] installations. What now?
Ten years of [Puppet] installations. What now?
Alessandro Franceschi585 views
Tp install anything by Alessandro Franceschi
Tp install anythingTp install anything
Tp install anything
Alessandro Franceschi1.6K views
Puppet evolutions by Alessandro Franceschi
Puppet evolutionsPuppet evolutions
Puppet evolutions
Alessandro Franceschi10.3K views
Essential applications management with Tiny Puppet by Alessandro Franceschi
Essential applications management with Tiny PuppetEssential applications management with Tiny Puppet
Essential applications management with Tiny Puppet
Alessandro Franceschi2.1K views
Raise the bar! Reloaded by Alessandro Franceschi
Raise the bar! ReloadedRaise the bar! Reloaded
Raise the bar! Reloaded
Alessandro Franceschi3.2K views
Raise the bar! by Alessandro Franceschi
Raise the bar!Raise the bar!
Raise the bar!
Alessandro Franceschi1.4K views
Anatomy of a reusable module by Alessandro Franceschi
Anatomy of a reusable moduleAnatomy of a reusable module
Anatomy of a reusable module
Alessandro Franceschi3.3K views
Puppet modules for Fun and Profit by Alessandro Franceschi
Puppet modules for Fun and ProfitPuppet modules for Fun and Profit
Puppet modules for Fun and Profit
Alessandro Franceschi3.7K views
Spaghetti devops by Alessandro Franceschi
Spaghetti devopsSpaghetti devops
Spaghetti devops
Alessandro Franceschi3.7K views
Puppi. Puppet strings to the shell by Alessandro Franceschi
Puppi. Puppet strings to the shellPuppi. Puppet strings to the shell
Puppi. Puppet strings to the shell
Alessandro Franceschi5.8K views

Recently uploaded

Data Integrity for Banking and Financial Services by
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial ServicesPrecisely
12 views26 slides
Kyo - Functional Scala 2023.pdf by
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdfFlavio W. Brasil
298 views92 slides
Tunable Laser (1).pptx by
Tunable Laser (1).pptxTunable Laser (1).pptx
Tunable Laser (1).pptxHajira Mahmood
24 views37 slides
The Research Portal of Catalonia: Growing more (information) & more (services) by
The Research Portal of Catalonia: Growing more (information) & more (services)The Research Portal of Catalonia: Growing more (information) & more (services)
The Research Portal of Catalonia: Growing more (information) & more (services)CSUC - Consorci de Serveis Universitaris de Catalunya
79 views25 slides
Ransomware is Knocking your Door_Final.pdf by
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdfSecurity Bootcamp
53 views46 slides
The details of description: Techniques, tips, and tangents on alternative tex... by
The details of description: Techniques, tips, and tangents on alternative tex...The details of description: Techniques, tips, and tangents on alternative tex...
The details of description: Techniques, tips, and tangents on alternative tex...BookNet Canada
126 views24 slides

Recently uploaded(20)

Data Integrity for Banking and Financial Services by Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely12 views
Kyo - Functional Scala 2023.pdf by Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil298 views
Tunable Laser (1).pptx by Hajira Mahmood
Tunable Laser (1).pptxTunable Laser (1).pptx
Tunable Laser (1).pptx
Hajira Mahmood24 views
The Research Portal of Catalonia: Growing more (information) & more (services) by CSUC - Consorci de Serveis Universitaris de Catalunya
The Research Portal of Catalonia: Growing more (information) & more (services)The Research Portal of Catalonia: Growing more (information) & more (services)
The Research Portal of Catalonia: Growing more (information) & more (services)
CSUC - Consorci de Serveis Universitaris de Catalunya79 views
Ransomware is Knocking your Door_Final.pdf by Security Bootcamp
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdf
Security Bootcamp53 views
The details of description: Techniques, tips, and tangents on alternative tex... by BookNet Canada
The details of description: Techniques, tips, and tangents on alternative tex...The details of description: Techniques, tips, and tangents on alternative tex...
The details of description: Techniques, tips, and tangents on alternative tex...
BookNet Canada126 views
Evolving the Network Automation Journey from Python to Platforms by Network Automation Forum
Evolving the Network Automation Journey from Python to PlatformsEvolving the Network Automation Journey from Python to Platforms
Evolving the Network Automation Journey from Python to Platforms
Network Automation Forum12 views
Melek BEN MAHMOUD.pdf by MelekBenMahmoud
Melek BEN MAHMOUD.pdfMelek BEN MAHMOUD.pdf
Melek BEN MAHMOUD.pdf
MelekBenMahmoud14 views
Empathic Computing: Delivering the Potential of the Metaverse by Mark Billinghurst
Empathic Computing: Delivering the Potential of the MetaverseEmpathic Computing: Delivering the Potential of the Metaverse
Empathic Computing: Delivering the Potential of the Metaverse
Mark Billinghurst476 views
Voice Logger - Telephony Integration Solution at Aegis by Nirmal Sharma
Voice Logger - Telephony Integration Solution at AegisVoice Logger - Telephony Integration Solution at Aegis
Voice Logger - Telephony Integration Solution at Aegis
Nirmal Sharma31 views
Transcript: The Details of Description Techniques tips and tangents on altern... by BookNet Canada
Transcript: The Details of Description Techniques tips and tangents on altern...Transcript: The Details of Description Techniques tips and tangents on altern...
Transcript: The Details of Description Techniques tips and tangents on altern...
BookNet Canada135 views
Info Session November 2023.pdf by AleksandraKoprivica4
Info Session November 2023.pdfInfo Session November 2023.pdf
Info Session November 2023.pdf
AleksandraKoprivica411 views
Microsoft Power Platform.pptx by Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.52 views
Network Source of Truth and Infrastructure as Code revisited by Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum25 views
20231123_Camunda Meetup Vienna.pdf by Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH33 views
Zero to Automated in Under a Year by Network Automation Forum
Zero to Automated in Under a YearZero to Automated in Under a Year
Zero to Automated in Under a Year
Network Automation Forum12 views
Scaling Knowledge Graph Architectures with AI by Enterprise Knowledge
Scaling Knowledge Graph Architectures with AIScaling Knowledge Graph Architectures with AI
Scaling Knowledge Graph Architectures with AI
Enterprise Knowledge28 views
Attacking IoT Devices from a Web Perspective - Linux Day by Simone Onofri
Attacking IoT Devices from a Web Perspective - Linux Day Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day
Simone Onofri15 views
Democratising digital commerce in India-Report by Kapil Khandelwal (KK)
Democratising digital commerce in India-ReportDemocratising digital commerce in India-Report
Democratising digital commerce in India-Report
Kapil Khandelwal (KK)15 views
PRODUCT PRESENTATION.pptx by angelicacueva6
PRODUCT PRESENTATION.pptxPRODUCT PRESENTATION.pptx
PRODUCT PRESENTATION.pptx
angelicacueva613 views

Puppet Systems Infrastructure Construction Kit

  • 1. Puppet Systems Infrastructure Construction Kit Alessandro Franceschi
 @alvagante
  • 3. Make sense of the whole: Language, resources, classes, modules, facts, variables, templates, hiera... Decide how to classify nodes Manage configurations variety Find and integrate existing modules:
 Try, integrate, use, wrap.
 Adapt, fight, fork.
 Or write from them scratch. Design Hiera hierarchies. What's data.
 How's data.
 Who uses data. Puppet masters' dilemmas
  • 4. 10 years of public Puppet ramblings
  • 5. 2008 Example(42) Puppet infrastructures
 First set of example42 modules 2010 Puppi 2010 Example42 NextGen modules 2012 Puppet Playground 2014 Tiny Puppet 2016 Reusable control-repo 2017 PSICK module and control-repo 10 years of public
 Puppet ramblings
  • 6. A state of the (current) art
 Puppet control-repo
 github.com/example42/psick An Infrastructure
 Puppet module
 github.com/example42/puppet-psick Requires Puppet 4.6 or later Usable (cherry picking single elements) by:
 - Puppet Beginners who can cope with just [YAML] data over DSL
 - Experienced Sysadmins who know how to configure their files - Puppet Experts interested in radically alternative approaches to Puppet dilemmas
  • 7. A control-repo with psick powers

  • 8. Support for Linux, Windows [and...]
 Toolset for the Puppet developer
 Multi OS Puppet installer
 CI with GitLab, Travis, Jenkins
 Sample hiera datasets 
 Docker image building
 Testing local code on containers
 Testing local code on Vagrant VMs
 Multiple configurable Vagrant env
 Multi OS Vagrant boxes
 Automatic control-repo docs
 Noop and no-noop management
 Control-repo spec tests
 Control-repo integration tests
 Quick Puppet Enterprise test env
 Fabric integration [...] A control-repo with
 psick powers
 github.com/example42/psick
  • 10. What is an Infrastructure module?! Install: puppet module install example42/psick Usage: include psick Nothing is done by default.
 Everything is configured via Hiera. It has 3 opt-in functions:
 - classification
 - base profiles for common use cases
 - tp profiles for [any] application An Infrastructure
 puppet module
 github.com/example42/puppet-psick
  • 12. Phased classification:
 [firstrun] -> pre -> base -> profiles
 
 Hiera deep merge lookup to OS dependent hashes
 with the classes to include in each phase psick::enable_firstrun: true #Def: false
 psick::firstrun::linux_classes:
 aws_sdk: psick::aws::sdk
 psick::firstrun::windows_classes:
 hostname: psick::hostname
 
 psick::pre::linux_classes:
 repo: psick::repo
 users: psick::users
 psick::base::linux_classes:
 mail: psick::postfix::tp
 ssh: psick::openssh
 sudo: psick::sudo
 network: network
 
 psick::pre::windows_classes:
 hosts: psick::hosts::resource
 psick::base::windows_classes:
 features: psick::windows::features
 registry: psick::windows::registry Classification with psick
  • 14. Ready for use and cherry pick profiles to manage common system and applications configurations. Alternative to dedicated modules psick::profiles::linux_classes:
 time: psick::time
 
 psick::time::servers: - pool.ntp.org A partial list of base profiles for common settings: - psick::hosts - Manage /etc/hosts - psick::motd - Manage /etc/motd and /etc/issue - psick::nfs - Manage NFS client and server - psick::sudo - Manage sudo configuration - psick::sysctl - Manage sysctl settings - psick::firewall - Manage firewalling - psick::openssh - tp profile and keygen define - psick::hardening - Manage system hardening - psick::network - Manage networking - psick::puppet - Manage Puppet components - psick::users - Manage users - psick::time - Manage time and timezones A list of application specific profiles: - psick::ansible - Manage Ansible installation - psick::aws - Manage AWS client tools and VPC setup - psick::bolt - Manage Bolt installation - psick::docker - Docker installation and build tools - psick::foreman - Foreman installation - psick::git - Git installation and configuration - psick::gitlab - GitLab installation and config - psick::mariadb - Manage Mariadb - psick::mysql - Manage Mysql - psick::mongo - Manage Mongo - psick::php - Manage php and modules - psick::oracle - Manage Oracle prereq and setup - psick::sensu - Manage Sensu psick profiles
  • 15. Tiny Puppet and tp profiles
  • 16. Standard set of profiles to manage applications with Tiny Puppet (tp). 
 psick::profiles::linux_classes:
 web: psick::apache::tp
 
 psick::apache::tp::resources_hash: tp::conf: apache::openkills.info.conf: base_dir: conf template: psick/apache/vh.conf.erb options_hash: ServerName: openskills.info ServerAlias: - openskills.info AddDefaultCharset: ISO-8859-1 apache::deny_git.conf: base_dir: conf source: puppet:///modules/psick/ apache/deny_git.conf tp::dir: apache::openskills.info: vcsrepo: git source: git@git:alvagante/osk.git path: /var/www/html/openskills.info Tiny Puppet and tp profiles
  • 17. demo
  • 18. Start to play around git clone https://github.com/example42/psick cd psick
 bin/puppet_install.sh # To install latest Puppet agent 
 bin/puppet_setup.sh # Installs required gems and runs r10k cd vagrant/environment/<env>/
 vagrant status [vm]
 vagrant up [vm]
 vi ../../../hieradata/* ...
 vagrant provision [vm] Work on a new control-repo based on psick git clone https://github.com/example42/psick cd psick ./psick create cd /path/to/yournew_control-repop git status vi ...
 git add [...] demo
  • 19. Explore the control-repo # The first manifest parsed by Puppet server
 manifests/site.pp # r10k Puppetfile and directory for public modules
 Puppetfile modules/ # Sample Hiera configuration file and data directory hiera.yaml hieradata/ # Directory with different Vagrant environments vagrant/ 
 # Tools for various tasks (used in dev and CI) bin/ # CI integration .gitlab-ci.yml Jenkinsfile .travis.yml # Control repo spec tests spec/ Gemfile Rakefile # Local profiles site/ demo
  • 20. Test local code with Vagrant • Multiple Vagrant environments ls -l vagrant/environments/ • Each one customisable via config.yaml cd vagrant/environments/ostest
 vi config.yaml • Start the Vagrant VM you want host $ cd vagrant/environments/ostest
 host $ vagrant status
 host $ vagrant up centos7.ostest.psick.io • Test your code and data host $ vi ../../../hieradata/nodes/ centos7.ostest.psick.io.yaml
 host $ vagrant ssh centos7.ostest.psick.io
 vm $ sudo su -
 vm # /vagrant_puppet/bin/papply.sh demo
  • 21. Where to customise • Psick control-repo is just the starting point for a greenfield modern Puppet setup • Define a way to set your nodes defining variables (the ones used in hiera.yaml) • Decide how to manage classification • For each element to configure choose:
 1 - Use a public module (add it to Puppetfile)
 2 - Use a psick profile
 3 - Write a custom profile (add to Puppetfile or directly in site/ profile/) • Review hiera.yaml logic and customise data in hieradata/ • Customise your Vagrant environments • Customise CI pipelines
  • 22. PSICK the control-repo github.com/example42/psick The psick Puppet module github.com/example42/puppet-psick
 forge.puppet.com/example42/psick Interested? Weekly Puppet Tips
 example42.com/blog Graphics: tatlin.net