SlideShare a Scribd company logo

Salting new ground one man ops from scratch

Download as PPTX, PDF
J
Jay Harrison

Devops at Rebellion Games

Technology
1 of 15
Salting New Ground One Man Ops from Scratch
Me jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix ➔ SysAdmin since 2012 ➔ IT Engineer since 1998 ➔ Coding since BASIC on the ZX Spectrum ➔ Gaming since Pong ➔ “Senior DevOps” Engineer at Rebellion Developments in Oxford ➔ Formerly with Electronic Arts at Playfish in London
The project - all the firsts Theirs ➔ First development focused Operations Engineer in the company ➔ First real development effort on a top tier social game - originally for Zynga.com and Facebook ➔ First foray into DevOps methodology ➔ First use of AWS services - EC2, ELB, RDS, Elasticache, S3, Cloudfront, Route53 ➔ First use of configuration management Mine ➔ First time without a team ➔ First time building a complete application stack from scratch ➔ First time being the big dog
One man crusade ➔ DevOps methodology ◆ Culture - People and process first. Get the mindset right. ◆ Automate - As much as possible. CI/Infrastructure as code. ◆ Lean - Fast and stable ◆ Metrics - Measure everything. Show the improvements. ◆ Sharing - Open information distribution. Collaborate. ➔ Taking the Ops out of Dev - but in a good way ➔ Evangelising all over the company, not just within the project team. ➔ Fingers in many pies - web development, mobile game support, internal IT operations ➔ Push the agenda - but in a good way ➔ Try and sooth the hesitancy to rely on one guy - build accessible tools and automation
Building a stack from scratch (nearly) ➔ Starting from 2 hand-configured web servers ➔ No infrastructure security ➔ No monitoring ➔ No config management ➔ No DR process ➔ No docs ➔ No application logging ➔ No log collection ➔ No scaling strategy ➔ No out of hours support ➔ No database standardisation ➔ No metrics
And now for the science Building a stack from scratch - Config Management System Requirements Quick to get started + Straightforward setup and maintenance + Easy to modify and manage + Modular and expandable = github.com/saltstack www.saltstack.org
SaltStack - Salt ➔ Written in Python ➔ First and foremost - a remote execution system ➔ Master/Minions arrangement - can be multi-master or standalone ➔ Secure, encrypted protocol running over ZeroMQ ◆ public keys for authentication with the master, then faster AES encryption for payload communication ➔ Fast & scalable - 10’s to 1000’s of endpoints ➔ Targeted execution via minion name, glob, regex, grains (tags) , IPs, nodegroups etc salt '*' cmd.run "uptime" or salt -G 'os:Ubuntu' cmd.run "ps -ef | grep java" or salt 'live-product-app0[0-9]' grains.items
Inherent grainscpu_flags: fpu de tsc msr pae ... cpu_model: Intel(R) Xeon(R) CPU E5430 @ 2.66GHz cpuarch: x86_64 defaultencoding: None defaultlanguage: None domain: product.com fqdn: live-product-app00.product.com fqdn_ip4: 10.XXX.XXX.XXX fqdn_ip6: gpus: host: live-product-app00 id: live-product-app00 ip_interfaces: {'lo': ['127.0.0.1'], 'eth0': ['10.XXX.XXX.XXX']} ipv4: 10.XXX.XXX.XXX 127.0.0.1 ipv6: ::1 feXX::XXXX:3XXX:XX04:49X1 kernel: Linux kernelrelease: 3.2.0-40-virtual localhost: live-product-app00 lsb_distrib_codename: precise lsb_distrib_description: Ubuntu 12.04.2 LTS lsb_distrib_id: Ubuntu lsb_distrib_release: 12.04 master: live-product-master00.product.com mem_total: 7450 nodename: live-product-app00 num_cpus: 2 num_gpus: 0 os: Ubuntu os_family: Debian osarch: amd64 oscodename: precise osfinger: Ubuntu-12.04 osfullname: Ubuntu osrelease: 12.04 path: /usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin :/sbin:/bin ps: ps -efH pythonpath: /usr/bin /usr/lib/python2.7 /usr/lib/python2.7/plat-linux2 /usr/lib/python2.7/lib-tk /usr/lib/python2.7/lib-old /usr/lib/python2.7/lib-dynload /usr/local/lib/python2.7/dist-packages /usr/lib/python2.7/dist-packages /usr/lib/pymodules/python2.7 pythonversion: 2.7.3.final.0 saltpath: /usr/lib/pymodules/python2.7/salt saltversion: 0.17.1 server_id: 224501001 shell: /bin/sh virtual: xen virtual_subtype: Xen PV DomU
SaltStack config management ➔ Using Salt States (c.f. recipes, manifests, playbooks etc) ➔ YAML formatted ➔ Human readable ➔ Jinja templating for logic and conditionals ➔ Simple hierarchical layout >> ◆ top.sls as master tree ➔ One line command runs every state specified in top.sls on every targeted box: salt '*' state.highstate # nginx/init.sls nginx: pkg: - installed service: - running - watch: - pkg: nginx - file: /etc/nginx/nginx.conf /etc/nginx/nginx.conf: file.managed: - source: salt://nginx/nginx.conf - require: - pkg: nginx # top.sls base: '*': - core - python - snmp 'os:Ubuntu': - match: grain - nginx - php 'id:*log*': - match: grain - logstash - elasticsearch etc
SaltCloud instance provisioning ➔ Supporting multiple providers (at least partially): AWS EC2, Digital Ocean, GoGrid, IBM SCE, JoyEnt, Linode, Rackspace, Softlayer ➔ And platforms: CloudStack, OpenStack, Parallels, Saltify, Salty-Vagrant ➔ Templating for providers: ec2-live: securitygroup: - default - live provider: ec2 location: eu-west-1 minion: master: live-product-master00.product.com And instances: ec2-live-app: provider: ec2-live image: ami-ce7b6fba size: m1.large ssh_username: ubuntu ➔ One line command to provision a box: salt-cloud -p ec2-live-app live-product-app00
Additional components ➔ Pillar - Global value store for all minions ➔ Events - Listens for, publishes and sends events internally, to the master or to a 3rd Party ➔ Reactor - Logic engine to allow Events to trigger actions ➔ Syndic - Allows multi-master and other complicated setups hierarchies ➔ Scheduler - execution of any salt command on master or minions ➔ Halite - Experimental Web-UI ➔ Mine - used to collect arbitrary data from minions and store it on the master ➔ Virt - Virtual machine management - networking, images, disks etc ➔ SSH - Experimental - uses SSH rather than ZeroMQ and agent (hence slower) ➔ Kitchen-Salt - Experimental provisioner for Test-Kitchen
Moderately clever other stuff ➔ Automated ◆ Route53 configuration using EC2 tags and boto ◆ Monitoring discovery ◆ Deployment configuration using estate intelligence ◆ Assignment of Product/Service/Environment grains based on AWS name tag ➔ RDS/ELB graphing from Cloudwatch metrics using CWGraph ➔ Beaver/Logstash/Elasticsearch/Kibana log aggregation service all Salty
Salty goodness ➔ Vibrant & responsive community ◆ Google groups, IRC, Github issues, SaltConf, meetups ➔ Easy to get started ➔ Under active development - good response to issues ➔ Docs are sometimes patchy/dated/disorganised ➔ Can be complex to configure - lots of loosely coupled modules ➔ Under active development - can be buggy & badness
Places to start Docs salt.readthedocs.org github.com/saltstack Discussion groups.google.com/group/salt-users IRC: freenode #salt This Presentation http://goo.gl/FxS6pp Tutorials http://goo.gl/2U5l37 - getting started http://goo.gl/Ontu2j - step by step with nginx http://goo.gl/TvD29f - good examples of remote execution tools and multi distro setup Sample States http://saltstarters.org/ - states github search jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix
Other links Good overview slides: http://www.slideshare.net/SaltStack/an- overvisaltstack-presentation-clean http://www.slideshare.net/SaltStack/realtime- infrastructure-management-with-saltstack-seth- house

Recommended

EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIEuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIMax Tepkeev
 
Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Puppet
 
OpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopOpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopMatt Ray
 
De-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentDe-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentPuppet
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Matt Ray
 
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Puppet
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 

Recommended

EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIEuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIMax Tepkeev
 
Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Puppet
 
OpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopOpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopMatt Ray
 
De-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentDe-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentPuppet
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Matt Ray
 
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Puppet
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltStack
 
Deploying OpenStack with Chef
Deploying OpenStack with ChefDeploying OpenStack with Chef
Deploying OpenStack with ChefMatt Ray
 
Red Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetRed Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetMichael Lessard
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Chef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackChef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackMatt Ray
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
ZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesJulia Proskurnia
 
TryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsTryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsAnne Gentle
 
Open stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyOpen stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyChoe Cheng-Dae
 
Building Docker images with Puppet
Building Docker images with PuppetBuilding Docker images with Puppet
Building Docker images with PuppetNick Jones
 
Openstack trystack
Openstack trystack Openstack trystack
Openstack trystack Eueung Mulyana
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...Puppet
 
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Puppet
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsSander van der Burg
 
Wordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionWordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionSysdig
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Puppet
 
Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013SaltStack
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Building a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook InBuilding a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook Inasync_io
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Puppet
 
Baylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackBaylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackJesse Andrews
 
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivKubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivAleksey Asiutin
 

More Related Content

What's hot

SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltStack
 
Deploying OpenStack with Chef
Deploying OpenStack with ChefDeploying OpenStack with Chef
Deploying OpenStack with ChefMatt Ray
 
Red Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetRed Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetMichael Lessard
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Chef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackChef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackMatt Ray
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
ZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesJulia Proskurnia
 
TryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsTryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsAnne Gentle
 
Open stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyOpen stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyChoe Cheng-Dae
 
Building Docker images with Puppet
Building Docker images with PuppetBuilding Docker images with Puppet
Building Docker images with PuppetNick Jones
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...Puppet
 
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Puppet
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsSander van der Burg
 
Wordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionWordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionSysdig
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Puppet
 
Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013SaltStack
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Building a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook InBuilding a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook Inasync_io
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Puppet
 

What's hot (20)

SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
 
Deploying OpenStack with Chef
Deploying OpenStack with ChefDeploying OpenStack with Chef
Deploying OpenStack with Chef
 
Red Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetRed Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with Puppet
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
 
Chef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackChef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStack
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with Nix
 
ZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processes
 
TryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsTryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and Admins
 
Open stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyOpen stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzly
 
Building Docker images with Puppet
Building Docker images with PuppetBuilding Docker images with Puppet
Building Docker images with Puppet
 
Openstack trystack
Openstack trystack Openstack trystack
Openstack trystack
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
 
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutions
 
Wordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionWordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccion
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014
 
Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your Fleet
 
Building a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook InBuilding a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook In
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
 

Similar to Salting new ground one man ops from scratch

Baylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackBaylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackJesse Andrews
 
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivKubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivAleksey Asiutin
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Sean Dague
 
Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and NovaDockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Novaclayton_oneill
 
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsMake stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsWeaveworks
 
Power on, Powershell
Power on, PowershellPower on, Powershell
Power on, PowershellRoo7break
 
Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014Matt Ray
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Dave Holland
 
Automating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAutomating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAkshaya Mahapatra
 
introduction to node.js
introduction to node.jsintroduction to node.js
introduction to node.jsorkaplan
 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltStack
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xrkr10
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...Daniel Krook
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...Animesh Singh
 
Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209mffiedler
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsTomislav Raseta
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Richard Donkin
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios
 

Similar to Salting new ground one man ops from scratch (20)

Baylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackBaylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStack
 
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivKubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015
 
Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and NovaDockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Nova
 
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsMake stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
 
Power on, Powershell
Power on, PowershellPower on, Powershell
Power on, Powershell
 
Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017
 
Automating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAutomating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps Approach
 
reBuy on Kubernetes
reBuy on KubernetesreBuy on Kubernetes
reBuy on Kubernetes
 
introduction to node.js
introduction to node.jsintroduction to node.js
introduction to node.js
 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
 
Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web apps
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
 
Devops in Networking
Devops in NetworkingDevops in Networking
Devops in Networking
 

Recently uploaded

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Recently uploaded (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Salting new ground one man ops from scratch

  • 1. Salting New Ground One Man Ops from Scratch
  • 2. Me jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix ➔ SysAdmin since 2012 ➔ IT Engineer since 1998 ➔ Coding since BASIC on the ZX Spectrum ➔ Gaming since Pong ➔ “Senior DevOps” Engineer at Rebellion Developments in Oxford ➔ Formerly with Electronic Arts at Playfish in London
  • 3. The project - all the firsts Theirs ➔ First development focused Operations Engineer in the company ➔ First real development effort on a top tier social game - originally for Zynga.com and Facebook ➔ First foray into DevOps methodology ➔ First use of AWS services - EC2, ELB, RDS, Elasticache, S3, Cloudfront, Route53 ➔ First use of configuration management Mine ➔ First time without a team ➔ First time building a complete application stack from scratch ➔ First time being the big dog
  • 4. One man crusade ➔ DevOps methodology ◆ Culture - People and process first. Get the mindset right. ◆ Automate - As much as possible. CI/Infrastructure as code. ◆ Lean - Fast and stable ◆ Metrics - Measure everything. Show the improvements. ◆ Sharing - Open information distribution. Collaborate. ➔ Taking the Ops out of Dev - but in a good way ➔ Evangelising all over the company, not just within the project team. ➔ Fingers in many pies - web development, mobile game support, internal IT operations ➔ Push the agenda - but in a good way ➔ Try and sooth the hesitancy to rely on one guy - build accessible tools and automation
  • 5. Building a stack from scratch (nearly) ➔ Starting from 2 hand-configured web servers ➔ No infrastructure security ➔ No monitoring ➔ No config management ➔ No DR process ➔ No docs ➔ No application logging ➔ No log collection ➔ No scaling strategy ➔ No out of hours support ➔ No database standardisation ➔ No metrics
  • 6. And now for the science Building a stack from scratch - Config Management System Requirements Quick to get started + Straightforward setup and maintenance + Easy to modify and manage + Modular and expandable = github.com/saltstack www.saltstack.org
  • 7. SaltStack - Salt ➔ Written in Python ➔ First and foremost - a remote execution system ➔ Master/Minions arrangement - can be multi-master or standalone ➔ Secure, encrypted protocol running over ZeroMQ ◆ public keys for authentication with the master, then faster AES encryption for payload communication ➔ Fast & scalable - 10’s to 1000’s of endpoints ➔ Targeted execution via minion name, glob, regex, grains (tags) , IPs, nodegroups etc salt '*' cmd.run "uptime" or salt -G 'os:Ubuntu' cmd.run "ps -ef | grep java" or salt 'live-product-app0[0-9]' grains.items
  • 8. Inherent grainscpu_flags: fpu de tsc msr pae ... cpu_model: Intel(R) Xeon(R) CPU E5430 @ 2.66GHz cpuarch: x86_64 defaultencoding: None defaultlanguage: None domain: product.com fqdn: live-product-app00.product.com fqdn_ip4: 10.XXX.XXX.XXX fqdn_ip6: gpus: host: live-product-app00 id: live-product-app00 ip_interfaces: {'lo': ['127.0.0.1'], 'eth0': ['10.XXX.XXX.XXX']} ipv4: 10.XXX.XXX.XXX 127.0.0.1 ipv6: ::1 feXX::XXXX:3XXX:XX04:49X1 kernel: Linux kernelrelease: 3.2.0-40-virtual localhost: live-product-app00 lsb_distrib_codename: precise lsb_distrib_description: Ubuntu 12.04.2 LTS lsb_distrib_id: Ubuntu lsb_distrib_release: 12.04 master: live-product-master00.product.com mem_total: 7450 nodename: live-product-app00 num_cpus: 2 num_gpus: 0 os: Ubuntu os_family: Debian osarch: amd64 oscodename: precise osfinger: Ubuntu-12.04 osfullname: Ubuntu osrelease: 12.04 path: /usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin :/sbin:/bin ps: ps -efH pythonpath: /usr/bin /usr/lib/python2.7 /usr/lib/python2.7/plat-linux2 /usr/lib/python2.7/lib-tk /usr/lib/python2.7/lib-old /usr/lib/python2.7/lib-dynload /usr/local/lib/python2.7/dist-packages /usr/lib/python2.7/dist-packages /usr/lib/pymodules/python2.7 pythonversion: 2.7.3.final.0 saltpath: /usr/lib/pymodules/python2.7/salt saltversion: 0.17.1 server_id: 224501001 shell: /bin/sh virtual: xen virtual_subtype: Xen PV DomU
  • 9. SaltStack config management ➔ Using Salt States (c.f. recipes, manifests, playbooks etc) ➔ YAML formatted ➔ Human readable ➔ Jinja templating for logic and conditionals ➔ Simple hierarchical layout >> ◆ top.sls as master tree ➔ One line command runs every state specified in top.sls on every targeted box: salt '*' state.highstate # nginx/init.sls nginx: pkg: - installed service: - running - watch: - pkg: nginx - file: /etc/nginx/nginx.conf /etc/nginx/nginx.conf: file.managed: - source: salt://nginx/nginx.conf - require: - pkg: nginx # top.sls base: '*': - core - python - snmp 'os:Ubuntu': - match: grain - nginx - php 'id:*log*': - match: grain - logstash - elasticsearch etc
  • 10. SaltCloud instance provisioning ➔ Supporting multiple providers (at least partially): AWS EC2, Digital Ocean, GoGrid, IBM SCE, JoyEnt, Linode, Rackspace, Softlayer ➔ And platforms: CloudStack, OpenStack, Parallels, Saltify, Salty-Vagrant ➔ Templating for providers: ec2-live: securitygroup: - default - live provider: ec2 location: eu-west-1 minion: master: live-product-master00.product.com And instances: ec2-live-app: provider: ec2-live image: ami-ce7b6fba size: m1.large ssh_username: ubuntu ➔ One line command to provision a box: salt-cloud -p ec2-live-app live-product-app00
  • 11. Additional components ➔ Pillar - Global value store for all minions ➔ Events - Listens for, publishes and sends events internally, to the master or to a 3rd Party ➔ Reactor - Logic engine to allow Events to trigger actions ➔ Syndic - Allows multi-master and other complicated setups hierarchies ➔ Scheduler - execution of any salt command on master or minions ➔ Halite - Experimental Web-UI ➔ Mine - used to collect arbitrary data from minions and store it on the master ➔ Virt - Virtual machine management - networking, images, disks etc ➔ SSH - Experimental - uses SSH rather than ZeroMQ and agent (hence slower) ➔ Kitchen-Salt - Experimental provisioner for Test-Kitchen
  • 12. Moderately clever other stuff ➔ Automated ◆ Route53 configuration using EC2 tags and boto ◆ Monitoring discovery ◆ Deployment configuration using estate intelligence ◆ Assignment of Product/Service/Environment grains based on AWS name tag ➔ RDS/ELB graphing from Cloudwatch metrics using CWGraph ➔ Beaver/Logstash/Elasticsearch/Kibana log aggregation service all Salty
  • 13. Salty goodness ➔ Vibrant & responsive community ◆ Google groups, IRC, Github issues, SaltConf, meetups ➔ Easy to get started ➔ Under active development - good response to issues ➔ Docs are sometimes patchy/dated/disorganised ➔ Can be complex to configure - lots of loosely coupled modules ➔ Under active development - can be buggy & badness
  • 14. Places to start Docs salt.readthedocs.org github.com/saltstack Discussion groups.google.com/group/salt-users IRC: freenode #salt This Presentation http://goo.gl/FxS6pp Tutorials http://goo.gl/2U5l37 - getting started http://goo.gl/Ontu2j - step by step with nginx http://goo.gl/TvD29f - good examples of remote execution tools and multi distro setup Sample States http://saltstarters.org/ - states github search jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix
  • 15. Other links Good overview slides: http://www.slideshare.net/SaltStack/an- overvisaltstack-presentation-clean http://www.slideshare.net/SaltStack/realtime- infrastructure-management-with-saltstack-seth- house

Editor's Notes

  1. First development focused Operations Engineer in the company First real development effort on a top tier social game (originally for Zynga.com and Facebook) First foray into DevOps methodology First use of AWS services (in anger) First use of configuration management (not what I had believed - Chef in interview) First time without a team First time building a complete application stack from scratch (previously maintaining or improving existing infra) First time being the big dog (deciding operational approach, methodology, architecture, security, you name it)
  2. DevOps methodology -Build the Culture -Automate (Infrastructure as a Service, Infrastructure as code) -Measure -Sharing Separating Dev from Ops (Not “this is now Ops territory, back off” but “let me help you by taking that concern off your shoulders and automating the crap out of it”) Evangelising (What config management can do for everyone. Bringing non-functional requirements to the table. Making sure scalability, resilience and monitoring are all considered) Fingers in many pies (Help as many people as possible see the benefits) Push the agenda
  3. Salt is a distributed remote execution system used to execute commands and query data. simple to set up and maintain, regardless of the size of the project. architecture is designed to work with any number of servers, from a handful of local network systems to international deployments across disparate datacenters. topology is a simple server/client model with the needed functionality built into a single set of daemons. While the default configuration will work with little to no modification, salt can be fine tuned to meet specific needs. remote commands to be called in parallel rather than in serial, use a secure and encrypted protocol, smallest and fastest network payloads possible simple programmer interface. targeting networking layer is built with zeromq networking library, so salt itself contains a viable, and transparent, active message queue (AMQ) broker inside the daemon. public keys for authentication with the master daemon, then uses faster AES encryption for payload communication, this means that authentication and encryption are also built into Salt. Salt takes advantage of communication via Python pickles (serialised strings), enabling fast and light network traffic. simple expansion, Salt execution routines can be written as plain Python modules, and the data collected from salt executions can be sent back to the master server, or to any arbitrary program (returners). can be called via API, or from the command line, or webUI (halite - in development) so that salt can be used to execute one-off commands as well as operate as an integral part of a larger application. Salt is developed under the Apache 2.0 licence Node group A predefined group of minions declared in the master configuration file nodegroups setting as a compound target. Nodegroups are declared using a compound target specification. The nodegroups master config file parameter is used to define nodegroups. Here's an example nodegroup configuration within /etc/salt/master: nodegroups: group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com or bl*.domain.com' group2: 'G@os:Debian and foo.domain.com'
  4. Set by Salt /SaltCloud at box launch