Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

London Puppet Camp 2015: Hiscox


Published on

Six Weird Facts About Puppet on Windows

Published in: Technology
  • Read this heartfelt letter below from Sonasi Samita, a disease-ridden man stricken with kidney failure, diabetes, gout, heart problems, and blindness. He tells his tear-jerking story on how the Demolisher system has totally changed his life! Sonasi says he's convinced that the Demolisher system is God's answer to his prayers! ▲▲▲
    Are you sure you want to  Yes  No
    Your message goes here
  • I think Mike Cruickshank's new Profit Maximiser service is going to be one of the big hits and I can say hand on heart, if you follow the instructions, and just get involved, you will make a lot of money over the coming weeks, months and years. 
    Are you sure you want to  Yes  No
    Your message goes here
  • Today, I want to share with you my own "unfair advantage" ... An honest crack at an insider's edge that's so effective it's nothing less than performance enhancing for your own bottom line profits! ▲▲▲
    Are you sure you want to  Yes  No
    Your message goes here
  • You're Going to Want to Read This Before Tonight ★★★
    Are you sure you want to  Yes  No
    Your message goes here

London Puppet Camp 2015: Hiscox

  1. 1. Six Weird Facts about Puppet on Windows … and more facts worth knowing 3 November 2015 Presented by Jeremy McGee and Steven Hawkins
  2. 2. Disclaimer: This is probably not the recommended approach. But it works for us
  3. 3. Who are Hiscox? 3 USA Atlanta Chicago Los Angeles New York City San Francisco White Plains Guernsey St Peter Port Latin American gateway Miami Bermuda Hamilton Europe Amsterdam Bordeaux Brussels Cologne Dublin Hamburg Lisbon Lyon Madrid Munich Paris UK Birmingham Colchester Glasgow Leeds London Maidenhead Manchester York Asia Bangkok Hong Kong Singapore International specialist insurer £2.0B in GWP 2,000 employees
  4. 4. The Hiscox IT landscape Hiscox is an insurance company. Where possible we buy, not build. The organisation relies on customised, packaged applications. This has its own challenges. 4
  5. 5. Deployment stack 5 Paceofchange Stage Item Examples Tools Ready Application components DLLs, SQL scripts, configuration IBM UrbanCode Octopus Deploy Deployed Middleware IIS, JBoss Puppet Configured Server configuration NTFS, registry Puppet Installed Server applications AV, SQL Server VMware templates Built Operating system OS, partitions, AD membership VMware templates Provisioned Orchestration CMP/ITSM VMware Purchased Requisition CMP/ITSM Paceofchange
  6. 6. Using Puppet on Windows
  7. 7. Installation 7
  8. 8. Puppet Agent is Ruby-based and cross-platform 8
  9. 9. Weird Fact Number One You need a Linux master
  10. 10. The Puppet Master is just a file system 10
  11. 11. Weird Fact Number Two There’s no package manager
  12. 12. Package manager alternatives There’s Chocolatey, which is immature; the usual “Programs and Features” control panel, which doesn’t handle versions well; storing each file individually, which doesn’t scale; or direct use of archives, which is ugly. 12
  13. 13. I like archives: the best of a poor choice 13
  14. 14. Windows Package Manager Chocolatey is the way to go as far as package management for Puppet on Windows, but how does it work for enterprise? Not so well, it turns out. Packages vary in quality and most go off to other provider’s Web sites for installers. So, take control: – Write your own Chocolatey packages – Manage Chocolatey packages and providers’ installers locally 14
  15. 15. Chocolatey configuration - It’s actually quite simple to write your own Chocolatey puppet module. We change the following configuration - Disable ‘chocolatey’ source - Add a new source to your internal Chocolatey repository - Set autoUninstaller = true allowGlobalConfirmation = true failOnAutoUninstaller = true - Add an API key to be able to push new packages to your internal Chocolatey repository 15
  16. 16. Creating a Chocolatey package is easier than might you think - choco new Then edit as needed. Finally - cpack - choco push 16
  17. 17. Creating a Chocolatey package Live Demo 17
  18. 18. Great – but what does this mean for Puppet? 18 Becomes...
  19. 19. Great – but what does this mean for Puppet? 19 This!!!
  20. 20. Weird Fact Number Three There are backslashes as path separators, and spaces in filenames
  21. 21. That module again 21 ! ! !?
  22. 22. PowerShell to the rescue 22
  23. 23. Weird Fact Number Four PowerShell isn’t the default provider
  24. 24. Weird Fact Number Five Windows ACLs are special
  25. 25. Windows and ACLs Puppet supports Windows access control lists natively, but the defaults are Linux style, not Windows. So you won’t get what you expect. Typically, Administrator won’t have access. We use native Windows utilities to apply permissions and wrap this up in PowerShell modules.
  26. 26. Weird Fact Number Six It all works very well
  27. 27. Our results We have 120+ test servers, 22+ environments, and in total about 20 modules in use. We have 100% automation of deployments from bare operating system to production deployments. We have no access to production servers. This has saved several thousand pounds over alternative approaches and means we can deploy much more frequently. 27
  28. 28. Some other facts worth knowing
  29. 29. We found this the hard way The Puppet documentation is just the start. Network with colleagues across your organisation and in other companies too. Invest in a training / scratch environment. Keep abreast of new Puppet modules. Buy Puppet Enterprise support. It’s good! 29
  30. 30. Thank you @jeremymcgee