20110402 expanded intro-to_puppet_texas_linuxfest

1,504 views

Published on

Expanded Introduction to Puppet for Texas Linux Fest - 20110402 - Austin, TX

Published in: Technology, Spiritual
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,504
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
39
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

20110402 expanded intro-to_puppet_texas_linuxfest

  1. 1. Expanded Introduction to Puppet 2011-04-02 Texas Linux Fest Austin, TX Garrett Honeycutt Professional Services Consultant garrett@puppetlabs.com http://linkedin.com/in/garretthoneycutt
  2. 2. Puppet Open Source Ecosystem Puppet Distribution
 Bundled with major OS ! 3,000 person mailing list
 2,000 messages a month
 Puppet Community
 300 people at all times in IRC Active participation ! (#puppet on freenode.net) 100+ people 100+ modules Puppet Contributors
contributing to contributed to Frameworkdocumentation Puppet Module enhancements and code Forge !
  3. 3. Operating System SupportLinux Unix OtherRed Hat Solaris Fedora OS X CentOS Windows AIX Ubuntu (2011) HP-UX Debian SuSE OpenBSD
  4. 4. Puppet EnterpriseWhat it is:• Puppet and related components packaged and integrated in one install: • Puppet • Puppet Master • Dashboard • Facter • Ruby • Apache • Passenger, etc.
  5. 5. Puppet Enterprise• Fully QA’d stack of Puppet and dependencies• Simplified installation• Ease of maintenance• Pre-configured for scalability and performance• Predictable enhancement delivery• Enhanced enterprise class Support
  6. 6. Puppet EnterpriseWhat you can expect in the future:• Pre-loaded set of commonly used modules• Direct integration with public module-forge• Support for additional platforms• Integration with MCollective
  7. 7. MCollective adds orchestrationCommand MCollective sequences Line Web Puppet! actions based on dataInterface interface! Dashboard! in Puppet! (CLI)! Scenario 1 (Complete Process)! ! Step 1: Remove server group 3 from load balancers! Step 2: Upgrade server on group 3! Step 3.Verify monitoring status of group 3! Puppet! MCollective! Step 4: Put group 3 back in load balancers! Scenario 2 (Across Server Groups)! !1! 2! 3! 1! 2! 3! 1! 2! 3! Step 1: Prevent Puppet runs for machines of type 5! Step 2: Restart Apache on all machines of type 2! Step 3: Update machines of type 4 in batches of 50Datacenter! Datacenter! Datacenter! every 2 hours! Step 4: Schedule mail delivery of type 4 in batches of 50 every 2 hours!4! 5! 6! 4! 5! 6! 4! 5! 6!
  8. 8. Puppet is Pervasive Web Entertainment TechnologyFinancial Defense
  9. 9. How Puppet Works 1 Define: !"#$%&(()#*+%,)-./0/#"1)% % ./23/3)%45%,)+"32%/%30/($%56% 0)./#"52+$"(+%7)#8))2%0)+50-)+%8"#$"2% 0)+/7.)%95,.)+:%;$)+)%95,.)+%,)6"2)% 450%"260/+#0-#0)%"2%"#+%,)+"0),%+#/#): JB B D@ HI %E CB B@ ED %AG G> B%@ A ; B D @;%4 Report: &(()#%>/+$75/0,%0)(50#+% 2 Simulate:%!"#$%#$"+%0)+50-)%% #0/-?%0)./#"52+$"(+%7)#8))2% % 30/($<%&(()#%"+%2"=)%"2%"#+%-59(52)2#+%/2,%/..%-$/23)+<%/..58"23% /7"."#4%#5%+"9./#)%,)(.549)2#+<%)2/7."23%45%#5%?))(%(%8"#$%+)-0"#4%/2,% 45%#5%#)+#%-$/23)+%8"#$5#%,"+0(#"52%-59(."/2-)%9/2,/#)+:%@2,%8"#$%#$)% #5%450%"260/+#0-#0):5()2%@&A%45%-/2%"2#)30/#)%&(()#%8"#$%#$"0,%(/0#4%952"#50"23%#55.+: EFDDBG; %3 Enforce:%&(()#%-59(/0)+%450% C;@;B % +4+#)9%#5%#$)%,)+"0),%+#/#)%/+%45% ,)6"2)%"#<%/2,%/#59/#"-/..4%)2650-)+%"#% >BCADB> C;@;B #5%#$)%,)+"0),%+#/#)%)2+0"23%450%+4+#)9% "+%"2%-59(."/2-):
  10. 10. Use Puppet to create composable configurationsModules and manage the enterprise infrastructure 1 Define Your Resources in Modules. ! "#$%!&(()$*!+,!-).#/)!+,0!1,-2)3!4+!/,-)! 9GHGAG7D "DA!7DEFDE G&&!7DEFDE 7D?MEJH = 52633#.#56$#,/3*!35%!63!")4!7)08)0!,0!96$6463)*!622,:#/;! +,!$,!-).#/)!0)26$#,/3%#(3!4)$:))/!0)3,05)3!6/-! 5,/.#;0)!$%,36/-3!,.!3)08)03!6$!,/5)<! Via Custom Assign resource relationships automatically.! Puppet Dashboard External Source (CMDB, LDAP, etc.) ! 2 =,!56/!$%)/!633#;/!6/-!-)(2,+!5,/.#;06$#,/3! 8#6!&(()$!963%4,60-*!,0!:#$%!+,0!,:/!53$,1#>)-! ?@9A!$,,23< "DA!7DEFDE7 9GHGAG7D!7DEFDE7 G&&IJ?GHJKL!7DEFDE7 LK9D LK9D LK9D 3 Reusable, composable configurations. ! ! "#$%!&(()$!+,!56/!0)B3)!1,-2)3!650,33!12$#(2)! /,-)3*!#/!:%6$)8)0!5,14#/6$#,/!+,!/))-*!0)-5#/;! 0)()$#$#8)!$63C3!6/-!)2#1#/6$#/;!)00,0B(0,/)!350#($3<! LK9D LK9D LK9D Multi Node
  11. 11. Puppet Assigns and Maintains a Node’s Desired Role
  12. 12. Managing Configuration Drift
  13. 13. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts !"#$%&#$(#%($ %&)*+,-.#$+/+$ +0&1/$-/(#,2$/&$/"#$ 3144#/$5+(/#)6 SSL secure 2 Catalog 3144#/$1(#($/"#$7+8/($/& encryption 8&*4-,#$+$9+/+,&:$/"+/ on all data (4#8-2-#($"&;$/"#$%&# transport ("&1,$0#$8&%2-:1)#6Report 3!"#$%&#$)#4&)/($0+8=$/&$3144#/$-%-8+/-%:$/"#$8&%2-:1)+/-&%$-($8&*4,#/#>$;"-8"$-($?-(-0,#$-%$/"#$ Puppet3144#/$@+("0&+)6 Master 4 Report Collector A3144#/$&)$B)$4+)/<$/&&,C Report 8+%$+,(&$(#%$+/+$ /&$/"-)$4+)/<$/&&,(6
  14. 14. Facts AutomaticallyMaintained Asset Inventory
  15. 15. domain => localfacterversion => 1.5.8fqdn => sliver.localhardwaremodel => i386hostname => sliverinterfaces => lo0,gif0,stf0,en0,en1,fw0,vmnet1,vboxnet0ipaddress => 192.168.174.1ipaddress_lo0 => 127.0.0.1ipaddress_vmnet1 => 192.168.174.1kernel => Darwinkernelmajversion => 10.6kernelrelease => 10.6.0macosx_productname => Mac OS Xmacosx_productversion => 10.6.6netmask => 255.255.255.0netmask_lo0 => 255.0.0.0netmask_vmnet1 => 255.255.255.0network_lo0 => 127.0.0.0network_vmnet1 => 192.168.174.0operatingsystem => Darwinoperatingsystemrelease => 10.6.0path => /opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin:/Users/gh/bin:/Users/gh/.gem/ruby/1.8/bin/ps => ps auxwwwpuppetversion => 2.6.4rubysitedir => /opt/local/lib/ruby/site_ruby/1.8timezone => PSTuptime => 1 dayrubyversion => 1.8.7sp_bus_speed => 1.07 GHz
  16. 16. Custom Facts
  17. 17. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts !"#$%&#$(#%($ %&)*+,-.#$+/+$ +0&1/$-/(#,2$/&$/"#$ 3144#/$5+(/#)6 SSL secure 2 Catalog 3144#/$1(#($/"#$7+8/($/& encryption 8&*4-,#$+$9+/+,&:$/"+/ on all data (4#8-2-#($"&;$/"#$%&# transport ("&1,$0#$8&%2-:1)#6Report 3!"#$%&#$)#4&)/($0+8=$/&$3144#/$-%-8+/-%:$/"#$8&%2-:1)+/-&%$-($8&*4,#/#>$;"-8"$-($?-(-0,#$-%$/"#$ Puppet3144#/$@+("0&+)6 Master 4 Report Collector A3144#/$&)$B)$4+)/<$/&&,C Report 8+%$+,(&$(#%$+/+$ /&$/"-)$4+)/<$/&&,(6
  18. 18. Catalog• Automatically maintained comprehensive resource list• Easilyvalidated against compliance requirements prior to client configuration
  19. 19. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts !"#$%&#$(#%($ %&)*+,-.#$+/+$ +0&1/$-/(#,2$/&$/"#$ 3144#/$5+(/#)6 SSL secure 2 Catalog 3144#/$1(#($/"#$7+8/($/& encryption 8&*4-,#$+$9+/+,&:$/"+/ on all data (4#8-2-#($"&;$/"#$%&# transport ("&1,$0#$8&%2-:1)#6Report 3!"#$%&#$)#4&)/($0+8=$/&$3144#/$-%-8+/-%:$/"#$8&%2-:1)+/-&%$-($8&*4,#/#>$;"-8"$-($?-(-0,#$-%$/"#$ Puppet3144#/$@+("0&+)6 Master 4 Report Collector A3144#/$&)$B)$4+)/<$/&&,C Report 8+%$+,(&$(#%$+/+$ /&$/"-)$4+)/<$/&&,(6
  20. 20. Report• Comprehensive report of every change ever made, correlated to every resource being managed• Easily validated against compliance requirements after reach run
  21. 21. Report•http•log•rrdgraph•store•tagmail
  22. 22. Report
  23. 23. The one-off myth Your systems are not beautiful snowflakesphoto from http://beesknees67.deviantart.com/
  24. 24. The one-off myth• Only temporary
  25. 25. The one-off myth• Only temporary• Replicas for pre-production environments
  26. 26. The one-off myth• Only temporary• Replicas for pre-production environments• Disaster recovery
  27. 27. Why?
  28. 28. Why?• reduce entropy
  29. 29. Why?• reduce entropy• disaster recovery
  30. 30. Why?• reduce entropy• disaster recovery• change management
  31. 31. Why?• reduce entropy• disaster recovery• change management• infrastructure as code
  32. 32. What not How
  33. 33. What not how
  34. 34. Example Resource Types• cron• exec• file• group• host• zfs• mount• package• service• sshkey
  35. 35. Package-File-Service
  36. 36. File Serving
  37. 37. Templates
  38. 38. Templates - Advanced
  39. 39. Syntax Checking
  40. 40. StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy
  41. 41. StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy • MySQL • SQLite3 • PostgreSQL • Oracle
  42. 42. Storeconfigs
  43. 43. External Node Classifier•Puppet Dashboard•Your own CMDB
  44. 44. External Node ClassifierA script that takes $certname asan argument and outputs YAML toSTDOUT
  45. 45. External Node Classifier
  46. 46. External Node Classifier
  47. 47. Expanded Introduction to Puppet 2011-04-02 Texas Linux Fest Austin, TX Garrett Honeycutt Professional Services Consultant garrett@puppetlabs.com http://linkedin.com/in/garretthoneycutt

×