Expanded Introduction     to Puppet      for SELF               2011-06-11             Spartanburg, SC              Garret...
The one-off myth                     Your systems are not beautiful                              snowflakesphoto from http:/...
The one-off myth•   Only temporary
The one-off myth•   Only temporary•   Replicas for pre-production environments
The one-off myth•   Only temporary•   Replicas for pre-production environments•   Disaster recovery
Why?
Why?• reduce   entropy
Why?• reduce   entropy• disaster   recovery
Why?• reduce   entropy• disaster   recovery• change   management
Why?• reduce   entropy• disaster   recovery• change   management• infrastructure   as code
Puppet Open Source Ecosystem                                    Puppet Distribution
                                    Bu...
Operating System SupportLinux     Unix       OtherRed Hat    Solaris Fedora             OS X CentOS               Windows ...
Puppet EnterpriseWhat it is:•   Puppet and related components packaged and    integrated in one install:     •   Puppet   ...
Puppet Enterprise•   Fully QA’d stack of Puppet and dependencies•   Simplified installation•   Ease of maintenance•   Pre-c...
Puppet EnterpriseWhat you can expect in the future:•   Pre-loaded set of commonly used modules•   Direct integration with ...
Puppet is Pervasive  Web       Entertainment   TechnologyFinancial                             Defense
How Puppet Works                                                                                              1    Define: ...
Use Puppet to create composable configurationsModules   and manage the enterprise infrastructure                           ...
Puppet Assigns and Maintains   a Node’s Desired Role
Managing Configuration Drift
How Puppet Manages Data Flow         for Individual Nodes                                                Node             ...
Facts AutomaticallyMaintained Asset   Inventory
domain => localfacterversion => 1.5.8fqdn => sliver.localhardwaremodel => i386hostname => sliverinterfaces => lo0,gif0,stf...
Custom Facts
How Puppet Manages Data Flow         for Individual Nodes                                                Node             ...
Catalog• Automatically             maintained comprehensive resource list• Easilyvalidated against compliance requirements...
How Puppet Manages Data Flow         for Individual Nodes                                                Node             ...
Report• Comprehensive report of every change ever made, correlated to every resource being managed• Easily       validated...
Report•http•log•rrdgraph•store•tagmail
Report
What not How
What not how
Example Resource Types•   cron•   exec•   file•   group•   host•   zfs•   mount•   package•   service•   sshkey
Package-File-Service
File Serving
Templates
Templates - Advanced
Syntax Checking
StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy
StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy •   MySQL •   SQLite3 •   PostgreSQL •   Or...
Storeconfigs
External Node       Classifier•Puppet Dashboard•Your own CMDB
External Node        ClassifierA script that takes $certname asan argument and outputs YAML toSTDOUT
External Node  Classifier
External Node  Classifier
Expanded Introduction     to Puppet      for SELF               2011-06-11             Spartanburg, SC              Garret...
Upcoming SlideShare
Loading in …5
×

20110611 expanded intro-to_puppet_for_self

1,180 views

Published on

Expanded Introduction to Puppet for Southeast LinuxFest (SELF)

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,180
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

20110611 expanded intro-to_puppet_for_self

  1. 1. Expanded Introduction to Puppet for SELF 2011-06-11 Spartanburg, SC Garrett Honeycutt Professional Services Consultant garrett@puppetlabs.com http://linkedin.com/in/garretthoneycutt
  2. 2. The one-off myth Your systems are not beautiful snowflakesphoto from http://beesknees67.deviantart.com/
  3. 3. The one-off myth• Only temporary
  4. 4. The one-off myth• Only temporary• Replicas for pre-production environments
  5. 5. The one-off myth• Only temporary• Replicas for pre-production environments• Disaster recovery
  6. 6. Why?
  7. 7. Why?• reduce entropy
  8. 8. Why?• reduce entropy• disaster recovery
  9. 9. Why?• reduce entropy• disaster recovery• change management
  10. 10. Why?• reduce entropy• disaster recovery• change management• infrastructure as code
  11. 11. Puppet Open Source Ecosystem Puppet Distribution
 Bundled with major OS ! 3,000 person mailing list
 2,000 messages a month
 Puppet Community
 300 people at all times in IRC Active participation ! (#puppet on freenode.net) 100+ people 100+ modules Puppet Contributors
contributing to contributed to Frameworkdocumentation Puppet Module enhancements and code Forge !
  12. 12. Operating System SupportLinux Unix OtherRed Hat Solaris Fedora OS X CentOS Windows AIX Ubuntu (2011) HP-UX Debian SuSE OpenBSD
  13. 13. Puppet EnterpriseWhat it is:• Puppet and related components packaged and integrated in one install: • Puppet • Puppet Master • Dashboard • Facter • Ruby • Apache • Passenger, etc.
  14. 14. Puppet Enterprise• Fully QA’d stack of Puppet and dependencies• Simplified installation• Ease of maintenance• Pre-configured for scalability and performance• Predictable enhancement delivery• Enhanced enterprise class Support
  15. 15. Puppet EnterpriseWhat you can expect in the future:• Pre-loaded set of commonly used modules• Direct integration with public module-forge• Support for additional platforms• Integration with MCollective
  16. 16. Puppet is Pervasive Web Entertainment TechnologyFinancial Defense
  17. 17. How Puppet Works 1 Define: !"#$%&(()#*+%,)-./0/#"1)% % ./23/3)%45%,)+"32%/%30/($%56% 0)./#"52+$"(+%7)#8))2%0)+50-)+%8"#$"2% 0)+/7.)%95,.)+:%;$)+)%95,.)+%,)6"2)% 450%"260/+#0-#0)%"2%"#+%,)+"0),%+#/#): JB B D@ HI %E CB B@ ED %AG G> B%@ A ; B D @;%4 Report: &(()#%>/+$75/0,%0)(50#+% 2 Simulate:%!"#$%#$"+%0)+50-)%% #0/-?%0)./#"52+$"(+%7)#8))2% % 30/($<%&(()#%"+%2"=)%"2%"#+%-59(52)2#+%/2,%/..%-$/23)+<%/..58"23% /7"."#4%#5%+"9./#)%,)(.549)2#+<%)2/7."23%45%#5%?))(%(%8"#$%+)-0"#4%/2,% 45%#5%#)+#%-$/23)+%8"#$5#%,"+0(#"52%-59(."/2-)%9/2,/#)+:%@2,%8"#$%#$)% #5%450%"260/+#0-#0):5()2%@&A%45%-/2%"2#)30/#)%&(()#%8"#$%#$"0,%(/0#4%952"#50"23%#55.+: EFDDBG; %3 Enforce:%&(()#%-59(/0)+%450% C;@;B % +4+#)9%#5%#$)%,)+"0),%+#/#)%/+%45% ,)6"2)%"#<%/2,%/#59/#"-/..4%)2650-)+%"#% >BCADB> C;@;B #5%#$)%,)+"0),%+#/#)%)2+0"23%450%+4+#)9% "+%"2%-59(."/2-):
  18. 18. Use Puppet to create composable configurationsModules and manage the enterprise infrastructure 1 Define Your Resources in Modules. ! "#$%!&(()$*!+,!-).#/)!+,0!1,-2)3!4+!/,-)! 9GHGAG7D "DA!7DEFDE G&&!7DEFDE 7D?MEJH = 52633#.#56$#,/3*!35%!63!")4!7)08)0!,0!96$6463)*!622,:#/;! +,!$,!-).#/)!0)26$#,/3%#(3!4)$:))/!0)3,05)3!6/-! 5,/.#;0)!$%,36/-3!,.!3)08)03!6$!,/5)<! Via Custom Assign resource relationships automatically.! Puppet Dashboard External Source (CMDB, LDAP, etc.) ! 2 =,!56/!$%)/!633#;/!6/-!-)(2,+!5,/.#;06$#,/3! 8#6!&(()$!963%4,60-*!,0!:#$%!+,0!,:/!53$,1#>)-! ?@9A!$,,23< "DA!7DEFDE7 9GHGAG7D!7DEFDE7 G&&IJ?GHJKL!7DEFDE7 LK9D LK9D LK9D 3 Reusable, composable configurations. ! ! "#$%!&(()$!+,!56/!0)B3)!1,-2)3!650,33!12$#(2)! /,-)3*!#/!:%6$)8)0!5,14#/6$#,/!+,!/))-*!0)-5#/;! 0)()$#$#8)!$63C3!6/-!)2#1#/6$#/;!)00,0B(0,/)!350#($3<! LK9D LK9D LK9D Multi Node
  19. 19. Puppet Assigns and Maintains a Node’s Desired Role
  20. 20. Managing Configuration Drift
  21. 21. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts !"#$%&#$(#%($ %&)*+,-.#$+/+$ +0&1/$-/(#,2$/&$/"#$ 3144#/$5+(/#)6 SSL secure 2 Catalog 3144#/$1(#($/"#$7+8/($/& encryption 8&*4-,#$+$9+/+,&:$/"+/ on all data (4#8-2-#($"&;$/"#$%&# transport ("&1,$0#$8&%2-:1)#6Report 3!"#$%&#$)#4&)/($0+8=$/&$3144#/$-%-8+/-%:$/"#$8&%2-:1)+/-&%$-($8&*4,#/#>$;"-8"$-($?-(-0,#$-%$/"#$ Puppet3144#/$@+("0&+)6 Master 4 Report Collector A3144#/$&)$B)$4+)/<$/&&,C Report 8+%$+,(&$(#%$+/+$ /&$/"-)$4+)/<$/&&,(6
  22. 22. Facts AutomaticallyMaintained Asset Inventory
  23. 23. domain => localfacterversion => 1.5.8fqdn => sliver.localhardwaremodel => i386hostname => sliverinterfaces => lo0,gif0,stf0,en0,en1,fw0,vmnet1,vboxnet0ipaddress => 192.168.174.1ipaddress_lo0 => 127.0.0.1ipaddress_vmnet1 => 192.168.174.1kernel => Darwinkernelmajversion => 10.6kernelrelease => 10.6.0macosx_productname => Mac OS Xmacosx_productversion => 10.6.6netmask => 255.255.255.0netmask_lo0 => 255.0.0.0netmask_vmnet1 => 255.255.255.0network_lo0 => 127.0.0.0network_vmnet1 => 192.168.174.0operatingsystem => Darwinoperatingsystemrelease => 10.6.0path => /opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin:/Users/gh/bin:/Users/gh/.gem/ruby/1.8/bin/ps => ps auxwwwpuppetversion => 2.6.4rubysitedir => /opt/local/lib/ruby/site_ruby/1.8timezone => PSTuptime => 1 dayrubyversion => 1.8.7sp_bus_speed => 1.07 GHz
  24. 24. Custom Facts
  25. 25. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts !"#$%&#$(#%($ %&)*+,-.#$+/+$ +0&1/$-/(#,2$/&$/"#$ 3144#/$5+(/#)6 SSL secure 2 Catalog 3144#/$1(#($/"#$7+8/($/& encryption 8&*4-,#$+$9+/+,&:$/"+/ on all data (4#8-2-#($"&;$/"#$%&# transport ("&1,$0#$8&%2-:1)#6Report 3!"#$%&#$)#4&)/($0+8=$/&$3144#/$-%-8+/-%:$/"#$8&%2-:1)+/-&%$-($8&*4,#/#>$;"-8"$-($?-(-0,#$-%$/"#$ Puppet3144#/$@+("0&+)6 Master 4 Report Collector A3144#/$&)$B)$4+)/<$/&&,C Report 8+%$+,(&$(#%$+/+$ /&$/"-)$4+)/<$/&&,(6
  26. 26. Catalog• Automatically maintained comprehensive resource list• Easilyvalidated against compliance requirements prior to client configuration
  27. 27. How Puppet Manages Data Flow for Individual Nodes Node 1 Facts !"#$%&#$(#%($ %&)*+,-.#$+/+$ +0&1/$-/(#,2$/&$/"#$ 3144#/$5+(/#)6 SSL secure 2 Catalog 3144#/$1(#($/"#$7+8/($/& encryption 8&*4-,#$+$9+/+,&:$/"+/ on all data (4#8-2-#($"&;$/"#$%&# transport ("&1,$0#$8&%2-:1)#6Report 3!"#$%&#$)#4&)/($0+8=$/&$3144#/$-%-8+/-%:$/"#$8&%2-:1)+/-&%$-($8&*4,#/#>$;"-8"$-($?-(-0,#$-%$/"#$ Puppet3144#/$@+("0&+)6 Master 4 Report Collector A3144#/$&)$B)$4+)/<$/&&,C Report 8+%$+,(&$(#%$+/+$ /&$/"-)$4+)/<$/&&,(6
  28. 28. Report• Comprehensive report of every change ever made, correlated to every resource being managed• Easily validated against compliance requirements after reach run
  29. 29. Report•http•log•rrdgraph•store•tagmail
  30. 30. Report
  31. 31. What not How
  32. 32. What not how
  33. 33. Example Resource Types• cron• exec• file• group• host• zfs• mount• package• service• sshkey
  34. 34. Package-File-Service
  35. 35. File Serving
  36. 36. Templates
  37. 37. Templates - Advanced
  38. 38. Syntax Checking
  39. 39. StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy
  40. 40. StoreconfigsAbility to pass data between nodes, viaa database acting as a proxy • MySQL • SQLite3 • PostgreSQL • Oracle
  41. 41. Storeconfigs
  42. 42. External Node Classifier•Puppet Dashboard•Your own CMDB
  43. 43. External Node ClassifierA script that takes $certname asan argument and outputs YAML toSTDOUT
  44. 44. External Node Classifier
  45. 45. External Node Classifier
  46. 46. Expanded Introduction to Puppet for SELF 2011-06-11 Spartanburg, SC Garrett Honeycutt Professional Services Consultant garrett@puppetlabs.com http://linkedin.com/in/garretthoneycutt

×