Puppet and software delivery

1,280 views

Published on

Talk given at the Belgian Puppet User Group

Please see http://www.slideshare.net/roidelapluie/deploy-your-application-with-puppet-code for a better version

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,280
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Puppet and software delivery

  1. 1. Puppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software delivery Shipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet code Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto Belgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User Group March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015
  2. 2. $::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto • Open-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.eu • Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011 • Speaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at Puppetcamps • Member of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUG • Puppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributor • Puppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributor • @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github
  3. 3. inuits.eu
  4. 4. Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015 • VVVVVVVVVVVVVVVVVirtualization • CCCCCCCCCCCCCCCCContainers • CCCCCCCCCCCCCCCCCloud • SSSSSSSSSSSSSSSSStateless software • SSSSSSSSSSSSSSSSScalable daemons
  5. 5. Distributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing Software • Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM) • TarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarball • Self-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarball • curl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bash • Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside? • Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)
  6. 6. Real WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal World Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/kwarz/13293732384/
  7. 7. Welcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my world • CCCCCCCCCCCCCCCCComplex SW • SSSSSSSSSSSSSSSSSelf-hosting • SSSSSSSSSSSSSSSSStateless software • SSSSSSSSSSSSSSSSScalable daemons
  8. 8. Software distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distribution • SSSSSSSSSSSSSSSSSoftware (Source code or binaries) • UUUUUUUUUUUUUUUUUser guide • IIIIIIIIIIIIIIIIInstallation guide • PPPPPPPPPPPPPPPPPeople who install the software
  9. 9. Challenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distribution • AAAAAAAAAAAAAAAAArtifacts • SSSSSSSSSSSSSSSSSecurity • HHHHHHHHHHHHHHHHHW requirements • SSSSSSSSSSSSSSSSSW requirements • UUUUUUUUUUUUUUUUUpgrades • MMMMMMMMMMMMMMMMMaintenance • MMMMMMMMMMMMMMMMMonitoring
  10. 10. IntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroduction
  11. 11. Artifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: Packaging • Consistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file lists • Dependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolving • RepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositories • GPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-Signing • Lots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of tools • VersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioning • Unique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible build • CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)
  12. 12. DependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependencies • Use packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages also • Version your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositories • Test your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependencies • Distribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packages • Mirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream repos • Limit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependencies
  13. 13. AutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomation • AAAAAAAAAAAAAAAAAutomate all the things • OOOOOOOOOOOOOOOOOS, Monitoring, Application • RRRRRRRRRRRRRRRRReproducable builds • RRRRRRRRRRRRRRRRRepositories management
  14. 14. Cultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changes • NNNNNNNNNNNNNNNNNo more manual work • UUUUUUUUUUUUUUUUUse an appropriate toolchain • MMMMMMMMMMMMMMMMManual action = Error prone • WWWWWWWWWWWWWWWWWhat did I change 3 years ago?
  15. 15. DocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentation • NNNNNNNNNNNNNNNNNo more complex install guides • PPPPPPPPPPPPPPPPPuppet training • VVVVVVVVVVVVVVVVValid for several products
  16. 16. Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/jimmcd/4859841581
  17. 17. PuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppet • WWWWWWWWWWWWWWWWWidely used Automation tool • VVVVVVVVVVVVVVVVVery mature • CCCCCCCCCCCCCCCCClient/Server mode • SSSSSSSSSSSSSSSSStandalone mode • DDDDDDDDDDDDDDDDDeclarative • SSSSSSSSSSSSSSSSScales
  18. 18. What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate? Application Reverse Proxy / Databases Monitoring Operation System Platform
  19. 19. To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not? You have to be able to chose which part you will setup with Puppet.
  20. 20. Use Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modules Use separate meta-modules for OS, Dependencies, Monitoring, Application… And include them only of needed.
  21. 21. Yes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noop • IIIIIIIIIIIIIIIIInclude or not each class • YYYYYYYYYYYYYYYYYou can put a whole class in no-op • include myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_os • class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}
  22. 22. Puppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet Modules
  23. 23. External modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modules • PPPPPPPPPPPPPPPPPick the best ones • PPPPPPPPPPPPPPPPPuppetlabs modules • UUUUUUUUUUUUUUUUUpstream modules • MMMMMMMMMMMMMMMMModules active on Github • FFFFFFFFFFFFFFFFForge rating • TTTTTTTTTTTTTTTTTesting, doc • MMMMMMMMMMMMMMMMModules that fit your usecase
  24. 24. Review the modules you plan to include. You do not want bad code in your app, why would you want it in the code that deploys your app?
  25. 25. Contribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute back • GGGGGGGGGGGGGGGGGet feedback (peer review) • EEEEEEEEEEEEEEEEEasier to maintain in long term • FFFFFFFFFFFFFFFFForces you to write tests • HHHHHHHHHHHHHHHHHelp other people • PPPPPPPPPPPPPPPPPuppet is not your core business
  26. 26. Your modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modules • EEEEEEEEEEEEEEEEEveryone has write access • FFFFFFFFFFFFFFFFFollow code standards (puppet-lint) • BBBBBBBBBBBBBBBBBe future-proof • SSSSSSSSSSSSSSSSSeparation between code and data
  27. 27. Your puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet tree • YYYYYYYYYYYYYYYYYour tree is next to your app code • SSSSSSSSSSSSSSSSSubmodules of your app • GGGGGGGGGGGGGGGGGets the same version number • PPPPPPPPPPPPPPPPParameters matches your apps parameters
  28. 28. Distribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your tree • PPPPPPPPPPPPPPPPPackage the whole tree in a package • UUUUUUUUUUUUUUUUUse package dependencies to pull puppet • MMMMMMMMMMMMMMMMMaybe add a helper script for the first run
  29. 29. • YYYYYYYYYYYYYYYYYour tree is next to your app code • SSSSSSSSSSSSSSSSSubmodules of your app • GGGGGGGGGGGGGGGGGets the same version number • CCCCCCCCCCCCCCCCContains the right parameters
  30. 30. Puppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterless • PPPPPPPPPPPPPPPPPuppet has 2 modes • PPPPPPPPPPPPPPPPPull your catalog • AAAAAAAAAAAAAAAAApply it from files • BBBBBBBBBBBBBBBBBoth have advantages • DDDDDDDDDDDDDDDDDepends on what you want
  31. 31. Masterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless mode • OOOOOOOOOOOOOOOOOne-time run • NNNNNNNNNNNNNNNNNo daemon running • NNNNNNNNNNNNNNNNNo need for a Puppet master • NNNNNNNNNNNNNNNNNo exported resources • NNNNNNNNNNNNNNNNNo PuppetDB
  32. 32. Agent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent mode • RRRRRRRRRRRRRRRRRun every X time (to be tuned) • CCCCCCCCCCCCCCCCConsitency check • RRRRRRRRRRRRRRRRRequires one master • PPPPPPPPPPPPPPPPPuppet daemon running (as root) • RRRRRRRRRRRRRRRRReports sent to the master
  33. 33. PuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDB • RRRRRRRRRRRRRRRRRequires a master • SSSSSSSSSSSSSSSSStores facts and reports • EEEEEEEEEEEEEEEEEasy to query • DDDDDDDDDDDDDDDDDashboards available • EEEEEEEEEEEEEEEEExported resources
  34. 34. HieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHiera • DDDDDDDDDDDDDDDDData separation • YYYYYYYYYYYYYYYYYou classes should have a stable API • YYYYYYYYYYYYYYYYYour main class dispatches to other modules • UUUUUUUUUUUUUUUUUse functions: ▶ cccccccccccccccccreate_resource ▶ mmmmmmmmmmmmmmmmmysql_deepmerge
  35. 35. Automatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter Lookup • class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar" • AAAAAAAAAAAAAAAAAvailable in Puppet 3+ • SSSSSSSSSSSSSSSSShould be avoided (obscurification) • NNNNNNNNNNNNNNNNNice to have for edge cases
  36. 36. SecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecurity • PPPPPPPPPPPPPPPPPuppet agent runs as root • TTTTTTTTTTTTTTTTThe master runs as "puppet" user • IIIIIIIIIIIIIIIIIsolated on a separated host • PPPPPPPPPPPPPPPPPuppetDB/Server only listens to Loopback • PPPPPPPPPPPPPPPPPut a reverse proxy (even for server)
  37. 37. Security - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/Server • DDDDDDDDDDDDDDDDDo not use autosign • YYYYYYYYYYYYYYYYYou can rely on external CA • IIIIIIIIIIIIIIIIIsolate the service from the application • QQQQQQQQQQQQQQQQQuery PuppetDB from your monitoring tool
  38. 38. Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet
  39. 39. Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet • TTTTTTTTTTTTTTTTThere might be a puppet setup • WWWWWWWWWWWWWWWWWork in a separated environment • PPPPPPPPPPPPPPPPPuppet hieradata in a subdirectory • PPPPPPPPPPPPPPPPPrefix your custom functions • BBBBBBBBBBBBBBBBBe careful with exported resources
  40. 40. RuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntime
  41. 41. Deploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet tree • IIIIIIIIIIIIIIIIInstall your puppet tree package • IIIIIIIIIIIIIIIIInstall the hiera files (versioned?) • OOOOOOOOOOOOOOOOOne puppet apply to deploy a basic server • TTTTTTTTTTTTTTTTThen the first agent run to deploy PuppetDB and the rest • TTTTTTTTTTTTTTTTThere is no puppetlabs-puppet module
  42. 42. ConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusion
  43. 43. Shipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet code • EEEEEEEEEEEEEEEEEveryone gets benefits • FFFFFFFFFFFFFFFFFrom devs to QA to customers • NNNNNNNNNNNNNNNNNeed to review how you release • NNNNNNNNNNNNNNNNNeed to review how you deploy your OS • PPPPPPPPPPPPPPPPPuppet code is part of your app
  44. 44. AdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantages • SSSSSSSSSSSSSSSSSetup your app easily (internally and externally) • GGGGGGGGGGGGGGGGGet consistent deployments at several customer • PPPPPPPPPPPPPPPPPredict what will be deployed • GGGGGGGGGGGGGGGGGet a clear view of the infrastructure • SSSSSSSSSSSSSSSSSay bye bye to long procedures
  45. 45. There is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is work • BBBBBBBBBBBBBBBBBig cultural changes ▶ RRRRRRRRRRRRRRRRRoot access? ▶ TTTTTTTTTTTTTTTTThe shell script works… ▶ IIIIIIIIIIIIIIIII can't do X anymore… • PPPPPPPPPPPPPPPPPurge old artifacts on updates • DDDDDDDDDDDDDDDDDeal with your data • KKKKKKKKKKKKKKKKKeep that infra up to date
  46. 46. Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box! • MMMMMMMMMMMMMMMMMonitoring • BBBBBBBBBBBBBBBBBest practices enforcement • RRRRRRRRRRRRRRRRRepositories management • BBBBBBBBBBBBBBBBBring your own tools
  47. 47. Thank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank you Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?
  48. 48. ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto julien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuits https://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu +32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636

×