This document discusses using Puppet for configuration management. It outlines goals of centralizing changes, formalizing configurations, and minimizing maintenance efforts. It recommends version controlling configurations, coding standard templates in Puppet/Chef, reusing templates, deploying often in small chunks, and testing changes. It lists tools like Git, Puppet, Cucumber for testing, and Jenkins for automation. Puppet is highlighted as a Ruby-based configuration tool focusing on abstracting OS details and modeling relationships between systems.

1. From recipes to
running systems
managing production servers as you write code

2. Goals
Centralise configuration changes
Formalise configuration
Minimise efforts of maintaining systems
Minimise risks and fear of changes
Test infrastructure changes

3. Principles
Version control recipes
Puppet, Chef to code standard recipes
Re-use recipes across environments
Deploy often and in smaller chunks
Test changes on testing environment

4. Tools
• Git, Github
• Puppet, Chef
• Cucumber-nagios, Cucumber-puppet,
Rspec-puppet
• Jenkins,Vagrant, virtualisation, linux
containers
• Puppet dashboard, Foreman

5. Puppet
• Configuration management utility
• Written in Ruby (^_^)
• Model driven
• Abstract OS layer
• Focus on high level details and relationships

6. General overview
Modules Puppet Master Node configuration
General infrastructure
Monitoring
LDAP / Kerberos SSH gateway
Nagios, Munin
Applications infrastructure
Development Staging Production
app servers, web servers,
httpd, mysqld, ... VMs, httpd, mysqld
db servers, ...
Puppet clients

7. Anatomy of a
puppet run
1. Requests a signed certificate (first run only)
2. Collects facts (hardware, OS, hostname, ...)
3. Obtains latest catalog from master
4. Apply changes
5. Sends report of changes and failure to master

8. Puppet organisation
External node
Nodes
classifier
Top level classes
app_server, web_server,
db_server, db_slave,
sphinx_server...
Modules Apache Ruby Mysql
Nagios Git Sphinx
Munin Memcached ....

9. Structure of a module
define how the module
manifests/ works
static content
files/ notonthehighstreet.cert
dynamic templates
templates/ httpd.conf.erb
ruby based libraries
lib/ package providers, ...
spec/, tests/, features/... tests for classes, definitions

10. Manifests
a collection of resources & relationships

11. Dynamic templates

12. Pre-defined resources
File Host
Package Mount
Service Exec (commands)
User SSH key
Group SSH authorised key
Cron(job)

13. Resource collections
Classes, parameterised classes, defined resource types
Classes:
• single inheritance
• singleton
• are typically used to group all the resources
of a particular package, service, ...

14. Example of a class

15. Resource collections
Classes, parameterised classes, defined resource types
Parameterised classes:
• similar to classes
• accept parameters to customise their
behavior

16. Example of a parameterised class

17. Resource collections
Classes, parameterised classes, defined resource types
Defined Resource Types:
• no inheritance
• reusable on same system
• cannot define same resources more than
once

18. Example of a defined resource type

19. The Foreman
• Provides web interface to Puppet
• Client inventory
• Collects reports and failures
• External node classifier
• Provision new nodes

20. Web interface of Puppet system

21. Server and high-level configuration
inventory

22. Collect reports from Puppet master

23. Log and report errors for immediate
analysis

24. Provide nodes configuration
to Puppet master

25. Provisioning new node from web

26. Present
• Most of our services managed by Puppet
• Most of our environments managed by
Puppet
• Basic testing process in place on Jenkins

27. Future
• Centralise host provisioning with Foreman
• Complete testing cycle with production-like
testing servers
• Deploy fully working application servers from
scratch with Puppet
• Puppet 3.0 / Ruby 1.9
• Provide development instance configurable
with Puppet