Uploaded bygrim_radical
PDF, PPTX1,187 views

Puppet: Eclipsecon ALM 2013

The document discusses how immutable infrastructure can be achieved through Puppet by treating systems configuration as code. Puppet allows defining systems in code and enforcing that state through automatic idempotent runs, compensating for inherent system mutability. This brings predictability to infrastructure and allows higher level operations by establishing a foundation of reliable, known states.

Embed presentation

Download as PDF, PPTX
Less talk, more rock Puppet ALM Connect 2013
deepak giridharagopal deepak@puppetlabs.com @grim_radical [github twitter freenode]
Let’s talk about...
Immutability is great!
Classes should be immutable unless there's a very good reason to make -- Joshua Bloch, “Effective Java” them mutable....If a class cannot be made immutable, limit its mutability as much as possible.
Immutability allows for invariants, which help you reason about correctness
Immutability prevents spooky action at a distance
Immutability fosters modular, composable abstractions
(this shouldn’t be a tough sell to developers)
That’s great for develoment, but how about operations?
Immutability for infrastructure? Because operations is in the same boat as development
Everyone who’s got their app running on a fleet of servers has experienced spooky action at a distance
Known, good state is critical for reliable upgrades
A lack of predictability in your systems ruins automation and abstraction
The problem is that: Systems are inherently mutable! But ideally: Systems should behave as though they weren’t!
façade of immutability. Immutability
Computer systems are in many ways open systems, providing the keys to the vault if one is so inclined to grab them. But in order to foster an air of immutability in our own systems, it's of utmost importance to create a façade of immutability. Immutability -- The Joy of Clojure requires that we layer over and abstract the parts of our system that provide unrestrained mutability.
Describe how you’d like your systems to look, and Puppet does all the hard work for you!
Example: Inquire a simple service for exposing system metrics
Example: Inquire http://box/inquire/disk_usage
install apache create apache user create apache config file cgi script for “df -h” correct perms for script start apache restart if config changes!
Once you’ve got a spec for your service, you can see if a given machine is up to code
• Packages: • Data files: • apache • /var/www/cgi-bin/ • Users: disk_usage • apache • executable, owned by apache • Config files: • apache’s httpd.conf • does “df -h” • Services: • apache should be running • restart if config file changes
class inquire_server { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache];   "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; } }
class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; } }   class inquire_disk_usage { include inquire_bootstrap file { "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; } }
class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; } }   define inquiry($command) { include inquire_bootstrap file { "/var/www/cgi-bin/$name.sh": owner => apache, mode => 755, content => $command; } }
node “appserver.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } }
node “appserver1.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } } node “appserver2.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } }
class instrumentation { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } } node “appserver1.mydomain.com” { include instrumentation } node “appserver2.mydomain.com” { include instrumentation }
Rich set of primitives, and make your own. Can use existing modules and abstractions, and make your own.
netmask_lo: 255.0.0.0 ipaddress: 172.16.245.128 augeasversion: 0.10.0 processor0: Intel(R) Core(TM) fqdn: pe-debian6.localdomain i7-2635QM CPU @ 2.00GHz manufacturer: "VMware, Inc." lsbdistrelease: 6.0.2 processorcount: "1" uniqueid: 007f0101 productname: VMware Virtual hardwaremodel: i686 Platform kernelversion: 2.6.32 physicalprocessorcount: 1 operatingsystem: Debian facterversion: 1.6.7 architecture: i386 boardproductname: 440BX Desktop lsbdistdescription: Debian GNU/ Reference Platform Linux 6.0.2 (squeeze) kernelmajversion: "2.6" lsbmajdistrelease: "6" hardwareisa: unknown interfaces: "eth0,lo" timezone: PDT ipaddress_lo: 127.0.0.1 puppetversion: 2.7.12 (Puppet uptime_days: 0 Enterprise 2.5.1) lsbdistid: Debian lsbdistcodename: squeeze rubysitedir: /opt/puppet/lib/ is_virtual: "true" site_ruby/1.8 operatingsystemrelease: 6.0.2 rubyversion: 1.8.7 virtual: vmware osfamily: Debian type: Other memorytotal: &id001 502.57 MB domain: localdomain memorysize: *id001 hostname: pe-debian6 boardmanufacturer: Intel selinux: "false" Corporation kernel: Linux path: /usr/local/sbin:/usr/
file { “/etc/issue”: content => “Got an issue? Here’s a tissue!”, } file { “/etc/motd”: content => template(“Welcome to $hostname!”), }
file { "/etc/sudoers": owner => root, group => root, mode => 440, source => "puppet:///modules/sudo/sudoers" }
class ntp { package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", } }
node “webserver.mydomain.com” { include ntp } node “appserver.mydomain.com” { include ntp } node “database.mydomain.com” { include ntp }
class ssh { @@sshkey { $hostname: type => dsa, key => $sshdsakey } Sshkey <<| |>> }
File “/tmp/foo/bar” User “deepak” Dir “/tmp/foo” Dir “/tmp”
Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
Idempotent, and only does what’s necessary
Compensates for the inherent mutability of systems
Combats spooky action at a distance with automatic repair
Brings predictability to your systems
A foundation of predictability and reliability lets you perform higher-level operations on your infrastructure
Code all the way down
Software-defined infrastructure is...just software. Infrastructure as code is...just code.
Thus, you can treat it like the other code in your application
Scary, but liberating!
Maintaining the state of your systems is the foundation upon which everything rests
Start small, and start somewhere. :)
deepak giridharagopal deepak@puppetlabs.com @grim_radical [github twitter freenode] We’re hiring!

More Related Content

PDF
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
byCarlos Sanchez
 
PDF
20090514 Introducing Puppet To Sasag
bygarrett honeycutt
 
KEY
From Dev to DevOps - ApacheCON NA 2011
byCarlos Sanchez
 
KEY
Puppet for Java developers - JavaZone NO 2012
byCarlos Sanchez
 
PDF
From Dev to DevOps - Codemotion ES 2012
byCarlos Sanchez
 
KEY
From Dev to DevOps - FOSDEM 2012
byCarlos Sanchez
 
KEY
From Dev to DevOps - Apache Barcamp Spain 2011
byCarlos Sanchez
 
PDF
Configuration Surgery with Augeas
byPuppet
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
byCarlos Sanchez
 
20090514 Introducing Puppet To Sasag
bygarrett honeycutt
 
From Dev to DevOps - ApacheCON NA 2011
byCarlos Sanchez
 
Puppet for Java developers - JavaZone NO 2012
byCarlos Sanchez
 
From Dev to DevOps - Codemotion ES 2012
byCarlos Sanchez
 
From Dev to DevOps - FOSDEM 2012
byCarlos Sanchez
 
From Dev to DevOps - Apache Barcamp Spain 2011
byCarlos Sanchez
 
Configuration Surgery with Augeas
byPuppet
 

What's hot

KEY
Making Your Capistrano Recipe Book
byTim Riley
 
PDF
Single node hadoop cluster installation
byMahantesh Angadi
 
PDF
Getting Started with Ansible
byahamilton55
 
PDF
Puppet at janrain
byPuppet
 
PDF
From Dev to DevOps
byAgile Spain
 
PPTX
Hadoop single cluster installation
byMinh Tran
 
PDF
Automated infrastructure is on the menu
byjtimberman
 
PDF
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...
byPuppet
 
PDF
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
byCarlos Sanchez
 
PDF
PuppetCamp SEA 1 - Version Control with Puppet
byWalter Heck
 
PDF
PuppetCamp SEA 1 - Puppet Deployment at OnApp
byWalter Heck
 
PDF
PuppetCamp SEA 1 - Use of Puppet
byWalter Heck
 
PDF
Ansible - Swiss Army Knife Orchestration
bybcoca
 
PDF
Py conkr 20150829_docker-python
byEric Ahn
 
PDF
Using Puppet on Linux, Windows, and Mac OSX
byPuppet
 
PDF
More tips n tricks
bybcoca
 
PPTX
Puppet_training
byAfroz Hussain
 
KEY
20100425 Configuration Management With Puppet Lfnw
bygarrett honeycutt
 
PDF
Docker, c'est bonheur !
byAlexandre Salomé
 
PDF
Puppet at Opera Sofware - PuppetCamp Oslo 2013
byCosimo Streppone
 
Making Your Capistrano Recipe Book
byTim Riley
 
Single node hadoop cluster installation
byMahantesh Angadi
 
Getting Started with Ansible
byahamilton55
 
Puppet at janrain
byPuppet
 
From Dev to DevOps
byAgile Spain
 
Hadoop single cluster installation
byMinh Tran
 
Automated infrastructure is on the menu
byjtimberman
 
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...
byPuppet
 
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
byCarlos Sanchez
 
PuppetCamp SEA 1 - Version Control with Puppet
byWalter Heck
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
byWalter Heck
 
PuppetCamp SEA 1 - Use of Puppet
byWalter Heck
 
Ansible - Swiss Army Knife Orchestration
bybcoca
 
Py conkr 20150829_docker-python
byEric Ahn
 
Using Puppet on Linux, Windows, and Mac OSX
byPuppet
 
More tips n tricks
bybcoca
 
Puppet_training
byAfroz Hussain
 
20100425 Configuration Management With Puppet Lfnw
bygarrett honeycutt
 
Docker, c'est bonheur !
byAlexandre Salomé
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
byCosimo Streppone
 

Similar to Puppet: Eclipsecon ALM 2013

PDF
Systems Automation with Puppet
byelliando dias
 
PPTX
Learning Puppet basic thing
byDaeHyung Lee
 
PDF
Alessandro sf 2010
byPuppet
 
PPT
Dance for the puppet master: G6 Tech Talk
byMichael Peacock
 
PDF
PuppetDB: Sneaking Clojure into Operations
bygrim_radical
 
PDF
Developing IT infrastructures with Puppet
byAlessandro Franceschi
 
PDF
ReUse Your (Puppet) Modules!
byAlessandro Franceschi
 
KEY
Puppet for dummies - PHPBenelux UG edition
byJoshua Thijssen
 
PDF
Puppet fundamentals
byMurali Boyapati
 
PDF
Puppet @ Seat
byAlessandro Franceschi
 
PDF
PuppetCamp Ghent - What Not to Do with Puppet
byOlinData
 
PDF
Puppet: What _not_ to do
byPuppet
 
PDF
PuppetCamp Ghent - What Not to Do with Puppet
byWalter Heck
 
PPT
Puppet
bycsrocks
 
PPS
A Presentation about Puppet that I've made at the OSSPAC conference
byohadlevy
 
PDF
Security Testing Using Infrastructure-As-Code
byVision Concepts Infrastructure Services Solution
 
PDF
Puppet and the HashiStack
byBram Vogelaar
 
PDF
Intro to-puppet
byF.L. Jonathan Araña Cruz
 
PDF
Test driven infrastructure
bySkills Matter Talks
 
PDF
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
byPuppet
 
Systems Automation with Puppet
byelliando dias
 
Learning Puppet basic thing
byDaeHyung Lee
 
Alessandro sf 2010
byPuppet
 
Dance for the puppet master: G6 Tech Talk
byMichael Peacock
 
PuppetDB: Sneaking Clojure into Operations
bygrim_radical
 
Developing IT infrastructures with Puppet
byAlessandro Franceschi
 
ReUse Your (Puppet) Modules!
byAlessandro Franceschi
 
Puppet for dummies - PHPBenelux UG edition
byJoshua Thijssen
 
Puppet fundamentals
byMurali Boyapati
 
Puppet @ Seat
byAlessandro Franceschi
 
PuppetCamp Ghent - What Not to Do with Puppet
byOlinData
 
Puppet: What _not_ to do
byPuppet
 
PuppetCamp Ghent - What Not to Do with Puppet
byWalter Heck
 
Puppet
bycsrocks
 
A Presentation about Puppet that I've made at the OSSPAC conference
byohadlevy
 
Security Testing Using Infrastructure-As-Code
byVision Concepts Infrastructure Services Solution
 
Puppet and the HashiStack
byBram Vogelaar
 
Intro to-puppet
byF.L. Jonathan Araña Cruz
 
Test driven infrastructure
bySkills Matter Talks
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
byPuppet
 

Recently uploaded

PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PPTX
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PPTX
Career-Opportunities in Industrial Arts Grade 8 PPT Lesson 2
byFSBTLEDNathanVince
 
PDF
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PPTX
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
Agentic AI with Google ADK GDG On Campus Netaji Subhash Engineering College
bydscnsecorg
 
PDF
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
PPTX
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Designing a Blog Using Wordpress
bymarkzubi50
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Career-Opportunities in Industrial Arts Grade 8 PPT Lesson 2
byFSBTLEDNathanVince
 
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Agentic AI with Google ADK GDG On Campus Netaji Subhash Engineering College
bydscnsecorg
 
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 

Puppet: Eclipsecon ALM 2013

  • 1.
    Less talk, morerock Puppet ALM Connect 2013
  • 2.
  • 3.
  • 5.
  • 7.
    Classes should beimmutable unless there's a very good reason to make -- Joshua Bloch, “Effective Java” them mutable....If a class cannot be made immutable, limit its mutability as much as possible.
  • 8.
    Immutability allows for invariants,which help you reason about correctness
  • 9.
  • 10.
  • 11.
    (this shouldn’t be a tough sell to developers)
  • 12.
    That’s great for develoment,but how about operations?
  • 13.
    Immutability for infrastructure? Because operationsis in the same boat as development
  • 14.
    Everyone who’s got theirapp running on a fleet of servers has experienced spooky action at a distance
  • 15.
    Known, good stateis critical for reliable upgrades
  • 16.
    A lack ofpredictability in your systems ruins automation and abstraction
  • 18.
    The problem isthat: Systems are inherently mutable! But ideally: Systems should behave as though they weren’t!
  • 19.
  • 20.
    Computer systems arein many ways open systems, providing the keys to the vault if one is so inclined to grab them. But in order to foster an air of immutability in our own systems, it's of utmost importance to create a façade of immutability. Immutability -- The Joy of Clojure requires that we layer over and abstract the parts of our system that provide unrestrained mutability.
  • 22.
    Describe how you’d likeyour systems to look, and Puppet does all the hard work for you!
  • 23.
    Example: Inquire a simpleservice for exposing system metrics
  • 24.
  • 25.
    install apache create apache user create apache config file cgi script for “df -h” correct perms for script start apache restart if config changes!
  • 26.
    Once you’ve gota spec for your service, you can see if a given machine is up to code
  • 27.
    • Packages: • Data files: • apache • /var/www/cgi-bin/ • Users: disk_usage • apache • executable, owned by apache • Config files: • apache’s httpd.conf • does “df -h” • Services: • apache should be running • restart if config file changes
  • 28.
    class inquire_server { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache];   "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; } }
  • 29.
    class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; } }   class inquire_disk_usage { include inquire_bootstrap file { "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; } }
  • 30.
    class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; } }   define inquiry($command) { include inquire_bootstrap file { "/var/www/cgi-bin/$name.sh": owner => apache, mode => 755, content => $command; } }
  • 31.
    node “appserver.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } }
  • 32.
    node “appserver1.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } } node “appserver2.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } }
  • 33.
    class instrumentation { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } } node “appserver1.mydomain.com” { include instrumentation } node “appserver2.mydomain.com” { include instrumentation }
  • 34.
    Rich set ofprimitives, and make your own. Can use existing modules and abstractions, and make your own.
  • 39.
    netmask_lo: 255.0.0.0 ipaddress: 172.16.245.128 augeasversion: 0.10.0 processor0: Intel(R) Core(TM) fqdn: pe-debian6.localdomain i7-2635QM CPU @ 2.00GHz manufacturer: "VMware, Inc." lsbdistrelease: 6.0.2 processorcount: "1" uniqueid: 007f0101 productname: VMware Virtual hardwaremodel: i686 Platform kernelversion: 2.6.32 physicalprocessorcount: 1 operatingsystem: Debian facterversion: 1.6.7 architecture: i386 boardproductname: 440BX Desktop lsbdistdescription: Debian GNU/ Reference Platform Linux 6.0.2 (squeeze) kernelmajversion: "2.6" lsbmajdistrelease: "6" hardwareisa: unknown interfaces: "eth0,lo" timezone: PDT ipaddress_lo: 127.0.0.1 puppetversion: 2.7.12 (Puppet uptime_days: 0 Enterprise 2.5.1) lsbdistid: Debian lsbdistcodename: squeeze rubysitedir: /opt/puppet/lib/ is_virtual: "true" site_ruby/1.8 operatingsystemrelease: 6.0.2 rubyversion: 1.8.7 virtual: vmware osfamily: Debian type: Other memorytotal: &id001 502.57 MB domain: localdomain memorysize: *id001 hostname: pe-debian6 boardmanufacturer: Intel selinux: "false" Corporation kernel: Linux path: /usr/local/sbin:/usr/
  • 42.
    file { “/etc/issue”: content => “Got an issue? Here’s a tissue!”, } file { “/etc/motd”: content => template(“Welcome to $hostname!”), }
  • 43.
    file { "/etc/sudoers": owner => root, group => root, mode => 440, source => "puppet:///modules/sudo/sudoers" }
  • 44.
    class ntp { package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", } }
  • 45.
    node “webserver.mydomain.com” { include ntp } node “appserver.mydomain.com” { include ntp } node “database.mydomain.com” { include ntp }
  • 46.
    class ssh { @@sshkey { $hostname: type => dsa, key => $sshdsakey } Sshkey <<| |>> }
  • 49.
    File “/tmp/foo/bar” User “deepak” Dir “/tmp/foo” Dir “/tmp”
  • 50.
    Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  • 51.
    Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  • 56.
    package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 57.
    package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 58.
    package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 59.
    package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 63.
    Idempotent, and only doeswhat’s necessary
  • 64.
    Compensates for the inherentmutability of systems
  • 65.
    Combats spooky action ata distance with automatic repair
  • 66.
  • 67.
    A foundation of predictabilityand reliability lets you perform higher-level operations on your infrastructure
  • 68.
    Code all theway down
  • 69.
  • 70.
    Thus, you cantreat it like the other code in your application
  • 71.
  • 72.
    Maintaining the state ofyour systems is the foundation upon which everything rests
  • 73.
    Start small, andstart somewhere. :)
  • 74.