The document discusses using Terraform and ECS for scaling Puppet infrastructure, highlighting key concepts like Infrastructure as Code and container management. It presents the benefits of speed and scalability while addressing challenges related to complexity and operability. The talk outlines a use case involving client/server architecture and discusses potential improvements in service discovery and monitoring.

1. Puppet at Scale
using Terraform & ECS

2. 2
Maxime VISONNEAU
Principal DevOps Engineer
@mvisonneau

3. The story behind this talk..
3

4. Agenda
 Terraform and ECS?
 Why?
 How?
 Beyond!
4Puppet at Scale using Terraform & ECS

5. 5
TERRAFORM
 Infrastructure as a Code
 Execution plans
 Resource graph
 Change automation
 Open Source
 Strong community
 Enterprise support
https://github.com/hashicorp/terraform

6. Alternatives to Terraform
6Puppet at Scale using Terraform & ECS
CloudFormation
Tied to AWS Not made for that

7. 7
ECS
 Container management service
 Highly scalable
 Highly available
 Managed through AWS SDK/API/CLI
 Maintained by AWS

8. Alternatives to ECS
8Puppet at Scale using Terraform & ECS
GO AHEAD!

9. Why?
9

10. Use case
Client / Server architecture
 Certificate Authority
 Server workloads
 PuppetDB for reporting, with a human
friendly interface on top of it
Lets keep it opensource for now
10Puppet at Scale using Terraform & ECS

11. Why not masterless ?
11

12. So why then ?
12

13. Because we can!
13

14. The love of the sport!
14

15. SPEED!
15

16. 16
0
100
200
300
400
500
600
ECS EC2
seconds

17. 17Puppet at Scale using Terraform & ECS
Pros
 Speed of scale
 Scalability
 Reliability / Availability
 Additionnal level of abstraction
 Enhanced compute resources sharing
 No chicken/egg issue at Puppet is not
configuring itself anymore
Cons
 Complexity
 Operability
The TCO will depend on where you
currently are regarding your
implementation of containers at scale.

18. How?
18

19. First things first!
19

20. The Puppet Code
20Puppet at Scale using Terraform & ECS

21. One step at a time!
21

22. The Certificate Authority
22Puppet at Scale using Terraform & ECS

23. The Puppet Server
23Puppet at Scale using Terraform & ECS

24. The Puppet DB
24Puppet at Scale using Terraform & ECS

25. The puppetboard
25Puppet at Scale using Terraform & ECS
PuppetDB

26. Assembling the pieces together
26

27. 27

28. And there it is..
28

29. SHOWTIME!
(time to pray the demo gods)
29

30. 30

31. Room for improvement
(a big one!)
31

32. How could we make it better ?
Service discovery
Move away from
load balancers and
enhance portability
Use a unikernel
Improve
immutability of the
base image we use
Monitoring
What we don’t
monitor never
fails
Abstract data
persistence
Will enable the
portability of the
solution onto
another provider
32Puppet at Scale using Terraform & ECS
Change scheduler
Improve operability
and be cloud
provider agnostic

33. How could we make it better ?
33Puppet at Scale using Terraform & ECS

34. That’s it!
34

35. Time for questions
(and answers if possible..!)
35