Are you thinking about automation and DevOps for your Windows environments or looking for alternative for System Center Configuration Manager? In this session, we will share our history and experience with migration from SCCM to Puppet running on Windows. Main points on which will focus: * Linux and Windows environments - Puppet to rule them all :) * Migrate from System Center Configuration Manager to Puppet, etc. * How easy manage updates, applications, etc. * Automate virtual machine deployment and integrate with DCIM.

2. Puppet + Windows + VM
manager + DCIM =
Works Great!
Adam Młynarczyk, Daniel Pijanowski
System Engineers @ allegro.pl

3. 1999

5. 15+ mln users 500+ engineers 6k+ puppet
managed nodes

6. 5765 miles

7. Pet vs Cattle

10. Automation?!

12. How did we patch windows?

15. Quo vadis?

16. System Center 2012 or something else?

18. How do we patch windows now?

19. 1. Windows Server Update Services (WSUS)

22. 1. Windows Server Update Services (WSUS)
2. Puppet

23. class common::windows {}

24. puppet module install puppetlabs-wsus_client

26. github.com/puppetlabs/puppetlabs-wsus_client/pull/48/

27. github.com/puppetlabs/puppetlabs-wsus_client/pull/48/

28. github.com/puppetlabs/puppetlabs-wsus_client/pull/55
github.com/puppetlabs/puppetlabs-wsus_client/pull/48

30. 1. Windows Server Update Services (WSUS)
2. Puppet
3. Ralph

31. github.com/allegro/ralph

32. ralph.allegro.tech
ralph-demo.allegro.tech

35. class { 'safepatch': }

36. 'MS_UpdateWindow_1': {
notify{"safepatch: global repository set ${::global_repository}, running":}
$update_option = 'Scheduled'
$run = 'ok'
$day = 'Monday'
$hour = 1
$wsus_group = 'Production'
}
'MS_Test': {
notify{"safepatch: global repository set ${::global_repository}, running":}
$update_option = 'Scheduled'
$run = 'ok'
$day = 'Monday'
$hour = 22
$wsus_group = 'Test'
}

37. class { 'wsus_client':
server_url => $wsus_url,
auto_update_option => $update_option,
scheduled_install_day => $day,
scheduled_install_hour => $hour,
enable_status_server => true,
target_group => $wsus_group,
detection_frequency_hours => $frequency,
no_auto_reboot_with_logged_on_users => false,
always_auto_reboot_at_scheduled_time => true,
always_auto_reboot_at_scheduled_time_minutes => 15;
}

40. Windows deployment

46. Where we are now

47. puppet module install:
chocolatey-chocolatey
puppetlabs-powershell
puppet-windows_env
puppetlabs-registry
trlinkin-domain_membership
puppetlabs-reboot
puppet-windowsfeature

48. windowsfeature { 'Telnet-Client':
ensure => present;
}
class { 'chocolatey':
choco_install_location => 'C:ProgramDataChocolatey',
chocolatey_download_url => 'http://host/windows/chocolatey.0.9.10.3.nupkg',
use_7zip => false,
choco_install_timeout_seconds => 2700;
}
package { 'zabbix-agent':
ensure => 'latest',
require => Class['chocolatey'];
}

49. class { 'domain_membership':
domain => 'allegrodomain',
username => 'privileged_user',
password => hiera('privileged_user'),
machine_ou => 'OU=Servers,DC=allegrodomain',
join_options => '3',
notify => Reboot['after_domain'];
}
reboot { 'after_domain':
apply => finished;
}
file {
'C:Program FilesPuppet LabsPuppetfacterlibfacterec2.rb':
ensure => absent;
'C:ProgramDataPuppetLabsfacterfacts.disinstalled.ps1':
ensure => present,
source => 'puppet:///modules/common/windows/isinstalled.ps1',
source_permissions => ignore;
}

50. Puppet + Windows + VM manager + DCIMPuppet Windows VM manager DCIM

52. Demo

54. Q&A

55. https://allegro.tech/
https://github.com/allegro
@AllegroTechBlog
allegro.tech
adam.mlynarczyk@allegro.pl
daniel.pijanowski@allegro.pl