SlideShare une entreprise Scribd logo

Using puppet

Télécharger en tant que PPTX, PDF
Alex Su
Alex Su
Technologie
1  sur  30
Using Puppet Alex Su 2011/12/26 Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 1
What is a system admin? Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Don‟t look at me... I wasn‟t the last one to touch it... Trend Micro Copyright 2009 Trend Micro Inc. Confidential
One Goal: Revolutionize System Administration Trend Micro Copyright 2009 Trend Micro Inc. Confidential
An Analogy Programming SysAdmin Low-level, Assembly commands non-portable and files Abstract, Java / Python / Ruby Resources portable Trend Micro Copyright 2009 Trend Micro Inc. Confidential
This apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Becomes package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd } service { sshd: ensure => running, } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Puppet Quick Overview • Stop administrating your environment and start developing it... • Re-usable code for managing your software & configurations • Provides a Domain Specific Language (DSL) to script with – Classes, conditionals, selectors, variables, basic math, etc. • Supports Linux, Solaris, BSD, OS X; Windows in process! Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Puppet Module Structure Trend Micro Copyright 2009 Trend Micro Inc. Confidential
A Partial List of Puppet types Packages • Supports 30 different package providers • Abstracted for your OS automatically • Specify „installed‟, „absent‟, or „latest‟ for desired state • Change from „installed‟ to „latest‟ and deploy for quick Upgrade Services • Supports 10 different „init‟ frameworks • Control whether a service starts on boot or is required to be running always • A service can be notified to restart if a configuration file has been changed Files/Directories • Specify ownership & permissions • Load content from „files/‟, „templates/‟ or custom strings • Create symlinks • Supports 5 types to verify a file checksum • Purge a directory of files not „maintained‟ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Nagios ‘Type’ Support Nagios Service @@nagios_service { "load_check_${hostname}": service_description => "Load Averages", check_command => "load_check!3!5", host_name => "$fqdn", use => "generic-service"; } Nagios Service @@nagios_servicegroup { Group "apache_servers": alias => "Apache Servers"; } Nagios Host @@nagios_host { $fqdn: ensure => present, hostgroups => "ldap", use => "generic-host"; } Nagios Host @@nagios_hostgroup { Group "load_balancers": alias => "Load Balancers"; } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Sample site.pp import "environment" import "util" import "constants" import "bases" import "nodes" # global defaults Exec { path => "/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbi n:/usr/bin:/root/bin" } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Classes vs. Modules • Why use the classes directory and the modules directory? • Classes are more global and usually contain many different modules • Modules are the smallest unit of measure that Puppet builds from Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Sample hadoop master class class hadoop-master { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } class pig { # install packages $packagelist = ["hadoop-pig"] # install packages package { 'base_pig_rpms': ensure => installed, name => $packagelist, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Sample module init.pp class resolv { file { "resolv.conf": path => "/etc/resolv.conf", content => template("resolv/conf/resolv.conf.erb"), owner => root, group => root, mode => 644, ensure => file, } file { "hosts": path => "/etc/hosts", content => template("resolv/conf/hosts.erb"), owner => root, group => root, mode => 644, ensure => file, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Configuration should get modified after Package package installation Service should restart when configuration changes Configuration Service Trend Micro Copyright 2009 Trend Micro Inc. Confidential
package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd, after => Package[ssh] } service { sshd: ensure => running, subscribe => [Package[ssh], File[sshd_config]] } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
What is a template? • Puppet templates are flat files containing Embedded Ruby (ERB) variables • hadoop/conf/hadoop-metrics.properties.erb <% if ganglia_hosts.length > 0 %> dfs.class=org.apache.hadoop.metrics.ganglia.GangliaContext31 dfs.period=10 dfs.servers=<% ganglia_hosts.each do |host| -%><%= host %> <% end -%> <% end %> • resolv/conf/hosts.erb <% ip_host_map.each do |ip,hosts| -%> <%= ip %> <%= hosts %> <% end -%> Trend Micro Copyright 2009 Trend Micro Inc. Confidential
What is a node? • Node definitions look just like classes, including supporting inheritance, but they are special in that when a node (a managed computer running the Puppet client) connects to the Puppet master daemon. • nodes.pp node 'tm5-master.client.tw.trendnet.org' inherits hadoop_master {} or node 'tm5-master.client.tw.trendnet.org' { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Puppet Network Overview • Configuration allows for manual synchronizations or a set increment • Client or server initiated synchronizations • Client/Server configuration leverages a Certificate Authority (CA) on the • Puppet Master to sign client certificates to verify authenticity • Transmissions of all data between a master & client are encrypted Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Every Client: • Retrieve resource catalog from central server • Determine resource order • Check each resource in turn, fixing if necessary • Rinse and repeat, every 30 minutes Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Every Resource: • Retrieve current state (e.g., by querying dpkg db or doing a stat) • Compare to desired state • Fix, if necessary (or just log) Trend Micro Copyright 2009 Trend Micro Inc. Confidential
tail –f /var/log/message Trend Micro Copyright 2009 Trend Micro Inc. Confidential
TM-Puppet /etc/puppet auth.conf files/ manifests/ modules/ autosign.conf byhost/ bases.pp hadoop/ puppet.conf host1/ nodes.pp manifests/ init.pp host2/ site.pp host3/ util.pp templates/ hbase/ pig/ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Reference • Deployment Tools • ERB - Ruby Templating Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Questions? Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 29
THANK YOU! Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 30

Recommandé

Puppet and the Model-Driven Infrastructure
Puppet and the Model-Driven InfrastructurePuppet and the Model-Driven Infrastructure
Puppet and the Model-Driven Infrastructurelkanies
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnwgarrett honeycutt
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksCarlos Sanchez
 
Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Carlos Sanchez
 
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Carlos Sanchez
 
One click deployment
One click deploymentOne click deployment
One click deploymentAlex Su
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013grim_radical
 
Puppet_training
Puppet_trainingPuppet_training
Puppet_trainingAfroz Hussain
 

Recommandé

Puppet and the Model-Driven Infrastructure
Puppet and the Model-Driven InfrastructurePuppet and the Model-Driven Infrastructure
Puppet and the Model-Driven Infrastructurelkanies
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnwgarrett honeycutt
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksCarlos Sanchez
 
Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Carlos Sanchez
 
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Carlos Sanchez
 
One click deployment
One click deploymentOne click deployment
One click deploymentAlex Su
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013grim_radical
 
Puppet_training
Puppet_trainingPuppet_training
Puppet_trainingAfroz Hussain
 
From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012Carlos Sanchez
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe BookTim Riley
 
From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011Carlos Sanchez
 
From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011Carlos Sanchez
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppWalter Heck
 
From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012Carlos Sanchez
 
How to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysisHow to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysisTiago Simões
 
ARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CIARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CICosmin Poieana
 
How to create a secured cloudera cluster
How to create a secured cloudera clusterHow to create a secured cloudera cluster
How to create a secured cloudera clusterTiago Simões
 
10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPSPaolo Tonin
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with AugeasPuppet
 
Raj apache
Raj apacheRaj apache
Raj apachefirstplanet
 
Utosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptUtosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptwebhostingguy
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production OverviewDelve Labs
 
How to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelinHow to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelinTiago Simões
 
Ansible ex407 and EX 294
Ansible ex407 and EX 294Ansible ex407 and EX 294
Ansible ex407 and EX 294IkiArif1
 
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixProvisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixDavid Bosschaert
 
OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)David Bosschaert
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierCarlos Sanchez
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy Systemadrian_nye
 
Puppet Deployment at OnApp
Puppet Deployment at OnApp Puppet Deployment at OnApp
Puppet Deployment at OnApp Puppet
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppOlinData
 

Contenu connexe

Tendances

From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012Carlos Sanchez
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe BookTim Riley
 
From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011Carlos Sanchez
 
From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011Carlos Sanchez
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppWalter Heck
 
From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012Carlos Sanchez
 
How to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysisHow to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysisTiago Simões
 
ARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CIARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CICosmin Poieana
 
How to create a secured cloudera cluster
How to create a secured cloudera clusterHow to create a secured cloudera cluster
How to create a secured cloudera clusterTiago Simões
 
10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPSPaolo Tonin
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with AugeasPuppet
 
Utosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptUtosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptwebhostingguy
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production OverviewDelve Labs
 
How to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelinHow to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelinTiago Simões
 
Ansible ex407 and EX 294
Ansible ex407 and EX 294Ansible ex407 and EX 294
Ansible ex407 and EX 294IkiArif1
 
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixProvisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixDavid Bosschaert
 
OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)David Bosschaert
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierCarlos Sanchez
 

Tendances (19)

From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe Book
 
From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011
 
From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnApp
 
From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012
 
How to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysisHow to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysis
 
ARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CIARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CI
 
How to create a secured cloudera cluster
How to create a secured cloudera clusterHow to create a secured cloudera cluster
How to create a secured cloudera cluster
 
10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with Augeas
 
Raj apache
Raj apacheRaj apache
Raj apache
 
Utosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptUtosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.ppt
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production Overview
 
How to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelinHow to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelin
 
Ansible ex407 and EX 294
Ansible ex407 and EX 294Ansible ex407 and EX 294
Ansible ex407 and EX 294
 
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixProvisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
 
OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next Frontier
 

Similaire à Using puppet

A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy Systemadrian_nye
 
Puppet Deployment at OnApp
Puppet Deployment at OnApp Puppet Deployment at OnApp
Puppet Deployment at OnApp Puppet
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppOlinData
 
Symfony finally swiped right on envvars
Symfony finally swiped right on envvarsSymfony finally swiped right on envvars
Symfony finally swiped right on envvarsSam Marley-Jarrett
 
Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with PuppetAlessandro Franceschi
 
Provisioning with Puppet
Provisioning with PuppetProvisioning with Puppet
Provisioning with PuppetJoe Ray
 
Writing & Sharing Great Modules - Puppet Camp Boston
Writing & Sharing Great Modules - Puppet Camp BostonWriting & Sharing Great Modules - Puppet Camp Boston
Writing & Sharing Great Modules - Puppet Camp BostonPuppet
 
V mware
V mwareV mware
V mwaredvmug1
 
Puppet Primer, Robbie Jerrom, Solution Architect VMware
Puppet Primer, Robbie Jerrom, Solution Architect VMwarePuppet Primer, Robbie Jerrom, Solution Architect VMware
Puppet Primer, Robbie Jerrom, Solution Architect VMwaresubtitle
 
PuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into OperationsPuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into Operationsgrim_radical
 
BuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopBuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopMandi Walls
 
Puppet for Developers
Puppet for DevelopersPuppet for Developers
Puppet for Developerssagarhere4u
 
So you want to be a security expert
So you want to be a security expertSo you want to be a security expert
So you want to be a security expertRoyce Davis
 
From Dev to DevOps
From Dev to DevOpsFrom Dev to DevOps
From Dev to DevOpsAgile Spain
 
Linux Desktop Automation
Linux Desktop AutomationLinux Desktop Automation
Linux Desktop AutomationRui Lapa
 
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platform
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platformDrupal camp South Florida 2011 - Introduction to the Aegir hosting platform
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platformHector Iribarne
 
Getting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionGetting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionCFEngine
 
20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasaggarrett honeycutt
 
[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure[MathWorks] Versioning Infrastructure
[MathWorks] Versioning InfrastructurePerforce
 

Similaire à Using puppet (20)

A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
Puppet Deployment at OnApp
Puppet Deployment at OnApp Puppet Deployment at OnApp
Puppet Deployment at OnApp
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnApp
 
Symfony finally swiped right on envvars
Symfony finally swiped right on envvarsSymfony finally swiped right on envvars
Symfony finally swiped right on envvars
 
Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with Puppet
 
Provisioning with Puppet
Provisioning with PuppetProvisioning with Puppet
Provisioning with Puppet
 
Writing & Sharing Great Modules - Puppet Camp Boston
Writing & Sharing Great Modules - Puppet Camp BostonWriting & Sharing Great Modules - Puppet Camp Boston
Writing & Sharing Great Modules - Puppet Camp Boston
 
V mware
V mwareV mware
V mware
 
Puppet Primer, Robbie Jerrom, Solution Architect VMware
Puppet Primer, Robbie Jerrom, Solution Architect VMwarePuppet Primer, Robbie Jerrom, Solution Architect VMware
Puppet Primer, Robbie Jerrom, Solution Architect VMware
 
PuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into OperationsPuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into Operations
 
BuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopBuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec Workshop
 
Puppet for Developers
Puppet for DevelopersPuppet for Developers
Puppet for Developers
 
So you want to be a security expert
So you want to be a security expertSo you want to be a security expert
So you want to be a security expert
 
From Dev to DevOps
From Dev to DevOpsFrom Dev to DevOps
From Dev to DevOps
 
Linux Desktop Automation
Linux Desktop AutomationLinux Desktop Automation
Linux Desktop Automation
 
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platform
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platformDrupal camp South Florida 2011 - Introduction to the Aegir hosting platform
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platform
 
Belvedere
BelvedereBelvedere
Belvedere
 
Getting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionGetting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated Version
 
20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag
 
[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure
 

Plus de Alex Su

Node js introduction
Node js introductionNode js introduction
Node js introductionAlex Su
 
Scrum Introduction
Scrum IntroductionScrum Introduction
Scrum IntroductionAlex Su
 
Redis Introduction
Redis IntroductionRedis Introduction
Redis IntroductionAlex Su
 
Python decorators
Python decoratorsPython decorators
Python decoratorsAlex Su
 
JMS Introduction
JMS IntroductionJMS Introduction
JMS IntroductionAlex Su
 
Spring Framework Introduction
Spring Framework IntroductionSpring Framework Introduction
Spring Framework IntroductionAlex Su
 
Java Unit Test and Coverage Introduction
Java Unit Test and Coverage IntroductionJava Unit Test and Coverage Introduction
Java Unit Test and Coverage IntroductionAlex Su
 
Cascading introduction
Cascading introductionCascading introduction
Cascading introductionAlex Su
 

Plus de Alex Su (8)

Node js introduction
Node js introductionNode js introduction
Node js introduction
 
Scrum Introduction
Scrum IntroductionScrum Introduction
Scrum Introduction
 
Redis Introduction
Redis IntroductionRedis Introduction
Redis Introduction
 
Python decorators
Python decoratorsPython decorators
Python decorators
 
JMS Introduction
JMS IntroductionJMS Introduction
JMS Introduction
 
Spring Framework Introduction
Spring Framework IntroductionSpring Framework Introduction
Spring Framework Introduction
 
Java Unit Test and Coverage Introduction
Java Unit Test and Coverage IntroductionJava Unit Test and Coverage Introduction
Java Unit Test and Coverage Introduction
 
Cascading introduction
Cascading introductionCascading introduction
Cascading introduction
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Dernier (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Using puppet

  • 1. Using Puppet Alex Su 2011/12/26 Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 1
  • 2. What is a system admin? Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 3. Don‟t look at me... I wasn‟t the last one to touch it... Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 4. One Goal: Revolutionize System Administration Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 5. An Analogy Programming SysAdmin Low-level, Assembly commands non-portable and files Abstract, Java / Python / Ruby Resources portable Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 6. This apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Becomes package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd } service { sshd: ensure => running, } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 7. Puppet Quick Overview • Stop administrating your environment and start developing it... • Re-usable code for managing your software & configurations • Provides a Domain Specific Language (DSL) to script with – Classes, conditionals, selectors, variables, basic math, etc. • Supports Linux, Solaris, BSD, OS X; Windows in process! Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 8. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 9. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 10. Puppet Module Structure Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 11. A Partial List of Puppet types Packages • Supports 30 different package providers • Abstracted for your OS automatically • Specify „installed‟, „absent‟, or „latest‟ for desired state • Change from „installed‟ to „latest‟ and deploy for quick Upgrade Services • Supports 10 different „init‟ frameworks • Control whether a service starts on boot or is required to be running always • A service can be notified to restart if a configuration file has been changed Files/Directories • Specify ownership & permissions • Load content from „files/‟, „templates/‟ or custom strings • Create symlinks • Supports 5 types to verify a file checksum • Purge a directory of files not „maintained‟ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 12. Nagios ‘Type’ Support Nagios Service @@nagios_service { "load_check_${hostname}": service_description => "Load Averages", check_command => "load_check!3!5", host_name => "$fqdn", use => "generic-service"; } Nagios Service @@nagios_servicegroup { Group "apache_servers": alias => "Apache Servers"; } Nagios Host @@nagios_host { $fqdn: ensure => present, hostgroups => "ldap", use => "generic-host"; } Nagios Host @@nagios_hostgroup { Group "load_balancers": alias => "Load Balancers"; } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 13. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 14. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 15. Sample site.pp import "environment" import "util" import "constants" import "bases" import "nodes" # global defaults Exec { path => "/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbi n:/usr/bin:/root/bin" } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 16. Classes vs. Modules • Why use the classes directory and the modules directory? • Classes are more global and usually contain many different modules • Modules are the smallest unit of measure that Puppet builds from Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 17. Sample hadoop master class class hadoop-master { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } class pig { # install packages $packagelist = ["hadoop-pig"] # install packages package { 'base_pig_rpms': ensure => installed, name => $packagelist, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 18. Sample module init.pp class resolv { file { "resolv.conf": path => "/etc/resolv.conf", content => template("resolv/conf/resolv.conf.erb"), owner => root, group => root, mode => 644, ensure => file, } file { "hosts": path => "/etc/hosts", content => template("resolv/conf/hosts.erb"), owner => root, group => root, mode => 644, ensure => file, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 19. apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Configuration should get modified after Package package installation Service should restart when configuration changes Configuration Service Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 20. package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd, after => Package[ssh] } service { sshd: ensure => running, subscribe => [Package[ssh], File[sshd_config]] } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 21. What is a template? • Puppet templates are flat files containing Embedded Ruby (ERB) variables • hadoop/conf/hadoop-metrics.properties.erb <% if ganglia_hosts.length > 0 %> dfs.class=org.apache.hadoop.metrics.ganglia.GangliaContext31 dfs.period=10 dfs.servers=<% ganglia_hosts.each do |host| -%><%= host %> <% end -%> <% end %> • resolv/conf/hosts.erb <% ip_host_map.each do |ip,hosts| -%> <%= ip %> <%= hosts %> <% end -%> Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 22. What is a node? • Node definitions look just like classes, including supporting inheritance, but they are special in that when a node (a managed computer running the Puppet client) connects to the Puppet master daemon. • nodes.pp node 'tm5-master.client.tw.trendnet.org' inherits hadoop_master {} or node 'tm5-master.client.tw.trendnet.org' { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 23. Puppet Network Overview • Configuration allows for manual synchronizations or a set increment • Client or server initiated synchronizations • Client/Server configuration leverages a Certificate Authority (CA) on the • Puppet Master to sign client certificates to verify authenticity • Transmissions of all data between a master & client are encrypted Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 24. Every Client: • Retrieve resource catalog from central server • Determine resource order • Check each resource in turn, fixing if necessary • Rinse and repeat, every 30 minutes Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 25. Every Resource: • Retrieve current state (e.g., by querying dpkg db or doing a stat) • Compare to desired state • Fix, if necessary (or just log) Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 26. tail –f /var/log/message Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 27. TM-Puppet /etc/puppet auth.conf files/ manifests/ modules/ autosign.conf byhost/ bases.pp hadoop/ puppet.conf host1/ nodes.pp manifests/ init.pp host2/ site.pp host3/ util.pp templates/ hbase/ pig/ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 28. Reference • Deployment Tools • ERB - Ruby Templating Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 29. Questions? Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 29
  • 30. THANK YOU! Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 30