2. Carl Caum: Sr. Technical Marketing Manager at
Puppet
Martín Beauchamp: Site Reliability Engineer at
Shapeways
Paul Hortiatis: Site Reliability Team Lead at
Shapeways
Speakers
6. We help great companies:
Become great software companies
Deliver fantastic experiences to their users
Provide better software, faster
And do it simply, at scale and securely
7. Automate for speed, reliability and security
Define with a common
language
Gain situational
awareness
Orchestrate change
intelligently
Ensure security &
compliance
What’s needed to deliver and operate modern software simply, at scale and securely
Across devices, through the stack
8. Define with a common language
● Easy to read, understand, write & share
● Write once, use everywhere
● Testing built in
● No code clobbering
● Choose from thousands of free modules,
backed by a vibrant ecosystem
Standard way for teams to deliver and operate software
Puppet code example
9. Gain situational awareness
● Real-time change visibility
● Unique dependency visualizations
● Continual drift monitoring and reporting
● Audit and compliance reporting
● Built-in, custom and 3rd party visualizations
Know exactly what is going on with all your software
Event inspection in Puppet Enterprise
11. Cumulus Linux
Native Linux Operating
Model
Robust Hardware
Ecosystem
Extensible Automation Ready
Cumulus Linux is a native Linux Network OS that is deeply rooted in Debian.
13. Networking before DevOps
Siloed Teams Siloed tools and
processes
Slow collaboration and
limited information
sharing
Different processes and
tasks for provisioning vs
ongoing management
Siloed, slow, and costly
14. Networking with Puppet
Unified teams
Puppet’s common language and
tooling provides a single source
of truth to enable IT teams to
unify the way they work
Unified processes
Making changes that span
network and compute are made
with the same change process
and tools.
Unified and efficient
Increased collaboration
Anyone can contribute to the
infrastructure code base and
anyone can see how any part of
the infrastructure is being
managed.
Unify Day 1 to Day 100
The same code that provisions
the switch configuration also
continuously monitors and
remediates the configuration.
15. The Automation Advantage
Ordering/Delivery
Days/Weeks Hours/Days
(Manual)
ProductionPhysical
Install
Ordering/Delivery ProductionPhysical
Install
ONIE
Boot
CL
Install
Agent
Pull
Install
Config
Manually
Install
Manually
Configure
The New Way
Seconds/Minutes
(Automated)
Days/Weeks
The Traditional Way
Ordering/Delivery Production
Ordering/Delivery Production
Automated
Configure
Automated
Install
(ONIE BOOT)
Continuous
Drift
Management
Drift
Management
Manual/
Custom
16. A 3D printing marketplace where you can design, make, buy
and sell amazing products
17. Challenges
● Limited networking team size
● Fast evolving infrastructure - networking
wasn’t always top priority
● Vendor hardware wasn’t suitable for rapid
change or didn’t have the desired
capabilities
17
18. Goals
● Manage the network like we manage our
servers
● Leverage existing Linux expertise
● Cultivate DevOps culture
● Reliability
● Scalability
18
20. Why Cumulus Linux
● It was Linux, and we know Linux
● Well supported by other tools already
in place
● Improved reliability with Routing on the
Host
● Network agility and lower risk of
change
Cumulus’ Linux based OS and wide range of hardware support meant we could use the expertise we already had
to have a successfully managed network.
20
21. Remove Operational Complexity
● Puppet code is portable between
environments
● Puppet modules house reusable
abstractions for underlying system
configurations
● Puppet modules provide simple
interfaces with controls we care about
● OS differences are handled behind the
abstraction interface
● Hiera and data bindings enable
simplified interfaces
Puppet enables us to build abstractions to complex implementations so we can focus on the controls we care
about and reuse the implementation in as many places as necessary.
21
22. How We Did It
22
● Automated network
topology is generated,
starting with the network
leafs (servers)
● Children configure their
parent
● In-house developed build
script builds the connection
configuration for the switch
"swp49":
parent: "r1-spine"
port: "swp1"
"swp50":
parent: "r2-spine"
port: "swp1"
p2p1:
parent: r3-leaf-a
port: swp44
p3p1:
parent: r3-leaf-b
port: swp44
p2p1:
parent: r3-leaf-a
port: swp43
p3p1:
parent: r3-leaf-b
port: swp43
p2p1:
parent: r3-leaf-a
port: swp42
p3p1:
parent: r3-leaf-b
port: swp42
"swp49":
parent: "r1-spine"
port: "swp1"
"swp50":
parent: "r2-spine"
port: "swp1"
23. The Rollout
● Rolled out with a datacenter migration
● The second datacenter went smoother
because we codified what we learned
from the first migration
23
24. Gotchas
● Don’t assume that networking works
the same between similar OSes, or
even different versions of the same OS
● Don’t take on too much at once
● Finish and validate your current change
before moving on to the next one
24
The DevOoops
25. Where Are We Now?
● Puppet manages all of our switches
● Network configs are versioned in Git
and proposed changes get team review
● Our network is fast and reliable
25