State of Puppet 2013 - Puppet Camp DC
•Télécharger en tant que PPT, PDF•
9 j'aime•3,076 vues
This document provides an overview of Puppet and Puppet Enterprise. It summarizes the key components and projects that make up Puppet like Puppet, Facter, Hiera, MCollective and PuppetDB. It describes the capabilities of Puppet Enterprise like configuration management, orchestration, discovery, provisioning and reporting. The document also provides community growth metrics and information on training offered by Puppet Labs.
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (20)
En vedette
En vedette (20)
Similaire à State of Puppet 2013 - Puppet Camp DC
Similaire à State of Puppet 2013 - Puppet Camp DC (20)
Plus de Puppet
Plus de Puppet (20)
Dernier
Dernier (20)
State of Puppet 2013 - Puppet Camp DC
- 1. James Sweeny @jsween_y IRC: supercow on freenode
- 2. A Quick Poll
- 8. Get the 2013 State of DevOps Report at https://puppetlabs.com/solutions/devops/
- 11. New Approach: Software Defined Infrastructure
- 12. Lifecycle of a Puppet Run
- 14. Community Growth 1,700 modules 449 module authors 1.3 million downloads on the Puppet Forge 80,000 people have downloaded Puppet, PE, MCollective or the Learning VM 5,000+ people have been trained on Puppet technologies
- 15. Community Growth Mailing List Membership Note: Double counting alert!!
- 16. Easy to Get Involved • Help with Documentation • Ask/Answer questions • http://ask.puppetlabs.com • mailing lists • IRC • Help with bug triage • Contribute code • Contribute modules on the Forge puppetlabs.com/community
- 18. Innovation & Reliability: Open Source & Puppet Enterprise Environment for Nurturing Innovation Upstream Open Source Projects puppet mcollective facter +40 puppetdb hiera •~8,000 members •Latest technologies •Rapid release cycles •~1000s of changes / week •Community support (IRC, forums) smaller foss projects IT Automation for Business-Critical Apps Commercial Product puppet enterprise •Commercial-only functionality •Single, integrated solution •Graphical User Interface •Installer & upgrader •QA’d & security hardened •Performance tuning •API guarantees •Support & maintenance •Training & services
- 20. Puppet Enterprise IT automation for end-to-end infrastructure lifecycle management Discovery of nodes, resources, and status using real-time data Provisioning of bare metal, virtual, and cloud capacity IT Automation Configuration installation and configuration of operating systems and applications and automated enforcement Orchestration of multi-step operations to targeted collections of nodes Reporting of all state changes of all resources across all nodes
- 21. Puppet Enterprise: Discovery Dynamic, real-time discovery of nodes, resources, and state Address all nodes simultaneously Query any data source on a node % mco find –S “environment=QA and !dept=sales” !dept=sales” Nodes Puppet Classes & Facts Files & Databases System Queries puppet enterprise No More Outdated CMDBs Current deployment = source of truth Cloud Service APIs (eg, EC2) Ask Specific Questions Focus queries using booleans and regular expressions Scalable, Real-time Responses Asynchronous message busbased architecture
- 22. Puppet Enterprise: Provisioning Quickly stand-up private and public cloud infrastructure Provisions instances and install agents Agents register with master puppet enterprise Agents apply configurations Leverage Existing Work Re-use on-premise configs for cloud deployments Many Clouds, One Solution Avoid lock-in to cloud vendor-specific APIs Prevent Cloud Drift Maintain consistent environments between onpremise and the cloud
- 23. Puppet Enterprise: Configuration Improve agility and productivity through defining and enforcing a desired state 1. Define the desired state service { ‘ssh’: ssh’ ensure => running, enable => true, true, subscribe => File[‘/etc/sshd_config’] File[ /etc/sshd_config’ } 2. Simulate configuration changes 4. Report on differences and any changes made puppet enterprise Current State Desired State 3. Enforce the deployed desired state – automatically
- 24. Puppet Enterprise: Orchestration Controlled, multi-step operations to targeted collections of nodes Goal: update Apache on all QA nodes Update 10% of nodes Update next 20% Wait 20 min 100% of nodes updated Wait 20 min Puppet Enterprise Dynamic Multi-step Operations Chain the outputs of one operation into the next Manage Change Rate Progressively apply changes to sub-sets of nodes Control Change Scope Apply changes only to specifically tagged nodes
- 25. Puppet Enterprise: Reporting Inventory and change data accessible via GUI and APIs Comprehensive Infrastructure Data Hardware and software inventory, change reports, configuration graphs Open Standards YAML, JSON, and .dot-formatted data accessible via RESTful API Rich Ecosystem of Tools Boundary, New Relic, Graphite, GraphViz, Gephi, and many more
- 26. Puppet Enterprise: Event Inspector Quickly understand and act on changes occurring in your infrastructure Know What Changed, Where, & How Visualize infrastructure changes by Nodes, Classes, and Resources Understand the Impact Drill-down, zoom-out to evaluate the scope of changes Take Action & Improve Service Levels Get the specifics to address and manage change
- 27. Puppet Enterprise: Role-Based Access Control Read-only, Read-write, and Admin roles Easy Set-up Quickly create new users through the Puppet Enterprise console GUI Easy Installation Select from Read-only, Read-write, or Admin roles Native Resource Support Users’ activities logged and auditable Third-Party Authentication Support LDAP, Active Directory, Google Apps
- 28. The Projects that Make Puppet Awesome
- 29. Puppet • Core project in the Puppet ecosystem • Idempotent, model-based configuration management • A simple language to describe state and an engine for enforcing it • Huge library of reusable modules on the Puppet Forge Puppet Enterprise built on top of Puppet
- 30. MCollective (mco) • • • • • Framework for server orchestration Parallel, real-time job execution Pluggable discovery of resources Target only the systems you want Extensible through simple Ruby agents Drives Orchestration Engine in Puppet Enterprise
- 31. PuppetDB • Foundation for applications that use Puppet data • Central storage for catalogs and facts that are part of your puppet infrastructure • Incredibly fast replacement for existing ActiveRecord stored configs • The most recent facts and catalog for every node Foundation for Puppet / Puppet Enterprise data storage
- 32. Hiera • • • • Simple, pluggable Hierarchical Database Key/value lookup tool for configuration data Keeps site-specific data out of your manifests Puppet classes request data and Hiera will act like a site-wide config file • Makes it easy to configure nodes, re-use Puppet modules and publish your modules Foundation for Puppet / Puppet Enterprise Hierarchical Data
- 33. Facter • Collects Facts about each system and uploads them to the Puppet • • • master, making an inventory system and a way to make decisions in your Puppet code Facts are available as variables in the Puppet DSL, like ‘$operatingsystem’ Super easy to plug-in additional facts in Ruby External Facts let you extend your inventory without Ruby: • shell, batch files or Powershell on windows, raw YAML Foundation for Puppet / Puppet Enterprise Inventory
- 34. Razor Provisioning • Rules-based provisioning for bare metal hardware and virtual • • • • • servers Developed in cooperation with EMC/VMWare Easily deployed via a puppet module from the Forge Automatically brings new servers into your puppet infrastructure Open, pluggable, and programmable Not yet ready for prime time - Help us get there by filing bugs and contributing to the community
- 35. Puppet Armatures (ARM) • Proposals to enhance / add features • Process for collecting, reviewing, sorting, and recording the result of proposals for enhancements • Used for work that is significant or large impact • Community-focused process with improved openness and transparency Feature Enhancements for Puppet github.com/puppetlabs/armatures
- 36. Puppet Forge: Module Repository • By the community ... For the community • Identify and use the best ones • Contribute your own modules Jan 2012 September 2013 Modules 260 1525+ Users 930 3100+ Total Downloads Since Feb 2012 1.4 million Add Additional Functionality to Puppet / Puppet Enterprise
- 38. Puppet Labs
- 39. Puppet Labs: by the numbers Jan 2012 September 2013 Employees 55 190+ Customer Countries 29 42 Office Space 836 m2 9,000 ft2 2,232 m2 25,000 ft2
- 40. We’re Hiring!
- 43. Training Courses and Certification
Notes de l'éditeur
- How many people are using Puppet now? How many using Puppet for more than a year? More than 2 years? 3 years? How many are currently on 2.x series? 3.x series? How many are using PE?
- More services More servers More critical No future in which IT is smaller and matters less Remember Maintenance windows? Remember back-out plans that involved reverting on Saturday night if things didn’t go well?
- 9 months is too long *3* months is too long
- You can’t hire 1 sysadmin for every 25 servers any moreYou can’t decide not to change
- You can launch 1000 machines in 20 minutes Workloads can shift in minutes, not days Many of your developers adopted Agile and Lean practices Shipping code to you every week or even every day
- Bad. Big incumbents that are pre-cloud, pre-devops Shell scripts and hand-rolled solutions Manual configuration
- 80k downloads: any user (ie, they've given us their email address) who downloaded Puppet OR Puppet Enterprise OR MCollective OR Learning Puppet VM.5000 have attended a Puppet training class.
- The community continues to grow and grow!
- Question(s) Slide Answers and/or Slide’s Purpose: “What’s the difference between your FOSS projects and Puppet Enterprise?” Communicate that it is not an apples-to-apples comparison between PE and Puppet open source – each addresses a fundamentally different need. “You wouldn’t want to run your mission-critical business on a collection of cutting-edge open source projects, right?”
- Question(s) Slide Answers and/or Slide’s Purpose: “What are the basic capabilities of Puppet Enterprise?” Plant the seed that PE is not just a single-shot, one-off tactical tool; it can play a strategic role in IT infrastructure management. Problem IT is forced to use different tools from different vendors when managing their infrastructure. Capability Puppet Enterprise has the capabilities IT needs for end-to-end lifecycle management of their infrastructure. Benefit One tool, one training, one vendor Multiple capabilities certified to work well together
- DISCOVERY Problem Old way of keeping track of servers with barcodes, clipboards, and spreadsheets simply doesn’t scale and isn’t dynamic enough. Ask “What do you do today to keep track of your nodes and the services and resources on them?” Ask “Does anyone ever ask, ‘What’s on that box?’ … and no one can answer?” Capabilities Instead, with dynamic infrastructure the infrastructure itself is the best single-source of truth. Puppet Enterprise’s discovery capability allows users to access any data source in real-time in their node network. Benefits Never out-of-date data about node status, resources, etc. – always current, always consistent. No more, “What’s on that box?” confusion. Pluggable / customizable – any file, API, etc can serve as a data source. Highly scalable and fast
- CLOUD PROVISIONING Problem QA team needs to rapidly provision virtual machine (VM) environments for testing performance engineering team needs to provision lots of AWS instances to create test load on applications sysadmins finding they need multiple, silo’d tools for provisioning, configuring, and managing VMware or AWS environments Capability Create VMware or Amazon cloud node capacity Automatically install the Puppet Enterprise Agent Automatically configure the new nodes using Puppet Modules Benefit Respond quickly to business demands while maintaining consistency across your deployment environments – public or private Re-use the same configurations you built for your physical infrastructure for your virtual and/or cloud infrastructure FAQs Q: Will this work with my existing VMware deployment? A: Yes, PE cloud provisioning uses the VMware vSphere API
- CONFIGURATION MANAGEMENT Problem Ask “How does your team configure operating systems and applications today?” Sysadmins struggle to quickly configure nodes and deploy applications Lack of confidence that, despite following procedural steps, the nodes are actually in the intended state Sysadmins struggle to maintain the original server and app configurations over time – “configuration drift” Little-to-no visibility into what configurations are changing in their infrastructure over time Capability: Declarative, Model-based Automation Define the desired end-state of resources and applications in the Puppet language Simulate the definitions to make sure they do what was expected Then, in enforcement mode, Puppet Enterprise automatically maintains the defined state Puppet Enterprise rolls-up any changes to any resource made in enforcement mode into reports accessible via Puppet Enterprise GUI and APIs Benefits Automate away repetitive, menial tasks Eliminate configuration drift Centralized management – change a single definition file, all nodes get updated Write definitions once and re-use again and again and again Complete visibility into the state and rate-of-change of the infrastructure and applications
- ORCHESTRATION Problems Ask, “What orchestration tool are you using today?” The problem isn’t just automating change to a single node; most IT organizations are managing 100s even 1000s of nodes. How do you roll-out changes to all the nodes? If you do it all at once, what if you make a mistake? How do you roll-out changes to just a subset of nodes, eg, just the QA nodes? Capabilities Based on input from Discovery, target changes to subsets of nodes, eg, just the QA nodes Automatically roll-out changes across entire data center one subset at a time, separated by user-defined period of time Schedule and trigger Puppet Enterprise agents directly from Puppet Enterprise console GUI Benefits Complete control over rate-of-change to nodes Re-usability of progressive deployment automation Fast and highly scalable
- REPORTING (Graphic = visualization of node graph data, showing configuration dependencies among nodes) Problems Trying to easily populate their asset management database. Needing more configuration change details for auditing or change management process verification. Stumped by configuration dependencies between Puppet modules. Capabilities Three sets of data Node hardware and software inventory data (Facts provided by PE 2.5’s inventory service) Puppet run reports (run results, including automatically enforced configuration changes) Node configuration graph data (dependencies within and amongst nodes) Formats: YAML, .dot API: Accessible via RESTful Puppet API Puppet Enterprise console GUI Benefits Enables customers to dig deeper into the changes occurring in their infrastructure. Open data formats and APIs allow customers to take advantage of a wide range of tools available to process, analyze and visualize. Open data formats and APIs are technically accessible to system administrators – they do not need to ask development to build the app, the system administrators can do it themselves. EXAMPLES A customer using Dell server hardware used the Puppet Data Library API to access the PDL inventory service and regularly pull each server’s serial number, then automatically check the serial number against Dell’s support website to see whether the server was still under warranty. A customer trying to optimize configuration modules uses Puppet Data Library to create graph of configuration dependencies and then visualize that using GraphViz. FAQs Available in Puppet open source? Yes. What about Splunk? Complementary with Splunk. Splunk only looks at log files. PDL looks at separate, complementary data. If system admin is using Splunk, they’re a good candidate for Puppet Data Library.
- EVENT INSPECTOR (Graphic = event inspector screen in PE console) Problems “What class (eg, “Apache service”) changed in my infrastructure?” “Which nodes did it impact?” “How did this change happen?” Capabilities Inspect changes from Class, Node, and Resource points-of-view Zoom-in to individual resources (files, users, packages, etc) to get specific details Zoom-out to aggregations of 10s and 100s to understand impact Benefits Quickly identify what changed, and where Understand the scope of impact – Large? Small? Get details needed to take action to remediate and/or pro-actively manage FAQs Available in open source Puppet? No.
- Role-Based Access Control (RBAC) (Graphic = RBAC Admin GUI, showing set-up/editing of user with Read-only access) Problem Multiple system administrators of varying degrees of experience and seniority managing PE environment via same PE console. Managers wanting access but system administrators concerned that the managers will accidentally screw things up. Security compliance team complains about lack of auditability of system administrators’ activities. Capability Create users and assign Read-only, Read-write, or Admin roles via Puppet Enterprise console GUI. Activate / De-activate individual users as necessary. All users’ activities logged. Benefits Balances Access & Control: Allows system administration team to maintain control while providing access and visibility to managers, junior employees, colleagues in other departments, etc. Accountability & Auditability: Security compliance teams can demonstrate IT compliance with policies as well as conduct audits and forensics on log data. FAQs Available in Puppet open source? No, Puppet Enterprise only. Comparable functionality accessible via command line? No. What’s on roadmap? Customer-defined roles, command line functionality comparable with GUI.
- Unpacking the second bullet point a bit-- Idempotent = “Run the command multiple times, only the first one makes a change” Model-based = Don’t tell puppet how to do something, just describe what you want done Configuration management = Automated, repeatable, auditable changes to Unix, Linux and Windows systems You do this through Puppet’s Domain Specific Language, aka the Puppet DSL, which looks kind of like a nagios configuration file but has some programming language concepts like if/else conditions, variables and loops. But mostly, especially if you’re getting started with managing common services like web and database servers, you can just download and use modules from the Puppet Forge, configure them for your environment and start “pulling the strings” of your infrastructure.
- ‘Stored configs’ are Puppet’s way of sharing information between nodes in your infrastructure. You pick resources to EXPORT from one node’s configuration, puppet STORES them in the database, then COLLECTS them for other machines to use. A really common use for this is EXPORTING all your web servers’ instance names and port numbers and then COLLECTING them for your monitoring server to build nagios configuration automatically.
- What all this means is that puppet plus razor allows the administrator to automate the entire infrastructure stack, from bare metal to fully deployed applications in a cloud
- armature |ˈärməCHər, -ˌCHo͝or |2 a metal framework on which a sculpture is molded with clay or similar material. • a framework or formal structure, esp. of a literary work: Shakespeare's plots have served as the armature for many novels.-- New Oxford American Dictionary Puppet Armatures are proposals to enhance / add features to Puppet or something in the Puppet eco-system. This is a community-focused process intended to improve openness and transparency in both Puppet Labs-funded and contributor efforts. For details, please read ARM-0, which describes the rationale and process. There is currently a gap in the process for developing Puppet that is sometimes critiqued as lack of openness, frustration over where and how to get ideas heard, and the perception that the redmine issue tracker functions as a dumping ground for fly by feature requests that sit there for years with no, or very little, action or value. Other open source projects have adopted an enhancement process to deal with such issues, and thus, this is an attempt to define ARM - Puppet Armatures. This proposal is heavily inspired by the Java community's JEP process. In some cases, ARMs are artifacts of the process leading up to one or several issues/feature requests in the issue tracker. In others, they may be detailed, principled specifications for major innovations. Read more about ARM process here: https://github.com/puppetlabs/armatures/blob/master/arm-0.arm/arm.md
- Lots more focus Dedicated team
- - Puppet Test Pilots is our user research program. - To make sure we build products that solve real problems, we must talk the experts - you. We want your honest feedback. - Test Pilot sessions are typically 1 hour remote screensharing meetings. - Topics range from PuppetDB to release management to the Puppet Forge. - Test Pilots have a direct impact on the future of Puppet products. - Test Pilots receive gift cards and t-shirts for every session they participate in. - Anyone can sign up to be a Puppet Test Pilot, even if you don't use Puppet. - Sign up at puppetlabs.com/ptp. You'll be invited to participate in the next session we're conducting!
- These short, online video courses are focused on a specific topic with exercises and quizzes to test your learning all from the comfort of your home, office, couch or favorite coffee shop. Best of all, we’re currently offering these courses for free!