Honeycutt garret expanded_intro_to_puppet_for_mailru

Expanded Introduction
to Puppet
рамках Форума
технологий Mail.Ru
2012-04-24
Moscow, RU

Garrett Honeycutt
Professional Services Consultant
garrett@puppetlabs.com
http://linkedin.com/in/garretthoneycutt

The one-oﬀ myth

Your systems are not beautiful
snowﬂakes

photo from http://beesknees67.deviantart.com/

The one-oﬀ myth

• Only temporary

The one-oﬀ myth

• Only temporary

• Replicas for pre-production environments

The one-oﬀ myth

• Only temporary

• Replicas for pre-production environments

• Disaster recovery

Why?

• reduce entropy
• disaster recovery

Why?

• reduce entropy
• change management

Why?

• reduce entropy
• change management
• infrastructure as code

Puppet Community Ecosystem

Puppet Distribution 
Bundled with major OS
!

Text

4,000 person mailing list 
900 conversations a month  Puppet Community 
750 people at all times in IRC Active participation
!

(dedicated channel)

2500+ people
300+ modules Puppet Contributors 
contributing to
contributed to Framework
documentation
Puppet Forge
enhancements
and code
!

Puppet is Pervasive
Web Entertainment Technology

Financial
Defense

Puppet Enterprise
What it is:
• Puppet and related components packaged and
integrated in one install:
• Puppet
• Puppet Master
• Dashboard
• Facter
• Ruby
• Apache
• Passenger, etc.

Puppet Enterprise
• Fully QA’d stack of Puppet and dependencies
• Simpliﬁed installation
• Ease of maintenance
• Pre-conﬁgured for scalability and performance
• Predictable enhancement delivery
• Enhanced enterprise class Support

How Puppet Works

1 Deﬁne: !"#$%&'(()#*+%,)-./0/#"1)%
% ./23'/3)%45'%,)+"32%/%30/($%56%
0)./#"52+$"(+%7)#8))2%0)+5'0-)+%8"#$"2%
0)'+/7.)%95,'.)+:%;$)+)%95,'.)+%,)6"2)%
45'0%"260/+#0'-#'0)%"2%"#+%,)+"0),%+#/#):

JB
B D@
HI
%E
CB

B@
ED
%AG
G>
B%@
A ; B D @;

%4 Report: &'(()#%>/+$75/0,%0)(50#+% 2 Simulate:%!"#$%#$"+%0)+5'0-)%
% #0/-?%0)./#"52+$"(+%7)#8))2% % 30/($<%&'(()#%"+%'2"=')%"2%"#+%
-59(52)2#+%/2,%/..%-$/23)+<%/..58"23% /7"."#4%#5%+"9'./#)%,)(.549)2#+<%)2/7."23%
45'%#5%?))(%'(%8"#$%+)-'0"#4%/2,% 45'%#5%#)+#%-$/23)+%8"#$5'#%,"+0'(#"52%
-59(."/2-)%9/2,/#)+:%@2,%8"#$%#$)% #5%45'0%"260/+#0'-#'0):
5()2%@&A%45'%-/2%"2#)30/#)%&'(()#%8"#$%
#$"0,%(/0#4%952"#50"23%#55.+:

EFDDBG;
%3 Enforce:%&'(()#%-59(/0)+%45'0%
C;@;B % +4+#)9%#5%#$)%,)+"0),%+#/#)%/+%45'%
,)6"2)%"#<%/2,%/'#59/#"-/..4%)2650-)+%"#%
>BCADB>
C;@;B #5%#$)%,)+"0),%+#/#)%)2+'0"23%45'0%+4+#)9%
"+%"2%-59(."/2-):

Use Puppet to create composable configurations
Modules and manage the enterprise infrastructure

1 Define Your Resources in Modules.
! "#$%!&'(()$*!+,'!-).#/)!+,'0!1,-'2)3!4+!/,-)!
9GHGAG7D "DA!7DEFDE G&&!7DEFDE 7D?MEJH = 52633#.#56$#,/3*!3'5%!63!")4!7)08)0!,0!96$6463)*!622,:#/;!
+,'!$,!-).#/)!0)26$#,/3%#(3!4)$:))/!0)3,'05)3!6/-!
5,/.#;'0)!$%,'36/-3!,.!3)08)03!6$!,/5)<!
Via Custom Assign resource relationships automatically.!
Puppet Dashboard External Source
(CMDB, LDAP, etc.)
2
! =,'!56/!$%)/!633#;/!6/-!-)(2,+!5,/.#;'06$#,/3!
8#6!&'(()$!963%4,60-*!,0!:#$%!+,'0!,:/!5'3$,1#>)-!
?@9A!$,,23<
"DA!7DEFDE7 9GHGAG7D!7DEFDE7 G&&IJ?GHJKL!7DEFDE7

LK9D LK9D LK9D
3 Reusable, composable configurations. !
! "#$%!&'(()$!+,'!56/!0)B'3)!1,-'2)3!650,33!1'2$#(2)!
/,-)3*!#/!:%6$)8)0!5,14#/6$#,/!+,'!/))-*!0)-'5#/;!
0)()$#$#8)!$63C3!6/-!)2#1#/6$#/;!)00,0B(0,/)!350#($3<!

LK9D LK9D LK9D Multi Node

Puppet Assigns and Maintains
a Node’s Desired Role

How Puppet Manages Data Flow
for Individual Nodes

Node

1 Facts
!"#$%&'#$(#%'($
%&)*+,-.#'$'+/+$
+0&1/$-/(#,2$/&$/"#$
3144#/$5+(/#)6
SSL secure 2 Catalog
3144#/$1(#($/"#$7+8/($/&
encryption 8&*4-,#$+$9+/+,&:$/"+/
on all data (4#8-2-#($"&;$/"#$%&'#
transport ("&1,'$0#$8&%2-:1)#'6
Report 3
!"#$%&'#$
)#4&)/($0+8=$
/&$3144#/$
-%'-8+/-%:$/"#$
8&%2-:1)+/-&%$-($
8&*4,#/#>$;"-8"$
-($?-(-0,#$-%$/"#$ Puppet
3144#/$@+("0&+)'6 Master 4 Report Collector
A3144#/$&)$B)'$4+)/<$/&&,C
Report
8+%$+,(&$(#%'$'+/+$
/&$/"-)'$4+)/<$/&&,(6

Facts

Automatically
Maintained Asset
Inventory

architecture => i386
domain => local
facterversion => 1.6.6
fqdn => sliver.local
hardwareisa => i386
hardwaremodel => i386
hostname => sliver
id => gh
interfaces => lo0,gif0,stf0,en0,en1,fw0
ipaddress => 192.168.101.185
ipaddress_en1 => 192.168.101.185
ipaddress_lo0 => 127.0.0.1
is_virtual => false
kernel => Darwin
kernelmajversion => 10.8
kernelrelease => 10.8.0
kernelversion => 10.8.0
memoryfree => 102.80 MB

Catalog

• Automatically
maintained
comprehensive resource list
• Easilyvalidated against
compliance requirements prior
to client conﬁguration

Reporting

• Comprehensive report of every
change ever made, correlated to every
resource being managed
• Easily
validated against compliance
requirements after reach run

Reporting

•http/https
•log
•store
•tagmail

Example Resource Types
• cron
• exec
• ﬁle
• group
• host
• zfs
• mount
• package
• service
• sshkey

Storeconﬁgs
Ability to pass data between nodes, via
a database acting as a proxy

• MySQL
• SQLite3
• PostgreSQL
• Oracle

External Node
Classiﬁer

•Puppet Dashboard

•Your own CMDB

External Node
Classiﬁer

A script that takes $certname as
an argument and outputs YAML to
STDOUT

Honeycutt garret expanded_intro_to_puppet_for_mailru

Recommandé

Recommandé

Contenu connexe

Plus de kuchinskaya

Plus de kuchinskaya (20)

Dernier

Dernier (20)

Honeycutt garret expanded_intro_to_puppet_for_mailru