SlideShare une entreprise Scribd logo

Puppet and Software Delivery

Julien Pivotto
Julien Pivotto

This talk gives you advices on how to successfully ship your products together with the puppet code to deploy them. It also shows you the advantages of that method and give some general advices. This talk targets products that are shipped outside of your company, in an environment you do not manage entirely. Talk given at FLOSS UK DevOps Spring 2015.

Technologie
1  sur  50
Télécharger pour lire hors ligne
Puppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software delivery Shipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet code Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto FLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps Spring March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015
$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto • Open-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.eu • Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011 • Speaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at Puppetcamps • Puppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributor • Puppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributor • @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github
inuits.eu
IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?) • VVVVVVVVVVVVVVVVVirtualization, Containers, Cloud • IIIIIIIIIIIIIIIIInfrastructure as Code • PPPPPPPPPPPPPPPPPay for services, not software
Providing a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a service • YYYYYYYYYYYYYYYYYou know the environment • YYYYYYYYYYYYYYYYYou do the maintenance • YYYYYYYYYYYYYYYYYou do the upgrades
Shipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a software • WWWWWWWWWWWWWWWWWhat is the environment? • HHHHHHHHHHHHHHHHHow was it setup? • DDDDDDDDDDDDDDDDDid you change someting? • WWWWWWWWWWWWWWWWWill someone maintain it? Monitor it?
Two different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worlds • MMMMMMMMMMMMMMMMManaging everything vs delegating • KKKKKKKKKKKKKKKKKnown environment vs Fixed environment • RRRRRRRRRRRRRRRRRolling updates vs Updates at will • MMMMMMMMMMMMMMMMMonitoring vs end-users complains
Shipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped Softwares • SSSSSSSSSSSSSSSSSelf-hosted • CCCCCCCCCCCCCCCCComplexity • MMMMMMMMMMMMMMMMMultiple components • SSSSSSSSSSSSSSSSScalable • LLLLLLLLLLLLLLLLLots of requirements • LLLLLLLLLLLLLLLLLots of dependencies
DistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistributionDistribution • SSSSSSSSSSSSSSSSSoftware (Source code or binaries) • UUUUUUUUUUUUUUUUUser guide • IIIIIIIIIIIIIIIIInstallation guide • PPPPPPPPPPPPPPPPPeople who install the software
Challenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distribution • AAAAAAAAAAAAAAAAArtifacts • CCCCCCCCCCCCCCCCConfiguration • SSSSSSSSSSSSSSSSSecurity • HHHHHHHHHHHHHHHHHW requirements • SSSSSSSSSSSSSSSSSW requirements • UUUUUUUUUUUUUUUUUpgrades, Maintenance • MMMMMMMMMMMMMMMMMonitoring
ArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifactsArtifacts Licensed under a Creative Commons Attribution-ShareAlike 2.0 License https://www.flickr.com/photos/halfbisqued/2353845688
Distributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing Software • Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM) • TarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarball • Self-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarball • curl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bash • Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside? • Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)
PackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackaging • Consistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file lists • Dependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolving • RepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositories • GPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-Signing • Lots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of tools • VersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioning • Unique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible build • CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)
DependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependencies • Packaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged also • In versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositories • Test your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependencies • Distribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packages • Mirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream repos • Limit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependencies
AutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomation • AAAAAAAAAAAAAAAAAutomate all the things • OOOOOOOOOOOOOOOOOS, Monitoring, Application • RRRRRRRRRRRRRRRRReproducible builds • RRRRRRRRRRRRRRRRRepositories management
Cultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changes • NNNNNNNNNNNNNNNNNo more manual work • UUUUUUUUUUUUUUUUUse an appropriate toolchain • EEEEEEEEEEEEEEEEEach manual action has risks and cost • WWWWWWWWWWWWWWWWWhat did I change 3 years ago?
Impact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentation • NNNNNNNNNNNNNNNNNo more complex install guides • PPPPPPPPPPPPPPPPPuppet training needed • VVVVVVVVVVVVVVVVValid for several products • IIIIIIIIIIIIIIIIInspect the catalogs
Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/jimmcd/4859841581
PuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppet • WWWWWWWWWWWWWWWWWidely used Automation tool • VVVVVVVVVVVVVVVVVery mature • CCCCCCCCCCCCCCCCClient/Server mode • SSSSSSSSSSSSSSSSStandalone mode • DDDDDDDDDDDDDDDDDeclarative • SSSSSSSSSSSSSSSSScales
What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate? Application Reverse Proxy / Databases Monitoring Operation System Platform
To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not? You have to be able to chose which part you will setup with Puppet. Customers have different culture or want to get control of parts of your application.
Use Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modules Use separate meta-modules for OS, Dependencies, Monitoring, Application… And include them only of needed.
Yes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noop • IIIIIIIIIIIIIIIIInclude or not each class • YYYYYYYYYYYYYYYYYou can put a whole class in no-op • include myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_os • class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,} • Usecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are met
Puppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet Modules
External modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modules • PPPPPPPPPPPPPPPPPick the best ones • PPPPPPPPPPPPPPPPPuppetlabs modules • UUUUUUUUUUUUUUUUUpstream modules • MMMMMMMMMMMMMMMMModules active on Github • FFFFFFFFFFFFFFFFForge rating • TTTTTTTTTTTTTTTTTesting, documentation • MMMMMMMMMMMMMMMMModules that fit your usecase
Review the modules you plan to include. You do not want bad code in your application, why would you want it in the code that deploys it?
Contribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute back • GGGGGGGGGGGGGGGGGet feedback (peer review) • EEEEEEEEEEEEEEEEEasier to maintain in long term • FFFFFFFFFFFFFFFFForces you to write tests • HHHHHHHHHHHHHHHHHelp other people • PPPPPPPPPPPPPPPPPuppet is not your core business
Your own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modules • EEEEEEEEEEEEEEEEEveryone has write access (Devs, Ops, …) • FFFFFFFFFFFFFFFFFollow Puppet code standards (style guide) • BBBBBBBBBBBBBBBBBe future-proof (follow best practices) • SSSSSSSSSSSSSSSSSeparate code and data (hiera) • IIIIIIIIIIIIIIIIIf not you core business: Publish it!
Your puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet tree • YYYYYYYYYYYYYYYYYour tree is next to your product code • SSSSSSSSSSSSSSSSSubmodules of your main repository • GGGGGGGGGGGGGGGGGets the same version number • PPPPPPPPPPPPPPPPParameters matches your product parameters
Distribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your tree • PPPPPPPPPPPPPPPPPackage the whole tree in a package • UUUUUUUUUUUUUUUUUse package dependencies to pull puppet • MMMMMMMMMMMMMMMMMaybe add a helper script for the first run
HieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHiera • DDDDDDDDDDDDDDDDData separation • YYYYYYYYYYYYYYYYYou classes should have a stable API • YYYYYYYYYYYYYYYYYour main class dispatches to other modules • UUUUUUUUUUUUUUUUUse functions: ▶ cccccccccccccccccreate_resource ▶ dddddddddddddddddeepmerge
Data separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separation Your code should be flexible enough: Hiera code is the only thing that should differ between your customers.
Automatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter Lookup • class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar" • AAAAAAAAAAAAAAAAAvailable in Puppet 3+ • SSSSSSSSSSSSSSSSShould be avoided (obscurification) • NNNNNNNNNNNNNNNNNice to have for edge cases
Going liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing live Licensed under a Creative Commons Attribution-ShareAlike 2.0 License https://www.flickr.com/photos/colink/15096002421
Puppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterless • PPPPPPPPPPPPPPPPPuppet has 2 modes • AAAAAAAAAAAAAAAAAgent mode: pull your catalog • MMMMMMMMMMMMMMMMMasterless mode: apply it from files • BBBBBBBBBBBBBBBBBoth have advantages • DDDDDDDDDDDDDDDDDepends on what you want
Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply) • OOOOOOOOOOOOOOOOOne-time run • RRRRRRRRRRRRRRRRRequires hiera data on every host ▶ HHHHHHHHHHHHHHHHHiera data should be consistent accross hosts ▶ NNNNNNNNNNNNNNNNNo single source of truth • NNNNNNNNNNNNNNNNNo daemon running • NNNNNNNNNNNNNNNNNo need for a Puppet master • NNNNNNNNNNNNNNNNNo exported resources • EEEEEEEEEEEEEEEEExtra work needed for PuppetDB
Agent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent mode • RRRRRRRRRRRRRRRRRun every 30 minutes (to be tuned) • RRRRRRRRRRRRRRRRRequires one puppet master • PPPPPPPPPPPPPPPPPuppet Agent daemon running (as root) • RRRRRRRRRRRRRRRRReports sent to the master • CCCCCCCCCCCCCCCCConsistency check over time
PuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDB • SSSSSSSSSSSSSSSSStores facts and reports • EEEEEEEEEEEEEEEEEasy to query • DDDDDDDDDDDDDDDDDashboards available • EEEEEEEEEEEEEEEEExported resources
Deploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet tree • IIIIIIIIIIIIIIIIInstall your puppet tree package • IIIIIIIIIIIIIIIIInstall the hiera files (versioned?) • OOOOOOOOOOOOOOOOOne puppet apply to deploy a basic server • TTTTTTTTTTTTTTTTThen the first agent run to deploy PuppetDB and the rest • TTTTTTTTTTTTTTTTThere is no puppetlabs-puppet module • TTTTTTTTTTTTTTTTTools can help you with that (e.g kafo)
SecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecurity • PPPPPPPPPPPPPPPPPuppet agent runs as root (launch it with cron) • TTTTTTTTTTTTTTTTThe master runs as "puppet" user • MMMMMMMMMMMMMMMMMaster is isolated on a separated host • PPPPPPPPPPPPPPPPPuppetDB/Server only listens to Loopback • PPPPPPPPPPPPPPPPPut a reverse proxy (even for server)
Security - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/Server • DDDDDDDDDDDDDDDDDo not use autosign • YYYYYYYYYYYYYYYYYou can rely on external CA • IIIIIIIIIIIIIIIIIsolate the service from the application • QQQQQQQQQQQQQQQQQuery PuppetDB from your monitoring tool
Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet
Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet • TTTTTTTTTTTTTTTTThere might be a puppet setup at customer • WWWWWWWWWWWWWWWWWork in a separated environment • PPPPPPPPPPPPPPPPPut your hiera data in a subdirectory • PPPPPPPPPPPPPPPPPrefix your custom functions • BBBBBBBBBBBBBBBBBe careful with exported resources
ConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusion
Shipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet code • EEEEEEEEEEEEEEEEEveryone gets benefits • FFFFFFFFFFFFFFFFFrom devs to QA to customers • NNNNNNNNNNNNNNNNNeed to review how you release • NNNNNNNNNNNNNNNNNeed to review how you deploy your OS • PPPPPPPPPPPPPPPPPuppet code is part of your product
AdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantages • SSSSSSSSSSSSSSSSSetup your product easily (internally and externally) • GGGGGGGGGGGGGGGGGet consistent deployments at several customer • PPPPPPPPPPPPPPPPPredict what will be deployed • GGGGGGGGGGGGGGGGGet a clear view of the infrastructure • SSSSSSSSSSSSSSSSSay bye bye to long procedures
There is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is work • BBBBBBBBBBBBBBBBBig cultural changes ▶ RRRRRRRRRRRRRRRRRoot access? ▶ TTTTTTTTTTTTTTTTThe shell script works… ▶ IIIIIIIIIIIIIIIII can't do X anymore… • PPPPPPPPPPPPPPPPPurge old artifacts on updates • DDDDDDDDDDDDDDDDDeal with your data • KKKKKKKKKKKKKKKKKeep that infra up to date
Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box! • MMMMMMMMMMMMMMMMMonitoring • BBBBBBBBBBBBBBBBBest practices enforcement • RRRRRRRRRRRRRRRRRepositories management • BBBBBBBBBBBBBBBBBring your own tools
Thank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank you Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?
ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto julien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuits https://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu +32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636

Recommandé

Puppet and software delivery
Puppet and software deliveryPuppet and software delivery
Puppet and software delivery
Julien Pivotto
 
Coworking with git
Coworking with gitCoworking with git
Coworking with git
Julien Pivotto
 
RPM experiments
RPM experimentsRPM experiments
RPM experiments
Julien Pivotto
 
A call to give back puppetlabs-corosync to the community
A call to give back puppetlabs-corosync to the communityA call to give back puppetlabs-corosync to the community
A call to give back puppetlabs-corosync to the community
Julien Pivotto
 
Enhance OpenSSH for fun and security
Enhance OpenSSH for fun and securityEnhance OpenSSH for fun and security
Enhance OpenSSH for fun and security
Julien Pivotto
 
Dive into Puppet 4
Dive into Puppet 4Dive into Puppet 4
Dive into Puppet 4
Julien Pivotto
 
Getting the maximum out of systemd
Getting the maximum out of systemdGetting the maximum out of systemd
Getting the maximum out of systemd
Julien Pivotto
 
Monitoring at Cloud Scale
Monitoring at Cloud ScaleMonitoring at Cloud Scale
Monitoring at Cloud Scale
Julien Pivotto
 

Recommandé

Puppet and software delivery
Puppet and software deliveryPuppet and software delivery
Puppet and software delivery
Julien Pivotto
 
Coworking with git
Coworking with gitCoworking with git
Coworking with git
Julien Pivotto
 
RPM experiments
RPM experimentsRPM experiments
RPM experiments
Julien Pivotto
 
A call to give back puppetlabs-corosync to the community
A call to give back puppetlabs-corosync to the communityA call to give back puppetlabs-corosync to the community
A call to give back puppetlabs-corosync to the community
Julien Pivotto
 
Enhance OpenSSH for fun and security
Enhance OpenSSH for fun and securityEnhance OpenSSH for fun and security
Enhance OpenSSH for fun and security
Julien Pivotto
 
Dive into Puppet 4
Dive into Puppet 4Dive into Puppet 4
Dive into Puppet 4
Julien Pivotto
 
Getting the maximum out of systemd
Getting the maximum out of systemdGetting the maximum out of systemd
Getting the maximum out of systemd
Julien Pivotto
 
Monitoring at Cloud Scale
Monitoring at Cloud ScaleMonitoring at Cloud Scale
Monitoring at Cloud Scale
Julien Pivotto
 
Managing a R&D Lab with Foreman
Managing a R&D Lab with ForemanManaging a R&D Lab with Foreman
Managing a R&D Lab with Foreman
Julien Pivotto
 
Managing a R&D Lab with Foreman
Managing a R&D Lab with ForemanManaging a R&D Lab with Foreman
Managing a R&D Lab with Foreman
Julien Pivotto
 
systemd and configuration management
systemd and configuration managementsystemd and configuration management
systemd and configuration management
Julien Pivotto
 
Diving Into Puppet Providers Development: The Puppet-Corosync Module
Diving Into Puppet Providers Development: The Puppet-Corosync ModuleDiving Into Puppet Providers Development: The Puppet-Corosync Module
Diving Into Puppet Providers Development: The Puppet-Corosync Module
Julien Pivotto
 
An introduction to the Pulp project
An introduction to the Pulp projectAn introduction to the Pulp project
An introduction to the Pulp project
Julien Pivotto
 
Testing your puppet code
Testing your puppet codeTesting your puppet code
Testing your puppet code
Julien Pivotto
 
Demystifying the Foreman
Demystifying the ForemanDemystifying the Foreman
Demystifying the Foreman
Julien Pivotto
 
CentOS Config Management SIG
CentOS Config Management SIGCentOS Config Management SIG
CentOS Config Management SIG
Julien Pivotto
 
Postgresql 9.0 HA at RMLL 2012
Postgresql 9.0 HA at RMLL 2012Postgresql 9.0 HA at RMLL 2012
Postgresql 9.0 HA at RMLL 2012
Julien Pivotto
 
DNSSec
DNSSecDNSSec
DNSSec
Julien Pivotto
 
Linux HA anno 2014
Linux HA anno 2014Linux HA anno 2014
Linux HA anno 2014
Julien Pivotto
 
Logstash and friends
Logstash and friendsLogstash and friends
Logstash and friends
Julien Pivotto
 
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
NETWAYS
 
We Buy Cheese in a Cheese Shop
We Buy Cheese in a Cheese ShopWe Buy Cheese in a Cheese Shop
We Buy Cheese in a Cheese Shop
Tzu-ping Chung
 
Tracking large game assets with Git LFS
Tracking large game assets with Git LFSTracking large game assets with Git LFS
Tracking large game assets with Git LFS
Tim Pettersen
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to Git
Randal Schwartz
 
PuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With Notes
Phil Zimmerman
 
Metasepi team meeting #20: Start! ATS programming on MCU
Metasepi team meeting #20: Start! ATS programming on MCUMetasepi team meeting #20: Start! ATS programming on MCU
Metasepi team meeting #20: Start! ATS programming on MCU
Kiwamu Okabe
 
11 Tools for your Open Source devops stack
11 Tools for your Open Source devops stack 11 Tools for your Open Source devops stack
11 Tools for your Open Source devops stack
Kris Buytaert
 
The influence of "Distributed platforms" on #devops
The influence of "Distributed platforms" on #devopsThe influence of "Distributed platforms" on #devops
The influence of "Distributed platforms" on #devops
Kris Buytaert
 
Cine mudo
Cine mudoCine mudo
Cine mudo
Soy yo
 
Mecanismos de protección de datos en videojuegos
Mecanismos de protección de datos en videojuegosMecanismos de protección de datos en videojuegos
Mecanismos de protección de datos en videojuegos
Benito Palacios Sánchez
 

Contenu connexe

Tendances

Tendances (20)

Managing a R&D Lab with Foreman
Managing a R&D Lab with ForemanManaging a R&D Lab with Foreman
Managing a R&D Lab with Foreman
 
Managing a R&D Lab with Foreman
Managing a R&D Lab with ForemanManaging a R&D Lab with Foreman
Managing a R&D Lab with Foreman
 
systemd and configuration management
systemd and configuration managementsystemd and configuration management
systemd and configuration management
 
Diving Into Puppet Providers Development: The Puppet-Corosync Module
Diving Into Puppet Providers Development: The Puppet-Corosync ModuleDiving Into Puppet Providers Development: The Puppet-Corosync Module
Diving Into Puppet Providers Development: The Puppet-Corosync Module
 
An introduction to the Pulp project
An introduction to the Pulp projectAn introduction to the Pulp project
An introduction to the Pulp project
 
Testing your puppet code
Testing your puppet codeTesting your puppet code
Testing your puppet code
 
Demystifying the Foreman
Demystifying the ForemanDemystifying the Foreman
Demystifying the Foreman
 
CentOS Config Management SIG
CentOS Config Management SIGCentOS Config Management SIG
CentOS Config Management SIG
 
Postgresql 9.0 HA at RMLL 2012
Postgresql 9.0 HA at RMLL 2012Postgresql 9.0 HA at RMLL 2012
Postgresql 9.0 HA at RMLL 2012
 
DNSSec
DNSSecDNSSec
DNSSec
 
Linux HA anno 2014
Linux HA anno 2014Linux HA anno 2014
Linux HA anno 2014
 
Logstash and friends
Logstash and friendsLogstash and friends
Logstash and friends
 
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
 
We Buy Cheese in a Cheese Shop
We Buy Cheese in a Cheese ShopWe Buy Cheese in a Cheese Shop
We Buy Cheese in a Cheese Shop
 
Tracking large game assets with Git LFS
Tracking large game assets with Git LFSTracking large game assets with Git LFS
Tracking large game assets with Git LFS
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to Git
 
PuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With Notes
 
Metasepi team meeting #20: Start! ATS programming on MCU
Metasepi team meeting #20: Start! ATS programming on MCUMetasepi team meeting #20: Start! ATS programming on MCU
Metasepi team meeting #20: Start! ATS programming on MCU
 
11 Tools for your Open Source devops stack
11 Tools for your Open Source devops stack 11 Tools for your Open Source devops stack
11 Tools for your Open Source devops stack
 
The influence of "Distributed platforms" on #devops
The influence of "Distributed platforms" on #devopsThe influence of "Distributed platforms" on #devops
The influence of "Distributed platforms" on #devops
 

En vedette

Cine mudo
Cine mudoCine mudo
Cine mudo
Soy yo
 
Postgresql 9.0 HA at LOADAYS 2012
Postgresql 9.0 HA at LOADAYS 2012Postgresql 9.0 HA at LOADAYS 2012
Postgresql 9.0 HA at LOADAYS 2012
Julien Pivotto
 

En vedette (17)

Cine mudo
Cine mudoCine mudo
Cine mudo
 
Mecanismos de protección de datos en videojuegos
Mecanismos de protección de datos en videojuegosMecanismos de protección de datos en videojuegos
Mecanismos de protección de datos en videojuegos
 
Proyecto final
Proyecto finalProyecto final
Proyecto final
 
Mi cantante favorito
Mi cantante favoritoMi cantante favorito
Mi cantante favorito
 
Proyecto de vida
Proyecto de vidaProyecto de vida
Proyecto de vida
 
Ruby on Docker
Ruby on DockerRuby on Docker
Ruby on Docker
 
CV_ Jaspal Singh
CV_ Jaspal SinghCV_ Jaspal Singh
CV_ Jaspal Singh
 
Making your first contribution to Foreman
Making your first contribution to ForemanMaking your first contribution to Foreman
Making your first contribution to Foreman
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with Augeas
 
Postgresql 9.0 HA at LOADAYS 2012
Postgresql 9.0 HA at LOADAYS 2012Postgresql 9.0 HA at LOADAYS 2012
Postgresql 9.0 HA at LOADAYS 2012
 
Building and Deploying MediaSalsa, a drupal-based DAM as a Service
Building and Deploying MediaSalsa, a drupal-based DAM as a ServiceBuilding and Deploying MediaSalsa, a drupal-based DAM as a Service
Building and Deploying MediaSalsa, a drupal-based DAM as a Service
 
Deployment and Continous Integration of a Zope/Plone application
Deployment and Continous Integration of a Zope/Plone applicationDeployment and Continous Integration of a Zope/Plone application
Deployment and Continous Integration of a Zope/Plone application
 
Augeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet treeAugeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet tree
 
Vox pupuli
Vox pupuliVox pupuli
Vox pupuli
 
Voxpupuli: a home for your puppet modules
Voxpupuli: a home for your puppet modulesVoxpupuli: a home for your puppet modules
Voxpupuli: a home for your puppet modules
 
Augeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet treeAugeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet tree
 
Extending Foreman the easy way with foreman_hooks
Extending Foreman the easy way with foreman_hooksExtending Foreman the easy way with foreman_hooks
Extending Foreman the easy way with foreman_hooks
 

Similaire à Puppet and Software Delivery

Similaire à Puppet and Software Delivery (20)

Pinto+Stratopan+Love
Pinto+Stratopan+LovePinto+Stratopan+Love
Pinto+Stratopan+Love
 
Migrating to Puppet 5
Migrating to Puppet 5Migrating to Puppet 5
Migrating to Puppet 5
 
Automating MySQL operations with Puppet
Automating MySQL operations with PuppetAutomating MySQL operations with Puppet
Automating MySQL operations with Puppet
 
Continous Delivery of your Infrastructure
Continous Delivery of your InfrastructureContinous Delivery of your Infrastructure
Continous Delivery of your Infrastructure
 
OSDC 2016 - Another 7 Tools for your #devops Stack by Kris Buytaert
OSDC 2016 - Another 7 Tools for your #devops Stack by Kris BuytaertOSDC 2016 - Another 7 Tools for your #devops Stack by Kris Buytaert
OSDC 2016 - Another 7 Tools for your #devops Stack by Kris Buytaert
 
Another 7 tools for your #devops stack
Another 7 tools for your #devops stackAnother 7 tools for your #devops stack
Another 7 tools for your #devops stack
 
Its not about the tooling
Its not about the toolingIts not about the tooling
Its not about the tooling
 
Goto Berlin - Migrating to Microservices (Fast Delivery)
Goto Berlin - Migrating to Microservices (Fast Delivery)Goto Berlin - Migrating to Microservices (Fast Delivery)
Goto Berlin - Migrating to Microservices (Fast Delivery)
 
Can we fix dev-oops ?
Can we fix dev-oops ?Can we fix dev-oops ?
Can we fix dev-oops ?
 
The devops approach to monitoring, Open Source and Infrastructure as Code Style
The devops approach to monitoring, Open Source and Infrastructure as Code StyleThe devops approach to monitoring, Open Source and Infrastructure as Code Style
The devops approach to monitoring, Open Source and Infrastructure as Code Style
 
Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.
 
Python environments
Python environmentsPython environments
Python environments
 
No, we can't do continuous delivery
No, we can't do continuous deliveryNo, we can't do continuous delivery
No, we can't do continuous delivery
 
True Git
True Git True Git
True Git
 
From Config Management Sucks to #cfgmgmtlove
From Config Management Sucks to #cfgmgmtlove From Config Management Sucks to #cfgmgmtlove
From Config Management Sucks to #cfgmgmtlove
 
Pipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as CodePipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as Code
 
Run stuff, Deploy Stuff, Jax London 2017 Edition
Run stuff, Deploy Stuff, Jax London 2017 EditionRun stuff, Deploy Stuff, Jax London 2017 Edition
Run stuff, Deploy Stuff, Jax London 2017 Edition
 
Devops -- LKFR14
Devops -- LKFR14Devops -- LKFR14
Devops -- LKFR14
 
Monktoberfest Fast Delivery
Monktoberfest Fast DeliveryMonktoberfest Fast Delivery
Monktoberfest Fast Delivery
 
Open Source Monitoring in 2019
Open Source Monitoring in 2019 Open Source Monitoring in 2019
Open Source Monitoring in 2019
 

Plus de Julien Pivotto

Plus de Julien Pivotto (20)

The O11y Toolkit
The O11y ToolkitThe O11y Toolkit
The O11y Toolkit
 
What's New in Prometheus and Its Ecosystem
What's New in Prometheus and Its EcosystemWhat's New in Prometheus and Its Ecosystem
What's New in Prometheus and Its Ecosystem
 
Prometheus: What is is, what is new, what is coming
Prometheus: What is is, what is new, what is comingPrometheus: What is is, what is new, what is coming
Prometheus: What is is, what is new, what is coming
 
What's new in Prometheus?
What's new in Prometheus?What's new in Prometheus?
What's new in Prometheus?
 
Introduction to Grafana Loki
Introduction to Grafana LokiIntroduction to Grafana Loki
Introduction to Grafana Loki
 
Why you should revisit mgmt
Why you should revisit mgmtWhy you should revisit mgmt
Why you should revisit mgmt
 
Observing the HashiCorp Ecosystem From Prometheus
Observing the HashiCorp Ecosystem From PrometheusObserving the HashiCorp Ecosystem From Prometheus
Observing the HashiCorp Ecosystem From Prometheus
 
Monitoring in a fast-changing world with Prometheus
Monitoring in a fast-changing world with PrometheusMonitoring in a fast-changing world with Prometheus
Monitoring in a fast-changing world with Prometheus
 
5 tips for Prometheus Service Discovery
5 tips for Prometheus Service Discovery5 tips for Prometheus Service Discovery
5 tips for Prometheus Service Discovery
 
Prometheus and TLS - an Introduction
Prometheus and TLS - an IntroductionPrometheus and TLS - an Introduction
Prometheus and TLS - an Introduction
 
Powerful graphs in Grafana
Powerful graphs in GrafanaPowerful graphs in Grafana
Powerful graphs in Grafana
 
YAML Magic
YAML MagicYAML Magic
YAML Magic
 
HAProxy as Egress Controller
HAProxy as Egress ControllerHAProxy as Egress Controller
HAProxy as Egress Controller
 
Improved alerting with Prometheus and Alertmanager
Improved alerting with Prometheus and AlertmanagerImproved alerting with Prometheus and Alertmanager
Improved alerting with Prometheus and Alertmanager
 
SIngle Sign On with Keycloak
SIngle Sign On with KeycloakSIngle Sign On with Keycloak
SIngle Sign On with Keycloak
 
Monitoring as an entry point for collaboration
Monitoring as an entry point for collaborationMonitoring as an entry point for collaboration
Monitoring as an entry point for collaboration
 
Incident Resolution as Code
Incident Resolution as CodeIncident Resolution as Code
Incident Resolution as Code
 
Monitor your CentOS stack with Prometheus
Monitor your CentOS stack with PrometheusMonitor your CentOS stack with Prometheus
Monitor your CentOS stack with Prometheus
 
Monitor your CentOS stack with Prometheus
Monitor your CentOS stack with PrometheusMonitor your CentOS stack with Prometheus
Monitor your CentOS stack with Prometheus
 
An introduction to Ansible
An introduction to AnsibleAn introduction to Ansible
An introduction to Ansible
 

Dernier

A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
UXDXConf
 
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptxBT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
Neo4j
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 

Dernier (20)

FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptxBT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 

Puppet and Software Delivery

  • 1. Puppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software delivery Shipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet code Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto FLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps SpringFLOSS UK DevOps Spring March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015March 25, 2015
  • 2. $::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto • Open-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.eu • Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011 • Speaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at Puppetcamps • Puppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributor • Puppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributor • @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github
  • 4. IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?)IT Nowadays (?) • VVVVVVVVVVVVVVVVVirtualization, Containers, Cloud • IIIIIIIIIIIIIIIIInfrastructure as Code • PPPPPPPPPPPPPPPPPay for services, not software
  • 5. Providing a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a serviceProviding a service • YYYYYYYYYYYYYYYYYou know the environment • YYYYYYYYYYYYYYYYYou do the maintenance • YYYYYYYYYYYYYYYYYou do the upgrades
  • 6. Shipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a softwareShipping a software • WWWWWWWWWWWWWWWWWhat is the environment? • HHHHHHHHHHHHHHHHHow was it setup? • DDDDDDDDDDDDDDDDDid you change someting? • WWWWWWWWWWWWWWWWWill someone maintain it? Monitor it?
  • 7. Two different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worldsTwo different worlds • MMMMMMMMMMMMMMMMManaging everything vs delegating • KKKKKKKKKKKKKKKKKnown environment vs Fixed environment • RRRRRRRRRRRRRRRRRolling updates vs Updates at will • MMMMMMMMMMMMMMMMMonitoring vs end-users complains
  • 8. Shipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped SoftwaresShipped Softwares • SSSSSSSSSSSSSSSSSelf-hosted • CCCCCCCCCCCCCCCCComplexity • MMMMMMMMMMMMMMMMMultiple components • SSSSSSSSSSSSSSSSScalable • LLLLLLLLLLLLLLLLLots of requirements • LLLLLLLLLLLLLLLLLots of dependencies
  • 10. Challenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distribution • AAAAAAAAAAAAAAAAArtifacts • CCCCCCCCCCCCCCCCConfiguration • SSSSSSSSSSSSSSSSSecurity • HHHHHHHHHHHHHHHHHW requirements • SSSSSSSSSSSSSSSSSW requirements • UUUUUUUUUUUUUUUUUpgrades, Maintenance • MMMMMMMMMMMMMMMMMonitoring
  • 12. Distributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing Software • Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM) • TarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarball • Self-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarball • curl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bash • Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside? • Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)
  • 13. PackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackagingPackaging • Consistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file lists • Dependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolving • RepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositories • GPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-Signing • Lots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of tools • VersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioning • Unique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible build • CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)
  • 14. DependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependencies • Packaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged alsoPackaged also • In versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositoriesIn versioned repositories • Test your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependencies • Distribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packages • Mirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream repos • Limit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependencies
  • 15. AutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomation • AAAAAAAAAAAAAAAAAutomate all the things • OOOOOOOOOOOOOOOOOS, Monitoring, Application • RRRRRRRRRRRRRRRRReproducible builds • RRRRRRRRRRRRRRRRRepositories management
  • 16. Cultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changes • NNNNNNNNNNNNNNNNNo more manual work • UUUUUUUUUUUUUUUUUse an appropriate toolchain • EEEEEEEEEEEEEEEEEach manual action has risks and cost • WWWWWWWWWWWWWWWWWhat did I change 3 years ago?
  • 17. Impact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentationImpact on documentation • NNNNNNNNNNNNNNNNNo more complex install guides • PPPPPPPPPPPPPPPPPuppet training needed • VVVVVVVVVVVVVVVVValid for several products • IIIIIIIIIIIIIIIIInspect the catalogs
  • 18. Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/jimmcd/4859841581
  • 19. PuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppet • WWWWWWWWWWWWWWWWWidely used Automation tool • VVVVVVVVVVVVVVVVVery mature • CCCCCCCCCCCCCCCCClient/Server mode • SSSSSSSSSSSSSSSSStandalone mode • DDDDDDDDDDDDDDDDDeclarative • SSSSSSSSSSSSSSSSScales
  • 20. What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate? Application Reverse Proxy / Databases Monitoring Operation System Platform
  • 21. To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not? You have to be able to chose which part you will setup with Puppet. Customers have different culture or want to get control of parts of your application.
  • 22. Use Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modules Use separate meta-modules for OS, Dependencies, Monitoring, Application… And include them only of needed.
  • 23. Yes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noop • IIIIIIIIIIIIIIIIInclude or not each class • YYYYYYYYYYYYYYYYYou can put a whole class in no-op • include myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_os • class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,} • Usecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are metUsecase: check that preconditions are met
  • 24. Puppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet Modules
  • 25. External modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modules • PPPPPPPPPPPPPPPPPick the best ones • PPPPPPPPPPPPPPPPPuppetlabs modules • UUUUUUUUUUUUUUUUUpstream modules • MMMMMMMMMMMMMMMMModules active on Github • FFFFFFFFFFFFFFFFForge rating • TTTTTTTTTTTTTTTTTesting, documentation • MMMMMMMMMMMMMMMMModules that fit your usecase
  • 26. Review the modules you plan to include. You do not want bad code in your application, why would you want it in the code that deploys it?
  • 27. Contribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute back • GGGGGGGGGGGGGGGGGet feedback (peer review) • EEEEEEEEEEEEEEEEEasier to maintain in long term • FFFFFFFFFFFFFFFFForces you to write tests • HHHHHHHHHHHHHHHHHelp other people • PPPPPPPPPPPPPPPPPuppet is not your core business
  • 28. Your own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modulesYour own modules • EEEEEEEEEEEEEEEEEveryone has write access (Devs, Ops, …) • FFFFFFFFFFFFFFFFFollow Puppet code standards (style guide) • BBBBBBBBBBBBBBBBBe future-proof (follow best practices) • SSSSSSSSSSSSSSSSSeparate code and data (hiera) • IIIIIIIIIIIIIIIIIf not you core business: Publish it!
  • 29. Your puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet tree • YYYYYYYYYYYYYYYYYour tree is next to your product code • SSSSSSSSSSSSSSSSSubmodules of your main repository • GGGGGGGGGGGGGGGGGets the same version number • PPPPPPPPPPPPPPPPParameters matches your product parameters
  • 30. Distribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your tree • PPPPPPPPPPPPPPPPPackage the whole tree in a package • UUUUUUUUUUUUUUUUUse package dependencies to pull puppet • MMMMMMMMMMMMMMMMMaybe add a helper script for the first run
  • 31. HieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHiera • DDDDDDDDDDDDDDDDData separation • YYYYYYYYYYYYYYYYYou classes should have a stable API • YYYYYYYYYYYYYYYYYour main class dispatches to other modules • UUUUUUUUUUUUUUUUUse functions: ▶ cccccccccccccccccreate_resource ▶ dddddddddddddddddeepmerge
  • 32. Data separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separationData separation Your code should be flexible enough: Hiera code is the only thing that should differ between your customers.
  • 33. Automatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter Lookup • class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar" • AAAAAAAAAAAAAAAAAvailable in Puppet 3+ • SSSSSSSSSSSSSSSSShould be avoided (obscurification) • NNNNNNNNNNNNNNNNNice to have for edge cases
  • 34. Going liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing liveGoing live Licensed under a Creative Commons Attribution-ShareAlike 2.0 License https://www.flickr.com/photos/colink/15096002421
  • 35. Puppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterless • PPPPPPPPPPPPPPPPPuppet has 2 modes • AAAAAAAAAAAAAAAAAgent mode: pull your catalog • MMMMMMMMMMMMMMMMMasterless mode: apply it from files • BBBBBBBBBBBBBBBBBoth have advantages • DDDDDDDDDDDDDDDDDepends on what you want
  • 36. Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply)Masterless mode (puppet apply) • OOOOOOOOOOOOOOOOOne-time run • RRRRRRRRRRRRRRRRRequires hiera data on every host ▶ HHHHHHHHHHHHHHHHHiera data should be consistent accross hosts ▶ NNNNNNNNNNNNNNNNNo single source of truth • NNNNNNNNNNNNNNNNNo daemon running • NNNNNNNNNNNNNNNNNo need for a Puppet master • NNNNNNNNNNNNNNNNNo exported resources • EEEEEEEEEEEEEEEEExtra work needed for PuppetDB
  • 37. Agent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent mode • RRRRRRRRRRRRRRRRRun every 30 minutes (to be tuned) • RRRRRRRRRRRRRRRRRequires one puppet master • PPPPPPPPPPPPPPPPPuppet Agent daemon running (as root) • RRRRRRRRRRRRRRRRReports sent to the master • CCCCCCCCCCCCCCCCConsistency check over time
  • 38. PuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDB • SSSSSSSSSSSSSSSSStores facts and reports • EEEEEEEEEEEEEEEEEasy to query • DDDDDDDDDDDDDDDDDashboards available • EEEEEEEEEEEEEEEEExported resources
  • 39. Deploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet tree • IIIIIIIIIIIIIIIIInstall your puppet tree package • IIIIIIIIIIIIIIIIInstall the hiera files (versioned?) • OOOOOOOOOOOOOOOOOne puppet apply to deploy a basic server • TTTTTTTTTTTTTTTTThen the first agent run to deploy PuppetDB and the rest • TTTTTTTTTTTTTTTTThere is no puppetlabs-puppet module • TTTTTTTTTTTTTTTTTools can help you with that (e.g kafo)
  • 40. SecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecurity • PPPPPPPPPPPPPPPPPuppet agent runs as root (launch it with cron) • TTTTTTTTTTTTTTTTThe master runs as "puppet" user • MMMMMMMMMMMMMMMMMaster is isolated on a separated host • PPPPPPPPPPPPPPPPPuppetDB/Server only listens to Loopback • PPPPPPPPPPPPPPPPPut a reverse proxy (even for server)
  • 41. Security - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/Server • DDDDDDDDDDDDDDDDDo not use autosign • YYYYYYYYYYYYYYYYYou can rely on external CA • IIIIIIIIIIIIIIIIIsolate the service from the application • QQQQQQQQQQQQQQQQQuery PuppetDB from your monitoring tool
  • 42. Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet
  • 43. Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet • TTTTTTTTTTTTTTTTThere might be a puppet setup at customer • WWWWWWWWWWWWWWWWWork in a separated environment • PPPPPPPPPPPPPPPPPut your hiera data in a subdirectory • PPPPPPPPPPPPPPPPPrefix your custom functions • BBBBBBBBBBBBBBBBBe careful with exported resources
  • 45. Shipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet code • EEEEEEEEEEEEEEEEEveryone gets benefits • FFFFFFFFFFFFFFFFFrom devs to QA to customers • NNNNNNNNNNNNNNNNNeed to review how you release • NNNNNNNNNNNNNNNNNeed to review how you deploy your OS • PPPPPPPPPPPPPPPPPuppet code is part of your product
  • 46. AdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantages • SSSSSSSSSSSSSSSSSetup your product easily (internally and externally) • GGGGGGGGGGGGGGGGGet consistent deployments at several customer • PPPPPPPPPPPPPPPPPredict what will be deployed • GGGGGGGGGGGGGGGGGet a clear view of the infrastructure • SSSSSSSSSSSSSSSSSay bye bye to long procedures
  • 47. There is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is work • BBBBBBBBBBBBBBBBBig cultural changes ▶ RRRRRRRRRRRRRRRRRoot access? ▶ TTTTTTTTTTTTTTTTThe shell script works… ▶ IIIIIIIIIIIIIIIII can't do X anymore… • PPPPPPPPPPPPPPPPPurge old artifacts on updates • DDDDDDDDDDDDDDDDDeal with your data • KKKKKKKKKKKKKKKKKeep that infra up to date
  • 48. Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box! • MMMMMMMMMMMMMMMMMonitoring • BBBBBBBBBBBBBBBBBest practices enforcement • RRRRRRRRRRRRRRRRRepositories management • BBBBBBBBBBBBBBBBBring your own tools
  • 49. Thank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank you Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?
  • 50. ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto julien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuits https://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu +32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636