SlideShare une entreprise Scribd logo

Salting new ground one man ops from scratch

Télécharger en tant que PPTX, PDF
J
Jay Harrison

Devops at Rebellion Games

Technologie
1  sur  15
Salting New Ground One Man Ops from Scratch
Me jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix ➔ SysAdmin since 2012 ➔ IT Engineer since 1998 ➔ Coding since BASIC on the ZX Spectrum ➔ Gaming since Pong ➔ “Senior DevOps” Engineer at Rebellion Developments in Oxford ➔ Formerly with Electronic Arts at Playfish in London
The project - all the firsts Theirs ➔ First development focused Operations Engineer in the company ➔ First real development effort on a top tier social game - originally for Zynga.com and Facebook ➔ First foray into DevOps methodology ➔ First use of AWS services - EC2, ELB, RDS, Elasticache, S3, Cloudfront, Route53 ➔ First use of configuration management Mine ➔ First time without a team ➔ First time building a complete application stack from scratch ➔ First time being the big dog
One man crusade ➔ DevOps methodology ◆ Culture - People and process first. Get the mindset right. ◆ Automate - As much as possible. CI/Infrastructure as code. ◆ Lean - Fast and stable ◆ Metrics - Measure everything. Show the improvements. ◆ Sharing - Open information distribution. Collaborate. ➔ Taking the Ops out of Dev - but in a good way ➔ Evangelising all over the company, not just within the project team. ➔ Fingers in many pies - web development, mobile game support, internal IT operations ➔ Push the agenda - but in a good way ➔ Try and sooth the hesitancy to rely on one guy - build accessible tools and automation
Building a stack from scratch (nearly) ➔ Starting from 2 hand-configured web servers ➔ No infrastructure security ➔ No monitoring ➔ No config management ➔ No DR process ➔ No docs ➔ No application logging ➔ No log collection ➔ No scaling strategy ➔ No out of hours support ➔ No database standardisation ➔ No metrics
And now for the science Building a stack from scratch - Config Management System Requirements Quick to get started + Straightforward setup and maintenance + Easy to modify and manage + Modular and expandable = github.com/saltstack www.saltstack.org
SaltStack - Salt ➔ Written in Python ➔ First and foremost - a remote execution system ➔ Master/Minions arrangement - can be multi-master or standalone ➔ Secure, encrypted protocol running over ZeroMQ ◆ public keys for authentication with the master, then faster AES encryption for payload communication ➔ Fast & scalable - 10’s to 1000’s of endpoints ➔ Targeted execution via minion name, glob, regex, grains (tags) , IPs, nodegroups etc salt '*' cmd.run "uptime" or salt -G 'os:Ubuntu' cmd.run "ps -ef | grep java" or salt 'live-product-app0[0-9]' grains.items
Inherent grainscpu_flags: fpu de tsc msr pae ... cpu_model: Intel(R) Xeon(R) CPU E5430 @ 2.66GHz cpuarch: x86_64 defaultencoding: None defaultlanguage: None domain: product.com fqdn: live-product-app00.product.com fqdn_ip4: 10.XXX.XXX.XXX fqdn_ip6: gpus: host: live-product-app00 id: live-product-app00 ip_interfaces: {'lo': ['127.0.0.1'], 'eth0': ['10.XXX.XXX.XXX']} ipv4: 10.XXX.XXX.XXX 127.0.0.1 ipv6: ::1 feXX::XXXX:3XXX:XX04:49X1 kernel: Linux kernelrelease: 3.2.0-40-virtual localhost: live-product-app00 lsb_distrib_codename: precise lsb_distrib_description: Ubuntu 12.04.2 LTS lsb_distrib_id: Ubuntu lsb_distrib_release: 12.04 master: live-product-master00.product.com mem_total: 7450 nodename: live-product-app00 num_cpus: 2 num_gpus: 0 os: Ubuntu os_family: Debian osarch: amd64 oscodename: precise osfinger: Ubuntu-12.04 osfullname: Ubuntu osrelease: 12.04 path: /usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin :/sbin:/bin ps: ps -efH pythonpath: /usr/bin /usr/lib/python2.7 /usr/lib/python2.7/plat-linux2 /usr/lib/python2.7/lib-tk /usr/lib/python2.7/lib-old /usr/lib/python2.7/lib-dynload /usr/local/lib/python2.7/dist-packages /usr/lib/python2.7/dist-packages /usr/lib/pymodules/python2.7 pythonversion: 2.7.3.final.0 saltpath: /usr/lib/pymodules/python2.7/salt saltversion: 0.17.1 server_id: 224501001 shell: /bin/sh virtual: xen virtual_subtype: Xen PV DomU
SaltStack config management ➔ Using Salt States (c.f. recipes, manifests, playbooks etc) ➔ YAML formatted ➔ Human readable ➔ Jinja templating for logic and conditionals ➔ Simple hierarchical layout >> ◆ top.sls as master tree ➔ One line command runs every state specified in top.sls on every targeted box: salt '*' state.highstate # nginx/init.sls nginx: pkg: - installed service: - running - watch: - pkg: nginx - file: /etc/nginx/nginx.conf /etc/nginx/nginx.conf: file.managed: - source: salt://nginx/nginx.conf - require: - pkg: nginx # top.sls base: '*': - core - python - snmp 'os:Ubuntu': - match: grain - nginx - php 'id:*log*': - match: grain - logstash - elasticsearch etc
SaltCloud instance provisioning ➔ Supporting multiple providers (at least partially): AWS EC2, Digital Ocean, GoGrid, IBM SCE, JoyEnt, Linode, Rackspace, Softlayer ➔ And platforms: CloudStack, OpenStack, Parallels, Saltify, Salty-Vagrant ➔ Templating for providers: ec2-live: securitygroup: - default - live provider: ec2 location: eu-west-1 minion: master: live-product-master00.product.com And instances: ec2-live-app: provider: ec2-live image: ami-ce7b6fba size: m1.large ssh_username: ubuntu ➔ One line command to provision a box: salt-cloud -p ec2-live-app live-product-app00
Additional components ➔ Pillar - Global value store for all minions ➔ Events - Listens for, publishes and sends events internally, to the master or to a 3rd Party ➔ Reactor - Logic engine to allow Events to trigger actions ➔ Syndic - Allows multi-master and other complicated setups hierarchies ➔ Scheduler - execution of any salt command on master or minions ➔ Halite - Experimental Web-UI ➔ Mine - used to collect arbitrary data from minions and store it on the master ➔ Virt - Virtual machine management - networking, images, disks etc ➔ SSH - Experimental - uses SSH rather than ZeroMQ and agent (hence slower) ➔ Kitchen-Salt - Experimental provisioner for Test-Kitchen
Moderately clever other stuff ➔ Automated ◆ Route53 configuration using EC2 tags and boto ◆ Monitoring discovery ◆ Deployment configuration using estate intelligence ◆ Assignment of Product/Service/Environment grains based on AWS name tag ➔ RDS/ELB graphing from Cloudwatch metrics using CWGraph ➔ Beaver/Logstash/Elasticsearch/Kibana log aggregation service all Salty
Salty goodness ➔ Vibrant & responsive community ◆ Google groups, IRC, Github issues, SaltConf, meetups ➔ Easy to get started ➔ Under active development - good response to issues ➔ Docs are sometimes patchy/dated/disorganised ➔ Can be complex to configure - lots of loosely coupled modules ➔ Under active development - can be buggy & badness
Places to start Docs salt.readthedocs.org github.com/saltstack Discussion groups.google.com/group/salt-users IRC: freenode #salt This Presentation http://goo.gl/FxS6pp Tutorials http://goo.gl/2U5l37 - getting started http://goo.gl/Ontu2j - step by step with nginx http://goo.gl/TvD29f - good examples of remote execution tools and multi distro setup Sample States http://saltstarters.org/ - states github search jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix
Other links Good overview slides: http://www.slideshare.net/SaltStack/an- overvisaltstack-presentation-clean http://www.slideshare.net/SaltStack/realtime- infrastructure-management-with-saltstack-seth- house

Recommandé

EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIEuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIMax Tepkeev
 
Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Puppet
 
OpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopOpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopMatt Ray
 
De-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentDe-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentPuppet
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Matt Ray
 
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Puppet
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 

Recommandé

EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIEuroPython 2014 - How we switched our 800+ projects from Apache to uWSGI
EuroPython 2014 - How we switched our 800+ projects from Apache to uWSGIMax Tepkeev
 
Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Experiences from Running Masterless Puppet - PuppetConf 2014
Experiences from Running Masterless Puppet - PuppetConf 2014Puppet
 
OpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopOpenStack Deployment with Chef Workshop
OpenStack Deployment with Chef WorkshopMatt Ray
 
De-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentDe-centralise and Conquer: Masterless Puppet in a Dynamic Environment
De-centralise and Conquer: Masterless Puppet in a Dynamic EnvironmentPuppet
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Chef for OpenStack: OpenStack Spring Summit 2013
Chef for OpenStack: OpenStack Spring Summit 2013Matt Ray
 
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...
Building and Testing from Scratch a Puppet Environment with Docker - PuppetCo...Puppet
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltStack
 
Deploying OpenStack with Chef
Deploying OpenStack with ChefDeploying OpenStack with Chef
Deploying OpenStack with ChefMatt Ray
 
Red Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetRed Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetMichael Lessard
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Chef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackChef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackMatt Ray
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
ZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesJulia Proskurnia
 
TryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsTryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsAnne Gentle
 
Open stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyOpen stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyChoe Cheng-Dae
 
Building Docker images with Puppet
Building Docker images with PuppetBuilding Docker images with Puppet
Building Docker images with PuppetNick Jones
 
Openstack trystack
Openstack trystack Openstack trystack
Openstack trystack Eueung Mulyana
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...Puppet
 
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Puppet
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsSander van der Burg
 
Wordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionWordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionSysdig
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Puppet
 
Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013SaltStack
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Building a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook InBuilding a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook Inasync_io
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Puppet
 
Baylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackBaylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackJesse Andrews
 
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivKubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivAleksey Asiutin
 

Contenu connexe

Tendances

SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltStack
 
Deploying OpenStack with Chef
Deploying OpenStack with ChefDeploying OpenStack with Chef
Deploying OpenStack with ChefMatt Ray
 
Red Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetRed Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetMichael Lessard
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Chef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackChef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackMatt Ray
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
ZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesJulia Proskurnia
 
TryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsTryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsAnne Gentle
 
Open stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyOpen stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyChoe Cheng-Dae
 
Building Docker images with Puppet
Building Docker images with PuppetBuilding Docker images with Puppet
Building Docker images with PuppetNick Jones
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...Puppet
 
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Puppet
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsSander van der Burg
 
Wordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionWordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionSysdig
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Puppet
 
Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013SaltStack
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Building a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook InBuilding a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook Inasync_io
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Puppet
 

Tendances (20)

SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
 
Deploying OpenStack with Chef
Deploying OpenStack with ChefDeploying OpenStack with Chef
Deploying OpenStack with Chef
 
Red Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with PuppetRed Hat Satellite 6 - Automation with Puppet
Red Hat Satellite 6 - Automation with Puppet
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
 
Chef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStackChef 11 Preview/Chef for OpenStack
Chef 11 Preview/Chef for OpenStack
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with Nix
 
ZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processesZooKeeper - wait free protocol for coordinating processes
ZooKeeper - wait free protocol for coordinating processes
 
TryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and AdminsTryStack: A Sandbox for OpenStack Users and Admins
TryStack: A Sandbox for OpenStack Users and Admins
 
Open stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyOpen stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzly
 
Building Docker images with Puppet
Building Docker images with PuppetBuilding Docker images with Puppet
Building Docker images with Puppet
 
Openstack trystack
Openstack trystack Openstack trystack
Openstack trystack
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
 
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
Running at Scale: Practical Performance Tuning with Puppet - PuppetConf 2013
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutions
 
Wordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccionWordpress y Docker, de desarrollo a produccion
Wordpress y Docker, de desarrollo a produccion
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014
 
Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013Real-time Infrastructure Management with SaltStack - OpenWest 2013
Real-time Infrastructure Management with SaltStack - OpenWest 2013
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your Fleet
 
Building a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook InBuilding a Cauldron for Chef to Cook In
Building a Cauldron for Chef to Cook In
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
 

Similaire à Salting new ground one man ops from scratch

Baylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackBaylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackJesse Andrews
 
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivKubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivAleksey Asiutin
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Sean Dague
 
Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and NovaDockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Novaclayton_oneill
 
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsMake stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsWeaveworks
 
Power on, Powershell
Power on, PowershellPower on, Powershell
Power on, PowershellRoo7break
 
Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014Matt Ray
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Dave Holland
 
Automating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAutomating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAkshaya Mahapatra
 
introduction to node.js
introduction to node.jsintroduction to node.js
introduction to node.jsorkaplan
 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltStack
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xrkr10
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...Daniel Krook
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...Animesh Singh
 
Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209mffiedler
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsTomislav Raseta
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Richard Donkin
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios
 

Similaire à Salting new ground one man ops from scratch (20)

Baylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackBaylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStack
 
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, KyivKubernetes Navigation Stories – DevOpsStage 2019, Kyiv
Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015
 
Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and NovaDockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Nova
 
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOpsMake stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps
 
Power on, Powershell
Power on, PowershellPower on, Powershell
Power on, Powershell
 
Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014Chef & OpenStack: OSCON 2014
Chef & OpenStack: OSCON 2014
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017
 
Automating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAutomating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps Approach
 
reBuy on Kubernetes
reBuy on KubernetesreBuy on Kubernetes
reBuy on Kubernetes
 
introduction to node.js
introduction to node.jsintroduction to node.js
introduction to node.js
 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
 
Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209Testing kubernetes and_open_shift_at_scale_20170209
Testing kubernetes and_open_shift_at_scale_20170209
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web apps
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
 
Devops in Networking
Devops in NetworkingDevops in Networking
Devops in Networking
 

Dernier

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 

Dernier (20)

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 

Salting new ground one man ops from scratch

  • 1. Salting New Ground One Man Ops from Scratch
  • 2. Me jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix ➔ SysAdmin since 2012 ➔ IT Engineer since 1998 ➔ Coding since BASIC on the ZX Spectrum ➔ Gaming since Pong ➔ “Senior DevOps” Engineer at Rebellion Developments in Oxford ➔ Formerly with Electronic Arts at Playfish in London
  • 3. The project - all the firsts Theirs ➔ First development focused Operations Engineer in the company ➔ First real development effort on a top tier social game - originally for Zynga.com and Facebook ➔ First foray into DevOps methodology ➔ First use of AWS services - EC2, ELB, RDS, Elasticache, S3, Cloudfront, Route53 ➔ First use of configuration management Mine ➔ First time without a team ➔ First time building a complete application stack from scratch ➔ First time being the big dog
  • 4. One man crusade ➔ DevOps methodology ◆ Culture - People and process first. Get the mindset right. ◆ Automate - As much as possible. CI/Infrastructure as code. ◆ Lean - Fast and stable ◆ Metrics - Measure everything. Show the improvements. ◆ Sharing - Open information distribution. Collaborate. ➔ Taking the Ops out of Dev - but in a good way ➔ Evangelising all over the company, not just within the project team. ➔ Fingers in many pies - web development, mobile game support, internal IT operations ➔ Push the agenda - but in a good way ➔ Try and sooth the hesitancy to rely on one guy - build accessible tools and automation
  • 5. Building a stack from scratch (nearly) ➔ Starting from 2 hand-configured web servers ➔ No infrastructure security ➔ No monitoring ➔ No config management ➔ No DR process ➔ No docs ➔ No application logging ➔ No log collection ➔ No scaling strategy ➔ No out of hours support ➔ No database standardisation ➔ No metrics
  • 6. And now for the science Building a stack from scratch - Config Management System Requirements Quick to get started + Straightforward setup and maintenance + Easy to modify and manage + Modular and expandable = github.com/saltstack www.saltstack.org
  • 7. SaltStack - Salt ➔ Written in Python ➔ First and foremost - a remote execution system ➔ Master/Minions arrangement - can be multi-master or standalone ➔ Secure, encrypted protocol running over ZeroMQ ◆ public keys for authentication with the master, then faster AES encryption for payload communication ➔ Fast & scalable - 10’s to 1000’s of endpoints ➔ Targeted execution via minion name, glob, regex, grains (tags) , IPs, nodegroups etc salt '*' cmd.run "uptime" or salt -G 'os:Ubuntu' cmd.run "ps -ef | grep java" or salt 'live-product-app0[0-9]' grains.items
  • 8. Inherent grainscpu_flags: fpu de tsc msr pae ... cpu_model: Intel(R) Xeon(R) CPU E5430 @ 2.66GHz cpuarch: x86_64 defaultencoding: None defaultlanguage: None domain: product.com fqdn: live-product-app00.product.com fqdn_ip4: 10.XXX.XXX.XXX fqdn_ip6: gpus: host: live-product-app00 id: live-product-app00 ip_interfaces: {'lo': ['127.0.0.1'], 'eth0': ['10.XXX.XXX.XXX']} ipv4: 10.XXX.XXX.XXX 127.0.0.1 ipv6: ::1 feXX::XXXX:3XXX:XX04:49X1 kernel: Linux kernelrelease: 3.2.0-40-virtual localhost: live-product-app00 lsb_distrib_codename: precise lsb_distrib_description: Ubuntu 12.04.2 LTS lsb_distrib_id: Ubuntu lsb_distrib_release: 12.04 master: live-product-master00.product.com mem_total: 7450 nodename: live-product-app00 num_cpus: 2 num_gpus: 0 os: Ubuntu os_family: Debian osarch: amd64 oscodename: precise osfinger: Ubuntu-12.04 osfullname: Ubuntu osrelease: 12.04 path: /usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin :/sbin:/bin ps: ps -efH pythonpath: /usr/bin /usr/lib/python2.7 /usr/lib/python2.7/plat-linux2 /usr/lib/python2.7/lib-tk /usr/lib/python2.7/lib-old /usr/lib/python2.7/lib-dynload /usr/local/lib/python2.7/dist-packages /usr/lib/python2.7/dist-packages /usr/lib/pymodules/python2.7 pythonversion: 2.7.3.final.0 saltpath: /usr/lib/pymodules/python2.7/salt saltversion: 0.17.1 server_id: 224501001 shell: /bin/sh virtual: xen virtual_subtype: Xen PV DomU
  • 9. SaltStack config management ➔ Using Salt States (c.f. recipes, manifests, playbooks etc) ➔ YAML formatted ➔ Human readable ➔ Jinja templating for logic and conditionals ➔ Simple hierarchical layout >> ◆ top.sls as master tree ➔ One line command runs every state specified in top.sls on every targeted box: salt '*' state.highstate # nginx/init.sls nginx: pkg: - installed service: - running - watch: - pkg: nginx - file: /etc/nginx/nginx.conf /etc/nginx/nginx.conf: file.managed: - source: salt://nginx/nginx.conf - require: - pkg: nginx # top.sls base: '*': - core - python - snmp 'os:Ubuntu': - match: grain - nginx - php 'id:*log*': - match: grain - logstash - elasticsearch etc
  • 10. SaltCloud instance provisioning ➔ Supporting multiple providers (at least partially): AWS EC2, Digital Ocean, GoGrid, IBM SCE, JoyEnt, Linode, Rackspace, Softlayer ➔ And platforms: CloudStack, OpenStack, Parallels, Saltify, Salty-Vagrant ➔ Templating for providers: ec2-live: securitygroup: - default - live provider: ec2 location: eu-west-1 minion: master: live-product-master00.product.com And instances: ec2-live-app: provider: ec2-live image: ami-ce7b6fba size: m1.large ssh_username: ubuntu ➔ One line command to provision a box: salt-cloud -p ec2-live-app live-product-app00
  • 11. Additional components ➔ Pillar - Global value store for all minions ➔ Events - Listens for, publishes and sends events internally, to the master or to a 3rd Party ➔ Reactor - Logic engine to allow Events to trigger actions ➔ Syndic - Allows multi-master and other complicated setups hierarchies ➔ Scheduler - execution of any salt command on master or minions ➔ Halite - Experimental Web-UI ➔ Mine - used to collect arbitrary data from minions and store it on the master ➔ Virt - Virtual machine management - networking, images, disks etc ➔ SSH - Experimental - uses SSH rather than ZeroMQ and agent (hence slower) ➔ Kitchen-Salt - Experimental provisioner for Test-Kitchen
  • 12. Moderately clever other stuff ➔ Automated ◆ Route53 configuration using EC2 tags and boto ◆ Monitoring discovery ◆ Deployment configuration using estate intelligence ◆ Assignment of Product/Service/Environment grains based on AWS name tag ➔ RDS/ELB graphing from Cloudwatch metrics using CWGraph ➔ Beaver/Logstash/Elasticsearch/Kibana log aggregation service all Salty
  • 13. Salty goodness ➔ Vibrant & responsive community ◆ Google groups, IRC, Github issues, SaltConf, meetups ➔ Easy to get started ➔ Under active development - good response to issues ➔ Docs are sometimes patchy/dated/disorganised ➔ Can be complex to configure - lots of loosely coupled modules ➔ Under active development - can be buggy & badness
  • 14. Places to start Docs salt.readthedocs.org github.com/saltstack Discussion groups.google.com/group/salt-users IRC: freenode #salt This Presentation http://goo.gl/FxS6pp Tutorials http://goo.gl/2U5l37 - getting started http://goo.gl/Ontu2j - step by step with nginx http://goo.gl/TvD29f - good examples of remote execution tools and multi distro setup Sample States http://saltstarters.org/ - states github search jay@percussiverepair.net github.com/PercussiveRepair @PercussiveFix
  • 15. Other links Good overview slides: http://www.slideshare.net/SaltStack/an- overvisaltstack-presentation-clean http://www.slideshare.net/SaltStack/realtime- infrastructure-management-with-saltstack-seth- house

Notes de l'éditeur

  1. First development focused Operations Engineer in the company First real development effort on a top tier social game (originally for Zynga.com and Facebook) First foray into DevOps methodology First use of AWS services (in anger) First use of configuration management (not what I had believed - Chef in interview) First time without a team First time building a complete application stack from scratch (previously maintaining or improving existing infra) First time being the big dog (deciding operational approach, methodology, architecture, security, you name it)
  2. DevOps methodology -Build the Culture -Automate (Infrastructure as a Service, Infrastructure as code) -Measure -Sharing Separating Dev from Ops (Not “this is now Ops territory, back off” but “let me help you by taking that concern off your shoulders and automating the crap out of it”) Evangelising (What config management can do for everyone. Bringing non-functional requirements to the table. Making sure scalability, resilience and monitoring are all considered) Fingers in many pies (Help as many people as possible see the benefits) Push the agenda
  3. Salt is a distributed remote execution system used to execute commands and query data. simple to set up and maintain, regardless of the size of the project. architecture is designed to work with any number of servers, from a handful of local network systems to international deployments across disparate datacenters. topology is a simple server/client model with the needed functionality built into a single set of daemons. While the default configuration will work with little to no modification, salt can be fine tuned to meet specific needs. remote commands to be called in parallel rather than in serial, use a secure and encrypted protocol, smallest and fastest network payloads possible simple programmer interface. targeting networking layer is built with zeromq networking library, so salt itself contains a viable, and transparent, active message queue (AMQ) broker inside the daemon. public keys for authentication with the master daemon, then uses faster AES encryption for payload communication, this means that authentication and encryption are also built into Salt. Salt takes advantage of communication via Python pickles (serialised strings), enabling fast and light network traffic. simple expansion, Salt execution routines can be written as plain Python modules, and the data collected from salt executions can be sent back to the master server, or to any arbitrary program (returners). can be called via API, or from the command line, or webUI (halite - in development) so that salt can be used to execute one-off commands as well as operate as an integral part of a larger application. Salt is developed under the Apache 2.0 licence Node group A predefined group of minions declared in the master configuration file nodegroups setting as a compound target. Nodegroups are declared using a compound target specification. The nodegroups master config file parameter is used to define nodegroups. Here's an example nodegroup configuration within /etc/salt/master: nodegroups: group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com or bl*.domain.com' group2: 'G@os:Debian and foo.domain.com'
  4. Set by Salt /SaltCloud at box launch