Here are the slides from Chris Barker and David Soper's PuppetConf 2016 presentation called Policy-Based Management All the Way Down. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
10. Puppet + UCS
Abstracting Workload Deployment
● A node’s role (classification) describes its intended use - the “what”
● E.g., OpenStack Ceph Storage node
● Has shared (security, compliance) and specific (DB) profiles
10
11. Puppet + UCS
Abstracting Workload Deployment
● So, what infrastructure is needed for my OpenStack Ceph node?
● Use profiles to define logical representations of workloads (filesystem, authentication, etc.)
● Write it once, deploy it anywhere
● Profiles describe resources and policies to apply to those resources - a provider applies policy
11
12. Puppet + UCS
Abstracting Workload Deployment
● Great, what about the OS and underlying infrastructure? Where do I define that?
● Just another set of profiles and policies: Razor for OS deployment and Cisco UCS for the
infrastructure
12
14. Puppet + UCS
You call that a profile? Now this is a profile.
● Your UCS service profile is just like your other Puppet profiles, but for the underlying infrastructure
● Logical representation of resources (compute/network/storage/etc.)
● Collection of policies to apply
● Did I mention “logical”? Profiles and policies can be changed as needed:
● Need more storage - just update your profile
● Need to change Firmware - just update a policy
14
20. Puppet + UCS
Focus on the Fun Stuff (Automation)
● Automation is great, but you still have steps to follow
● Back on our Ceph node, what packages (versions), ports, etc. do I need?
● Ok Google, “OpenStack 7”
● Better: Ok Google, “OpenStack 7 CVD”
● Cisco Validated Design with comprehensive deployment instructions
● Cisco put the pieces together, made sure they work, then tells you how to deploy in detail
20
21. Puppet + UCS
This is Great - and only 351 Pages!
● Time to Automate
● Infrastructure profiles- define once and
deploy as needed
● OS profiles - name that role and
provision
● Puppet - define once and deploy as
needed
21