SlideShare une entreprise Scribd logo
1  sur  74
Télécharger pour lire hors ligne
Less talk, more rock

Puppet
                ALM Connect 2013
deepak
giridharagopal
deepak@puppetlabs.com
@grim_radical [github twitter freenode]
Let’s talk about...
Puppet: Eclipsecon ALM 2013
Immutability
  is great!
Puppet: Eclipsecon ALM 2013
Classes should be immutable unless
there's a very good reason to make




                                       -- Joshua Bloch, “Effective Java”
them mutable....If a class cannot be
made immutable, limit its mutability
as much as possible.
Immutability allows
for invariants, which
help you reason about
correctness
Immutability prevents
spooky action at a
distance
Immutability fosters
modular, composable
abstractions
(this shouldn’t be
  a tough sell to
   developers)
That’s great for
develoment, but how
 about operations?
Immutability for
infrastructure?
Because operations is in the
same boat as development
Everyone who’s got
their app running on
a fleet of servers has
experienced spooky
action at a distance
Known, good state is
critical for reliable
upgrades
A lack of predictability
in your systems
ruins automation and
abstraction
Puppet: Eclipsecon ALM 2013
The problem is that:

         Systems are inherently
                       mutable!

But ideally:

      Systems should behave as
           though they weren’t!
façade of immutability. Immutability
Computer systems are in many ways
open systems, providing the keys to
the vault if one is so inclined to grab
them. But in order to foster an air of
immutability in our own systems,
it's of utmost importance to create a
façade of immutability. Immutability




                                          -- The Joy of Clojure
requires that we layer over and
abstract the parts of our system that
provide unrestrained mutability.
Puppet: Eclipsecon ALM 2013
Describe how you’d
like your systems to
look, and Puppet
does all the hard
work for you!
Example: Inquire
a simple service for
exposing system
metrics
Example: Inquire
http://box/inquire/disk_usage
install apache
   create apache user
create apache config file
   cgi script for “df -h”
 correct perms for script
       start apache
restart if config changes!
Once you’ve got a
spec for your service,
you can see if a given
machine is up to code
• Packages:                  • Data files:
    • apache                    • /var/www/cgi-bin/
• Users:                           disk_usage
    • apache                      • executable, owned
                                     by apache
• Config files:
    • apache’s httpd.conf         • does “df -h”
• Services:
    • apache should be
      running
    • restart if config file
      changes
class inquire_server {
  package { apache: ensure => installed }
  user     { apache: uid => 1000, shell => "/bin/false" }
  service { apache: ensure => running }
 
  file {
    "/etc/httpd/httpd.conf":
       owner => root,
       mode => 644,
       source => "puppet://master-server/httpd.conf",
       notify => Service[apache];
 
    "/var/www/cgi-bin/disk_usage.sh":
       owner => apache,
       mode => 755,
       content => "/usr/bin/df -h";
  }
}
class inquire_bootstrap {
  package { apache: ensure => installed }
  user     { apache: uid => 1000, shell => "/bin/false" }
  service { apache: ensure => running }
 
  file {
    "/etc/httpd/httpd.conf":
       owner => root,
       mode => 644,
       source => "puppet://master-server/httpd.conf",
       notify => Service[apache];
  }
}
 
class inquire_disk_usage {
  include inquire_bootstrap
  file {
    "/var/www/cgi-bin/disk_usage.sh":
       owner => apache,
       mode => 755,
       content => "/usr/bin/df -h";
  }
}
class inquire_bootstrap {
  package { apache: ensure => installed }
  user     { apache: uid => 1000, shell => "/bin/false" }
  service { apache: ensure => running }
 
  file {
    "/etc/httpd/httpd.conf":
       owner => root,
       mode => 644,
       source => "puppet://master-server/httpd.conf",
       notify => Service[apache];
  }
}
 
define inquiry($command) {
  include inquire_bootstrap
  file {
    "/var/www/cgi-bin/$name.sh":
       owner => apache,
       mode => 755,
       content => $command;
  }
}
node “appserver.mydomain.com”   {
  inquiry {
    "disk-usage": command =>    "df -h";
    "processes":   command =>   "ps aux";
    "kernel-info": command =>   "uname -a";
  }
}
node “appserver1.mydomain.com” {
  inquiry {
    "disk-usage": command => "df -h";
    "processes":   command => "ps aux";
    "kernel-info": command => "uname -a";
  }
}

node “appserver2.mydomain.com” {
  inquiry {
    "disk-usage": command => "df -h";
    "processes":   command => "ps aux";
    "kernel-info": command => "uname -a";
  }
}
class instrumentation {
  inquiry {
    "disk-usage": command => "df -h";
    "processes":   command => "ps aux";
    "kernel-info": command => "uname -a";
  }
}

node “appserver1.mydomain.com” {
  include instrumentation
}

node “appserver2.mydomain.com” {
  include instrumentation
}
Rich set of primitives,
and make your own.
Can use existing
modules and
abstractions, and
make your own.
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
netmask_lo: 255.0.0.0               ipaddress: 172.16.245.128
  augeasversion: 0.10.0               processor0: Intel(R) Core(TM)
  fqdn: pe-debian6.localdomain      i7-2635QM CPU @ 2.00GHz
  manufacturer: "VMware, Inc."        lsbdistrelease: 6.0.2
  processorcount: "1"                 uniqueid: 007f0101
  productname: VMware Virtual         hardwaremodel: i686
Platform                              kernelversion: 2.6.32
  physicalprocessorcount: 1           operatingsystem: Debian
  facterversion: 1.6.7                architecture: i386
  boardproductname: 440BX Desktop     lsbdistdescription: Debian GNU/
Reference Platform                  Linux 6.0.2 (squeeze)
  kernelmajversion: "2.6"             lsbmajdistrelease: "6"
  hardwareisa: unknown                interfaces: "eth0,lo"
  timezone: PDT                       ipaddress_lo: 127.0.0.1
  puppetversion: 2.7.12 (Puppet       uptime_days: 0
Enterprise 2.5.1)                     lsbdistid: Debian
  lsbdistcodename: squeeze            rubysitedir: /opt/puppet/lib/
  is_virtual: "true"                site_ruby/1.8
  operatingsystemrelease: 6.0.2       rubyversion: 1.8.7
  virtual: vmware                     osfamily: Debian
  type: Other                         memorytotal: &id001 502.57 MB
  domain: localdomain                 memorysize: *id001
  hostname: pe-debian6                boardmanufacturer: Intel
  selinux: "false"                  Corporation
  kernel: Linux                       path: /usr/local/sbin:/usr/
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
file { “/etc/issue”:
  content => “Got an issue? Here’s a tissue!”,
}

file { “/etc/motd”:
  content => template(“Welcome to $hostname!”),
}
file { "/etc/sudoers":
  owner => root,
  group => root,
  mode   => 440,
  source => "puppet:///modules/sudo/sudoers"
}
class ntp {
    package { 'ntp':
      ensure => installed,
    }

    service { 'ntpd':
      ensure    => running,
      enable    => true,
      subscribe => File['/etc/ntp.conf'],
    }

    file { '/etc/ntp.conf':
      ensure => file,
      require => Package['ntp'],
      source => "puppet:///modules/ntp/ntp.conf",
    }
}
node “webserver.mydomain.com” {
  include ntp
}

node “appserver.mydomain.com” {
  include ntp
}

node “database.mydomain.com” {
  include ntp
}
class ssh {

    @@sshkey { $hostname:
      type => dsa,
      key => $sshdsakey
    }

    Sshkey <<| |>>

}
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
File “/tmp/foo/bar”
   User “deepak”
   Dir “/tmp/foo”
    Dir “/tmp”
Dir “/tmp”    User “deepak”

      Dir “/tmp/foo”


   File “/tmp/foo/bar”
Dir “/tmp”    User “deepak”

      Dir “/tmp/foo”


   File “/tmp/foo/bar”
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
package { 'ntp':
  ensure => installed,
}

service { 'ntpd':
  ensure    => running,
  enable    => true,
  subscribe => File['/etc/ntp.conf'],
}

file { '/etc/ntp.conf':
  ensure => file,
  require => Package['ntp'],
  source => "puppet:///modules/ntp/ntp.conf",
}
package { 'ntp':
  ensure => installed,
}

service { 'ntpd':
  ensure    => running,
  enable    => true,
  subscribe => File['/etc/ntp.conf'],
}

file { '/etc/ntp.conf':
  ensure => file,
  require => Package['ntp'],
  source => "puppet:///modules/ntp/ntp.conf",
}
package { 'ntp':
  ensure => installed,
}

service { 'ntpd':
  ensure    => running,
  enable    => true,
  subscribe => File['/etc/ntp.conf'],
}

file { '/etc/ntp.conf':
  ensure => file,
  require => Package['ntp'],
  source => "puppet:///modules/ntp/ntp.conf",
}
package { 'ntp':
  ensure => installed,
}

service { 'ntpd':
  ensure    => running,
  enable    => true,
  subscribe => File['/etc/ntp.conf'],
}

file { '/etc/ntp.conf':
  ensure => file,
  require => Package['ntp'],
  source => "puppet:///modules/ntp/ntp.conf",
}
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
Idempotent, and
only does what’s
necessary
Compensates for the
inherent mutability
of systems
Combats spooky
action at a distance
with automatic
repair
Brings predictability
to your systems
A foundation of
predictability and
reliability lets you
perform higher-level
operations on your
infrastructure
Code all the way down
Software-defined
infrastructure is...just
software.
Infrastructure as
code is...just code.
Thus, you can treat it
like the other code in
your application
Scary, but liberating!
Maintaining the
state of your systems
is the foundation
upon which
everything rests
Start small, and start
somewhere. :)
deepak
giridharagopal
deepak@puppetlabs.com
@grim_radical [github twitter freenode]


        We’re hiring!

Contenu connexe

Tendances

Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe BookTim Riley
 
Single node hadoop cluster installation
Single node hadoop cluster installation Single node hadoop cluster installation
Single node hadoop cluster installation Mahantesh Angadi
 
Getting Started with Ansible
Getting Started with AnsibleGetting Started with Ansible
Getting Started with Ansibleahamilton55
 
Puppet at janrain
Puppet at janrainPuppet at janrain
Puppet at janrainPuppet
 
From Dev to DevOps
From Dev to DevOpsFrom Dev to DevOps
From Dev to DevOpsAgile Spain
 
Hadoop single cluster installation
Hadoop single cluster installationHadoop single cluster installation
Hadoop single cluster installationMinh Tran
 
Automated infrastructure is on the menu
Automated infrastructure is on the menuAutomated infrastructure is on the menu
Automated infrastructure is on the menujtimberman
 
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...Puppet
 
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Carlos Sanchez
 
PuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetPuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetWalter Heck
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment  at OnAppPuppetCamp SEA 1 - Puppet Deployment  at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppWalter Heck
 
PuppetCamp SEA 1 - Use of Puppet
PuppetCamp SEA 1 - Use of PuppetPuppetCamp SEA 1 - Use of Puppet
PuppetCamp SEA 1 - Use of PuppetWalter Heck
 
Ansible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife OrchestrationAnsible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife Orchestrationbcoca
 
Augeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet treeAugeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet treeJulien Pivotto
 
Py conkr 20150829_docker-python
Py conkr 20150829_docker-pythonPy conkr 20150829_docker-python
Py conkr 20150829_docker-pythonEric Ahn
 
Using Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSXUsing Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSXPuppet
 
More tips n tricks
More tips n tricksMore tips n tricks
More tips n tricksbcoca
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnwgarrett honeycutt
 

Tendances (20)

Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe Book
 
Single node hadoop cluster installation
Single node hadoop cluster installation Single node hadoop cluster installation
Single node hadoop cluster installation
 
Getting Started with Ansible
Getting Started with AnsibleGetting Started with Ansible
Getting Started with Ansible
 
Puppet at janrain
Puppet at janrainPuppet at janrain
Puppet at janrain
 
From Dev to DevOps
From Dev to DevOpsFrom Dev to DevOps
From Dev to DevOps
 
Hadoop single cluster installation
Hadoop single cluster installationHadoop single cluster installation
Hadoop single cluster installation
 
Automated infrastructure is on the menu
Automated infrastructure is on the menuAutomated infrastructure is on the menu
Automated infrastructure is on the menu
 
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...
Puppet Camp Phoenix 2015: Managing Files via Puppet: Let Me Count The Ways (B...
 
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
 
PuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetPuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with Puppet
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment  at OnAppPuppetCamp SEA 1 - Puppet Deployment  at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnApp
 
PuppetCamp SEA 1 - Use of Puppet
PuppetCamp SEA 1 - Use of PuppetPuppetCamp SEA 1 - Use of Puppet
PuppetCamp SEA 1 - Use of Puppet
 
Ansible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife OrchestrationAnsible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife Orchestration
 
Augeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet treeAugeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet tree
 
Py conkr 20150829_docker-python
Py conkr 20150829_docker-pythonPy conkr 20150829_docker-python
Py conkr 20150829_docker-python
 
Using Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSXUsing Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSX
 
More tips n tricks
More tips n tricksMore tips n tricks
More tips n tricks
 
Puppet_training
Puppet_trainingPuppet_training
Puppet_training
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw
 
Docker, c'est bonheur !
Docker, c'est bonheur !Docker, c'est bonheur !
Docker, c'est bonheur !
 

Similaire à Puppet: Eclipsecon ALM 2013

Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with PuppetAlessandro Franceschi
 
Dance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkDance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkMichael Peacock
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetOmar Reygaert
 
Ansible new paradigms for orchestration
Ansible new paradigms for orchestrationAnsible new paradigms for orchestration
Ansible new paradigms for orchestrationPaolo Tonin
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to AnsibleCédric Delgehier
 
PuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into OperationsPuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into Operationsgrim_radical
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of AnsibleDevOps Ltd.
 
Harmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and PuppetHarmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and PuppetAchieve Internet
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationJohn Lynch
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
Provisioning with Puppet
Provisioning with PuppetProvisioning with Puppet
Provisioning with PuppetJoe Ray
 
Chef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructureChef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructureMichaël Lopez
 
Using Puppet in Small Infrastructures
Using Puppet in Small InfrastructuresUsing Puppet in Small Infrastructures
Using Puppet in Small InfrastructuresRachel Andrew
 
Ansible with oci
Ansible with ociAnsible with oci
Ansible with ociDonghuKIM2
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierCarlos Sanchez
 

Similaire à Puppet: Eclipsecon ALM 2013 (20)

Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with Puppet
 
Dance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkDance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech Talk
 
Puppet
PuppetPuppet
Puppet
 
Puppet
PuppetPuppet
Puppet
 
Puppet
PuppetPuppet
Puppet
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
 
Ansible new paradigms for orchestration
Ansible new paradigms for orchestrationAnsible new paradigms for orchestration
Ansible new paradigms for orchestration
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
 
PuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into OperationsPuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into Operations
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of Ansible
 
Harmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and PuppetHarmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and Puppet
 
infra-as-code
infra-as-codeinfra-as-code
infra-as-code
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Puppi. Puppet strings to the shell
Puppi. Puppet strings to the shellPuppi. Puppet strings to the shell
Puppi. Puppet strings to the shell
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
Provisioning with Puppet
Provisioning with PuppetProvisioning with Puppet
Provisioning with Puppet
 
Chef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructureChef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructure
 
Using Puppet in Small Infrastructures
Using Puppet in Small InfrastructuresUsing Puppet in Small Infrastructures
Using Puppet in Small Infrastructures
 
Ansible with oci
Ansible with ociAnsible with oci
Ansible with oci
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next Frontier
 

Dernier

Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 

Dernier (20)

Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 

Puppet: Eclipsecon ALM 2013

  • 1. Less talk, more rock Puppet ALM Connect 2013
  • 7. Classes should be immutable unless there's a very good reason to make -- Joshua Bloch, “Effective Java” them mutable....If a class cannot be made immutable, limit its mutability as much as possible.
  • 8. Immutability allows for invariants, which help you reason about correctness
  • 11. (this shouldn’t be a tough sell to developers)
  • 12. That’s great for develoment, but how about operations?
  • 13. Immutability for infrastructure? Because operations is in the same boat as development
  • 14. Everyone who’s got their app running on a fleet of servers has experienced spooky action at a distance
  • 15. Known, good state is critical for reliable upgrades
  • 16. A lack of predictability in your systems ruins automation and abstraction
  • 18. The problem is that: Systems are inherently mutable! But ideally: Systems should behave as though they weren’t!
  • 19. façade of immutability. Immutability
  • 20. Computer systems are in many ways open systems, providing the keys to the vault if one is so inclined to grab them. But in order to foster an air of immutability in our own systems, it's of utmost importance to create a façade of immutability. Immutability -- The Joy of Clojure requires that we layer over and abstract the parts of our system that provide unrestrained mutability.
  • 22. Describe how you’d like your systems to look, and Puppet does all the hard work for you!
  • 23. Example: Inquire a simple service for exposing system metrics
  • 25. install apache create apache user create apache config file cgi script for “df -h” correct perms for script start apache restart if config changes!
  • 26. Once you’ve got a spec for your service, you can see if a given machine is up to code
  • 27. • Packages: • Data files: • apache • /var/www/cgi-bin/ • Users: disk_usage • apache • executable, owned by apache • Config files: • apache’s httpd.conf • does “df -h” • Services: • apache should be running • restart if config file changes
  • 28. class inquire_server { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache];   "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; } }
  • 29. class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; } }   class inquire_disk_usage { include inquire_bootstrap file { "/var/www/cgi-bin/disk_usage.sh": owner => apache, mode => 755, content => "/usr/bin/df -h"; } }
  • 30. class inquire_bootstrap { package { apache: ensure => installed } user { apache: uid => 1000, shell => "/bin/false" } service { apache: ensure => running }   file { "/etc/httpd/httpd.conf": owner => root, mode => 644, source => "puppet://master-server/httpd.conf", notify => Service[apache]; } }   define inquiry($command) { include inquire_bootstrap file { "/var/www/cgi-bin/$name.sh": owner => apache, mode => 755, content => $command; } }
  • 31. node “appserver.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } }
  • 32. node “appserver1.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } } node “appserver2.mydomain.com” { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } }
  • 33. class instrumentation { inquiry { "disk-usage": command => "df -h"; "processes": command => "ps aux"; "kernel-info": command => "uname -a"; } } node “appserver1.mydomain.com” { include instrumentation } node “appserver2.mydomain.com” { include instrumentation }
  • 34. Rich set of primitives, and make your own. Can use existing modules and abstractions, and make your own.
  • 39. netmask_lo: 255.0.0.0 ipaddress: 172.16.245.128 augeasversion: 0.10.0 processor0: Intel(R) Core(TM) fqdn: pe-debian6.localdomain i7-2635QM CPU @ 2.00GHz manufacturer: "VMware, Inc." lsbdistrelease: 6.0.2 processorcount: "1" uniqueid: 007f0101 productname: VMware Virtual hardwaremodel: i686 Platform kernelversion: 2.6.32 physicalprocessorcount: 1 operatingsystem: Debian facterversion: 1.6.7 architecture: i386 boardproductname: 440BX Desktop lsbdistdescription: Debian GNU/ Reference Platform Linux 6.0.2 (squeeze) kernelmajversion: "2.6" lsbmajdistrelease: "6" hardwareisa: unknown interfaces: "eth0,lo" timezone: PDT ipaddress_lo: 127.0.0.1 puppetversion: 2.7.12 (Puppet uptime_days: 0 Enterprise 2.5.1) lsbdistid: Debian lsbdistcodename: squeeze rubysitedir: /opt/puppet/lib/ is_virtual: "true" site_ruby/1.8 operatingsystemrelease: 6.0.2 rubyversion: 1.8.7 virtual: vmware osfamily: Debian type: Other memorytotal: &id001 502.57 MB domain: localdomain memorysize: *id001 hostname: pe-debian6 boardmanufacturer: Intel selinux: "false" Corporation kernel: Linux path: /usr/local/sbin:/usr/
  • 42. file { “/etc/issue”: content => “Got an issue? Here’s a tissue!”, } file { “/etc/motd”: content => template(“Welcome to $hostname!”), }
  • 43. file { "/etc/sudoers": owner => root, group => root, mode => 440, source => "puppet:///modules/sudo/sudoers" }
  • 44. class ntp { package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", } }
  • 45. node “webserver.mydomain.com” { include ntp } node “appserver.mydomain.com” { include ntp } node “database.mydomain.com” { include ntp }
  • 46. class ssh { @@sshkey { $hostname: type => dsa, key => $sshdsakey } Sshkey <<| |>> }
  • 49. File “/tmp/foo/bar” User “deepak” Dir “/tmp/foo” Dir “/tmp”
  • 50. Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  • 51. Dir “/tmp” User “deepak” Dir “/tmp/foo” File “/tmp/foo/bar”
  • 56. package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 57. package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 58. package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 59. package { 'ntp': ensure => installed, } service { 'ntpd': ensure => running, enable => true, subscribe => File['/etc/ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => "puppet:///modules/ntp/ntp.conf", }
  • 63. Idempotent, and only does what’s necessary
  • 64. Compensates for the inherent mutability of systems
  • 65. Combats spooky action at a distance with automatic repair
  • 67. A foundation of predictability and reliability lets you perform higher-level operations on your infrastructure
  • 68. Code all the way down
  • 70. Thus, you can treat it like the other code in your application
  • 72. Maintaining the state of your systems is the foundation upon which everything rests
  • 73. Start small, and start somewhere. :)