Puppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
Google compute presentation puppet conf
description
Transcript of Google compute presentation puppet conf
Dan Bode| Puppet Labs [email protected]
Puppetized Application Stackswith GCE
# puppetconf # puppetize @ puppetlabs
What is a resource ?
http://www.sharepointblog.co.uk/tag/bamasterclass/
# puppetconf # puppetize @ puppetlabs
Puppet Resources
Simple way to describe the configuration state of individual elements of the system being managed.
user { ‘dan’:
ensure => present,
shell => ‘/bin/bash’,
}
# puppetconf # puppetize @ puppetlabs
Puppet Resources
user { ‘dan’: # a user named dan
ensure => present, # should exist
shell => ‘/bin/bash’, # with this shell
}
# puppetconf # puppetize @ puppetlabs
Puppet Resources
package { ‘apache2’: # a package named apache2
ensure => present, # should be installed
}
# puppetconf # puppetize @ puppetlabs
Puppet DSL and Resources
http://dustrucshin.deviantart.com/art/Lego-Rainbow-170415743
# puppetconf # puppetize @ puppetlabs
Puppet DSL and Resources
The Puppet DSL can be used to compose collections of simple resources into classes or defined resources.
# puppetconf # puppetize @ puppetlabs
Common Pattern:Package, File, Service
class webserver { package { ‘apache2’: ensure => present, } file { ‘/etc/apache2/apache2.conf’: content => template(‘apache2/apache2.erb’), require => Package[‘apache2’], } service { ‘apache2’: ensure => running subscribe => File[‘/etc/apache2/apache2.conf’] }}
# puppetconf # puppetize @ puppetlabs
Package, File, Service
Now we can build webservers with:
node my_node {
include webserver
}
# puppetconf # puppetize @ puppetlabs
Text is Awesome
http://cwd.co.uk/asciimoo/view/29
# puppetconf # puppetize @ puppetlabs
Text is awesome
• Integrates with version control
• Easy to share and collaborate on
• Easy to re-use.
# puppetconf # puppetize @ puppetlabs
Resources redefined:
Anything whose state can be managed on our system can be expressed as a resource.
# puppetconf # puppetize @ puppetlabs
Puppet Devices
Resource can now describe objects on other systems.
# puppetconf # puppetize @ puppetlabs
Google Compute Engine
Express stacks as:
•VM Instances
•Networks
•Firewalls
•Disks
# puppetconf # puppetize @ puppetlabs
GCE objects as resources?
• All GCE objects have state (they can
exist, not exist)
• GCE objects can be managed remotely
using the Puppet Device Pattern
# puppetconf # puppetize @ puppetlabs
gce_disk { ‘dansdisk’:
ensure => present,
size_gb => '2',
}
# puppetconf # puppetize @ puppetlabs
gce_network { ‘dansnetwork’:
ensure => present,
gateway => '10.0.1.1',
range => '10.0.1.0/24’,
}
# puppetconf # puppetize @ puppetlabs
gce_instance { ‘dansinstance’:
ensure => present,
zone => 'us-central1-a',
machine => 'n1-standard-1',
image => 'projects/google/images/ubuntu-12-04-v20120621',
description => “I’m gonna be a database (as soon as I figure out how)!”,
tag => ’danstag’,
}
# puppetconf # puppetize @ puppetlabs
New Pattern for stacks:Network, Firewall, Instance Class app_stack {
gce_network { ‘appnet’:
ensure => present,
range => '10.0.1.0/24’,
}
gce_firewall { ‘webhttp’:
ensure => present,
allowed => 'tcp:80’,
network => ‘appnet’,
}
gce_instance { ‘server1’:
ensure => present,
network => ‘appnet’
}
}
# puppetconf # puppetize @ puppetlabs
We don’t really want compute resources, we want applications that consume those resources.
# puppetconf # puppetize @ puppetlabs
Step 1. Get content from the forge.
gce_instance { ‘dansinstance’:
ensure => present,
…
modules => [‘puppetlabs-mysql’, ‘saz-memcached’]
}
# puppetconf # puppetize @ puppetlabs
forge.puppetlabs.comOver 500 modules!!!!
http://for.some.reason.i.ma.de/this
I get all of
my content from the forge
# puppetconf # puppetize @ puppetlabs
Step 2. Classify the instances using forge content
gce_instance { ‘mysql-server’: ensure => present, …. modules => [‘martasd-mysql’], classes => {‘mediawiki' => { 'server_name' => '$gce_external_ip’ }, }
# puppetconf # puppetize @ puppetlabs
Why is this awesome
http://activerain.com/image_store/uploads/5/1/1/2/5/ar118906407752115.jpg
# puppetconf # puppetize @ puppetlabs
Puppet is a proper composition language
• Easy to organize complicated stacks.
• Supports higher level interfaces.
• Better than copy and paste configuration.
# puppetconf # puppetize @ puppetlabs
Resources support noop
• Possible to see if your description matches the current stack.
# puppetconf # puppetize @ puppetlabs
Writable configuration language
• People already know how to compose complex configurations with Puppet
Thank YouDan Bode | Puppet Labs [email protected]