Using Puppet

Real World Configuration ManagementJames Turnbull

http://puppet.reductivelabs.com

Questions…

Feel free to ask questions

Where do I come from?

Configuration Management?

Management Speak

• Management model for:

Infrastructure

Applications

Data

• Documentation of attributes and operations

• Organization of attributes and operations

• Validation, audit, and verification

Where does it fit in?

Do you need it?

Large number of like hosts

… that are somehow never alike

Do you need it?

High level of failed change

http://www.flickr.com/photos/22676988@N06/2426527413/

Do you need it?

When your hosts look like this...

Just for enterprises?

“Mum, what’s an enterprise?”

What are the benefits?

ReproducibilityAccuracyHomogeneityDecision SupportSaves Money!

all this gets you ...

http://www.flickr.com/photos/ibuch/115409282/

Risks & Challenges

Tools != Process

Information is power

Accurate information is all-powerful

Best practice

Life cycle

Categorize, modularize, standardize

Control

Test, Test, and Test again

Who sells this?

Proprietary software vendors http://www.flickr.com/photos/ca_newsom/2199106278/

So what’s wrong?

http://www.flickr.com/photos/draggin/15223525/http://www.flickr.com/photos/jamesotron/511509780/

Archaic Monolithic

Who gives this away?

Free Open Source Softwarehttp://www.flickr.com/photos/tigr/26362667/

Introducing puppet

Photo from: http://www.flickr.com/photos/lkanies/2659592110/

Luke Andrew

Would you buy software from those guys?

Abstracts configuration as resources

Allows relationships

Idempotent

The key pieces

Declarative not imperative language

WHAT not HOW

How is it managed?

Puppet….

package { “ruby”:

ensure => latest,

}

Not Puppet…

# yum install ruby

# apt-get install ruby

# ports install ruby

# emerge ruby

# rpm -Uvh ruby-1.8.6.i386.rpm

# gem install ruby

# up2date ruby

# fink install ruby

# pkg_add ruby

# pkg-get ruby

# rug install ruby

# pkgadd ruby

A whole service...

package { bind: ensure => installed } file { “/etc/named.conf”:

source => “puppet://server/srv/bind/named.conf” } service { named: ensure => running }

yum install bindvim /etc/named.confservice start named

Puppet

Client-Server model

SSL communication

Unix-centric

Highly extensible

Written in Ruby

What’s new?

New support for Zenoss

Native support for Augeas

Enhanced conditionals

Automated documentation of modules

Native support for SELinux

Microsoft Windows support on the way!

What can be managed?

30 package types

Users & groups

Services

Nagios

Support for Debian, Ubuntu, Red Hat, Solaris, OS X, Gentoo, SuSE, *BSD, AIX, HP-UX and others.

In the clouds...

Spacewalk

Augeas

Func

Cobbler

Kickstart

Preseed

Capistrano

Amazon (E2, S3, SQS)

Cloud tools on the way...

Classes & definitions

class postfix {

… collection of resources …

}

define postfix_files {

... Repeatable application …

}

Modules

Collections of classes, definitions and resources

Portable and self-contained

Several collections of modules available online for common configurations:

http://reductivelabs.com/PuppetModules

Nodes

node “webserver.domain.com” {

include webserver

}

node “db1”, “db2”, “db3” {

include database

}

Nodes also support inheritance

Let’s all get related…

You can apply resources before other resources

After other resources

In response to other resources

Or even subscribe to resource changes

Language Attributes

Arrays

[ “red”, “green”, “blue” ]

Variables

$variable = value

Conditionals

If/else statements

Case statement

Selectors

Templates

Allows you to create template configuration files

For file-based configurations without types

Uses Ruby ERB

Allows population of templates with Puppet configuration, variables and facts

Facter

System inventory tool

Returns facts about hosts

Detects changes and updates information

Facts can be used in Puppet configurations

You can create custom facts

NEW! Windows fact support!

facts

hostname => absinthe

ipaddress => 10.0.0.15

kernel => Linux

Measuring success

Availability

Reduction in incidents

Rate of failed change

Build time and speed to market

Compliance to SOE, policy & standards

Do more with less?

Doesn’t mean head count cuts

Doesn’t mean budget cuts

More time to work on the projects that count

Better use of time means happier people

The future ….

The future is ...

REST APIs

Better performance

Better memory use

Automated plug-in system

Automated module system

The future is ...

Workflow systems

Service Level Management

Compliance & Governance systems

Inventory

Puppetshow

iClassify

PuppetView

Questions?

Puppet

http://puppet.reductivelabs.com

Pulling Strings With Puppet

http://www.apress.com/book/view/1590599780

© All images from Flickr and copyright to their owners