eclipse con 2012 - frictionless operations with puppet - luke kanies

Luke KaniesFounder of Puppet

Founder and CEO, Puppet Labs

Frictionless Operationswith Puppet

Tuesday, April 10, 12

The IT Situation

Absolutely critical

Gatekeepers

Bad tools

Calcification

DevOps

2001: Agile Manifesto

Individuals and interactions over

processes and tools

Working software over comprehensive documentation

Customer collaboration over contract negotiation

Responding to change over following a plan

Dev: On time, under budget, wrong product

http://diykenya.files.wordpress.com/2010/08/tire_swing.gif

Ops: Secure, stable, 18 months to deploy

Process exists for a reason

http://t0.gstatic.com/images?q=tbn:ANd9GcQHJKV3omm4ov_CU7CJovofE_QGi9xsg_vPz1QHZlKXmlYtt2bB-Q

Confidence through Tooling

http://www.mdpretech.com/images/Products/Precision%20Tooling%20for%20IC%20mold%20and%20Plastic%20mold.jpg

Cloud Computing

http://t2.gstatic.com/images?q=tbn:ANd9GcRSjOE5BJr_A2IvmjZk1tCj7LU_qENIb58MuGqQWxU2DGqETHz-

Agility

Big Data

Self-service

Puppet

Puppet Users

Scaled from 0 to over 10,000 serversin 2 months without training

287 servers per SysAdminvs. 19 for BMC BladeLogic

Over 50,000 systemsmanaged by Puppet

Deploy 1,800 machines in 2 hoursvs. 25 machines per day with HP Opsware

Financial Entertainment Technology Defense Web

InvestorsMobile PhoneCompany

Plenty of others

Built for the user

Great Design

http://www.encorbio.com/Album/pages/ChkNFH-neuron1.htm

ConfigurationPlatform

Embarrassment

More great sysadmins

Programmers Sysadmins

5000 Assembly Scripts

Millions Ruby, Java, PHP, C ?

Fully Automated Infrastructure

Asynchronous Management

Centralized Management

Good tools

Flatten the climb

Investment

Why use Puppet?

96% of outages are human error

Stability

1000 nodes x 10s command = no pub

Agility

Air-gapLeast Privilege

Untrusted clients

Security

Auditability

Golden image?

Image from http://www.flickr.com/photos/fungep/2516767121/sizes/l_

Puppet: A brief introduction

A language for configuration specification

Resource Abstraction Layercomputercronfilegrouphostinterfacek5loginmailaliasmaillistmcxmount

packageportresourcesrouterservicesshkeystageuservcsrepovlanyumrepo

Cross Platform

Fedora

Debian

Ubuntu

CentOS

Red HatOS X

OpenBSD

FreeBSD

Solaris

Windows

Workflow Define: With Puppet's declarative language you design a graph of relationships between resources within reusable modules. These modules define your infrastructure in its desired state.

Simulate: With this resource graph, Puppet is unique in its ability to simulate deployments, enabling you to test changes without disruption to your infrastructure.

Enforce: Puppet compares your system to the desired state as you define it, and automatically enforces it to the desired state ensuring your system is in compliance.

Report: Puppet Dashboard reports track relationships between components and all changes, allowing you to keep up with security and compliance mandates. And with the open API you can integrate Puppet with third party monitoring tools.

DESIREDSTATE

CURRENTSTATE

OVERAGE

Change Propagation

FactsThe node sends normalized data about itself to the Puppet Master.

CatalogPuppet uses the Facts tocompile a Catalog thatspecifies how the nodeshould be configured.

Report3XSSHW·V�RSHQ�$3,�can also send data to third party tools.

ReportThe node reports back to Puppet indicating the configuration is complete, which is visible in the Puppet Dashboard.

Report Collector(Puppet or 3rd party tool)

PuppetMaster

SSL secure encryption on all data transport

domain => localfacterversion => 1.5.8fqdn => sliver.localhardwaremodel => i386hostname => sliverinterfaces => lo0,gif0,stf0,en0,en1,fw0,vmnet1,vboxnet0ipaddress => 192.168.174.1ipaddress_lo0 => 127.0.0.1ipaddress_vmnet1 => 192.168.174.1kernel => Darwinkernelmajversion => 10.6kernelrelease => 10.6.0macosx_productname => Mac OS Xmacosx_productversion => 10.6.6netmask => 255.255.255.0netmask_lo0 => 255.0.0.0netmask_vmnet1 => 255.255.255.0network_lo0 => 127.0.0.0network_vmnet1 => 192.168.174.0operatingsystem => Darwinoperatingsystemrelease => 10.6.0path => /opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/binps => ps auxwwwpuppetversion => 2.6.4rubysitedir => /opt/local/lib/ruby/site_ruby/1.8timezone => PSTuptime => 1 dayrubyversion => 1.8.7sp_bus_speed => 1.07 GHz

Automatic Inventory

Centralized, Serverless, or Hybrid

MCollectivehandlesorchestration

Puppet Master

Puppet Dashboard 3rd Party SystemsPuppet Module Forge

Modules

Puppet AgentFacter

Scales like HTTPS

2 known 50k node sites

Multiple 30k node sites

Tens of 3k node sites

Built as a platform

Model-based hackability

•Hosts•Inventory data• IP, hostname, platform, etc.

•Resource lists•Resource dependencies•Change events

Puppet Faces

cacatalogcertificatecertificate_requestcertificate_revocation_listconfigfactsfilehelp

keymannodeparserpluginreportresourceresource_typestatus

MCollective: Infrastructure message

Puppet Forge301 modules

How to use Puppet

Seek the pain

Image from http://www.flickr.com/photos/pagedooley/2147718252/sizes/l/Tuesday, April 10, 12

Solve the simple problems

Add the infrastructure features you always

wanted

Think like Puppet thinks

•Resources, not text snippets or lines added to files•What resources are you managing?•How are they related to each other?

Replace Shell Scripts with Resources

Becomes:

Relationships matter but are often implicit

Package

Service

Service should restart whenconfiguration changes

Configuration

Configuration should get modifed after package installation

Explicit Relationships

Relationships provide ordering and notification

"Exec[createrepo-PM-RHEL5-noarch]"

"Yumrepo[PM-RHEL5-x86_64]"

"Yumrepo[PM-RHEL5-noarch]"

"Package[postgresql-server]"

"Package[thttpd]"

"File[/var/www/thttpd/html/yum-PM-RHEL5-noarch]""File[/var/www/thttpd/html/yum-PM-RHEL5-x86_64]"

"Exec[rsync-rpmdir-PM-RHEL5-x86_64]"

"Exec[createrepo-PM-RHEL5-x86_64]"

"Postgres::Role[puppet]"

"Exec[rsync-rpmdir-PM-RHEL5-noarch]"

Classes document Intent

Organize files into modules

Provide platform abstraction

Debian

Red Hat

Portability and Naming

Puppet Enterprise

Detail of node status to pinpoint specific issues

High-‐level status of nodes for instant

visibility

Time-‐based display for insight into rate of

change

Reporting

Cloud Provisioning

VMware

Amazon AWS

OpenStack

Choose nodes to clone to ensure consistency

Preview the impact before you clone

Browse for managed nodes in your infrastructure

Resource Browsing

Accept or reject changes to update

your baseline

See specific differences between node configurations

Compliance

Find out the status of each node group and its last Puppet run

Orchestration

Resources currently under Puppet management

Current set of managed nodes

Orchestration

2.5 Released today

•Windows support•Puppet Forge integration•Puppet Data Library

Summary

IT is critical but needs to improve

DevOps is bringing change

The Cloud is Coming

http://t2.gstatic.com/images?q=tbn:ANd9GcRSjOE5BJr_A2IvmjZk1tCj7LU_qENIb58MuGqQWxU2DGqETHz-

Puppet gets you there

Questions?

Give Feedback on the Sessions

1 Sign In: www.eclipsecon.org

2 Select Session Evaluate

3 Vote

eclipse con 2012 - frictionless operations with puppet - luke kanies

puppet labstuesday

use puppet

puppet usersmobile phonedeploy

party tools

desired state

party toolreportcan

graph of relationships

resourcetrack relationships

Technology

eclipse con 2012 - devops - luke kanies

frictionless supercomputing - mew25

puppet camp london 2015: puppet contained

state of puppet 2013 - puppet camp dc

puppet on windows - puppet camp dc 2015

frictionless shopping

"frictionless testing" for developers

dead puppet society argus presenter pack - artour | home...

puppetconf 2016: puppet & azure – kenaz kwa, puppet

puppet 101 marc skinner q2:2014 · 2 rhug q2:2015 what is...

puppetconf 2016: keynote - luke kanies, puppet founder

frictionless participation

puppet: infrastructure as code - it pro forum · 15-02-2011...

puppet dashboard manual -...

frictionless payment and startups

downloads.puppetlabs.com puppet puppet

wp puppet theatre | puppet power: connecting generations ......

state of puppet - puppet camp barcelona 2013

puppet camp berlin 2015: puppet keynote

frictionless finance · what is frictionless finance? ......