Building self-service infrastructure with Puppet and

VMware

An intro to vSphere automation

2 | CONFIDENTIAL & PROPRIETARY

Really about…

•  A little about Operations at Puppet Labs.

•  Why we choose on premise virtualization over giving everyone EC2/Rackspace credentials.

•  How we’re tackling the ramifications of that ^ decision.

Building self-service infrastructure with Puppet and

VMware

An intro to vSphere automation

4 | CONFIDENTIAL & PROPRIETARY

Who am I?

•  Cody Herriges

•  Operations Engineer

•  Joined Puppet Labs in 2010

•  Been using Puppet for 5.5 years

•  Currently responsible for internal Virtualization and Storage architectures.

5 | CONFIDENTIAL & PROPRIETARY

Puppet Labs Operations

•  Three senior infrastructure engineers.

•  Two desktop support engineers.

•  Two Jr-ish infrastructure engineers.

•  Both start while I am here in Europe.

6 | CONFIDENTIAL & PROPRIETARY

Our current strategy

•  In the cloud?

•  Our production web applications; forge, redmine, ask, puppetlabs.com.

•  All other production?

•  On premise data center.

7 | CONFIDENTIAL & PROPRIETARY

Defining focus

•  We were always chasing things that were “broken”.

•  We weren’t making any personal growth.

•  No time to innovate.

•  Infrastructure design and implementation never matured.

8 | CONFIDENTIAL & PROPRIETARY

VMware

•  Our implementation was holding us back.

•  Rebuilt everything.

•  Networking infrastructure provided by 1GbE Cisco and 10GbE Juniper.

•  Storage over iSCSI, backed by EMC VNX and Nexenta.

9 | CONFIDENTIAL & PROPRIETARY

IaaS

•  Pros

•  Operational over a capital investment.

•  You get off the ground fast.

•  Don’t have to worry about power, rack space, cooling, cable management, networking.

•  On demand unlimited resources at your finger tips.

10 | CONFIDENTIAL & PROPRIETARY

IaaS

•  Cons

•  Performance is expensive.

•  Scale is expensive.

•  Redundancy can increase cost and/or application complexity.

•  You lose most of your control over networking.

11 | CONFIDENTIAL & PROPRIETARY

Internal Infrastructure

•  Pros

•  Performance and scale per dollar is much less.

•  Redundancy is loads simpler when you control layer 2.

•  Infrastructure can fit into the way you work and develop.

•  During an outage there is always something you can do about it.

12 | CONFIDENTIAL & PROPRIETARY

Internal Infrastructure

•  Cons

•  You have to buy things.

•  There is a datacenter to manage.

•  Initial roll out will take time.

13 | CONFIDENTIAL & PROPRIETARY

Internal Infrastructure

•  Other considerations

•  If you have a physical office you’ll will have some amount of internal infrastructure.

•  There will always be a point where you out grow that converted coat closet.

•  The product you develop may require it.

14 | CONFIDENTIAL & PROPRIETARY

Loading ESXi

•  vSphere hypervisor (ESXi) uses kickstart.

•  Razor, capable of loading ESXi to non-volatile storage.

•  vCenter’s built in gPXE system, vSphere Auto Deploy.

•  We’ve used both.

15 | CONFIDENTIAL & PROPRIETARY

vCenter Automation

•  Self-contained environments

•  Easy permission management

•  Modules

•  http://forge.puppetlabs.com/vmware/vmware_lib

•  http://forge.puppetlabs.com/vmware/vcenter

•  https://github.com/ody/vmware-vcenter/tree/at_puppetlabs

16 | CONFIDENTIAL & PROPRIETARY

DISCLAIMER

I had to fork these modules…they’ll get merged in soon…

17 | CONFIDENTIAL & PROPRIETARY

vCenter Automation

•  The “transport” resource

18 | CONFIDENTIAL & PROPRIETARY

vCenter Automation

•  Creating folders with “vc_folder”

19 | CONFIDENTIAL & PROPRIETARY

vCenter Automation

•  Creating vDS port groups with “vc_vdsportgroup”

20 | CONFIDENTIAL & PROPRIETARY

vCenter Automation

•  Setting permissions with “vc_permission”

21 | CONFIDENTIAL & PROPRIETARY

More from Puppet Labs Operations

•  http://forge.puppetlabs.com/ploperations

•  https://github.com/puppetlabs-operations

•  http://puppetlabs.com/blog

22 | CONFIDENTIAL & PROPRIETARY

Questions?

About anything really!