building self-service on demand infrastructure with puppet and vmware
DESCRIPTION
"Building self-service infrastructure with Puppet and VMware: An intro to vSphere automation" by Cody Herriges of Puppet Labs at Puppet Camp London 2013. Find a Puppet Camp near you: https://puppetlabs.com/community/puppet-camp/TRANSCRIPT
Building self-service infrastructure with Puppet and
VMware
An intro to vSphere automation
2 | CONFIDENTIAL & PROPRIETARY
Really about…
• A little about Operations at Puppet Labs.
• Why we choose on premise virtualization over giving everyone EC2/Rackspace credentials.
• How we’re tackling the ramifications of that ^ decision.
Building self-service infrastructure with Puppet and
VMware
An intro to vSphere automation
4 | CONFIDENTIAL & PROPRIETARY
Who am I?
• Cody Herriges
• Operations Engineer
• Joined Puppet Labs in 2010
• Been using Puppet for 5.5 years
• Currently responsible for internal Virtualization and Storage architectures.
5 | CONFIDENTIAL & PROPRIETARY
Puppet Labs Operations
• Three senior infrastructure engineers.
• Two desktop support engineers.
• Two Jr-ish infrastructure engineers.
• Both start while I am here in Europe.
6 | CONFIDENTIAL & PROPRIETARY
Our current strategy
• In the cloud?
• Our production web applications; forge, redmine, ask, puppetlabs.com.
• All other production?
• On premise data center.
7 | CONFIDENTIAL & PROPRIETARY
Defining focus
• We were always chasing things that were “broken”.
• We weren’t making any personal growth.
• No time to innovate.
• Infrastructure design and implementation never matured.
8 | CONFIDENTIAL & PROPRIETARY
VMware
• Our implementation was holding us back.
• Rebuilt everything.
• Networking infrastructure provided by 1GbE Cisco and 10GbE Juniper.
• Storage over iSCSI, backed by EMC VNX and Nexenta.
9 | CONFIDENTIAL & PROPRIETARY
IaaS
• Pros
• Operational over a capital investment.
• You get off the ground fast.
• Don’t have to worry about power, rack space, cooling, cable management, networking.
• On demand unlimited resources at your finger tips.
10 | CONFIDENTIAL & PROPRIETARY
IaaS
• Cons
• Performance is expensive.
• Scale is expensive.
• Redundancy can increase cost and/or application complexity.
• You lose most of your control over networking.
11 | CONFIDENTIAL & PROPRIETARY
Internal Infrastructure
• Pros
• Performance and scale per dollar is much less.
• Redundancy is loads simpler when you control layer 2.
• Infrastructure can fit into the way you work and develop.
• During an outage there is always something you can do about it.
12 | CONFIDENTIAL & PROPRIETARY
Internal Infrastructure
• Cons
• You have to buy things.
• There is a datacenter to manage.
• Initial roll out will take time.
13 | CONFIDENTIAL & PROPRIETARY
Internal Infrastructure
• Other considerations
• If you have a physical office you’ll will have some amount of internal infrastructure.
• There will always be a point where you out grow that converted coat closet.
• The product you develop may require it.
14 | CONFIDENTIAL & PROPRIETARY
Loading ESXi
• vSphere hypervisor (ESXi) uses kickstart.
• Razor, capable of loading ESXi to non-volatile storage.
• vCenter’s built in gPXE system, vSphere Auto Deploy.
• We’ve used both.
15 | CONFIDENTIAL & PROPRIETARY
vCenter Automation
• Self-contained environments
• Easy permission management
• Modules
• http://forge.puppetlabs.com/vmware/vmware_lib
• http://forge.puppetlabs.com/vmware/vcenter
• https://github.com/ody/vmware-vcenter/tree/at_puppetlabs
16 | CONFIDENTIAL & PROPRIETARY
DISCLAIMER
I had to fork these modules…they’ll get merged in soon…
17 | CONFIDENTIAL & PROPRIETARY
vCenter Automation
• The “transport” resource
18 | CONFIDENTIAL & PROPRIETARY
vCenter Automation
• Creating folders with “vc_folder”
19 | CONFIDENTIAL & PROPRIETARY
vCenter Automation
• Creating vDS port groups with “vc_vdsportgroup”
20 | CONFIDENTIAL & PROPRIETARY
vCenter Automation
• Setting permissions with “vc_permission”
21 | CONFIDENTIAL & PROPRIETARY
More from Puppet Labs Operations
• http://forge.puppetlabs.com/ploperations
• https://github.com/puppetlabs-operations
• http://puppetlabs.com/blog
22 | CONFIDENTIAL & PROPRIETARY
Questions?
About anything really!