puppet - automagically manage your configuration

Puppet

Automagically Manage YourConfiguration

12/04/2010

Carla Souza

DevOps 2010 Brazil © Carla Souza

12/04/2010 DevOps 2010 Brazil © Carla Souza

Typical Sysadmin Job

• Repetitive

• Manual

• Tedious



Installation



Installation

Configuration



Installation

Configuration

UpdatesFixes

Audits


After Configuration...

• What was it configured?– How?– Why?



• What was it configured?– How?– Why?

• We need Documentation!


Documentation

• When was it configured?• Who configured it?• What were the configuration's

objectives?


Documentation

• When was it configured?• Who configured it?• What were the configuration's

objectives?• Be consistent


After configuration...

• Is it well configured?



• Is it well configured?– Bad configuration is worse than no

configuration



• Is it well configured?– Bad configuration is worse then no

configuration– We make mistakes!



• Is it well configured?– Bad configuration is worse then no

configuration– We make mistakes!

• We need Tests!


Tests

• Is the configuration correct?• Is it correctly configured?



• How to ensure that it will stay configured correctly over time?



• How to ensure that it will stay configured correctly over time?

• We need Maintenance!


Maintenance

• Repetitive work– Every time you repeat one job, you waste

time


Maintenance

• Repetitive work– Every time you repeat one job, you waste

time MONEY


Documentation + Tests + Maintenance



Spend more time then you think

=



Spend more time then you think

Less time for real important work

=

=


The more applications I have



More Risks=



More Risks=

+More need for documentation


Cumulative Effect

• The time left will be only for fire fighting


Cumulative Effect


• Important tasks will be left behind


Cumulative Effect


• Important tasks will be left behind– Backups– Documentation update– User’s tickets


Automation

• Good admins write their own tools


Automation

• Good admins write their own tools• Install:

– Kickstart, jumpstart, imaging• Configuration + maintenance:

– SSH in a for loop• Ssh keys distributed over the network = lack of

secutiry


Automation tools

• Great for ad-hoc or one time only tasks• Can be pushed out via cron


Automation tools

• But do you always write scripts that are:


Automation tools

• But do you always write scripts that are:– Concurrent safe?– Testable?– Reversible?– Legible?– Full of good logging?– Portable?


Wish list

• Simple solutions


Wish list

• Simple solutions– Elegant Domain Specific Language (DSL)

• Manage your servers by writing code, not running commands

– Platform independent– Centralized– Version Controlled


Wish list

• Simple solutions– Easy to extend– Self documenting– Commercial support and trainning– Open source


Puppet

• A Puppet Labs product• Since 2005• Written in Ruby• Extensible by modules• Client-server architecture (client pull)


Puppet

• File server• SSL Certificates• Very active and helpful community

– Mailing lists, #puppet @ freenode• Open Source hosted on Github (GPL)

– https://github.com/puppetlabs• Book


https://github.com/puppetlabs

Puppet


Puppet

Installation

Configuration

UpdatesFixes

Audits


Components

• puppetmaster– Server daemon– Run as ‘puppet’ user


Components

• puppetmaster– Server daemon– Run as ‘puppet’ user

• puppetd– Client daemon– Run as root– Pulling every 30min (default value)


Components

• puppetca– Puppet’s Certificate Authority


Components

• puppetca– Puppet’s Certificate Authority

• Facter– Gathers basic information about node’s

hardware and operation system


Elements

• Types– A type is a particular element that Puppet

knows how to configure


Elements

• Types– A type is a particular element that Puppet

knows how to configure

• Classes– A named collection of type objects


Elements

• Providers– Specific implementation of a given

resource type


Elements


resource type

type: package


Elements


resource type

type: packageproviders: yum, dpkg, aptitude, apple, rpm, gem, freebsd


Puppet’s installation

• yum install puppet-server puppet

• apt-get install puppetmaster puppet

• gem install puppet-2.6.4.gem


Sample CodeInstall, Configure and Start Apache


package {“httpd”:ensure => present,

}file {“/etc/httpd/conf/httpd.conf”:

owner => root, group => root, mode => 644,source => puppet:///modules/apache/httpd.conf,

}service {“httpd”:

ensure => running,enable => true,

}

Sample CodeResource Types







}

Sample CodeResource Titles







}

Sample CodeResources Parameters







}

Sample CodeResources Parameters




owner => root, group => root, mode => 644,source => puppet:///modules/apache/httpd.conf,require => Package[“httpd”]


ensure => running,enable => true,require => File[“/etc/httpd/conf/httpd.conf”]

}

Sample CodeResponding to change


file{“/etc/httpd/conf/httpd.conf”:..notify => Service[“httpd”]

}ORservice{“httpd”:

.

.subscribe => File[“/etc/httpd/conf/httpd.conf”]

}

Sample CodeResource collections

class apache {include apache::installinclude apache::configinclude apache::service

}class apache::install {

package{.....}, package{.....}}class apache::config {

file{.....require => Class[“apache::install”],notify => Class[“apache::service”],

}}class apache::service {

service{.....require => Class[“apache::config”]

}} 12/04/2010 DevOps 2010 Brazil © Carla Souza

Elements

• Nodes– A configuration block matching a client


Sample CodeNodes configuration

node “web1.your.com” {include apache

}


Elements

• Templates– Apply code and variable substitution– Uses ERB


Sample CodeTemplates

file{“/etc/httpd/conf.d/servertag.conf”:..content => template(“apache/servertag.erb”)

}

servertag.erb:

Header set X-httpd <%= hostname %>


Sample CodeFile Source Selection

file{“/etc/httpd/conf/httpd.conf”:source => [“puppet:///apache/httpd.conf.${fqdn}”,

“puppet:///apache/httpd.conf.${domain}”, “puppet:///apache/httpd.conf”]

}


Puppet

• puppetlabs.com– github.com/puppetlabs

• Follow me:– github.com/carlasouza– [email protected]


Thank you!


puppet - automagically manage your configuration

Technology

brazil carla souza32

brazil carla souza26

brazil carla souza41

brazil carla souza6

brazil carla souza7

brazil carla souza8

brazil carla souza9

brazil carla souza10