puppet on windows (part 1 of ?) -...
TRANSCRIPT
Agenda • Why? • Agents • Available types and modules
- Native types - Modules - Chocolatey
• DSC • Development
- Editors - Modules - Testing
2
Why use Puppet on Windows?
Is Puppet better than SCCM and/or GPO?
Infrastructure as Code
Easy to manage various customers
One way of working
Pricing
3
Why use Puppet on Windows? Puppet vs SCCM Pros Cons
SCCM
Integrates very well into Windows environments
Expensive
Guaranteed support from Microsoft
Proprietary model, so users cannot change or customize the product
Easier to learn, so faster to start using for Windows admins
Doesn’t integrate well with mixed Windows -Linux setups
Single-pane of management Hard to implement versioning / IaC
Puppet
Cheaper and more flexible More complex and difficult to learn and start using
Works well with most OS platforms
Forces users to learn and use Ruby-based DSL
4
Agents
Linux
Windows
Chocolatey
5
curl -1 -k https://mypuppetmaster:8140/packages/current/install.bash -o /tmp/install.bash sh /tmp/install.bash "agent:environment=stable" "agent:certname=`hostname -s`“
msiexec /qn /l*v install.log /i puppet-3.8.1.msi INSTALLDIR="C:\Puppet Labs\Puppet Enterprise" PUPPET_MASTER_SERVER="master.domain.com“ PUPPET_AGENT_CERTNAME="agent.domain.com"
PS> Invoke-Expression ((New-Object Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
Available types and modules: Community Modules • Currently around 180 Windows modules are available on The Forge
• Puppetlabs-windows module installs a collection of Puppetlabs and community modules
• registry, powershell, iis, windows_feature, acl, chocolatey, download_file, windows_env
• Some excellent modules are available, but a large number of modules have overlapping functionality and many are of moderate quality
• Prepare yourself to develop your own modules or even providers
10
Chocolatey: What is Chocolatey? • Native package type only supports MSI or EXE installers, which can be
complex compared to yum / apt-get
• Chocolatey is a package manager for Windows
• Based on NuGet
• Created by Puppetlabs employee Rob Reynolds
• Chocolatey takes care of downloading, unzipping, installing applications (and whatever you can do with Powershell…)
11
DSC
• Microsoft couldn’t stay behind and watch...Desired State Configuration
• Usable from Powershell 4.0 and included in WMF 5
• DSC language looks like Puppet DSL, imperative and idempotent
• 200+ resources available, of reasonable quality...not every property is exposed but more than Puppet counterparts if there are any
• Unclear if DSC will eventually replace machine based GPO’s and that SCCM/Intune will provide a server part like Puppet/Hiera, but I expect it!
• Puppet and DSC might very well be an ideal combo with Puppet on Windows...in the future
18
Development: Windows Specifics - File Paths Line endings
CRLF (Windows) vs LF (Linux)
File paths 'C:\WINDOWS\system32' 'C:/WINDOWS/system32‘ "C:\\Windows\\system32“ $::system32 "C:\\Folder\\${my_variable}"
21
Development: Windows Specifics - Facts Custom facts can be written in Ruby, batch, Powershell or use custom executables
STDOUT must contain key-value pairs on each line
Files must be placed in C:\ProgramData\Puppetlabs\facter\facts.d or in a modules root folder named facts.d
23
• Puppet on Windows PuppetConf 2013 https://www.youtube.com/watch?v=GI_xv0vIR8M
• DSC Webinar https://puppetlabs.com/webinars/windows-dsc-wsus-webinar-09-17-2015
• Chocolatey • https://chocolatey.org
• Available DSC resources: • https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-
All-c449312d
27
Additional Resources