using puppet - real world configuration management
DESCRIPTION
Configuration management is the oft-misunderstood (and possibly black) art of managing your IT environment, infrastructure, and costs. Done well it can reduce operational errors and outages, simplify your environment, and help maintain the sanity of your IT staff. Puppet is part of the bright future of configuration management for heterogeneous Unix systems. It combines automation, a powerful abstraction language, and uses a client-server model that can scale to suit enterprise-size environments. Puppet is written in Ruby and authored by recovering system administrator-turned-developer Luke Kanies. This session explains why configuration management is important, the benefits configuration management will deliver, and how all of this can be achieved using Puppet. The session also explains emerging best practices in configuration management and addresses: * What is configuration management? Or why am I here? * Benefits, risks, and challenges: build fire resistant infrastructure rather than fight fires * Best practice: how do we do this configuration management magic right? * Where does Puppet fit in and why should management pay for its implementation? * Why using Puppet will save you money and help staff retention (although is unlikely to stop world hunger) * Real world configuration management using Puppet: code, examples, explanations, and using Puppet in anger * Measuring the results and pocketing the returns * Where to from here: some ideas about the future (may include wild-arse guesses)TRANSCRIPT
Using Puppet
Real World Configuration ManagementJames Turnbull
http://puppet.reductivelabs.com
Questions…
Feel free to ask questions
Where do I come from?
Configuration Management?
Management Speak
• Management model for:
Infrastructure
Applications
Data
• Documentation of attributes and operations
• Organization of attributes and operations
• Validation, audit, and verification
Where does it fit in?
Do you need it?
Large number of like hosts
… that are somehow never alike
Do you need it?
High level of failed change
http://www.flickr.com/photos/22676988@N06/2426527413/
Do you need it?
When your hosts look like this...
Just for enterprises?
“Mum, what’s an enterprise?”
What are the benefits?
ReproducibilityAccuracyHomogeneityDecision SupportSaves Money!
all this gets you ...
http://www.flickr.com/photos/ibuch/115409282/
Risks & Challenges
Tools != Process
Information is power
Accurate information is all-powerful
Best practice
Life cycle
Categorize, modularize, standardize
Control
Test, Test, and Test again
Who sells this?
Proprietary software vendors http://www.flickr.com/photos/ca_newsom/2199106278/
So what’s wrong?
http://www.flickr.com/photos/draggin/15223525/http://www.flickr.com/photos/jamesotron/511509780/
Archaic Monolithic
Who gives this away?
Free Open Source Softwarehttp://www.flickr.com/photos/tigr/26362667/
Introducing puppet
Photo from: http://www.flickr.com/photos/lkanies/2659592110/
Luke Andrew
Would you buy software from those guys?
Abstracts configuration as resources
Allows relationships
Idempotent
The key pieces
Declarative not imperative language
WHAT not HOW
How is it managed?
Puppet….
package { “ruby”:
ensure => latest,
}
Not Puppet…
# yum install ruby
# apt-get install ruby
# ports install ruby
# emerge ruby
# rpm -Uvh ruby-1.8.6.i386.rpm
# gem install ruby
# up2date ruby
# fink install ruby
# pkg_add ruby
# pkg-get ruby
# rug install ruby
# pkgadd ruby
A whole service...
package { bind: ensure => installed } file { “/etc/named.conf”:
source => “puppet://server/srv/bind/named.conf” } service { named: ensure => running }
yum install bindvim /etc/named.confservice start named
Puppet
Client-Server model
SSL communication
Unix-centric
Highly extensible
Written in Ruby
What’s new?
New support for Zenoss
Native support for Augeas
Enhanced conditionals
Automated documentation of modules
Native support for SELinux
Microsoft Windows support on the way!
What can be managed?
30 package types
Users & groups
Services
Nagios
Support for Debian, Ubuntu, Red Hat, Solaris, OS X, Gentoo, SuSE, *BSD, AIX, HP-UX and others.
In the clouds...
Spacewalk
Augeas
Func
Cobbler
Kickstart
Preseed
Capistrano
Amazon (E2, S3, SQS)
Cloud tools on the way...
Classes & definitions
class postfix {
… collection of resources …
}
define postfix_files {
... Repeatable application …
}
Modules
Collections of classes, definitions and resources
Portable and self-contained
Several collections of modules available online for common configurations:
http://reductivelabs.com/PuppetModules
Nodes
node “webserver.domain.com” {
include webserver
}
node “db1”, “db2”, “db3” {
include database
}
Nodes also support inheritance
Let’s all get related…
You can apply resources before other resources
After other resources
In response to other resources
Or even subscribe to resource changes
Language Attributes
Arrays
[ “red”, “green”, “blue” ]
Variables
$variable = value
Conditionals
If/else statements
Case statement
Selectors
Templates
Allows you to create template configuration files
For file-based configurations without types
Uses Ruby ERB
Allows population of templates with Puppet configuration, variables and facts
Facter
System inventory tool
Returns facts about hosts
Detects changes and updates information
Facts can be used in Puppet configurations
You can create custom facts
NEW! Windows fact support!
facts
hostname => absinthe
ipaddress => 10.0.0.15
kernel => Linux
Measuring success
Availability
Reduction in incidents
Rate of failed change
Build time and speed to market
Compliance to SOE, policy & standards
Do more with less?
Doesn’t mean head count cuts
Doesn’t mean budget cuts
More time to work on the projects that count
Better use of time means happier people
The future ….
The future is ...
REST APIs
Better performance
Better memory use
Automated plug-in system
Automated module system
The future is ...
Workflow systems
Service Level Management
Compliance & Governance systems
Inventory
Puppetshow
iClassify
PuppetView
Questions?
Puppet
http://puppet.reductivelabs.com
Pulling Strings With Puppet
http://www.apress.com/book/view/1590599780
© All images from Flickr and copyright to their owners