Михаил Щербаков - Нестандартное использование puppet в...
DESCRIPTION
В докладе будут рассмотрены архитектурные вопросы построения деплоймент-систем на примере Fuel, передача параметров через т. н. «факты» Puppet, её преимущества и недостатки, а также другие способы передачи данных (ENC, Hiera).TRANSCRIPT
![Page 1: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/1.jpg)
Non-traditionaluse of Puppet
Mike ScherbakovMoscow, September 2013
![Page 2: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/2.jpg)
1. Initial conditions2. Push approach with MCollective3. Data Flow4. Next steps
Agenda
![Page 3: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/3.jpg)
● Heterogenous servers● User-defined roles for distributed application● Operations
○ Remove / add nodes○ Add roles and deploy
● Deployment is activated by user● Multiple envs, different versions of code to be
deployed● Simultaneous deployments and other actions
1.1 Use case
![Page 4: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/4.jpg)
1. Puppet Master serving the configuration code2. Puppet agents are ran by cron every 30min 3. Text file site.pp with definition what to deploy
and where4. PuppetDB to share data between nodes5. ENC to get variables from external source6. Hiera: Key-value store
1.2 Traditional Puppet Usage
![Page 5: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/5.jpg)
1. Use Puppet2. It should run by click on Deploy, not every 30min3. Multiple environments4. Simultaneous deployment where possible5. Operations (redeployment, adding roles, etc.)
1.3 Our Initial Requirements
![Page 6: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/6.jpg)
1.4 Our use case & Puppet
![Page 7: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/7.jpg)
● Publish-subscribe middleware over AMQP (STOMP)
● Simple agents, written in Ruby● Agents on nodes can be run by simple command
from master node● Agent to run puppet already existed● MCollective can be used as a library
2.1 Marionette Collective
![Page 8: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/8.jpg)
2.2 We thought
![Page 9: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/9.jpg)
● Multithreading issues● Existing agent for puppet had multiple issues● Time synchronization sensitive● No reconnect after network failure
2.3 And we tried...
![Page 10: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/10.jpg)
2.4 Finally it worked out
![Page 11: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/11.jpg)
3.1 Data Flow
UserInput
Hardcoded
HardwareDiscoveredData
Data Calculation Puppet
![Page 12: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/12.jpg)
Expected:require ‘puppet’
Puppet::Resource::Catalog.compile(all-data)
Puppet.apply
Actually got:
….monkey-patching of Puppet code, which worked only for single Puppet release.POC at http://goo.gl/xdcjlL
3.2 Not so ideal with Puppet...
![Page 13: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/13.jpg)
Pros: unknown for our purposes
Cons:
● site.pp is code, and logic to write it properly is required
● concurrency issues if simultaneous deployment
3.3 site.pp
Data Calculation
Puppet agent
site.pp Puppet master
![Page 14: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/14.jpg)
Pros:
● Simple well-known mechanism of passing params
Cons:
● Architecture gets complicated○ Have to make sure that nothing changes data
for ENC before puppet reads○ Hard to develop: data must be in storage
3.4 ENC
Data Calculation
Puppet agent
Puppet master
Storage
EN
C
![Page 15: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/15.jpg)
Cons:
● Additional point of failure● Two storages: need to handle consistency● Additional dependency: Cobbler is not just PXE
anymore, hard to replace
3.5 ENC + Cobbler YAML Storage
Data Calculation
Puppet agent
Puppet master
CobblerYAML Storage
EN
C
![Page 16: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/16.jpg)
Pros:
● Puppet Master is optional● Easy to debug and develop: all data in one file
Cons:
● Facts can be strings only● All variables loaded are global
3.6 Passing parameters via facts
Data Calculation
Puppet agent
factsonnodes
Puppet master
![Page 17: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/17.jpg)
● YAML config is generated for every puppet run● Placed to /etc/ by MCollective
3.6.1 YAML config is created on node
Data Calculation
--- role: computenova: - rabbitmq: \":5672\" api: \":8774\"ip: 10.20.0.2/24
![Page 18: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/18.jpg)
data = YAML.load_file(‘/etc/naily.facts`)
Facter.add(‘fuel_settings_yaml`) do
set_code { data.to_yaml }
end
3.6.2 Puppet reads YAML into fact
![Page 19: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/19.jpg)
$fuel_settings = parseyaml($fuel_settings_yaml)
case $::fuel_settings[‘role’] {
“compute” : {
include common::compute
…
3.6.3 Parse your fact in site.pp
![Page 20: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/20.jpg)
3.7 And we got it running
![Page 21: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/21.jpg)
Main reasons:
1. Additional SPoF2. Scalability issues3. Issues with certificates4. Multiple envs with multiple versions of manifests5. Temptation to use PuppetDB and other, which
add points of failure
4.1 Next steps: Get rid of Puppet Master
![Page 22: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/22.jpg)
● Controller role○ nova-api○ nova-scheduler○ MySQL <- what if customer wants it on the other
server?○ glance-api○ glance-registry○ keystone
4.2 Next steps: Deployment by stages
DB
Controller
node 1 node 2
![Page 23: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/23.jpg)
[{ ‘role’: ‘nova-api’, ‘depends’: [‘MySQL’, ‘keystone’],
{ ‘role’: ‘keystone’, ‘depends’: [‘MySQL’] ]
4.2.1 Dependency graph
MySQL
Keystone
nova-api
![Page 24: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/24.jpg)
4.2.2 Allow other tools for stages
Such as, but not limited to:
● Opscode Chef● SaltStack● Just Ruby or Python code
![Page 25: Михаил Щербаков - Нестандартное использование Puppet в деплойменте](https://reader033.vdocuments.mx/reader033/viewer/2022052222/554f40e4b4c90572088b52f7/html5/thumbnails/25.jpg)
● http://docs.mirantis.com/fuel-dev/● https://github.com/Mirantis/fuel/pull/572/files● http://nuknad.com/2011/02/11/self-
classifying-puppet-nodes/● https://github.com/stackforge/fuel-{main, web,
astute, ostf}● http://puppetlabs.
com/presentations/continuously-integrated-puppet-dynamic-environment
Links