managing oracle solaris systems with puppet

Download Managing Oracle Solaris Systems with Puppet

Post on 15-Jul-2015

799 views

Category:

Technology

1 download

Embed Size (px)

TRANSCRIPT

How to Use the PowerPoint Template

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |1Managing Solaris Systems with PuppetGlynn Foster, Product ManagerOracle Solaris Core Technologies2Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Copyright 2014 Oracle and/or its affiliates. All rights reserved. |23Safe Harbor StatementThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracles products remains at the sole discretion of Oracle.Copyright 2014 Oracle and/or its affiliates. All rights reserved. |3The Nirvana of Enterprise Cloud ComputingIncreasing business responsiveness and agilityRapid resource & application provisioningSeamless scale up and scale outEnabling self-service computingBetter capacity planning and asset utilizationCentralized monitoring and reportingEnsuring security and complianceReduce costs due to human error

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |4Virtualization Drives Management Costs5Physical Servers (M)Virtual Servers (M)Management & AdministrationCopyright 2014 Oracle and/or its affiliates. All rights reserved. |5What is Puppet?Open source configuration managementWritten in RubyLicensed under Apache License 2.0Defines and enforces configuration stateEnsures consistency and dependabilityOptimized for complete software lifecycleScales to cloud environmentsAutomation on a huge scaleEasily extensible6

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |6

Puppet Cross Platform Support

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |7

How Does it Work?Client collects dataabout itself using Facts183Master compiles a catalogbased on data for how theclient should be configured2Client sends facts to Puppet master4Master sends catalogback to client5Client configures itselfand reports back to master

Puppet Master

Puppet Agents

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |89

Puppet Master

Puppet Agents

Puppet Agent / Master

Puppet Agents

Puppet Agent / Master

Puppet Agents

Puppet MasterScaling to the EnterpriseCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Co-engineered with Oracle hardware and software stackHighest performance with Software in SiliconOracle Solaris Best for EnterpriseFull VM lockdownAutomated compliance monitoring and reportingAgile self-service environmentsApplication driven SDNEngineered for mission critical workloadsZero overhead virtualization

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Solaris has had a long history of being the #1 enterprise platform well known for mission critical availability, immense workload scalability, secure and reliable in every way. With Oracle Solaris 11 weve been continuing our commitment to integrate with every layer of the hardware and software stack in essence, an engineered solution that provides significant differentiation not just for Oracle products, but for every enterprise workload. Unlike competing products, Oracles engineering is optimized and efficient to best take advantage of modern and future data center design. As Oracle continues to build engineered, highly scalable systems, Oracle Solaris will be best positioned as a platform to take the best advantage of these architectures.

With Oracle Solaris 11.3 were continuing this work bringing a platform that is engineered for cloud environments and extending our lead over competitors in this space. We take all the strengths of a mission critical system and bring total cloud agility to bring a cloud solution that is easy to deploy, easy to manage, easy to observe. Whether you want to scale out or scale up, Oracle Solaris can provide the complete solution combining the strengths and capabilities of the operating system, virtualization, software defined networking, and cloud management.

If you would like to know more about the new features included in Oracle Solaris 11.3, visit oracle.com/solaris.

10Puppet in Oracle SolarisNative IPS PackageSingle package for Agent and MasterIntegrated with SMFAutomatic service restartPuppet configuration through SMF stencilsNew resources for different OS featuresPackaging, Networking, SMF11

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |11Getting Started with PuppetInstall Puppet Master/Agent# pkg install puppet

Recommended: Ensure time synchronizationbetween master and agents12

IPS ServerPuppet, Facterand dependenciesCopyright 2014 Oracle and/or its affiliates. All rights reserved. |12Getting Started with PuppetConfigure Puppet master# svccfg -s puppet:master setprop config/server = master.fqdn.com# svccfg -s puppet:master refresh# svcadm enable puppet:master

Configure Puppet agent# svccfg -s puppet:agent setprop config/server = master.fqdn.com# svccfg -s puppet:agent refresh13

Puppet Master

Puppet AgentCopyright 2014 Oracle and/or its affiliates. All rights reserved. |13Getting Started with PuppetCreate SSL keys/certs and test connection on agent# puppet agent --test --server master.fqdn.com

List and sign SSL cert on master# puppet cert list# puppet cert sign agent.fqdn.com

Re-test and start agent# puppet agent --test --server master.fqdn.com# svcadm enable puppet:agent

14

Puppet Master

Puppet AgentCopyright 2014 Oracle and/or its affiliates. All rights reserved. |14Puppet Resources, Types and ManifestsResources are used to model system configurationFor example:A package that should be installedA service that should be enabled A file that should be createdPuppets Resource Abstraction Layer (RAL) consists ofHigh level model called a typeA platform specific implementation called a providerAdministrator write manifests to declare resources andtheir state using a declarative language15Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Solaris Resources TypesSoftware lifecycleboot_environmentpackage *pkg_facetpkg_mediatorpkg_publisherpkg_variantData managementzfs *zpool *Service and configurationservice *svccfgName servicesdnsldapnisnsswitchVirtualizationzone *

16* Upstream in Puppet communityCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Solaris Resources TypesDatalinksaddress_objectaddress_propertiesetherstubip_tunnellink_aggregationlink_propertiesvnicsolaris_vlanIPinterface_propertiesip_interfacevni_interfaceUsers/groupsuser *group *Otherfile *exec *

17* Upstream in Puppet communityCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Resource Declarationsfile { /etc/passwd:ensure => file,owner => root,group => root,mode => 0600,}type { title:attribute => value,}18Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Describing Resource Types19

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Querying Puppet Resources20

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Puppet Site ManifestLocated in /etc/puppet/manifests/site.ppCan centrally define resources for all clientsSplit out specific functionality using classes and modulesTest using puppet apply --noop (masterless)Define desired end state goalFor example, to ensure a non-global zone is running:

zone { 'myzone': ensure => 'running', zonecfg_export => zonecfg.txt',}

21Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Testing Puppet Changes22

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Applying Puppet Changes23

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Puppet Configuration with SMF StencilsPuppet configuration is managed through SMFMake changes to master and agent in SMFAutomatically synchronizes /etc/puppet/puppet.conf

# svccfg -s puppet:master setprop config/ = # svccfg -s puppet:master refresh24Copyright 2014 Oracle and/or its affiliates. All rights reserved. |24Puppet Environments with SMF Service Instances25

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |25Good Puppet PracticesA good approach to adopting PuppetStart with master-less modeStore configuration state in version control (GIT/Mercurial/SVN)Separate data from the code in manifests (Hiera)Transition to agent/master modeUse iterative process to developDev Ops!Take advantage of Puppet ForgeLots of help from upstream community

26Copyright 2014 Oracle and/or its affiliates. All rights reserved. |26Oracle Solaris Deployment27

Automated Installer

Image Packaging System

Unified ArchivesCopyright 2014 Oracle and/or its affiliates. All rights reserved. |27IPS / Automated InstallerUnified Archives / Puppet / Compliance 11.2

Secure, Compliant Application DeploymentAgile application provisioning in the cloud with SolarisDevelop & TestVerify for ComplianceLock Down VMSecurely Deploy into ProductionGenerate Reports for Compliance

2811.3

11.3

11.2

11.2

11.2

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |28

COMPLETE.

SDN

Virtualization

OpenStackOS

Copyright 2014 Oracle and/or its affiliates. All rights reserved. |29Puppet ResourcesPuppet Upstream Communityhttp://www.puppetlabs.comOracle Solaris 11 Configuration Managementhttp://www.oracle.com/technetwork/server-storage/solaris11/technologies/configu