Puppet Camp DC: Puppet for Everybody

Download Puppet Camp DC: Puppet for Everybody

Post on 10-May-2015

477 views

Category:

Technology

2 download

Embed Size (px)

DESCRIPTION

Puppet Camp DC: "Puppet for Everybody" by Christopher Bowles, University of Texas at Austin

TRANSCRIPT

<ul><li>1.Puppet for Everybody! Federated and Hierarchical Puppet Enterprise Chris Bowles, Senior Systems Administrator University of Texas at Austin </li></ul> <p>2. Everybody? Absolutely! Development Operations Management source: http://goo.gl/Mjr0dy 3. Continuum of Expertise Novice Puppet Console Variables Medium Hiera Expert Code 4. Puppet as a Service UT Puppet API (standards, culture) Code/Data Federation Puppet Enterprise Hierarchical Configs 5. Centrally Managed / Maintained Puppet as as Service DB group Web group Foo group 6. Standard Puppet API Puppet Console Configured Server! Class Console Variable (string) Hiera Variable (complex) Shared culture 7. Hierarchical Configurations Node-level Business Group(s) Defaults Enterprise Database Node Web Shared area = business logic All configs in groups Plug and play 8. Federation (of control) United States of Puppet mysql oracle Enforce Broad configs at Federal Level Set specific configs at State Level source: http://goo.gl/22neR7 9. Puppet as a Service (at UT) Code or contentApps i.e. ApacheServices secure standardized configurable BASE Roles / Profiles 10. Building Blocks source: http://goo.gl/CHwab0 11. Puppet Console components Classes Variables Group(s) Nodes ssh $::ssh_listenport Database dbserver-01 12. Puppet Console Group Nesting! source: http://goo.gl/tUdl5U 13. Class Inheritance (immutable) BASE group assigns: ssh FOO group inherits: ssh assigns: syslog node Inherits: ssh, syslog 14. Variable Inheritance (child wins) Base group ssh_listenport = 22 Foo group ssh_listenport = 72 node1 ssh_listenport = 72 Foo2 group ssh_listenport = 99 node2 ssh_listenport = 99 15. All together now! source: http://goo.gl/K91CJA 16. BASE group Classes: ssh Variable: ssh_listenport =&gt; 22 DB group Classes: mysql Variables: ssh_listenport =&gt; 99 db-server (node) Classes: ssh , mysql Variables: ssh_port =&gt; 99 (from DB group) Classes: additive Variables Closest to the node wins 17. ENC node: RSOP Mysql class from DB group) Ssh class from ALL group Ssh_port override from DB group (2222) List of all the groups that the node belongs to. Hierarchy is implied via the Source attr. See ALL group. 18. Puppet Console: Building a federated hierarchy Subgroup Group Top BASE group_foo sub_bar group_db sub_mysql sub_oracle 19. Whats in a name? Puppet Console will display: (alphabetical) BASE group_db group_foo subgroup_bar subgroup_mysql subgroup_oracle 20. A Little more about Console Variables class Console variable Config 21. Console Variables = top level Variables ($::foo) init.pp params.pp 22. One more level: Hiera source: http://goo.gl/3tfaVi 23. Hiera: used for complex variables key: value key2: value2 Arrays Hashes source: http://goo.gl/ge45I1 24. Hiera: Building a federated hierarchy Subgroup Group Top BASE group_foo sub_bar group_db sub_mysql sub_oracle 25. Creating hiera directory-based hierarchies with console variables Subgroup(s) ./$group/$sub Group(s) ./$group/ Top ./ (no variable) $group $sub Broad to Specific 26. Hiera.yaml rubber, meet road Top ./common.yaml Group(s) ./$group/common.yaml Subgroup(s) ./$group/$sub/common.yaml %{group}/%{sub}/common %{group}/common common Specific To Broad 27. Console Groups map to Hiera Nested Console Groups Variables (above the waterline) Hiera (below the waterline) BASE (no variable required) Foo group = foo Bar sub = bar ./ ./foo/ ./foo/bar/ 28. Putting it together! Nested Console Group Variable Hiera (files based on hiera.yaml) DB group = db MySQL sub = mysql ./db/ ./db/mysql/ mysql node dept=db, svc= mysql BASE (no variables) ./ Hiera search path for mysql node: 1. ./common.yaml 2. ./db/common.yaml 3. ./db/mysql/common.yaml 29. Advanced Hiera Usage This data is exactly what I need almost firewall, sudoers +1 Check out: hiera_hash hiera_array 30. Code/Data Federation Puppet Classes/Data Subgroup source Group source BASE source 31. Code Federation puppet.conf modulepath= /opt/puppet/modules/base: /opt/puppet/modules/group: /opt/puppet/modules/sub: BASE Repo Group Repo Subgroup Repo VCSREPO 32. Data Federation (via VCSREPO) ./hieradata/ = ./common.yaml ./$group/common.yaml ./$group/$sub/common.yaml BASE Repo group Repo subgroup Repo VCSREPO 33. Puppet Class Namespaces Namespaces prevent class collisions ${group}_name Examples: base_ssh db_ssh mysql_ssh 34. A peek into the future source: http://goo.gl/9GwKyQ 35. Git Workflow Instead of this 1 git repo / module Core SVN repo (modules) Group SVN repo (modules) Head (production) branch Non-production branches (created as needed) 36. CI/CD r10k push deployments (faster!) Puppet Environments defined by code (Puppetfile) Automated Testing Git repos r10k Puppet 37. Takeaways! Puppet as a Service Can provide hierarchical/federated configuration management as a service by building on top of Puppet Enterprise Hierarchical Configs: building blocks that match organizational structure, plug and play Federation: Empowering users at all levels of the enterprise 38. Thanks! Any Questions? Note: slide deck available from PuppetLabs Contact information: Chris Bowles Email: cbowles@austin.utexas.edu </p>