Home >Presentations & Public Speaking >Puppet for Everybody: Federated and Hierarchical Puppet Enterprise

Puppet for Everybody: Federated and Hierarchical Puppet Enterprise

Date post:12-Nov-2014
Category:
View:115 times
Download:2 times
Share this document with a friend
Description:
PuppetConf 2014 Presentation
Transcript:
  • 1. Puppet for Everybody!Federated and HierarchicalPuppet EnterpriseChris Bowles, Senior Systems AdministratorUniversity of Texas at Austin

2. Puppet for Everybody? Absolutely! Development Operations Managementsource: http://goo.gl/Mjr0dy 3. Continuum of ExpertiseMedium HieraNovice Puppet Console VariablesExpert Code CustomFacts CustomFunctions 4. UT Puppet Canon Inclusive Secure by Default Federation 5. UT Puppet ToolsetUT PuppetCommunityNestedConfigsPuppetEnterpriseCode/DataFederation 6. UT Puppet CommunityUT PuppetCommunityNestedConfigsPuppetEnterpriseCode/DataFederation 7. UT Puppet Culture Module Coding Standards Module Documentation Standards Power to the People 8. UT Puppet DiagramPuppet Console Classes Console Groups(role/profile) Console VariablesConfiguredServer!Expert Hiera Module CodeNovice 9. Nested ConfigsUT Puppet(standards,culture)NestedConfigsPuppetEnterpriseCode/DataFederation 10. Nesting: Roles/ProfilesRoles Wiki server configurationsProfiles Apache configurations Secure by default standardized configurableBASE 11. Minifigure Metaphor Default torso provided Configurable: can change thecolor of the cowl (black orvery, very dark grey) Role/Profile: Can choose thehead and arms, cape, etcFrom: https://www.flickr.com/photos/spielbrick/8201894577 12. Nest all the things! Groups Variables hiera? (yup, more on that later) 13. Roadmap: Console NestingPuppet Console Nested groups role/profile assign classes &variables to nodesConfiguredServer!Expert Hiera Module CodeNovice 14. Nested Console Groupssource: http://goo.gl/tUdl5U 15. Nested Console GroupsBASEprofile_apacherole_wikiwiki-01secure defaultsApache configsWiki configsNode-specificconfigs 16. Nesting (from the node POV)Node wiki-01ContainsClasses/Variablesfrom:BASE profile_apache role_wiki 17. Dont forget the Blog!Secure Defaults BASEProfilesRolesNode-levelprofile_apacherole_blogblog-01 blog-02role_wikiwiki-01 wiki-02 Configurations comefrom nested groups No repetition! 18. Whats in a name (prefix)?Top BASEProfileRoleprofile_apacherole_blog role_wikiPuppet Console willdisplay:(alphabetical)BASEprofile_apacherole_blogrole_wiki 19. Console Building Blocks!source: http://goo.gl/CHwab0 20. BASE: BASE group 21. Profile: profile_apache group 22. Role: role_wiki group 23. Node: wiki-01.puppetconf.com 24. Puppet Console components Classes Variables Group(s) Nodesssh$::ssh_portBASE, Profile_apache, role_wikiwiki-01 25. Class Inheritance (immutable)BASEassigns: sshprofile_apacheinherits: ssh assigns: apacherole_wikiinherits: ssh, apachenodeInherits: ssh, apache 26. Variable Inheritance (child wins)BASEN/Aprofile_apachehttp_port = 80role_blogN/Ablog-01http_port= 80role_wikihttp_port = 8080wiki-01http_port= 8080 27. All together now!source: http://goo.gl/K91CJA 28. wiki-01 (annotated)Variable overrides from role_wiki groupGroup membership and source(s)Classes: combined from nestedgroups 29. Roadmap: Hiera NestingPuppet Console Console Groups(role/profile) Console VariablesConfiguredServer!ModuleCodeExpert HieraNovice 30. Hiera: for complex variables Arrays Hasheskey: valuekey2: value2source: http://goo.gl/ge45I1Think backend data mapping 31. Nested Groups => Hiera pathsBASEN/Aprofile_apacheprofile = apacherole_wikirole = wikiwiki-01Inherits:profile,role././apache/./apache/wiki/ 32. Nesting Hiera w/ group variablesBASE ./Profile(s) ./$profile/Role(s) ./$profile/$role(no variable)$profile$roleBroadtoSpecific 33. Hiera.yaml specific to broadSpecifictoBroad---:backends:- yaml:hierarchy:- '%{profile}/%{role}/common'- '%{profile}/common'- 'common':logger: console:yaml::datadir: /etc/puppetlabs/puppet/hieradata 34. Hiera.yaml specific to broadSpecifictoBroad---:backends:- yaml:hierarchy:- '%{profile}/%{role}/common'- '%{profile}/common'- 'common':logger: console:yaml::datadir: /etc/puppetlabs/puppet/hieradata 35. Putting it together"Denslow's Humpty Dumpty 1904" by William Wallace Denslow Library of Congress [1].Licensed under Public domain via Wikimedia Commons http://commons.wikimedia.org/wiki/File:Denslow%27s_Humpty_Dumpty_1904.jpg 36. Console => HieraNested Console Groups HieraBASEnoneprofile_apacheprofile = apacheRole_wikirole = wiki./apache/./apache/wiki/wiki-01 nodeprofile= apache, role= wiki./Hiera search order1. ./apache/wiki/common.yaml2. ./apache/common.yaml3. ./common.yaml 37. Advanced Hiera Usage This data is exactly what I need almost firewall, sudoers +1 Check out: hiera_hash hiera_array 38. Code/Data SeparationUT Puppet(standards,culture)NestedConfigsPuppetEnterpriseCode/DataFederation 39. Code/Data FederationWikisourceApachesourceBASEsourcePuppet Server 40. Code FederationBASERepopuppet.confmodulepath=/opt/puppet/modules/base:/opt/puppet/modules/apache:/opt/puppet/modules/wiki:ApacheRepoWikiRepoVCSREPOSeparate sources enablerole separation via ACLs 41. Data FederationBASERepo ./hieradata/ =./common.yaml./apache/common.yaml./apache/wiki/common.yamlApacheRepoWikiRepoVCSREPOSeparate ACLs forHiera data as well 42. A peek into the futuresource: http://goo.gl/9GwKyQ 43. Git Workflow Instead of this 1 git repo / moduleCore SVN repo(modules)Apache SVN repo(modules)Head (production)branchNon-productionbranches(created as needed) 44. CI/CD r10k push deployments (faster!) Puppet Environments defined by code (Puppetfile) Automated Testing/DeploymentGit reposr10kPuppet 45. Takeaways Puppet Enterprise can be: Inclusive Secure by Default Highly Federated Nurture your Puppet community Nest your configs! 46. Thanks! Any Questions? Slide deck available from PuppetLabs UT PuppetArchitecturehttps://wikis.utexas.edu/x/OreZAw Contact information: Chris Bowles Email: cbowles@austin.utexas.edu Twitter: @cbowlesUTPuppet Man, Sulayman Bowles 2014

Popular Tags:

Click here to load reader

Embed Size (px)
Recommended