Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Automating it management with Puppet + ServiceNow

As the leading IT Service Management and IT Operations Management platform in the marketplace, ServiceNow is used by many organizations to address everything from self service IT requests to Change, Incident and Problem Management. The strength of the platform is in the workflows and processes that are built around the shared data model, represented in the CMDB. This provides the ‘single source of truth’ for the organization.

Puppet Enterprise is a leading automation platform focused on the IT Configuration Management and Compliance space. Puppet Enterprise has a unique perspective on the state of systems being managed, constantly being updated and kept accurate as part of the regular Puppet operation. Puppet Enterprise is the automation engine ensuring that the environment stays consistent and in compliance.

In this webinar, we will explore how to maximize the value of both solutions, with Puppet Enterprise automating the actions required to drive a change, and ServiceNow governing the process around that change, from definition to approval. We will introduce and demonstrate several published integration points between the two solutions, in the areas of Self-Service Infrastructure, Enriched Change Management and Automated Incident Registration.

  • Login to see the comments

  • Be the first to like this

Automating it management with Puppet + ServiceNow

  1. 1. Automating IT Management with Puppet + ServiceNow Josef Singer Principal Systems Engineer - Puppet NorthEast
  2. 2. Housekeeping ● Please submit questions in the Q&A chat box. We will address as many as we have time for at the end of the webinar. ● Technical difficulties? Let us know via the Q&A chat and we can help. ● This webinar will be recorded and shared in the next few days via email.
  3. 3. Puppet Intro 3
  4. 4. The right approach for your challenges. Task, model-based and event-driven automation using agentless and agent-based technologies Puppet Enterprise Platform Intelligence Automation Orchestration ModelTask Event Forge Certified Content Community Content Custom Modules & Tasks 3rd Party Custom Content Integrations Automation
  5. 5. Intelligence Automation Orchestration Seamlessly integration into core IT systems. Extend automation across IT via APIs and/or custom user interfaces. API Collaboration Continuous Delivery and Release Automation Data Aggregation & Monitoring Security Cloud Provisioning Service Management Puppet Enterprise Platform Custom Modules & Tasks 3rd Party Custom Content Forge Certified Content Community Content
  6. 6. Platform & Infrastructure Teams Config Management, Compliance & Impact Analysis VP I&O IT Ops, Audit & InfoSec Teams Remediation, Patch Management & Audit CISO Application Development Teams VP of Apps Application Provisioning & Orchestration for DevOps IT Ops Teams & Cloud Ops Self-service Automation & Infrastructure Provisioning Puppet Enterprise Platform Teams and Uses Custom Modules & Tasks Forge Intelligence Orchestration Automation Integrations
  7. 7. 7 Provide standardized and consistent physical and virtual infrastructure, resulting in fewer security and compliance issues Risk mitigation Enable faster deployment and configuration of infrastructure in response to changing stakeholder demands Agility, Innovation & productivity gains Drive efficient configuration management and provide a flexible framework for delivering and managing infrastructure Cost-efficiencies The Value of Puppet Enterprise Platform Puppet makes infrastructure actionable, scalable and intelligent
  8. 8. ServiceNow Intro 8
  9. 9. ServiceNow is the smarter way to workflow™ Widely used by IT organizations to manage CMDB, change requests, ticketing and self-service.
  10. 10. ServiceNow provides a shared data model for ITSM Replace silos of disconnected tools & databases with a central, integrated & connected system
  11. 11. ServiceNow ITSM consists of 5 components Matching to their respective processes as described in ITIL Incident Management Problem Management Change Management Request Management (Service Catalog) CMDB
  12. 12. ServiceNow and Puppet are often used in parallel Catering to different, but adjacent, aspects of IT operations
  13. 13. Now, you can finally connect them together Enable bi-directional data sharing between ServiceNow and Puppet Enterprise
  14. 14. Puppet integrates with ServiceNow in 4 areas Let developers control aspects of their own systems without sacrificing compliance, security, or operational predictability. Self-Service Infrastructure Reduce the risk of change by enriching change requests with impact analysis details and letting ServiceNow control approvals of Puppet changes. Enriched Change Management Reduce the time and effort required to maintain an accurate drift remediation log. Automated Incident Registration Get accurate, up-to-date information about your CMDB assets in ServiceNow, without having to perform frequent discovery runs. Up-to-date Asset Management
  15. 15. Self Service Infrastructure 15
  16. 16. Self-Service Infrastructure Reduce the risk of change by enriching change requests with impact analysis details and letting ServiceNow control approvals of Puppet changes Enriched Change Management Reduce the time and effort required to maintain an accurate drift remediation log Automated Incident Registration Get accurate, up-to-date information about your CMDB assets in ServiceNow, without having to perform frequent discovery runs Up-to-date Asset Management Let developers control aspects of their own systems without sacrificing compliance, security, or operational predictability Self-Service Infrastructure
  17. 17. Integration: Self-Service Infrastructure WHY ● Teaching the entire company to use Puppet for making changes is unrealistic. ● In order for everyone to easily leverage Puppet automation, a better way to interact with Puppet is needed. ?
  18. 18. Integration: Self-Service Infrastructure WHAT ● Let teams control their own systems without needing any Puppet skills. ● Expose control of specific aspects of Puppet automation directly from the ServiceNow user interface. ● Leverage ServiceNow workflows to streamline common changes.
  19. 19. Integration: Self-Service Infrastructure HOW ● Puppet reads the fields for a system from a ServiceNow table of choice, and provides the information as facts for that node. ● Use custom fields in ServiceNow to automate any use case, by writing Puppet logic that uses this data. ● Full node classification is possible as well, for even higher levels of flexibility. { "authenticated" : "remote", "certname" : "server1.puppet.com", "domain" : "puppet.com", "extensions" : { }, "external" : { "servicenow" : { "category" : "Hardware", "classification" : "Production", "name" : "server1.puppet.com", "os" : “CentOS”, "os_version" : "7.7.1908", "puppet_classes" : { "role::dbserver" : { } }, "puppet_environment" : "production", "sys_class_name" : "Server", "u_enforced_packages" : "{"openssl":"present", "redis":"absent"}", } } } trusted
  20. 20. • Being able to do something like adding a few extra packages through ServiceNow, is a game-changer for us. It lets us expose the power and flexibility of Puppet to users who do not have Puppet expertise • Having the ServiceNow CMDB data directly available as facts is super useful for when we need to drive Puppet behavior based on details that are stored in ServiceNow “This is going to make our lives so much easier” Cloud Infrastructure Engineer at a major bank in London, UK
  21. 21. Exposing ServiceNow CI data as Trusted Facts Data is freshly retrieved from ServiceNow before each Puppet agent run Configuration Item, with extra fields added as needed: - Name: srv1.company.com - Manufacturer: Amazon EC2 - Enforced Packages: { nano: present, vim: present } PE enforces state with info from ServiceNow srv1.company.com Package[nano] => present Package[vim] => present Puppet Enterprise PE retrieves State info for node
  22. 22. Using ServiceNow as a Node Classifier for Puppet Fully control Puppet code assignments from ServiceNow, including parameters for classes Configuration Item, with extra fields added as needed: - Name: srv1.company.com - Manufacturer: Amazon EC2 - Puppet Environment: production - Puppet Classes: role::dbserver{} PE enforces state based on classification from ServiceNow srv1.company.com environment: production classes => role::dbserver{} Puppet Enterprise PE retrieves classification info for node
  23. 23. Demo
  24. 24. Enriched Change Management 24
  25. 25. Enriched Change Management Let developers control aspects of their own systems without sacrificing compliance, security, or operational predictability. Self-Service Infrastructure Reduce the time and effort required to maintain an accurate drift remediation log. Automated Incident Registration Get accurate, up-to-date information about your CMDB assets in ServiceNow, without having to perform frequent discovery runs. Up-to-date Asset Management Reduce the risk of change by enriching change requests with impact analysis details and letting ServiceNow control approvals of Puppet changes. Enriched Change Management
  26. 26. Integration: Enriched Change Management WHY ● When you have: ○ Puppet for change execution ○ ServiceNow for change workflow connecting the two is the obvious choice to get the most out of DevOps. ● Reduce manual effort and ensure full registration of the change impact. DevOps
  27. 27. Integration: Enriched Change Management WHAT ● Automatically generate ServiceNow change requests for proposed Puppet code changes ● Automatically populate change requests with details from Puppet’s Impact Analysis result. ● Automatically deploy changes when the change request is approved.
  28. 28. Integration: Enriched Change Management HOW ● Integrates CD4PE with ServiceNow ● Interacts with the ServiceNow Change Management API to create change requests, associate affected systems and populate relevant details. ● Comes with a Business Rule for ServiceNow to orchestrate the automated deployment of approved Puppet changes.
  29. 29. • It can be challenging to know exactly what the impact of a proposed change will be to the larger environment. Will it affect multiple applications? Multiple systems? • ServiceNow provides the workflow process around Change Management, while Puppet with CD4PE automates the implementation of the change. “Using Impact Analysis to de- risk the Change approvals process and completely changes the way we work” Director of Cloud Architecture at a major health insurance provider in the U.S.
  30. 30. Automated change requests from CD4PE Delegate control to ServiceNow for approving production changes Change Request: - Name: CHG0030023 - Risk and Impact: <Impact Analysis info> - Affected CIs: srv3.company.com - srv5.company.com CD4PE creates Change Request and populates info from Impact Analysis Admin proposes Puppet code change, triggering CD4PE Git CD4PE Approval workflow Upon approval, ServiceNow interacts with CD4PE to deploy the change
  31. 31. Demo
  32. 32. Automated Incident Registration 32
  33. 33. Automated Incident Registration Let developers control aspects of their own systems without sacrificing compliance, security, or operational predictability. Self-Service Infrastructure Reduce the risk of change by enriching change requests with impact analysis details and letting ServiceNow control approvals of Puppet changes. Enriched Change Management Get accurate, up-to-date information about your CMDB assets in ServiceNow, without having to perform frequent discovery runs. Up-to-date Asset Management Reduce the time and effort required to maintain an accurate drift remediation log. Automated Incident Registration
  34. 34. Integration: Automated Incident Registration WHY ● When system configuration that drifted out of compliance is corrected, this information should be registered in ServiceNow. ● Ideally, you want custom business logic to determine when an incident should be created ● Doing all of this manually would not be feasible at scale.
  35. 35. Integration: Automated Incident Registration WHAT ● Automatically forward relevant details to ServiceNow when Puppet corrects a system that drifted out of compliance. ● Either create incidents directly, or publish events to ServiceNow Event Management to enable custom logic for when incidents should be created.
  36. 36. Integration: Automated Incident Registration HOW ● Puppet agent run reports are scanned for corrective changes and failures ● When changes or failures are detected, relevant details are forwarded to the ServiceNow API ● This can either be done as events, enabling custom logic, or directly as regular incidents.
  37. 37. Registering Incidents from Puppet Agent runs Automatically create & close incidents based on corrective changes made by Puppet Incident: - Name: INC0010483 - Configuration Item: srv1.company.com - Description: <info on config corrected by Puppet> Node submits change report after run srv1.company.com Puppet Enterprise PE creates & closes incident
  38. 38. Demo
  39. 39. Up-to-date Asset Management 39
  40. 40. Up-to-date Asset Management Let developers control aspects of their own systems without sacrificing compliance, security, or operational predictability. Self-Service Infrastructure Reduce the risk of change by enriching change requests with impact analysis details and letting ServiceNow control approvals of Puppet changes. Enriched Change Management Reduce the time and effort required to maintain an accurate drift remediation log. Automated Incident Registration Get accurate, up-to-date information about your CMDB assets in ServiceNow, without having to perform frequent discovery runs. Up-to-date Asset Management
  41. 41. Integration: Up-to-date Asset Management WHY ● Without Puppet, you need ServiceNow Discovery to keep the details of systems in the CMDB up-to-date ● Such discovery runs are known to have an unwanted stability impact on production systems. ● It is more efficient to update the details in the CMDB from Puppet’s database directly. on the roadmap
  42. 42. Integration: Up-to-date Asset Management WHAT ● Inventory data from the Puppet database is periodically gathered and uploaded to ServiceNow. ● A Puppet app for ServiceNow processes the staged data and updates the CMDB as necessary. ● Focus ServiceNow Discovery usage to detecting new/rogue systems only, while Puppet keeps information up-to- date for all known systems. on the roadmap
  43. 43. Integration: Up-to-date Asset Management HOW ● Puppet will periodically upload details about the systems it knows about to a holding area in ServiceNow. ● A new Puppet app for ServiceNow will then process the uploaded information and update CI details as necessary with the latest information. on the roadmap task: servicenow_assets::get_node_facts schedule: daily params: - targets: [srv1.company.com, …] - facts: [serialnumber, operatingsystem, …] ServiceNow MID Server JSON JSON JSON JSON update Puppet CMDB Sync (ServiceNow Marketplace app)
  44. 44. • Runs are agentless, so you have to manage lots of credentials • Discovery runs negatively affect the performance & stability of our production systems • Puppet CMDB update sync would significantly reduce the need for discovery runs just for keeping CMDB information up to date “ServiceNow Discovery has been the bane of my existence” Configuration Manager at a major bank in Columbus, Ohio
  45. 45. Update ServiceNow CMDB from Puppet facts Automatically update CI records with Puppet captured data Configuration item: - Name: srv1.company.com - Manufacturer: Amazon EC2 - Model ID: t3a.medium - Serial number: ec2c60a0-2e4b-230 - Operating System: CentOS - OS Version: 7.6.1810 Node submits facts during agent runs srv1.company.com Puppet Enterprise PE periodically uploads facts about known nodes: - bios_vendor - serialnumber - operatingsystem - operatingsystemrelease ServiceNow periodically processes the received fact upload data and updates information in the CMDB
  46. 46. ServiceNow App high level architecture CMDB CI: - Name: srv1.company.com - Manufacturer: Amazon EC2 - Model ID: t3a.medium - Serial number: ec2c60a0-2e4b-230 - Operating System: CentOS - OS Version: 7.6.1810 PE Orchestrator API Endpoint: /v1/command/task task: servicenow_tasks::get_node_facts Params: - targets: [srv1.company.com, …] -facts:[serialnumber, operationsystem, …] Puppet Connector App: - Mapping: certname <-> Name bios_vendor <-> Manufacturer serialnumber <-> Serial Number operatingsystem <-> Operating System operatingsystemrelease <-> OS Version Node Facts: - certname: srv1.company.com - serialnumber: ec2c60a0-2e4b-230 - operatingsystem: centos - operatingsystemrelease: 7.6.1810 - bios_vendor: Amazon EC2 PDB ETL
  47. 47. The 4 integrations of Puppet and ServiceNow Type: Puppet Module Available: Now Where: Puppet Forge Name: servicenow_cmdb_integration Self-Service Infrastructure Type: Puppet Module Available: Now Where: Puppet Forge Name: servicenow_change_requests Enriched Change Management Type: Puppet Module Available: Now Where: Puppet Forge Name: servicenow_reporting_integration Automated Incident Registration Type: ServiceNow App Available: TBD Where: ServiceNow Marketplace Name: TBD Up-to-date Asset Management
  48. 48. Q & A
  49. 49. Thank You

×