Puppet is a configuration management tool which allows easy deployment and configuration ranging from 1 to 1 thousand servers (and even more). Even though its common knowledge for devops, puppet is still a strange piece of software for developers. How does it work and what can it do for you as a developer?
1. Puppet for
Dummies
ZendCon - October 2011
Santa Clara - United States
http://joind.in/3781
2. Who am I?
Joshua Thijssen
Senior Software Engineer @ Enrise (Netherlands)
Development in PHP, Python, Perl, C, Java,
and System & DB admin.
Blog: http://adayinthelifeof.nl
Email: joshua@enrise.com
Twitter: @jaytaph
http://www.flickr.com/photos/akrabat/5422369749/in/photostream/
5. The question of the day
What is puppet and why should I care?
6. Why should I care?
“People are finally figuring out puppet
and how it gets you to the pub by 4pm.
Note that I’ve been at this pub since
2pm.”
- Jorge Castro
8. What is puppet?
Puppet is a (not necessarily the)
solution for the following problem:
How do we setup, manage, synchronize,
and upgrade our internal and external
infrastructure?
9. But isn’t that a sysadmin problem?
Sysadmin!
Y U no fix problem!
10. But isn’t that a sysadmin problem?
Sysadmin!
Y U no fix problem!
NO
16. How do we manage our infrastructure?
‣ Solution 1: We don’t,
17. How do we manage our infrastructure?
‣ Solution 1: We don’t,
‣ Solution 2: We outsource,
18. How do we manage our infrastructure?
‣ Solution 1: We don’t,
‣ Solution 2: We outsource,
‣ Solution 3: We automate the process.
19. How do we manage our infrastructure? (1)
‣ Solution 1: we don’t
20. How do we manage our infrastructure? (1)
‣ It’s not funny: you find it more often
than not. Especially inside small
development companies.
‣ Solution 1: we don’t
21. How do we manage our infrastructure? (1)
‣ It’s not funny: you find it more often
than not. Especially inside small
development companies.
‣ Internal sysadmin, but he’s too busy
with development to do sysadmin.
‣ Solution 1: we don’t
22. How do we manage our infrastructure? (1)
‣ It’s not funny: you find it more often
than not. Especially inside small
development companies.
‣ Internal sysadmin, but he’s too busy
with development to do sysadmin.
‣ We only act on escalation
‣ Solution 1: we don’t
23. How do we manage our infrastructure? (1)
‣ It’s not funny: you find it more often
than not. Especially inside small
development companies.
‣ Internal sysadmin, but he’s too busy
with development to do sysadmin.
‣ We only act on escalation
‣ reactive, not proactive
‣ Solution 1: we don’t
24. How do we manage our infrastructure? (2)
‣ Solution 2: we outsource
25. How do we manage our infrastructure? (2)
‣ Expensive $LA’s.
‣ Solution 2: we outsource
26. How do we manage our infrastructure? (2)
‣ Expensive $LA’s.
‣ What about INTERNAL servers like
your development systems and
infrastructure?
‣ Solution 2: we outsource
27. How do we manage our infrastructure? (2)
‣ Expensive $LA’s.
‣ What about INTERNAL servers like
your development systems and
infrastructure?
‣ Fight between stability and agility.
‣ Solution 2: we outsource
28. How do we manage our infrastructure? (2)
‣ Expensive $LA’s.
‣ What about INTERNAL servers like
your development systems and
infrastructure?
‣ Fight between stability and agility.
‣ Does your hosting company decide
on whether you can use PHP5.3???
‣ Solution 2: we outsource
29. How do we manage our infrastructure? (3)
‣ Solution 3: we do it ourselves and automate
30. How do we manage our infrastructure? (3)
‣ We are in charge.
‣ Solution 3: we do it ourselves and automate
31. How do we manage our infrastructure? (3)
‣ We are in charge.
‣ You can do what you like
‣ Solution 3: we do it ourselves and automate
32. How do we manage our infrastructure? (3)
‣ We are in charge.
‣ You can do what you like
‣ Use: cfEngine, chef, puppet.
‣ Solution 3: we do it ourselves and automate
33. How do we manage our infrastructure? (3)
‣ We are in charge.
‣ You can do what you like
‣ Use: cfEngine, chef, puppet.
‣ When done right, maintenance
should not be difficult.
‣ Solution 3: we do it ourselves and automate
35. What is puppet?
‣ Open source configuration
management tool.
‣ Written in Ruby
‣ Open source:
https://github.com/puppetlabs
‣ Commercial version available
(puppet enterprise)
36. What is puppet?
¹
‣ Don’t tell HOW to do stuff.
‣ Tell WHAT to do.
¹ It’s not actually true, but good enough for now...
37. What is puppet?
“yum install httpd”
“apt-get install apache2”
¹
‣ Don’t tell HOW to do stuff.
‣ Tell WHAT to do.
“install and run the apache webserver”
¹ It’s not actually true, but good enough for now...
57. Puppet manifests
class webserver {
service { “apache”:
ensure => running,
require => Package[“apache”],
}
package { “apache” :
ensure => installed,
}
}
‣ Group together into a class
58. Puppet manifests
class webserver {
service { “apache”:
ensure => running,
require => Package[“apache”],
}
package { “apache” :
ensure => installed,
}
file { “vhost_${webserver_name}” :
path => “/etc/httpd/conf/10-vhost.conf”,
content => template(“vhost.template.erb”),
notify => Service[“httpd”],
}
}
‣ Group together into a class
59. Puppet manifests
vhost.template.erb
<virtualHost <%= ipaddress %>:80>
ServerName <%= webserver_name %>
ServerAlias <%= webserver_alias %>
DocumentRoot <%= webserver_docroot %>
</virtualHost>
‣ ERB Templates can use custom variables and facts
61. Puppet modules
‣ A puppet module is a collection of
resources, classes, templates.
‣ Used for easy distribution and
code-reuse.
‣ Self-contained, run out-of-the-box
62. Puppet modules
‣ puppetforge / github
‣ Create your own (and share!).
‣ Use the ones from puppet
enterprise edition.
‣ Use the standard layout / best
practices
64. Test your modules
‣ (Unit)test your modules
‣ Test them with:
puppet apply --noop
‣ More advanced testing: cucumber /
cucumber-puppet (BDD)
65. What can puppet manage
‣ Almost everything.
‣ standard 48 different resource types
‣ Ranging from “file” to “cron” to
“ssh_key” to “user” to “selinux”.
‣ Can control your Cisco routers and
windows machines too (sortakinda)
‣ http://docs.puppetlabs.com/references/stable/type.html
67. Confusing puppet things
‣ Puppet went from v0.25 to v2.6.
‣ REST interface since 2.6. XMLRPC
before that.
‣ One binary to rule them all (puppet).
‣ Puppet v2.7 switched from GPLv2 to
apache2.0 license.
68. Confusing puppet things
‣ --test does not mean dry-run!
(--noop does).
‣ It’s not object oriented. (puppet
class != php class)
‣ It’s a declarative language.
72. MCollective
‣ Puppet agent “calls” the master every 30
minutes.
‣ But what about realtime command & control?
‣ “Puppet kick”... (meh)
‣ MCollective (Marionette Collective)
73. MCollective
‣ Which systems running a database
and have 16GB or less?
‣ Which systems are using <50% of
available memory?
‣ Restart all apache services in
timezone GMT+5.
‣ How do we handle large number of nodes?
74. MCollective
Client Middleware Node
MCollective
Server
MCollective
Client ACTIVEMQ
Server
MCollective
Server
Collective
‣ Middleware takes care of distribution,
‣ queued, broadcast etc..
75. MCollective
‣ The collective
http://docs.puppetlabs.com/mcollective/reference/basic/subcollectives.html
76. MCollective
$ mc-facts operatingsystem
Report for fact: operatingsystem
CentOS found 3 times
Debian found 14 times
Solaris found 4 times
$ mc-facts -W operatingsystem=Centos operatingsystemrelease
Report for fact: operatingsystemrelease
6.0 found 1 times
5.6 found 2 times
‣ Filter out nodes based on facts
77. MCollective - cool stuff
‣ Display all running processes
‣ Run or deploy software
‣ Restart services
‣ Start puppet agent
‣ Upgrade your systems
79. Recap (1)
‣ Configuration management tool.
‣ Focusses on “what” instead of “how”.
‣ Scales from 1 to 100K+ systems.
‣ Uses descriptive manifests.
80. Recap (2)
‣ Useful for sysadmins and developers.
‣ Keeps your infrastructure in sync.
‣ Keeps your infrastructure versioned.
‣ MCollective controls your hosts
based on facts, not names.