If you can't read please download the document
Upload
linuxariacom
View
9.717
Download
0
Embed Size (px)
Citation preview
Riccardo Capecchi Andrea CapriottiMatteo Turra
Cineca - About Us
Cineca is a non profit Consortium, made up of 70 Italian universities*, 5 Italian Research Institutions and the Italian Ministry of Education.Today it is the largest Italian computing centre, one of the most important worldwide. With around 700 employees, it operates in the technological transfer sector through high performance scientific computing, the management and development of networks and web based services, and the development of complex information systems for treating large amounts of data.
Cineca Organization
In 2012:5 Big Development teams (split in smaller project teams)
1 Infrastructure Team (In charge of all services and split to give support to the different dev teams)
1 High Performance Computing team
Cineca Organization
Ops How it used to be
2012 Golden Image installation and management of the configurations via overrides
Ops Infrastructure as code
2013 A corporate merge with Cilea and Caspur gave us new goals to manage the new infrastructure and merge the 3 Ops teams.After a scouting of the best/more used tools we choose to use puppet.The 3 IT-Ops teams started a join project to write and configure everything (related to Linux servers) with Puppet.With puppet we started also to use Git as VCS to keep all puppet files.
Ops Expanding our code
From 1 of January 2014 we started to manage all our Linux installations with Puppet and started to expand the modules base to manage more services/configurations.
We also started a massive training of all Ops staff, in around 2 months more than 60 people received internal training regarding puppet.
Ops Automation
On 2015 we continued to expand our code in puppet and started to integrate it with other tools such as Nagios, Monit and Collectd to automatically get the services with everything they needed to be production-ready.We also expanded our use of Jenkins to easily manage and automate some common tasks.On summer 2015 we received the task of re-make the infrastrucure related to the application Pentaho.
Use Case:
Use Case:
New platform release to deliver on 80 customers on premise and hosted infrastructure!
Platform Components
Tomcat + a bunch of jars and wars
Use Case:
NO PROBLEM!
I'm a Black Belt Tomcat Expert
Java WebApp deployment
Oracle JDK 6/7
Apache Tomcat
Apache HTTPD with mod_jk
Jar(s) & War(s)
Some shell scripts
Mega Package!
Everytime a little update
is needed
i.e: Xalan bugfix
Solution: Standardize
DEV ENVIRONMENT
OPS ENVIRONMENT
DEV vs OPS
Interaction between DEV and OPS
Interaction between DEV and OPS
Developer
Operation
Merge Request
Accept/Reject Request
GitLab Web User Interface
Test Driven Puppet:
How to test puppet scripts?
Clean environment
Reuse of code
Side Effect: docker images
From Puppet Apply to Pupper Agent
Provisioning: Docker vs Puppet
Puppet is slow but module are extremly powerful
Dockerfile has limited configuration but very fast to build a new image based on an existing one.
Use slow puppet to build images (run once)
Note: Puppet can be used for container provisioning
Portability: The same image can be used in test, staging, production and development, lowering the diversity of environments
Deploy on Docker
Now we have Docker images.
Where do we store it?
How can I run container for test, qa, production environment?
How to reach high-availability and scalability?
OPS have the answer!
Docker swarm
Turns a pool of Docker host machines into a single virtual host
Allows us to distribute container workloads across multiple machines running in a cluster
Serves the standard Docker API
Ships with simple scheduling and discovery backend
Consul
Service discovery and configuration
Failure detection
Key/Value storage e DNS server
Distributed and highly available system with gossip protocol (Serf based)
Registrator
Service registry bridge for docker
Monitors the Docker UNIX socket for events
Dynamically registering and unregistering Docker containers services
Docker registry
(Distribution)
Image registry to store and distribute images
Private registry to host customer applications
Test and continuous integration images
DockerUI
A web interface for docker
Start, stop, kill, pause, restart and commit containers
Provide details about running containers
Log management: Elk
Central point to collect, manage and visualize logs from all containers
Docker apps
Docker Swarm, Consul - Registrator
Devops done, but we forgot ...
What we have now
Puppet~800 Installations of Linux servers fully managed via puppetMore than 100 modulesTraining done on ops and some devDev can do merge-request to apply change to infrastructureDockerProcedures to build images from puppet recipesTest done on a full docker environmentTraining done on dev AND ops.OpenshiftOrchestration of containersManage RBAC for dev and ops
Conclusions
Devops in practice it's more about organization than tools and softwares.But tools can help in day by day operations, using gitlab we have been able to give RBAC access to different Git repositoriesA lot of training is needed on both sides, learning the best dev practice to ops people and viceversa.After months of work together to find a solution we forgot to detail it to our CTO, and so he was thinking we were on stale, lesson learnt.
How it ended
Questions