"Automatic Configuration of Your Cloud with Puppet" by Dan Bode, Integration Specialist at Puppetlabs. Talk from Build A Cloud Day, in conjunction with SCALE 11x. The shift to cloud-based services has dramatically altered the IT landscape as we know it. Enterprise infrastructure borders have expanded beyond the firewall and now include hosted applications and infrastructure hosted in public and private clouds. Puppet helps DevOps teams meet their common objectives, creating a seamless IT infrastructure across departments, reducing cost and increasing productivity.This training section will cover deploying cloud infrastructure automatically using Puppet, an open source configuration management and automation tool.The session will cover the following topics: Configuring Puppet and Puppetmaster Resource Types and the Resource Abstration Layer Virtual Resources, Exported Resources and Stored Configs Best practices for Automated Deployment
Citation preview
1. Integrating the Cloud with PuppetTuesday, February 26,
13
2. About me: Dan Bode Some Dude at PuppetLabs @bodepd bodepd
freenodeTuesday, February 26, 13
3. Who is this talk for? Cloud Users Puppet beginnersTuesday,
February 26, 13
4. It will cover why integrate? explanation of Puppets
architecture as it applies to integration using Puppet to model VM
instancesTuesday, February 26, 13
5. Why Integrate?Tuesday, February 26, 13
6. Cloud Provisions virtual machines deployVirtualMachine Self
Service API VM1Tuesday, February 26, 13
7. Puppet VMs -> Applications deployApacheServer Self
Service API VM1 Make me an apache server Here are your instructions
Puppet MasterTuesday, February 26, 13
8. Together PaaS deployAppStack Self Service API DB1 Apache1
Apache2 LBTuesday, February 26, 13
9. PuppetTuesday, February 26, 13
10. 2 run modes puppet apply client/serverTuesday, February 26,
13
16. Modules Sharable Puppet contentTuesday, February 26,
13
17. Module Forge http://forge.puppetlabs.com/puppetlabs/apache
I get all of my content from the forge!Tuesday, February 26,
13
18. Classes/defines compose resourcesTuesday, February 26,
13
19. Resources Describe the conguration state of individual
system elements.Tuesday, February 26, 13
20. user { dan: # a user named dan ...Tuesday, February 26,
13
21. user { dan: # a user named dan ensure => present, #
should exist ...Tuesday, February 26, 13
22. user { dan: # a user named dan ensure => present, #
should exist shell => /bin/bash, # with this shell }Tuesday,
February 26, 13
23. Puppet DSL and resourcesTuesday, February 26, 13
24. Puppet DSL Composes collections of resources.Tuesday,
February 26, 13
25. Package/File/Service class webserver { package { apache2:
... } file { /etc/apache2/apache2.conf: ... require =>
Package[apache2], } service { apache2: ... subscribe =>
File[/etc/apache2/apache2.conf] } }Tuesday, February 26, 13
26. configure a node include webserverTuesday, February 26,
13
27. Classification (maps roles as classes) Classifier Modules
Master Facts Catalog VM1Tuesday, February 26, 13
28. Site manifest (/etc/puppet/manifests/site.pp) Map a hosts
certname to content from a module node /^my_node/ { include apache
}Tuesday, February 26, 13
29. ENC ENC Master The master can call out to arbitrary
executables to gure out how a node should be classied.Tuesday,
February 26, 13
31. Catalog Resources Package Package File File Dependencies
User User Service ServiceTuesday, February 26, 13
32. Integration is all about ClassificationTuesday, February
26, 13
33. Using metadata/userdata deployApacheServer (with
metadata=puppet_class=apache) Self Service API VM1 Puppet
MasterTuesday, February 26, 13
34. Using metadata/userdata deployApacheServer (with
metadata=puppet_class=apache) Self Service API I was provisioned
with metadata VM1 puppet_class=apache Puppet MasterTuesday,
February 26, 13
35. Using metadata/userdata deployApacheServer (with
metadata=puppet_class=apache) Self Service API I was provisioned
with metadata VM1 puppet_class=apache Oh cool! You must be an
Puppet apache server MasterTuesday, February 26, 13
36. Determine role based on facts deployVirtualMachine (with
metadata)Tuesday, February 26, 13
37. Determine role based on facts deployVirtualMachine (with
metadata) populate facter metadata serviceTuesday, February 26,
13
38. Determine role based on facts deployVirtualMachine (with
metadata) populate facter metadata service use fact for
classication node default { include $::meta_data_role }Tuesday,
February 26, 13
39. Pros - simple - classication information set during
provisioning processTuesday, February 26, 13
40. Cons - hosts become authoritative over their role - a
single rooted host can pretend to be anyone else -
metadata/userdata is not always read/writeTuesday, February 26,
13
41. Using instance annotation data deployApacheServer (with
group=apache) Self Service API here is my id VM1 Let me consult the
cloud system Puppet Master You were provisioned as an apache
serverTuesday, February 26, 13
42. Using instance annotation data deployApacheServer (with
group=apache) Self Service API VM1Tuesday, February 26, 13
43. Using instance annotation data deployApacheServer (with
group=apache) Self Service API here is my id VM1 Puppet
MasterTuesday, February 26, 13
44. Using instance annotation data deployApacheServer (with
group=apache) Self Service API here is my id VM1 Let me lookup your
role based on your id Puppet MasterTuesday, February 26, 13
45. Using instance annotation data deployApacheServer (with
group=apache) Self Service API here is my id VM1 Let me lookup your
role based on your id Puppet Master You were provisioned as an
apache serverTuesday, February 26, 13
46. Pros - provisioning credentials are used to determine role
- annotation eld likely updatableTuesday, February 26, 13
47. Cons - puppetmaster must have API credentials - may require
a custom ENCTuesday, February 26, 13
48. Decouple role assignment from provisioning After
provisioning is completed, ssh into a machine, set a custom fact
(using facts.d), and trigger a puppet run. pros - you can easily
execute a script to install and bootstrap puppet cons - extra
stepTuesday, February 26, 13
49. facts.d facts.d comes with stdlib
(http://forge.puppetlabs.com/puppetlabs/stdlib) it converts any
key=value pairs listed in /etc/ facts.d/*.txt into factsTuesday,
February 26, 13
50. VM provisioning with Puppet (experimental! use cases
appreciated)Tuesday, February 26, 13
51. Share Application Stacks as text class my_app_stack {
cloudstack_instance { foo4: ensure => present, group =>
role=db, } cloudstack_instance { foo3: ensure => present, group
=> role=apache, } }Tuesday, February 26, 13
52. Use resource defaults for common settings
Cloudstack_instance { image => CentOS 5.6 key+pass, flavor =>
Small Instance, zone => ACS-FMT-001, network =>
puppetlabs-network, keypair => dans_keypair4, }
cloudstack_instance { foo4: ensure => $::ensure, group =>
role=db, } cloudstack_instance { foo3: ensure => $::ensure,
group => role=apache, }Tuesday, February 26, 13