Upload
joe-ray
View
710
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
Provisioning with Puppet
Photo: http://www.flickr.com/photos/vasta/4463786284/
$ whoamiJoe Ray
@jr261
Senior Systems DeveloperFuture Publishing
Overview
• Why you should use provisioners
• What is Puppet?
• How do you use it?
• Using Puppet with Vagrant
• Using Puppet in production
Why use provisioners?• Reproducible setup
• Write less documentation
• Same config for multiple platforms
• Scale your setup
• Easily move from development to production
• Distribute amongst team
• SSH access not necessary
• Use associated tools
What is Puppet?
• Configuration management tool
• Platform-agnostic (supports Linux, Free/OpenBSD, OSX, Windows, Solaris)
• Description of systems' configuration using manifests
• Idempotent
Resources
• Building blocks of configuration:
• packages
• services
• files
• users / groups
Resources
user { 'joe': ensure => present, shell => '/bin/zsh', home => '/home/joe',}
package { 'nginx': ensure => present,}
Modules
• Self-contained, reusable sets of resources
• Typical pattern:
• Install package
• Manage service
• Provide configuration helpers (defined types)
• http://forge.puppetlabs.com
Modulesclass nginx($workers=1, $ensure=present) { package { nginx: ensure => $ensure, }
service { nginx: ensure => $ensure, subscribe => File["/etc/nginx/nginx.conf"], require => File["/etc/nginx/nginx.conf"], }
file { "/etc/nginx/nginx.conf": ensure => $ensure, content => template("nginx/nginx.conf.erb"), require => Package[nginx], }}
Templatesserver {! listen 80;! server_name <%= domain %>;
! root <%= root %>;
! access_log /var/log/nginx/<%= domain %>.access.log;
! keepalive_timeout 5;
! location / { index index.html index.htm;! }}
Using modulesinclude nginx
nginx::site { 'www.mywebsite.com': 'config' => 'www.mywebsite.com', 'root' => '/data/www.mywebsite.com',}
class { 'nginx': 'workers' => 5,}
Using with
Vagrant::Config.run do |config| config.vm.provision :puppet do |puppet| puppet.manifests_path = "manifests" puppet.manifest_file = "my_manifest.pp" endend
Facts• How Puppet knows about your system
$ facterarchitecture => amd64domain => vagrantup.comfacterversion => 1.6.17fqdn => debian6.vagrantup.comhardwareisa => unknownhardwaremodel => x86_64hostname => debian6id => vagrantinterfaces => eth0,loipaddress => 10.0.2.15etc...
Using withVagrant::Config.run do |config| config.vm.provision :puppet, :facts => {"vagrant" => "vagrant"} do |puppet| puppet.manifests_path = "manifests" puppet.manifest_file = "my_manifest.pp" endend
Using withserver {! listen 80;! server_name <%= domain %>;
! root <%= root %>;
<% if @vagrant %> satisfy any; deny all; allow 192.168.33.1; allow 10.0.2.2; <% end %>
! access_log /var/log/nginx/<%= domain %>.access.log;
! keepalive_timeout 5;
! location / { index index.html index.htm;! }}
Using Puppet in production
manifests / modules / files
Puppetmaster
Client
git / svn
or whatever
REST over HTTPS
Client Client
Reports
What next?
• Example Puppet project at: github.com/josno/puppet-example
• Read the docs: docs.puppetlabs.com