Embed Size (px)
Citation preview
Closing the Loop: Direct Change Control with PuppetNick Lewis @nick_lewis [email protected]
"A Mad Tea Party" (CC BY-NC-SA 2.0) by Justin in SD
Hello!Nick Lewis @nick_lewis [email protected]
"shinkansen" (CC BY-SA 2.0) by twicepix
Artisanal, hand-crafted bits• Fast • For a while • Wildly unsafe • Impossible to track
#!/usr/bin/bash
o o o o o o o?
?
Enter: Puppet!
💡
💡
💡
Nodes have a desired state, which is periodically updated and reinforced.
Nodes have a desired state, which is periodically updated and reinforced.
💡
💡
💡
Direct Change
puppet job run --nodes foo.example.com,bar.example.com,baz.example.com
puppet job run --query 'inventory { facts.osfamily = "Debian" }'
puppet job run --query 'resources { type = "Service" and title = "httpd" }'
inventory { facts.osfamily = "Debian" and resources { type = "Service" and title = "httpd" } limit 3 }
nodes { last_report_status = "failed" }
catalogs { ! code_id = "urn:puppet:code-id:1:a393e1b;production" }
💡💡
💡
Orchestrator
💡💡
💡
Orchestrator
Direct Change• The way to make change with Puppet • Up to 10k nodes now, scale-out later • Runs from your laptop
Client Tools• puppet job • puppet access • puppet code • puppet query
Future Work• UI improvements • Smarter puppet run throttling • Open source tooling
Futurer Work• Asynchronous enforcement • Automatic change • Devices, non-root agents
Questions?Direct Puppet and Application Management for the Puppet Platform Ryan Coleman Friday, 1:30 pm @ Terrace Salon (track 6)
