PuppetConf 2016: Docker, Mesos, Kubernetes and...Puppet? Don't Panic! – Deepak...

Project Blueshift Deepak Giridharagopal

CTO & Chief Architect @ Puppet PuppetConf 2016

@ grim_radical

The way we build systems today will not be the way we build systems tomorrow.

deepak / @grim_radical / #puppetconf 2016

Now is a great time for those who build & manage systems!

Bare metal, virtual machines, containers, job schedulers, infrastructure APIs, service discovery, dynamic configuration, cloud functions, unikernels…

What can the systems of the past & present teach us about how to manage stuff in the future?

What is configuration management?

No, seriously, what is it?

Identification Control Status accounting Verification and audit

thanks @garethr!

To properly manage a system, you must understand & control the inputs to that system, over time.

I mean "system" in the abstract sense. stay with me, people!

Example:

Files vs. Packages

Example:

AWS autoscaling group

Example:

etcd key/value pairs

The nature of your systems’ inputs may change along with your tech, but they’re still there and they’re your problem.

There’s more to running a farm than the dilemma of pets vs. cattle.

(n.b. I hate this analogy)

There’s more to running The Empire than the dilemma of Jango Fett vs. clone troopers

(thanks @brianb!)

New technology eliminates some management problems, but creates some new ones.

Just like all software, ever.

There is no future with fewer servers.

note: I mean server in the SRE sense

If you’re going to put all your eggs in one basket, you need to take expert care of that basket.

The future is not evenly distributed.

Unified tooling across physical, virtual, containerized, cloud, etc. infrastructure is a big deal!

Puppet is a bridge to the future.

Project Blueshift:

Use Puppet to provide and manage next generation software in a simple, reliable, and consistent way.

(without introducing more risk)

Docker module

Configure Docker

class { 'docker': tcp_bind => 'tcp://127.0.0.1:4243', socket_bind => 'unix:///var/run/docker.sock',

version => '1.11', dns => '8.8.8.8', }

Run Docker containers

docker::run { 'helloworld': image => 'ubuntu:precise',

command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"', }

Manage networks

docker_network { 'my-net': ensure => present, driver => 'overlay', subnet => '192.168.1.0/24', gateway => '192.168.1.1', ip_range => '192.168.1.4/32', }

Setup UCPclass { 'docker_ucp': controller => true, version => '1.0.0', tracking => false, swarm_scheduler => 'binpack', preserve_certs => true, docker_socket_path => '/var/run/docker.sock', license_file => '/etc/docker/subscription.lic', }

Real world case studies

Read the book

puppet-in-docker

Docker Hub

Run Puppet in Docker

$ docker run --net puppet \ --name puppet \ --hostname puppet \ puppet/puppetserver

Develop on Windows

Launch with Composeversion: '2'

services: puppet: container_name: puppet hostname: puppet image: puppet/puppetserver ports:

- 8140 volumes:

- ./code:/etc/puppetlabs/code/

puppetlabs-image_build

Building Docker images with Puppet should be as simple as building them with docker build

Building with Puppet

$ ls Puppetfile manifests $ puppet docker build \ --image-name garethr/someimage

Kubernetes module

Puppet has a long history of making software deployment easier and more reliable… I'm really excited to see Puppet enabling their customers to seamlessly adopt new technology like containers and Kubernetes while maintaining a consistent, familiar experience for production quality software deployment.Brendan Burns, cofounder, Kubernetes

Model K8S resourceskubernetes_pod { 'sample-pod': ensure => present, metadata => { namespace => 'default', }, spec => { containers => [{ name => 'container-name', image => 'nginx', }], },}

Create abstractions

controller_service_pair { 'frontend': app => 'guestbook', role => 'php-redis', tier => 'frontend', port => 80, image => 'gcr.io/google_samples/gb-frontend:v3', replicas => 3, service_type => 'LoadBalancer',}

Official blog post

Extending to OpenShift

Minimal OS’s

(without introducing more risk)(without introducing more risk)

VMware Photon OS

CoreOS ecosystem

Mesos support

Consul integration

Rancher

class { 'docker': }class { 'rancher::server': }class { 'rancher': registration_url => http://127.0.0.1:8080/v1/scripts/ agent_address => $::ipaddress_eth1,}

$ puppet resource rkt_pod rkt_pod { 'c8ecd9ae': ensure => 'exited', app => 'hello', image_name => 'hello',}

Find out more about Puppet as the bridge to the future with Project Blueshift athttps://puppet.com/product/managed-technology/blueshift

Modern infrastructure track

"The challenges with container configuration" —David Lutterkort, Thurs 2:30P

"Running puppet software in Docker containers" —Gareth Rushgrove, Fri 1:30P

PuppetConf 2016: Docker, Mesos, Kubernetes and...Puppet? Don't Panic! – Deepak...

Technology

PuppetConf 2016: Puppet & Azure – Kenaz Kwa, Puppet

PuppetConf 2016: Puppet as Security Tooling – Bill Weiss, Puppet

Juju + Puppet (Puppetconf 2011)

PuppetConf 2016: Nano Server, Puppet, and DSC

PuppetConf 2016: Puppet Templates – Sally Lehman, Auth0

PuppetConf 2016: Successful Puppet Implementation in Large Organizations – James Sweeny, Puppet

Test Driven Development with Puppet - PuppetConf 2014

Auditing/Security with Puppet - PuppetConf 2014

Puppet Design Patterns - PuppetConf

Managing and Scaling Puppet - PuppetConf 2014

Puppet Labs Partner Network - PuppetConf 2014

Package manages and Puppet - PuppetConf 2015

Puppet for Production in WebEx - PuppetConf 2013

Puppet Language 4.0 - PuppetConf 2014

State of the Puppet Community: PuppetConf 2014

Roger Ignazio – PuppetConf 2015 MESOS, DOCKER, AND …mesosphere.github.io/presentations/puppetconf-2015/managing-mesos-docker-chronos-with...Docker Easily package and deploy apps

PuppetConf 2016: Keynote - Luke Kanies, Puppet Founder

PuppetConf 2016: Testing and Delivering Puppet – Michael Stahnke, Puppet

Using Docker with Puppet - PuppetConf 2014

Puppet without Root - PuppetConf 2013