Configuration and lifecycle in Mixed environments

MIXED ENVIRONMENTSCONFIGURATION & LIFECYCLE:

1

KIREEVDMITRY

2github.com/kireevco

DevOps, Tinkerer, Hacker

http://github.com/kireevco

WE HAVE TO BE SUPERHEROES

We have no choice…

3

WORLDIDEAL

4

WORLD(LESS) IDEAL

5

REALITYBITTER

6

CONFIGURATION & LIFECYCLE: MIXED ENVIRONMENTS

LINUX VS WINDOWS: SO DIFFERENT

▸ ls vs dir

▸ bash vs cmd

▸ cat vs type

▸ $PATH vs %PATH%

▸ /boot vs C:\Windows

▸ ext4 vs NTFS

▸ apt-get vs ???

7

CAN THEY LIVE TOGETHER?

8

WE MUST LEARN TO LIVE TOGETHER AS BROTHERS OR PERISH TOGETHER AS FOOLS

Martin Luther King, Jr.

CONFIGURATION & LIFECYCLE: MIXED ENVIRONMENTS 9

- CONFIGURATION MANAGEMENT - LIFECYCLE MANAGEMENT

YES.We just need something that would make sense for both worlds:

10

CONFIGURATION MANAGEMENT

11


WHEN IT IS MORE OF SPAGHETTI

▸ Scripts are hard to re-use

▸ High code duplication

▸ High entry point for new staff

▸ Low documentation quality

▸ No clear standards

▸ No business behind provision.sh

12


BENEFITS OF CONFIGURATION MANAGEMENT

▸ Improved Efficiency (no more duplication and golden image maintenance. Almost like in Hollywood)

▸ Visibility

▸ Confidence (if a change is made it is made to a right range of systems)

▸ Auditability (source control and reports allow you to track all changes down)

▸ Predictability (rolling out a change is similar to a software release)

▸ Configuration Drift Remediation (two or more entities are identical)

▸ Living Documentation (configurations serve as a «source of truth» and are up-to-date)

▸ Captured Effort (two or more entities are identical)

13


CROSS-PLATFORM

▸ Puppet

▸ Chef

▸ Ansible

▸ Salt

▸ CFEngine

WINDOWS PROPRIETARY

▸ PowerShell DSC

▸ SCCM

▸ WDS

▸ Dell KACE

14


PUPPET: MULTI-PLATFORM SUPPORT

▸ Linux

▸ RHEL, Debian, Ubuntu, Fedora, SUSE, Gentoo, Arch

▸ BSD

▸ FreeBSD, OpenBSD

▸ Other Unix

▸ MacOS X, Solaris, AIX, HP-UX

▸ Microsoft Windows

15


PUPPET: WINDOWS & LINUX SUPPORT

▸ IIS

▸ Powershell

▸ Windows Registry

▸ NewRelic Agent

▸ Apt-Get

▸ Nginx

▸ Bash

▸ Augeas

▸ NewRelic Agent

▸ Chocolatey

16


PUPPET: DEFINED STATE OF RESOURCES

▸ Define

▸ Test

▸ Enforce

▸ Report

17


WINDOWS

LINUX

FILE RESOURCE

18


IIS CONFIG EXAMPLE

▸ Install IIS form scratch

▸ Site directory

▸ Hosts file entry

▸ IIS App Pool

▸ IIS Site

▸ IIS Application

▸ IIS Virtual Directory

▸ Includes SSL configuration

19


NGINX CONFIG EXAMPLE

▸ Install and configure Nginx

▸ Set up reverse proxy

▸ Configure root location

20


SOURCE CONTROL

21


WINDOWS PACKAGE MANAGER

22

THIS?HOW DO WE USE

23

LIFE CYCLE MANAGEMENT

24

LIFECYCLE MANAGEMENT

CROSS-PLATFORM

▸ Puppet razor

▸ Chef knife-bootstrap

▸ Foreman (GUI, foreman-cli, REST)

WINDOWS PROPRIETARY

▸ SCCM

▸ WDS

▸ Dell KACE

25


Provisioning Configuration MonitoringProvision on bare-metal & public or private clouds all from one place with one simple process.

A complete configuration management solution including an ENC for Puppet and Salt, built-in support for parameterized classes and hierarchical parameter storage.

Collect Puppet, Chef and Salt reports and facts. Monitor host configuration, report status, distribution and trends.

THE FOREMAN

26


THE FOREMAN

▸ Platform agnostic provisioning

▸ CLI

▸ RBAC and LDAP integration

▸ Plugins

▸ API

▸ Audits

▸ Host groups

▸ ERB Templates

▸ PXEBoot, TFTP, Kickstart

27

LIFECYCLE MANAGEMENT 28


HOST INFO

29


HOST CONFIGURATION

30


HOST CONFIGURATION

31

TEMPLATESFOREMAN

32


UNATTEND.XML

33

Xml kickstart for Windows


JOIN DOMAIN SNIPPET

34


COMMUNITY TEMPLATES

35

WIMAGINGFOREMAN

36


WIMAGING

▸ Linux style installation using http:// or ftp:// installation media

▸ No extra servers like WDS needed - all relevant settings can be configured in Foreman directly

▸ Official Microsoft utilities are used for all relevant setup stages making it easy to add (future) operating systems

▸ Driver installation during build time

▸ Support for localization settings (like time zone, locale, UI language)

▸ Optional domain join including target OU

▸ Optional local user creation

▸ Support for Foreman's root password using Base64 encoding

▸ Correctly report finished host building

▸ Optional software installation and user tasks at the end of the build (like installing puppet etc)

37


WIMAGING: 10_INIT.CMD, CALLED FROM STARTNET.CMDDuring WinPE boot

38


WIMAGING FLOW

▸ Create host (user)

▸ Download bootfiles

▸ Boot to WinPE via wimboot

▸ Partition disk

▸ Apply image

▸ Add drivers

▸ User software (Puppet)

▸ Finish script

▸ Reboot

39


WIMAGING SETUP

▸ Clone repo

▸ Setup Foreman & Templates

▸ Setup Medium

▸ Produce boot medium

▸ Produce install medium

▸ Sync medium to http/ftp

▸ Provision host

40

CONFIGURATION & LIFECYCLE: MIXED ENVIRONMENTS

WHAT DO WE GET

▸ Infrastructure as a code

▸ Platform-agnostic

▸ Reusable code & templates (Puppet, ERB) that make sense

▸ Single point of entry for DevOps, Developers, APIs

▸ As much Open Source as possible (presence + contribution)

▸ Well supported (RedHat, PuppetLabs, Community)

41

QUESTIONS?All trademarks, logos, characters are properties of their respective owners.

(Or maybe a quick demo)

42

MIXED ENVIRONMENT

OTHER THINGS THAT I SHOULD’VE MENTIONED

▸ Foreman supports Chef, Salt Ansible

▸ profile::nginx::www_site_com vs provision.sh

▸ Chocolatey supports private repositories

▸ Puppet can also operate in server-less mode

▸ IntelliJ IDEA or RubyMine support puppet DSL

▸ Logstash is awesome

43

Engineering

Configuration and lifecycle in Mixed environments