Puppet evolutions

  • View
    8.416

  • Download
    2

Embed Size (px)

Transcript

  • PUPPET EVOLUTIONSAlessandro Franceschi

    @alvagante

    Italian DevOps Day 2016

  • AL VAGANTE

    Founder and CTO at example42 GmbH

    Puppet user / trainer since 2007

    Author of the book "Extending Puppet"

    Author of ## Puppet modules, Puppi, Tiny Puppet

    github.com/alvagante

    http://github.com/alvagante

  • AGENDA

    Evolution of configuration management tools

    Puppet 4 and the evolution of the language

  • CFGMGMT TOOLS EVOLVE

    System resources (packages, services, files, users... )

    Applications (app specific resources)

    What did we manage yesterday?

  • CFGMGMT TODAY

    Network devices

    Storage

    Cloud resources

    Containers

    Systems and applications, still

    Managing whole IT infrastructures

  • MANAGING NETWORKS

    Proxy mode via puppet device(Puppet code executed on a remote node)

    Native client (Cisco, Huawei, Arista, Cumulus networks)

    (Puppet code executed on the network device)

    Alternative management modes

  • NETDEV STDLIB

    Puppet types for network resources

    Providers are in separated, vendor specific, modules

    Abstracting network resources

    domain_name name_server network_dns network_interface network_snmp network_trunk network_vlan ntp_config ntp_server port_channel radius radius_global radius_server radius_server_group search_domain snmp_community snmp_notification snmp_notification_receiver snmp_user syslog_server syslog_settings tacacs tacacs_global tacacs_server tacacs_server_group

    Common types

  • puppet module install puppetlabs-netapp

    Sample codenode 'ontap01.example.com' { netapp_aggregate { 'aggr1': ensure => present, diskcount => '6', } netapp_vserver { 'vserver01': ensure => present, rootvol => 'vserver01_root', rootvolaggr => 'aggr1', rootvolsecstyle => 'unix', } netapp_lif { 'vserver01_lif': ensure => present, homeport => 'e0c', homenode => 'ontap01', address => '10.0.207.5', vserver => 'vserver01', netmask => '255.255.255.0', dataprotocols => ['nfs'], } }

    node 'vserver01.example.com' { netapp_export_policy { 'nfs_exports': ensure => present, } netapp_export_rule { 'nfs_exports:1': ensure => present, clientmatch => '10.0.0.0/8', protocol => ['nfs'], superusersecurity => 'none', rorule => ['sys','none'], rwrule => ['sys','none'], } netapp_volume { 'vserver01_root': exportpolicy => 'nfs_exports', } netapp_volume { 'nfsvol': ensure => present, aggregate => 'aggr1', initsize => '200g', exportpolicy => 'nfs_exports', junctionpath => '/nfsvol', } netapp_qtree { 'qtree1': ensure => present, volume => 'nfsvol', } netapp_nfs { 'vserver01': ensure => present, state => 'on', v3 => 'disabled', v40 => 'enabled',

  • MANAGING CLOUDS

    Public cloud resources management (AWS, Azure, Google Cloud, Digital Ocean...)

    Private cloud infrastructure management (VMWare, OpenStack)

    Several cloud related modules

  • puppet module install puppetlabs-aws

    ec2_instance { 'instance-name': ensure => present, region => 'us-west-1', image_id => 'ami-123456', instance_type => 't1.micro', }

    ec2_securitygroup { 'name-of-group': ensure => present, region => 'us-east-1', description => 'a description of the group', ingress => [{ protocol => 'tcp', port => 80, cidr => '0.0.0.0/0', },{ security_group => 'other-security-group', }],}

    cloudwatch_alarm ec2_autoscalinggroup ec2_elastic_ip ec2_instance ec2_launchconfiguration ec2_scalingpolicy ec2_securitygroup ec2_vpc ec2_vpc_customer_gateway ec2_vpc_dhcp_options ec2_vpc_internet_gateway ec2_vpc_routetable ec2_vpc_subnet ec2_vpc_vpn ec2_vpc_vpn_gateway elb_loadbalancer rds_db_parameter_group rds_db_securitygroup rds_instance route53_a_record route53_aaaa_record route53_cname_record route53_mx_record route53_ns_record route53_ptr_record route53_spf_record route53_srv_record route53_txt_record route53_zone sqs_queue

    Sample code

    Supported resources

  • puppet module install puppetlabs-azure

    Sample codeazure_vm { 'sample': ensure => present, location => 'eastus', image => 'canonical:ubuntuserver:14.04.2-LTS:latest', user => 'azureuser', password => 'Password', size => 'Standard_A0', resource_group => 'testresacc01', }

  • MANAGING CONTAINERS

    Modules to install and configure Docker components (Engine, Swarm, Registry...), images and containers

    Modules to manage Docker ecosystem software (Kubernetes, Mesos...)

    Managing containers infrastructures

  • puppet module install puppetlabs-docker_platform

    Sample codeclass {'docker': tcp_bind => 'tcp://127.0.0.1:4243', socket_bind => 'unix:///var/run/docker.sock', version => '0.5.5', dns => '8.8.8.8', docker_users => [ 'user1', 'user2' ], }

    docker::image { 'ubuntu': ensure => 'present', image_tag => 'precise', docker_file => '/tmp/Dockerfile', }

    docker::run { 'helloworld': image => 'base', command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"', }

    docker::registry { 'example.docker.io:5000': username => 'user', password => 'secret', email => 'user@example.com', }

  • puppet module install puppetlabs-garethr-kubernetes

    Sample codekubernetes_pod { 'sample-pod': ensure => present, metadata => { namespace => 'default', }, spec => { containers => [{ name => 'container-name', image => 'nginx', }] }, }

    kubernetes_aws_elastic_block_store_volume_source kubernetes_binding kubernetes_capabilities kubernetes_capability kubernetes_ceph_fs_volume_source kubernetes_cinder_volume_source kubernetes_component_condition kubernetes_component_status kubernetes_component_status_list kubernetes_container kubernetes_container_port kubernetes_container_state kubernetes_container_state_running kubernetes_container_state_terminated kubernetes_container_state_waiting kubernetes_container_status kubernetes_daemon_endpoint kubernetes_delete_options kubernetes_downward_api_volume_file kubernetes_downward_api_volume_source kubernetes_empty_dir_volume_source kubernetes_endpoint_address kubernetes_endpoint_port kubernetes_endpoint_subset kubernetes_endpoints kubernetes_endpoints_list kubernetes_env_var kubernetes_env_var_source kubernetes_event kubernetes_event_list kubernetes_event_source kubernetes_exec_action kubernetes_fc_volume_source kubernetes_finalizer_name kubernetes_flocker_volume_source kubernetes_gce_persistent_disk_volume_source kubernetes_git_repo_volume_source kubernetes_glusterfs_volume_source kubernetes_handler kubernetes_host_path_volume_source kubernetes_http_get_action kubernetes_iscsi_volume_source kubernetes_lifecycle kubernetes_limit_range kubernetes_limit_range_item kubernetes_limit_range_list kubernetes_limit_range_spec kubernetes_list_meta kubernetes_load_balancer_ingress kubernetes_load_balancer_status kubernetes_local_object_reference kubernetes_namespace kubernetes_namespace_list kubernetes_namespace_spec kubernetes_namespace_status kubernetes_nfs_volume_source kubernetes_node kubernetes_node_address kubernetes_node_condition kubernetes_node_daemon_endpoints kubernetes_node_list kubernetes_node_spec kubernetes_node_status kubernetes_node_system_info kubernetes_object_field_selector kubernetes_object_meta kubernetes_object_reference kubernetes_patch kubernetes_persistent_volume kubernetes_persistent_volume_access_mode kubernetes_persistent_volume_claim kubernetes_persistent_volume_claim_list kubernetes_persistent_volume_claim_spec kubernetes_persistent_volume_claim_status kubernetes_persistent_volume_claim_volume_source kubernetes_persistent_volume_list kubernetes_persistent_volume_spec kubernetes_persistent_volume_status kubernetes_pod kubernetes_pod_condition kubernetes_pod_list kubernetes_pod_security_context kubernetes_pod_spec kubernetes_pod_status kubernetes_pod_template kubernetes_pod_template_list kubernetes_pod_template_spec kubernetes_probe kubernetes_rbd_volume_source kubernetes_replication_controller kubernetes_replication_controller_list kubernetes_replication_controller_spec kubernetes_replication_controller_status kubernetes_resource_quota kubernetes_resource_quota_list kubernetes_resource_quota_spec kubernetes_resource_quota_status kubernetes_resource_requirements kubernetes_se_linux_options kubernetes_secret kubernetes_secret_list kubernetes_secret_volume_source kubernetes_security_context kubernetes_service kubernetes_service_account kubernetes_service_account_list kubernetes_service_list kubernetes_service_port kubernetes_service_spec kubernetes_service_status kubernetes_status kubernetes_status_cause kubernetes_status_details kubernetes_tcp_socket_action kubernetes_volume kubernetes_volume_mount kubernetes_watch_event

    Supported resources (Puppet types automatically generated from APIs)

    Manages kubernetes resources but not its installation

  • PUPPET 4 (R)EVOLUTION

    All In One packages

    Puppet Server , Puppet Agent , Facter 3

    New Type System

    Language improvements

    Deprecations

    Better language, new foundations

  • ALL IN ONE PACKAGES

    Dedicated repositories (Software Collections)

    File