Upload
puppet-labs
View
1.608
Download
0
Embed Size (px)
DESCRIPTION
James Loope, Janrain
Citation preview
Puppet at Janrain
James Loope
In the beginning...
Awesomeness
More awesomeness
Less awesome
Opposite of awesome
Totally awesome
Wagons Ho!
We're not in Kansas Anymore
On demand resources!
Features!
APIs!
Impermanence!
Competition!
APIs!
Sometimes you have to let go
it's not your puppy, it's just an instance
Persistence does not make it better
Entropy will get you in the end
Do it right the first time, make it repeatable
Puppet keeps us sane
class apps::zookeeper-server ( $nodes ) { package { "zookeeperd" : ensure => installed }
service { "zookeeper": ensure => running, enable => true, hasstatus => true, pattern => "zookeeper", require => Package["zookeeperd"] }
file { "/etc/zookeeper/conf/zoo.cfg" : content => template("apps/zookeeper/zoo.cfg.erb") }}
Version control lets us work together
>git branch -r origin/HEAD -> origin/master origin/development origin/master
Environments keep us safe
development > staging > production
Scary API's?
Simple tools keep us efficient
> createaserver.rb -a ami-e2af508b -n test1.janrain.com -S
Fog launches an Ubuntu base ami
server = compute.servers.create(:image_id => options[:ami], :flavor_id => options[:type], :groups => options[:groups], :user_data => 'puppet: conf: agent: server: 'puppet.janrain.com' certname: '"test1.janrain.com"' environment: "development" pluginsync: true waitforcert: true
● Ubuntu cloud-init installs puppet○ https://help.ubuntu.com/community/CloudInit○ also: work around for provider prerequisite problem
● Puppet starts up and waits for signing○ our utility signs the cert over the REST api
■ http://docs.puppetlabs.com/guides/rest_api.html
curl -i --cert ~/.puppetcred/puppet.crt --key ~/.puppetcred/puppet.key --cacert ~/.puppetcred/ca_crt.pem https://puppet.janrain.com/development/certificate_status/test1.janrain.com -H 'Content-Type: text/pson' -X PUT --data '{"desired_state":"signed"}'
● Puppet starts up and installs our base from common modules○ users○ groups○ ssh pubkeys○ common apps○ metrics and monitors
■ collectd■ nagios■ mcollective
● Puppet sets up the DNS○ via REST API ○ http://dyn.com/dns/dynect-managed-dns/
● Puppet manages our instance volumes with lvm○ https://github.com/puppetlabs/puppet-lvm
● Puppet deploys application code with vcsrepo○ https://github.com/puppetlabs/puppet-vcsrepo
Tadah!
ssh test1.janrain.com Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-8-virtual i686)[email protected]:~$
The dashboard gives us insight
Avoiding the Stampede
● It's hard to keep the PuppetMaster's load predictable● Puppetcommander● Initiates runs in an orderly fashion● Can be globally disabled
https://github.com/puppetlabs/mcollective-plugins/tree/master/agent/puppetd/commander/
What's next?
● External Node classifier● LXC Development Environment● Build => Bundle => Scale● Puppet and Zookeeper via Facter
In conclusion