PuppetConf 2016: Docker, Mesos, Kubernetes and...Puppet? Don't Panic! – Deepak Giridharagopal, Puppet

Project Blueshift Deepak Giridharagopal

CTO & Chief Architect @ Puppet PuppetConf 2016

@ grim_radical

The way we build systems today will not be the way we build systems tomorrow.

deepak / @grim_radical / #puppetconf 2016

Now is a great time for those who build & manage systems!


Bare metal, virtual machines, containers, job schedulers, infrastructure APIs, service discovery, dynamic configuration, cloud functions, unikernels…


What can the systems of the past & present teach us about how to manage stuff in the future?


What is configuration management?

No, seriously, what is it?



Identification Control Status accounting Verification and audit


thanks @garethr!

To properly manage a system, you must understand & control the inputs to that system, over time.


I mean "system" in the abstract sense. stay with me, people!

Example:

Files vs. Packages


Example:

AWS autoscaling group


Example:

etcd key/value pairs


The nature of your systems’ inputs may change along with your tech, but they’re still there and they’re your problem.


There’s more to running a farm than the dilemma of pets vs. cattle.

(n.b. I hate this analogy)


There’s more to running The Empire than the dilemma of Jango Fett vs. clone troopers

(thanks @brianb!)


New technology eliminates some management problems, but creates some new ones.

Just like all software, ever.


There is no future with fewer servers.


note: I mean server in the SRE sense

If you’re going to put all your eggs in one basket, you need to take expert care of that basket.


The future is not evenly distributed.


Unified tooling across physical, virtual, containerized, cloud, etc. infrastructure is a big deal!


Puppet is a bridge to the future.

Project Blueshift:

Use Puppet to provide and manage next generation software in a simple, reliable, and consistent way.


(without introducing more risk)

Docker module


Configure Docker

class { 'docker': tcp_bind => 'tcp://127.0.0.1:4243', socket_bind => 'unix:///var/run/docker.sock',

version => '1.11', dns => '8.8.8.8', }


Run Docker containers

docker::run { 'helloworld': image => 'ubuntu:precise',

command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"', }


Manage networks

docker_network { 'my-net': ensure => present, driver => 'overlay', subnet => '192.168.1.0/24', gateway => '192.168.1.1', ip_range => '192.168.1.4/32', }


Setup UCPclass { 'docker_ucp': controller => true, version => '1.0.0', tracking => false, swarm_scheduler => 'binpack', preserve_certs => true, docker_socket_path => '/var/run/docker.sock', license_file => '/etc/docker/subscription.lic', }


Real world case studies


Read the book


puppet-in-docker


Docker Hub


Run Puppet in Docker

$ docker run --net puppet \ --name puppet \ --hostname puppet \ puppet/puppetserver


Develop on Windows


Launch with Composeversion: '2'

services: puppet: container_name: puppet hostname: puppet image: puppet/puppetserver ports:

- 8140 volumes:

- ./code:/etc/puppetlabs/code/


puppetlabs-image_build

Building Docker images with Puppet should be as simple as building them with docker build


Building with Puppet

$ ls Puppetfile manifests $ puppet docker build \ --image-name garethr/someimage


Kubernetes module


Puppet has a long history of making software deployment easier and more reliable… I'm really excited to see Puppet enabling their customers to seamlessly adopt new technology like containers and Kubernetes while maintaining a consistent, familiar experience for production quality software deployment.Brendan Burns, cofounder, Kubernetes


Model K8S resourceskubernetes_pod { 'sample-pod': ensure => present, metadata => { namespace => 'default', }, spec => { containers => [{ name => 'container-name', image => 'nginx', }], },}


Create abstractions

controller_service_pair { 'frontend': app => 'guestbook', role => 'php-redis', tier => 'frontend', port => 80, image => 'gcr.io/google_samples/gb-frontend:v3', replicas => 3, service_type => 'LoadBalancer',}


Official blog post


Extending to OpenShift

Minimal OS’s

(without introducing more risk)(without introducing more risk)

VMware Photon OS


CoreOS ecosystem


Mesos support


Consul integration


Rancher

class { 'docker': }class { 'rancher::server': }class { 'rancher': registration_url => http://127.0.0.1:8080/v1/scripts/ agent_address => $::ipaddress_eth1,}


$ puppet resource rkt_pod rkt_pod { 'c8ecd9ae': ensure => 'exited', app => 'hello', image_name => 'hello',}

Rkt


Find out more about Puppet as the bridge to the future with Project Blueshift athttps://puppet.com/product/managed-technology/blueshift

Modern infrastructure track

"The challenges with container configuration" —David Lutterkort, Thurs 2:30P

"Running puppet software in Docker containers" —Gareth Rushgrove, Fri 1:30P



Technology

PuppetConf 2016: Docker, Mesos, Kubernetes and...Puppet? Don't Panic! – Deepak Giridharagopal, Puppet