introduction to configuration management
TRANSCRIPT
![Page 1: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/1.jpg)
R.I.Pienaar
Malta DevOps August 2016
Introduction to Configuration Management
![Page 2: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/2.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Who am I?• Malta since December 2015
• Consultant for 20+ years
• Government, Finance, Health, Social Media, Fortune 50, Startups
• DevOps, Automation, Architect, Development
• Open Source @ github.com/ripienaar
• Linux since Kernel 99 alpha p11
![Page 3: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/3.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
ConfigurationManagement
for Devs and Ops
![Page 4: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/4.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - What’s the problem?
Not CONSISTENT
![Page 5: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/5.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - What’s the problem?
Not REPRODUCABLE
![Page 6: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/6.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - What’s the problem?
Not INTERESTING
![Page 7: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/7.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - What’s the problem?
Not SCALABLE
![Page 8: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/8.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - What’s the problem?
Not COMPLETE
![Page 9: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/9.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - What’s the problem?
Not PREDICTABLE
![Page 11: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/11.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - Wishes?
ProgrammableInfrastructure
Domain Specific Language
![Page 12: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/12.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - Wishes?
ProgrammableInfrastructure
Platform and OS Independent
![Page 13: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/13.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - Wishes?
ProgrammableInfrastructure
Complete Server Lifecycle
![Page 14: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/14.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - Wishes?
ProgrammableInfrastructure
Extendible via Plugins and APIs
![Page 15: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/15.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - Wishes?
ProgrammableInfrastructure
Learns from Development
![Page 16: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/16.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - Wishes?
OpenSource, APIs and Docs
Community, IRC, Slack, GitHub, Users
![Page 17: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/17.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
CM - Wishes?
CommercialOwned
Support, Training, Conferences, Certs
![Page 19: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/19.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet
• 10 years old
• Commercially owned Open Source
• Client Server or Standalone Architecture
• Used by 10s of 1000s of companies
• Useful to small and large companies, even single servers
• 4 400 reusable modules, write your own
![Page 20: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/20.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Resourcespackage{“httpd”: ensure => “present”
}
file{“/etc/httpd/conf/httpd.conf”: owner => “root”, group => “root”, mode => “0644”, source => “puppet:///modules/apache/httpd.conf”
}
service{“httpd”: ensure => “running”, enable => true
}
![Page 21: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/21.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Typespackage{“httpd”: ensure => “present”
}
file{“/etc/httpd/conf/httpd.conf”: owner => “root”, group => “root”, mode => “0644”, source => “puppet:///modules/apache/httpd.conf”
}
service{“httpd”: ensure => “running”, enable => true
}
![Page 22: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/22.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Titlespackage{“httpd”: ensure => “present”
}
file{“/etc/httpd/conf/httpd.conf”: owner => “root”, group => “root”, mode => “0644”, source => “puppet:///modules/apache/httpd.conf”
}
service{“httpd”: ensure => “running”, enable => true
}
![Page 23: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/23.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Parameterspackage{“httpd”: ensure => “present”
}
file{“/etc/httpd/conf/httpd.conf”: owner => “root”, group => “root”, mode => “0644”, source => “puppet:///modules/apache/httpd.conf”
}
service{“httpd”: ensure => “running”, enable => true
}
![Page 24: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/24.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Relationshipspackage{“httpd”: …
}
file{“/etc/httpd/conf/httpd.conf”: …, require => Package[“httpd”], notify => Service[“httpd”]
}
service{“httpd”: …, require => File[“/etc/httpd/conf/httpd.conf”]
}
![Page 25: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/25.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Collectionsclass apache { include apache::install include apache::config include apache::service
}
class apache::install { package{ … }; package{ … }
}
class apache::config { file{ … }; file{ … }
}
class apache::service { service{ … }; service{ … }
}
![Page 26: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/26.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Relationspackage{“httpd”: …
}
file{“/etc/httpd/conf/httpd.conf”: …, require => Class[“apache::install”], notify => Class[“apache::service”]
}
service{“httpd”: …, require => Class[“apache::config”]
}
![Page 27: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/27.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Nodesnode “dev1.example.net” { include roles::lamp_dev
}
class roles::lamp_dev { include profile::lamp_webserver include profile::lamp_mysqlserver
}
class profile::lamp_webserver { include php include apache
}
class profile::lamp_mysqlserver { include mysql
}
![Page 28: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/28.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Facts$ facter … os => { architecture => "x86_64", distro => { codename => "Core", description => "CentOS Linux release 7.2.1511 (Core)", id => "CentOS", release => { full => "7.2.1511", major => "7", minor => "2" }, specification => ":core-4.1-amd64:core-4.1-noarch" }, family => "RedHat", hardware => "x86_64", name => "CentOS", release => { full => "7.2.1511", major => "7", minor => "2" }, selinux => { enabled => false } } …
![Page 29: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/29.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Facts
class site::common { if $facts[“os”][“family”] == “RedHat” {
include site::redhat_common
} elsif $facts[“os”][“family”] == “Debian” { include site::debian_common
} else { fail(“Unknown operating system family”)
} }
![Page 30: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/30.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Site Policies• /srv/www - root:root
• /etc/httpd/conf.d/<site>.conf
• /srv/www/<site> - root:root
• /srv/www/<site>/html - owner:owner
• /srv/www/<site>/logs/access_log - root:root
• /srv/www/<site>/logs/error_log - root:root
• <site> log rotation
• <site> backups
![Page 31: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/31.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Site Policies
site::vhost{“example.com”: }
Day to Day Usage
$client_sites = [“example1.com”, “example2.com”]
site::vhost{$client_sites: }
site::vhost{“example.com”: aliases => [“www.example.com”, “www.other.com”], owner => “acme”, allow_override => “All”, options => “Indexes”
}
![Page 32: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/32.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Site PoliciesPolicy Set by Web Team - Creates Utility
define site::vhost ( $port, $owner, $group, … ) { apache::vhost{$name: port => $port, docroot => “/srv/www/${name}/html”, docroot_owner => $owner, docroot_group => $group,
}
bacula::backup_policy{$name: …} sensu::monitor{$name: …}
}
![Page 33: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/33.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet TestingLearning from Development - Unit Testing
describe “site::vhost” do let(:title) { “example.com” }
it { is_expected to contain_apache__vhost(“example.com”) .with ( “port” => “80”, “docroot” => “/srv/www/example.com/html” …
) }
end
![Page 34: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/34.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet TestingLearning from Development - Integration Testing
describe package(“httpd”) do it { should be_installed }
end
describe service(“httpd”) do it { should be_enabled } it { should be_running }
end
describe file(“/srv/www/example.com/html”) do it { should exist } it { should be_directory } it { be_owned_by “root” }
end
![Page 35: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/35.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Puppet Reporting
http://theforeman.org
![Page 36: Introduction to Configuration Management](https://reader031.vdocument.in/reader031/viewer/2022020203/587b990e1a28ab4e4f8b7001/html5/thumbnails/36.jpg)
R.I.Pienaar | [email protected] | http://devco.net | @ripienaar
Questions?
twitter: @ripienaaremail: [email protected]: www.devco.net
github: ripienaarfreenode: Volcane
slack.puppet.com: ripienaar
http://learn.puppet.com/https://www.devco.net/