210 likes | 225 Views
Learn how to orchestrate configuration management using Ansible and Puppet, and explore a use case for dynamic infrastructure, application configuration, and deployment. Presented by Maria Niță, Site Reliability Engineer at Adobe, and Alexandru Stancu, Site Reliability Engineer at Adobe.
E N D
You can never understand configuration management, until you know how to orchestrate it @ Bucharest DevOps Hacker Meetup
About us – Maria Niță Site Reliability Engineer @ Adobe DevOps @ Kalon Software Engineer @ Openshift via Red Hat Developer @ uberVU Faculty of Mathematics & Computer Science, University of Bucharest Member @ ROSEdu Romanian Open Source for Education Coffee & ice cream
About us – Alexandru Stancu • Puppet User ~6 years. • Site Reliability Engineer @ Adobe Systems • Organizer of the Puppet User Group in Bucharest • http://www.meetup.com/Bucharest-Puppet-User-Group/ @salecss https://www.linkedin.com/in/alexstancu
Hypothesis • Short introduction to Ansible & Puppet • Present the (a common) use case and how we manage it • What’s that use case? We want: • Dynamic Infrastructure, spread geographically on multiple zones (maybe multi-platform) • Application configuration • Application deployment • Reporting • Transition from want to have with Ansible & Puppet
Our use case We have a web app on http://demo.mydevops.ro Create an AWS infrastructure: VPC, EC2 instances, ELBs using CNS (Terraform) Configure the fleet – EC2 instances using Puppet Orchestrate the deployment of our web app with 0 downtime with Ansible
Content • Ansible • What’s what? • Ecosystem • Use case • Examples • Puppet • Ecosystem • Language Basics • Puppet server and agent setup on AWS • Roles and Profiles • Demo • Q&A
Ansible - ”[…] until you know how to orchestrate it” Maria Niță – Site Reliability Engineer @ Adobe
What’s, what? Ansible - Simple IT Automation1
Puppet - ” You can never understand configuration management, until you know how to orchestrate it[…]” AlexandruStancu – Site Reliability Engineer @ Adobe
Puppet Ecosystem • Puppet Server • Puppet Agent • PuppetDB – Used to store reports and • Hiera – This is the place where data is stored. Data auto binding is awesome! • Foreman – ENC, Reporting and many more. • Puppetboard – Web frontend for PuppetDB. • Mcollective – a very cool tool
Puppet Language, Modules and more … A module is a collection of classes • Written in Ruby • Can work in a client-server setup but also in master-less configuration file { ‘/etc/ssh/sshd_config’: ensure => present, source => “puppet:///modules/${module_name}/sshd_config” } A class is a collection of resources service { ‘sshd’: ensure => running, enable => true }
Puppet Agent Setup On AWS Terraform Bootstrap Provision facts puppet module AWS User Data my_module_facts/lib/facter my_ec2_tags.rb iam_account_alias.rb nagios_host.rb aws_region_name.rb my_other_facts.rb vpc_name.rb AWS Instance hostname = my_role = group = other_facts = fact1=val1,fact2=val2 Puppet Agent TAGS IAM instance profile IAM Role IAM Policy: ec2:Describe* AWS SDK INSTANCE METADATA
Puppet Server site.pp : node default { include ::role::${::my_role} } Node Classification Catalog Compilation AWS Instance Reporting Puppet DB Foreman (deactivate ENC function) Puppet Server Hieraconfig :hierarchy: - “node/%{::certclient}” - “vpc_name/%{::vpc_name}/role/%{::my_role} - “vpc_name/%{::vpc_name}/common” - “role/%{::my_role}” - common
Puppet Roles and Profiles file { ‘/path/to/custom/file’: ensure => present, source => ‘puppet:///modules/${module_name}/my_file’ } Use contain Class Ordering Hiera Resource Types M2 M1 AWS Instance Role M3 M4 Profiles M6 M5 Business Logic Technical Logic
Puppet Roles and Profiles Resource Types M2 M1 M3 Community Modules AWS Instance Role Profiles M4 M7 Site Modules M5 M6 file { ‘/path/to/custom/file’: ensure => present, source => ‘puppet:///modules/${module_name}/my_file’ } Business Logic Technical Logic