Webinar on 11/16/16

1. Controlled
Evolution with
AWS & Puppet
16 November 2016

2. Carl Caum: Sr. Technical Marketing Manager at
Puppet
Chris Barker: Principal Technical Solutions Engineer
at Puppet
Seamus Birch: Change Agent at one of Canada’s
tier-one banks
Speakers

3. Every company
is a software company.

4. It feels like
a breaking point.

5. Change
is necessary.

6. We help great companies:
Become great software companies
Deliver fantastic experiences to their users
Provide better software, faster
And do it simply, at scale and securely

7. Automate for speed, reliability and security
Define with a common
language
Gain situational
awareness
Orchestrate change
intelligently
Ensure security &
compliance
What’s needed to deliver and operate modern software simply, at scale and securely
Across devices, through the stack

8. Define with a common language
● Easy to read, understand, write & share
● Write once, use everywhere
● Testing built in
● No code clobbering
● Choose from thousands of free modules,
backed by a vibrant ecosystem
Standard way for teams to deliver and operate software
Puppet code example

9. Gain situational awareness
● Real-time change visibility
● Unique dependency visualizations
● Continual drift monitoring and reporting
● Audit and compliance reporting
● Built-in, custom and 3rd party visualizations
Know exactly what is going on with all your software
Event inspection in Puppet Enterprise

10. Cloud Management
with Puppet
Adopt, unify and manage
cloud environments

11. Supporting heterogeneous infrastructure

12. Cloud adoption drives business
of organizations believe cloud will help them improve their revenue
Source: IDC “Don’t Get Left Behind: The Business Benefits of Achieving Greater Cloud Adoption,” Aug 2015
53%

13. Automation in the cloud
Native tools don’t work
Manual approaches / scripts are problematic
Misconfiguration creates risk
= Risk
$ one-off

14. Puppet/aws module
$ one-off

15. AWS Herd Management
$ one-off

16. Introduction
16
● 15 years experience in banking technology
● Particularly interested in hands on transformation of
operating models.

17. What was the problem we were trying to solve?
17
Reduce manual effort and IT
bureaucracy that is error
prone, slowing us down and
costing us money.

18. Our setup
18
Github
Application Code
Puppet Modules
TeamCity
Application &
Container Build
Puppet Master
Configuration
Management
Artifactory
Application &
Container Store
Application
Server
Application
Environment
Puppet R10K
Release Management
and Change
Management

19. Or first steps
● Built a community of developers on the platform.
● Focused on promoting continuous deployment rather
than continuous integration.
● Obtained security risk assessments and approvals on
the Puppet process as a software deployment
mechanism.
● Heavily invested in getting the infrastructure teams to
pick up puppet.
● Lucky enough to find an infrastructure team that could
pick up the coding aspect.
● Worked with the release management and change
control teams to add support to R10K to their service.
● Started with a pilot of 150 servers.
19

20. Standard puppet approach
Provisioning
Virtual environments ● Cloud ● Containers
Application infrastructure
SQL server ● Tomcat ● WebSphere ● IIS ● MySQL
Core infrastructure
Operating system ● NTP ● DNS ● SSH ● Firewall ● Users ● Groups
Application orchestration
Custom apps ● COTS ● Share services

21. Our experience with Puppet
Provisioning
Virtual environments ● Cloud ● Containers
Application infrastructure
SQL server ● Tomcat ● WebSphere ● IIS ● MySQL
Core infrastructure
Operating system ● NTP ● DNS ● SSH ● Firewall ● Users ● Groups
Application orchestration
Custom apps ● COTS ● Share services
1
2
3

22. 22
Reduction in manual effort
90%
Team Development Effort
12%
600%
Change Deployment Frequency
Measurable results

23. But what about provisioning?
Provisioning
Virtual environments ● Cloud ● Containers
Application infrastructure
SQL server ● Tomcat ● WebSphere ● IIS ● MySQL
Core infrastructure
Operating system ● NTP ● DNS ● SSH ● Firewall ● Users ● Groups
Application orchestration
Custom apps ● COTS ● Share services
1
2
3
?

24. Our AWS POC
24
Github
Application Code
Puppet Modules
TeamCity
Application &
Container Build
Puppet Master
Configuration
Management
Artifactory
Application &
Container Store
Cloud Command
and Control
Keys
Puppet R10K
Release Management
and Change
Management
VPC, Security, Firewall, Network etc
ECS
EC2 Instances
Application
RDS

25. What did we discover
● We had a real life application deployed
within a couple of weeks.
● We didn’t require any new processes to be
created.
● There were no special
approvals/waivers/exceptions to obtain.
● We didn’t need to change firewalls or modify
our security posture.
● We reduced infrastructure costs to pennies
in the dollar.
25

26. Getting started with cloud was easy because we
already automated with Puppet.
26

27. It will scale because we already
automated with Puppet.
27

28. Potential stumbling blocks to avoid
● Focus on automation, not on cloud as the
objective.
● Don’t start with doing cloud manually, it will
not scale and your cloud transformation will
stall.
● The development team must have a mature
approach to security. You must be 100%
confident that when you ask a security
consultant to review your setup, they will not
find any vulnerabilities.
● You need to let go of the crutch that it is
SSH/RDC.
28

29. Questions?

30. Read up on AWS-Based Node Lifecycle Management with Puppet in our white paper:
bit.ly/AWSlifecycle
Check out our AWS-supported module on the Puppet Forge, which provides the ability to
manage AWS resources: forge.puppet.com/puppetlabs/aws
Watch Chris Barker's PuppetConf 2016 talk, AWS Management & Puppet: What to do with
cloud instances: bit.ly/puppetconf15barker
What’s next?