SlideShare uma empresa Scribd logo

Continuous deployment of puppet modules

William O'Neill
William O'Neill

Presentation given at the Atlanta Puppet Camp in December 2014 about how MailChimp uses a combination of DSL tooling, editor plugins, peer review, and Jenkins to do continuous deployment of puppet modules to their infrastructure. Slide sources available at https://github.com/woneill/puppetcamp_atlanta_2014

Tecnologia
1 de 44
Baixar para ler offline
CONTINUOUS DEPLOYMENT OF PUPPET MODULES HOW WE DO IT AT MAILCHIMP
BILL O'NEILL @WONEILL
EMAIL SERVICE PROVIDER Deliver ~500 million emails daily 723 million emails delivered on Cyber Monday of 97Sender Score http://delivery.mailchimp.com/
HISTORY
Image source: https://blog.engineyard.com/2014/con gure- before-you-boot
CONFIGURATION MANAGEMENT IS HARD "With Chef, Puppet, and CFEngine we found a not-insigni cant learning curve on setting up the different server daemons and learning the DSL. This was particularly challenging when we were con guring unique software not yet given recipes by the existing community. Given our cluster sizes, we also didn't really need any of the advanced features those systems provided." - README from internally built tool
MOVE TO COLOCATION Buy vs. Lease analogy Grow our Operations team Needed a tool with dry-run mode
PEOPLE MAKE MISTAKES
HOW DO WE CATCH THESE MISTAKES AS EARLY AS POSSIBLE? AUTONOMATION "automation with a human touch" 1. Detect the abnormality 2. Stop 3. Fix or correct the immediate condition
HOW DO WE CATCH THESE MISTAKES AS EARLY AS POSSIBLE? DSL tools Editor Support Source Code Management Continuous Integration
DSL TOOLS Puppet ERB YAML Puppet Style Guide
PUPPET puppet parser validate mymanifest.pp
package { 'openssh-server': ensure => installed, } file { '/etc/ssh/sshd_config': source => 'puppet:///modules/sshd/sshd_config', owner => 'root', group => 'root', mode => '640', notify => Service['sshd'] /* sshd will restart whenever you edit this file. */ require => Package['openssh-server'], } service { 'sshd': ensure => running, enable => 'true', hasstatus => 'true', hasrestart => 'true', }
$ puppet parser validate validate_1.pp Error: Could not parse for environment production: Syntax error at 'require'; expected '}' at validate_1.pp:12
ERB erb -P -x -T '-' mytemplate.erb | ruby -c
restrict default kod nomodify notrap nopeer<% unless @service %> noquery restrict 127.0.0.1 restrict -6 ::1 driftfile /var/lib/ntp/drift <% @serverlist.sort.each do |server| -%> server <%= server %> iburst maxpoll 6 restrict <%= server %> mask 255.255.255.255 nomodify notrap noquery <% end -%>
$ erb -P -x -T '-' broken-ntp.conf.erb | ruby -c -:11: syntax error, unexpected $end, expecting kEND
YAML npm install -g js-yaml; js-yaml hiera.yaml ruby -e "require 'yaml'; YAML.load_file('hiera.yaml')"
--- ntp::servers: - 0.us.pool.ntp.org - 1.us.pool.ntp.org - 2.us.pool.ntp.org - 3.us.pool.ntp.org hp::ilo::settings: ssh_status type: global value: true ssh_port type: global value: '22' http_port type: global value: '80' https_port type: global value: '443'
$ js-yaml hiera.yaml JS-YAML: bad indentation of a mapping entry at line 9, column 13: type: global ^ $ ruby -e "require 'yaml'; YAML.load_file('hiera.yaml')" yaml.rb:133:in `load': syntax error on line 9, col 14: ` value: true' (ArgumentError) from yaml.rb:133:in `load' from yaml.rb:144:in `load_file' from yaml.rb:143:in `open' from yaml.rb:143:in `load_file' from -e:1
PUPPET STYLE GUIDE https://docs.puppetlabs.com/guides/style_guide.html gem install puppet-lint puppet-lint --fix /my/puppet/code
package { 'openssh-server': ensure => installed, } file { '/etc/ssh/sshd_config': source => 'puppet:///modules/sshd/sshd_config', owner => 'root', group => 'root', mode => '640', notify => Service['sshd'], /* sshd will restart whenever you edit this file. */ require => Package['openssh-server'], } service { 'sshd': ensure => running, enable => 'true', hasstatus => 'true', hasrestart => 'true', }
$ puppet-lint validate_2.pp WARNING: quoted boolean value found on line 16 WARNING: quoted boolean value found on line 17 WARNING: quoted boolean value found on line 18 WARNING: indentation of => is not properly aligned on line 6 WARNING: indentation of => is not properly aligned on line 7 WARNING: indentation of => is not properly aligned on line 8 WARNING: indentation of => is not properly aligned on line 9 WARNING: indentation of => is not properly aligned on line 10 WARNING: mode should be represented as a 4 digit octal value or symbolic mode on line 9 WARNING: /* */ comment found on line 10
$ puppet-lint --fix validate_2.pp FIXED: quoted boolean value found on line 16 FIXED: quoted boolean value found on line 17 FIXED: quoted boolean value found on line 18 FIXED: indentation of => is not properly aligned on line 6 FIXED: indentation of => is not properly aligned on line 7 FIXED: indentation of => is not properly aligned on line 8 FIXED: indentation of => is not properly aligned on line 9 FIXED: indentation of => is not properly aligned on line 10 FIXED: mode should be represented as a 4 digit octal value or symbolic mode on line 9 FIXED: /* */ comment found on line 10
package { 'openssh-server': ensure => installed, } file { '/etc/ssh/sshd_config': source => 'puppet:///modules/sshd/sshd_config', owner => 'root', group => 'root', mode => '0640', notify => Service['sshd'], # sshd will restart whenever you # edit this file. require => Package['openssh-server'], } service { 'sshd': ensure => running, enable => true, hasstatus => true, hasrestart => true, }
--- validate_2.pp 2014-12-08 09:43:38.000000000 -0500 +++ validate_2.pp-fixed 2014-12-08 09:50:51.000000000 -0500 @@ -3,18 +3,18 @@ } file { '/etc/ssh/sshd_config': - source => 'puppet:///modules/sshd/sshd_config', - owner => 'root', - group => 'root', - mode => '640', - notify => Service['sshd'], /* sshd will restart whenever you - edit this file. */ + source => 'puppet:///modules/sshd/sshd_config', + owner => 'root', + group => 'root', + mode => '0640', + notify => Service['sshd'], # sshd will restart whenever you + # edit this file. require => Package['openssh-server'], } service { 'sshd': ensure => running, - enable => 'true', - hasstatus => 'true', - hasrestart => 'true', + enable => true, + hasstatus => true, + hasrestart => true, }
EDITOR SUPPORT
VIM PLUGINS FTW with Syntastic vim-puppet UltiSnips vim-snippets
EMACS http://www.emacswiki.org/emacs/PuppetProgramming
GEPPETTO http://puppetlabs.github.io/geppetto/index.html
SOURCE CODE MANAGEMENT
COMMIT HOOKS SCRIPT RUNNING THE DSL TOOLS AGAINST NEW FILES
PEER REVIEW
TRUNK BASED DEPLOYMENT
CONTINUOUS INTEGRATION
JENKINS HTTPS://GITHUB.COM/VSTONE/JENKINS- PUPPET-SCRIPTS
WHY NOT RSPEC OR BEAKER?
CONTINUOUS DEPLOYMENT
REMEMBER TRUNK BASED DEPLOYMENT? # Keep environment up-to-date vcsrepo { '/etc/puppet/environments/production': ensure => latest, provider => hg, source => 'https://localhost/mercurial/puppet-modules', }
REVIEW TIME! Catch mistakes early Automation with a human touch Trunk Based Deployments
QUESTIONS?
Slide sources at THANKS! BILL O'NEILL WONEILL@POBOX.COM @WONEILL http://github.com/woneill/puppetcamp_atlanta_2014

Recomendados

Puppet Camp Atlanta 2014: Continuous Deployment of Puppet Modules
Puppet Camp Atlanta 2014: Continuous Deployment of Puppet ModulesPuppet Camp Atlanta 2014: Continuous Deployment of Puppet Modules
Puppet Camp Atlanta 2014: Continuous Deployment of Puppet ModulesPuppet
 
Chef solo the beginning
Chef solo the beginning Chef solo the beginning
Chef solo the beginning A.K.M. Ahsrafuzzaman
 
Ansible : what's ansible & use case by REX
Ansible : what's ansible & use case by REXAnsible : what's ansible & use case by REX
Ansible : what's ansible & use case by REXSaewoong Lee
 
V2 and beyond
V2 and beyondV2 and beyond
V2 and beyondjimi-c
 
Cloud Automation with Opscode Chef
Cloud Automation with Opscode ChefCloud Automation with Opscode Chef
Cloud Automation with Opscode ChefSri Ram
 
Ansible leveraging 2.0
Ansible leveraging 2.0Ansible leveraging 2.0
Ansible leveraging 2.0bcoca
 
AnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and TricksAnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and Tricksjimi-c
 
More tips n tricks
More tips n tricksMore tips n tricks
More tips n tricksbcoca
 

Recomendados

Puppet Camp Atlanta 2014: Continuous Deployment of Puppet Modules
Puppet Camp Atlanta 2014: Continuous Deployment of Puppet ModulesPuppet Camp Atlanta 2014: Continuous Deployment of Puppet Modules
Puppet Camp Atlanta 2014: Continuous Deployment of Puppet ModulesPuppet
 
Chef solo the beginning
Chef solo the beginning Chef solo the beginning
Chef solo the beginning A.K.M. Ahsrafuzzaman
 
Ansible : what's ansible & use case by REX
Ansible : what's ansible & use case by REXAnsible : what's ansible & use case by REX
Ansible : what's ansible & use case by REXSaewoong Lee
 
V2 and beyond
V2 and beyondV2 and beyond
V2 and beyondjimi-c
 
Cloud Automation with Opscode Chef
Cloud Automation with Opscode ChefCloud Automation with Opscode Chef
Cloud Automation with Opscode ChefSri Ram
 
Ansible leveraging 2.0
Ansible leveraging 2.0Ansible leveraging 2.0
Ansible leveraging 2.0bcoca
 
AnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and TricksAnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and Tricksjimi-c
 
More tips n tricks
More tips n tricksMore tips n tricks
More tips n tricksbcoca
 
Ansible - Crash course
Ansible - Crash courseAnsible - Crash course
Ansible - Crash courseSimone Soldateschi
 
Hacking ansible
Hacking ansibleHacking ansible
Hacking ansiblebcoca
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupGreg DeKoenigsberg
 
Ansible for beginners ...?
Ansible for beginners ...?Ansible for beginners ...?
Ansible for beginners ...?shirou wakayama
 
Inside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and othersInside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and othersYusuke Wada
 
Drupal cambs ansible for drupal april 2015
Drupal cambs ansible for drupal april 2015Drupal cambs ansible for drupal april 2015
Drupal cambs ansible for drupal april 2015Ryan Brown
 
Ansible roles done right
Ansible roles done rightAnsible roles done right
Ansible roles done rightDan Vaida
 
Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Brian Schott
 
"Ops Tools with Perl" 2012/05/12 Hokkaido.pm
"Ops Tools with Perl" 2012/05/12 Hokkaido.pm"Ops Tools with Perl" 2012/05/12 Hokkaido.pm
"Ops Tools with Perl" 2012/05/12 Hokkaido.pmRyosuke IWANAGA
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of AnsibleDevOps Ltd.
 
chef loves windows
chef loves windowschef loves windows
chef loves windowsMat Schaffer
 
What mom never told you about bundle configurations - Symfony Live Paris 2012
What mom never told you about bundle configurations - Symfony Live Paris 2012What mom never told you about bundle configurations - Symfony Live Paris 2012
What mom never told you about bundle configurations - Symfony Live Paris 2012D
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to AnsibleCédric Delgehier
 
Kubernetes: Wie Chefkoch.de mit Containern arbeitet
Kubernetes: Wie Chefkoch.de mit Containern arbeitetKubernetes: Wie Chefkoch.de mit Containern arbeitet
Kubernetes: Wie Chefkoch.de mit Containern arbeitetPer Bernhardt
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Alex S
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationArthur Freyman
 
Network Automation: Ansible 102
Network Automation: Ansible 102Network Automation: Ansible 102
Network Automation: Ansible 102APNIC
 
Csharp_Contents
Csharp_ContentsCsharp_Contents
Csharp_ContentsMohamed Krar
 
Mojolicious - A new hope
Mojolicious - A new hopeMojolicious - A new hope
Mojolicious - A new hopeMarcus Ramberg
 
Configuration Management in Ansible
Configuration Management in Ansible Configuration Management in Ansible
Configuration Management in Ansible Bangladesh Network Operators Group
 
POD PLAN DOCUMENTS
POD PLAN DOCUMENTSPOD PLAN DOCUMENTS
POD PLAN DOCUMENTSKristen Smith
 
Normalization of Mendeley reader impact on the reader- and paper-side
Normalization of Mendeley reader impact on the reader- and paper-sideNormalization of Mendeley reader impact on the reader- and paper-side
Normalization of Mendeley reader impact on the reader- and paper-sideRobin Haunschild
 

Mais conteúdo relacionado

Mais procurados

Hacking ansible
Hacking ansibleHacking ansible
Hacking ansiblebcoca
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupGreg DeKoenigsberg
 
Ansible for beginners ...?
Ansible for beginners ...?Ansible for beginners ...?
Ansible for beginners ...?shirou wakayama
 
Inside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and othersInside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and othersYusuke Wada
 
Drupal cambs ansible for drupal april 2015
Drupal cambs ansible for drupal april 2015Drupal cambs ansible for drupal april 2015
Drupal cambs ansible for drupal april 2015Ryan Brown
 
Ansible roles done right
Ansible roles done rightAnsible roles done right
Ansible roles done rightDan Vaida
 
Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Brian Schott
 
"Ops Tools with Perl" 2012/05/12 Hokkaido.pm
"Ops Tools with Perl" 2012/05/12 Hokkaido.pm"Ops Tools with Perl" 2012/05/12 Hokkaido.pm
"Ops Tools with Perl" 2012/05/12 Hokkaido.pmRyosuke IWANAGA
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of AnsibleDevOps Ltd.
 
chef loves windows
chef loves windowschef loves windows
chef loves windowsMat Schaffer
 
What mom never told you about bundle configurations - Symfony Live Paris 2012
What mom never told you about bundle configurations - Symfony Live Paris 2012What mom never told you about bundle configurations - Symfony Live Paris 2012
What mom never told you about bundle configurations - Symfony Live Paris 2012D
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to AnsibleCédric Delgehier
 
Kubernetes: Wie Chefkoch.de mit Containern arbeitet
Kubernetes: Wie Chefkoch.de mit Containern arbeitetKubernetes: Wie Chefkoch.de mit Containern arbeitet
Kubernetes: Wie Chefkoch.de mit Containern arbeitetPer Bernhardt
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Alex S
 
Network Automation: Ansible 102
Network Automation: Ansible 102Network Automation: Ansible 102
Network Automation: Ansible 102APNIC
 
Mojolicious - A new hope
Mojolicious - A new hopeMojolicious - A new hope
Mojolicious - A new hopeMarcus Ramberg
 

Mais procurados (20)

Ansible - Crash course
Ansible - Crash courseAnsible - Crash course
Ansible - Crash course
 
Hacking ansible
Hacking ansibleHacking ansible
Hacking ansible
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetup
 
Ansible for beginners ...?
Ansible for beginners ...?Ansible for beginners ...?
Ansible for beginners ...?
 
Inside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and othersInside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and others
 
Drupal cambs ansible for drupal april 2015
Drupal cambs ansible for drupal april 2015Drupal cambs ansible for drupal april 2015
Drupal cambs ansible for drupal april 2015
 
Ansible roles done right
Ansible roles done rightAnsible roles done right
Ansible roles done right
 
Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2
 
"Ops Tools with Perl" 2012/05/12 Hokkaido.pm
"Ops Tools with Perl" 2012/05/12 Hokkaido.pm"Ops Tools with Perl" 2012/05/12 Hokkaido.pm
"Ops Tools with Perl" 2012/05/12 Hokkaido.pm
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of Ansible
 
chef loves windows
chef loves windowschef loves windows
chef loves windows
 
What mom never told you about bundle configurations - Symfony Live Paris 2012
What mom never told you about bundle configurations - Symfony Live Paris 2012What mom never told you about bundle configurations - Symfony Live Paris 2012
What mom never told you about bundle configurations - Symfony Live Paris 2012
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
 
Kubernetes: Wie Chefkoch.de mit Containern arbeitet
Kubernetes: Wie Chefkoch.de mit Containern arbeitetKubernetes: Wie Chefkoch.de mit Containern arbeitet
Kubernetes: Wie Chefkoch.de mit Containern arbeitet
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Network Automation: Ansible 102
Network Automation: Ansible 102Network Automation: Ansible 102
Network Automation: Ansible 102
 
Csharp_Contents
Csharp_ContentsCsharp_Contents
Csharp_Contents
 
Mojolicious - A new hope
Mojolicious - A new hopeMojolicious - A new hope
Mojolicious - A new hope
 
Configuration Management in Ansible
Configuration Management in Ansible Configuration Management in Ansible
Configuration Management in Ansible
 

Destaque

Normalization of Mendeley reader impact on the reader- and paper-side
Normalization of Mendeley reader impact on the reader- and paper-sideNormalization of Mendeley reader impact on the reader- and paper-side
Normalization of Mendeley reader impact on the reader- and paper-sideRobin Haunschild
 
Smart fitness: l'allenamento intelligente
Smart fitness: l'allenamento intelligenteSmart fitness: l'allenamento intelligente
Smart fitness: l'allenamento intelligenteLivia Negri
 
Peter Bouchard Maine - Top 10 Most Expensive Cars
Peter Bouchard Maine - Top 10 Most Expensive CarsPeter Bouchard Maine - Top 10 Most Expensive Cars
Peter Bouchard Maine - Top 10 Most Expensive CarsPeter Bouchard Maine
 
Top 10 Vintage Cars for Under $5,000
Top 10 Vintage Cars for Under $5,000Top 10 Vintage Cars for Under $5,000
Top 10 Vintage Cars for Under $5,000Peter Bouchard Maine
 
Hudson Influencer Outreach
Hudson Influencer OutreachHudson Influencer Outreach
Hudson Influencer OutreachGaurav Bajargyan
 
Peter Bouchard Maine - Telecommunication
Peter Bouchard Maine - TelecommunicationPeter Bouchard Maine - Telecommunication
Peter Bouchard Maine - TelecommunicationPeter Bouchard Maine
 
Packetbeat at GDG Berlin meetup
Packetbeat at GDG Berlin meetupPacketbeat at GDG Berlin meetup
Packetbeat at GDG Berlin meetupTudor Golubenco
 

Destaque (11)

POD PLAN DOCUMENTS
POD PLAN DOCUMENTSPOD PLAN DOCUMENTS
POD PLAN DOCUMENTS
 
Normalization of Mendeley reader impact on the reader- and paper-side
Normalization of Mendeley reader impact on the reader- and paper-sideNormalization of Mendeley reader impact on the reader- and paper-side
Normalization of Mendeley reader impact on the reader- and paper-side
 
Smart fitness: l'allenamento intelligente
Smart fitness: l'allenamento intelligenteSmart fitness: l'allenamento intelligente
Smart fitness: l'allenamento intelligente
 
Peter Bouchard Maine - Top 10 Most Expensive Cars
Peter Bouchard Maine - Top 10 Most Expensive CarsPeter Bouchard Maine - Top 10 Most Expensive Cars
Peter Bouchard Maine - Top 10 Most Expensive Cars
 
MIXJAMMER
MIXJAMMERMIXJAMMER
MIXJAMMER
 
Top 10 Vintage Cars for Under $5,000
Top 10 Vintage Cars for Under $5,000Top 10 Vintage Cars for Under $5,000
Top 10 Vintage Cars for Under $5,000
 
pradeep_Iot_mphasis
pradeep_Iot_mphasispradeep_Iot_mphasis
pradeep_Iot_mphasis
 
Hudson Influencer Outreach
Hudson Influencer OutreachHudson Influencer Outreach
Hudson Influencer Outreach
 
Join EXIT Beach Realty
Join EXIT Beach RealtyJoin EXIT Beach Realty
Join EXIT Beach Realty
 
Peter Bouchard Maine - Telecommunication
Peter Bouchard Maine - TelecommunicationPeter Bouchard Maine - Telecommunication
Peter Bouchard Maine - Telecommunication
 
Packetbeat at GDG Berlin meetup
Packetbeat at GDG Berlin meetupPacketbeat at GDG Berlin meetup
Packetbeat at GDG Berlin meetup
 

Semelhante a Continuous deployment of puppet modules

Chef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructureChef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructureMichaël Lopez
 
Practical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppPractical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppSmartLogic
 
AMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion PassengerAMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion Passengericemobile
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013grim_radical
 
Ansible inside
Ansible insideAnsible inside
Ansible insideIdeato
 
Fixing Growing Pains With Puppet Data Patterns
Fixing Growing Pains With Puppet Data PatternsFixing Growing Pains With Puppet Data Patterns
Fixing Growing Pains With Puppet Data PatternsMartin Jackson
 
Vancouver presentation
Vancouver presentationVancouver presentation
Vancouver presentationColleen_Murphy
 
Infrastructure = code - 1 year later
Infrastructure = code - 1 year laterInfrastructure = code - 1 year later
Infrastructure = code - 1 year laterChristian Ortner
 
Capifony. Minsk PHP MeetUp #11
Capifony. Minsk PHP MeetUp #11Capifony. Minsk PHP MeetUp #11
Capifony. Minsk PHP MeetUp #11Yury Pliashkou
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesLindsay Holmwood
 
PECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterPECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterZendCon
 
Facebook的缓存系统
Facebook的缓存系统Facebook的缓存系统
Facebook的缓存系统yiditushe
 
Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Dana Luther
 
Converting Your DEV Environment to a Docker Stack
Converting Your DEV Environment to a Docker StackConverting Your DEV Environment to a Docker Stack
Converting Your DEV Environment to a Docker StackDana Luther
 

Semelhante a Continuous deployment of puppet modules (20)

Chef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructureChef - industrialize and automate your infrastructure
Chef - industrialize and automate your infrastructure
 
Practical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppPractical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails App
 
AMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion PassengerAMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion Passenger
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
 
Fatc
FatcFatc
Fatc
 
Ansible inside
Ansible insideAnsible inside
Ansible inside
 
Fixing Growing Pains With Puppet Data Patterns
Fixing Growing Pains With Puppet Data PatternsFixing Growing Pains With Puppet Data Patterns
Fixing Growing Pains With Puppet Data Patterns
 
Vancouver presentation
Vancouver presentationVancouver presentation
Vancouver presentation
 
Infrastructure = code - 1 year later
Infrastructure = code - 1 year laterInfrastructure = code - 1 year later
Infrastructure = code - 1 year later
 
Capifony. Minsk PHP MeetUp #11
Capifony. Minsk PHP MeetUp #11Capifony. Minsk PHP MeetUp #11
Capifony. Minsk PHP MeetUp #11
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
 
PECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterPECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life better
 
Pecl Picks
Pecl PicksPecl Picks
Pecl Picks
 
Cooking with Chef
Cooking with ChefCooking with Chef
Cooking with Chef
 
Facebook的缓存系统
Facebook的缓存系统Facebook的缓存系统
Facebook的缓存系统
 
infra-as-code
infra-as-codeinfra-as-code
infra-as-code
 
grate techniques
grate techniquesgrate techniques
grate techniques
 
EC2
EC2EC2
EC2
 
Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18
 
Converting Your DEV Environment to a Docker Stack
Converting Your DEV Environment to a Docker StackConverting Your DEV Environment to a Docker Stack
Converting Your DEV Environment to a Docker Stack
 

Último

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 

Último (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 

Continuous deployment of puppet modules

  • 3.
  • 4. EMAIL SERVICE PROVIDER Deliver ~500 million emails daily 723 million emails delivered on Cyber Monday of 97Sender Score http://delivery.mailchimp.com/
  • 7. CONFIGURATION MANAGEMENT IS HARD "With Chef, Puppet, and CFEngine we found a not-insigni cant learning curve on setting up the different server daemons and learning the DSL. This was particularly challenging when we were con guring unique software not yet given recipes by the existing community. Given our cluster sizes, we also didn't really need any of the advanced features those systems provided." - README from internally built tool
  • 8. MOVE TO COLOCATION Buy vs. Lease analogy Grow our Operations team Needed a tool with dry-run mode
  • 10. HOW DO WE CATCH THESE MISTAKES AS EARLY AS POSSIBLE? AUTONOMATION "automation with a human touch" 1. Detect the abnormality 2. Stop 3. Fix or correct the immediate condition
  • 11. HOW DO WE CATCH THESE MISTAKES AS EARLY AS POSSIBLE? DSL tools Editor Support Source Code Management Continuous Integration
  • 14. package { 'openssh-server': ensure => installed, } file { '/etc/ssh/sshd_config': source => 'puppet:///modules/sshd/sshd_config', owner => 'root', group => 'root', mode => '640', notify => Service['sshd'] /* sshd will restart whenever you edit this file. */ require => Package['openssh-server'], } service { 'sshd': ensure => running, enable => 'true', hasstatus => 'true', hasrestart => 'true', }
  • 15. $ puppet parser validate validate_1.pp Error: Could not parse for environment production: Syntax error at 'require'; expected '}' at validate_1.pp:12
  • 16. ERB erb -P -x -T '-' mytemplate.erb | ruby -c
  • 17. restrict default kod nomodify notrap nopeer<% unless @service %> noquery restrict 127.0.0.1 restrict -6 ::1 driftfile /var/lib/ntp/drift <% @serverlist.sort.each do |server| -%> server <%= server %> iburst maxpoll 6 restrict <%= server %> mask 255.255.255.255 nomodify notrap noquery <% end -%>
  • 18. $ erb -P -x -T '-' broken-ntp.conf.erb | ruby -c -:11: syntax error, unexpected $end, expecting kEND
  • 19. YAML npm install -g js-yaml; js-yaml hiera.yaml ruby -e "require 'yaml'; YAML.load_file('hiera.yaml')"
  • 20. --- ntp::servers: - 0.us.pool.ntp.org - 1.us.pool.ntp.org - 2.us.pool.ntp.org - 3.us.pool.ntp.org hp::ilo::settings: ssh_status type: global value: true ssh_port type: global value: '22' http_port type: global value: '80' https_port type: global value: '443'
  • 21. $ js-yaml hiera.yaml JS-YAML: bad indentation of a mapping entry at line 9, column 13: type: global ^ $ ruby -e "require 'yaml'; YAML.load_file('hiera.yaml')" yaml.rb:133:in `load': syntax error on line 9, col 14: ` value: true' (ArgumentError) from yaml.rb:133:in `load' from yaml.rb:144:in `load_file' from yaml.rb:143:in `open' from yaml.rb:143:in `load_file' from -e:1
  • 22. PUPPET STYLE GUIDE https://docs.puppetlabs.com/guides/style_guide.html gem install puppet-lint puppet-lint --fix /my/puppet/code
  • 23. package { 'openssh-server': ensure => installed, } file { '/etc/ssh/sshd_config': source => 'puppet:///modules/sshd/sshd_config', owner => 'root', group => 'root', mode => '640', notify => Service['sshd'], /* sshd will restart whenever you edit this file. */ require => Package['openssh-server'], } service { 'sshd': ensure => running, enable => 'true', hasstatus => 'true', hasrestart => 'true', }
  • 24. $ puppet-lint validate_2.pp WARNING: quoted boolean value found on line 16 WARNING: quoted boolean value found on line 17 WARNING: quoted boolean value found on line 18 WARNING: indentation of => is not properly aligned on line 6 WARNING: indentation of => is not properly aligned on line 7 WARNING: indentation of => is not properly aligned on line 8 WARNING: indentation of => is not properly aligned on line 9 WARNING: indentation of => is not properly aligned on line 10 WARNING: mode should be represented as a 4 digit octal value or symbolic mode on line 9 WARNING: /* */ comment found on line 10
  • 25. $ puppet-lint --fix validate_2.pp FIXED: quoted boolean value found on line 16 FIXED: quoted boolean value found on line 17 FIXED: quoted boolean value found on line 18 FIXED: indentation of => is not properly aligned on line 6 FIXED: indentation of => is not properly aligned on line 7 FIXED: indentation of => is not properly aligned on line 8 FIXED: indentation of => is not properly aligned on line 9 FIXED: indentation of => is not properly aligned on line 10 FIXED: mode should be represented as a 4 digit octal value or symbolic mode on line 9 FIXED: /* */ comment found on line 10
  • 26. package { 'openssh-server': ensure => installed, } file { '/etc/ssh/sshd_config': source => 'puppet:///modules/sshd/sshd_config', owner => 'root', group => 'root', mode => '0640', notify => Service['sshd'], # sshd will restart whenever you # edit this file. require => Package['openssh-server'], } service { 'sshd': ensure => running, enable => true, hasstatus => true, hasrestart => true, }
  • 27. --- validate_2.pp 2014-12-08 09:43:38.000000000 -0500 +++ validate_2.pp-fixed 2014-12-08 09:50:51.000000000 -0500 @@ -3,18 +3,18 @@ } file { '/etc/ssh/sshd_config': - source => 'puppet:///modules/sshd/sshd_config', - owner => 'root', - group => 'root', - mode => '640', - notify => Service['sshd'], /* sshd will restart whenever you - edit this file. */ + source => 'puppet:///modules/sshd/sshd_config', + owner => 'root', + group => 'root', + mode => '0640', + notify => Service['sshd'], # sshd will restart whenever you + # edit this file. require => Package['openssh-server'], } service { 'sshd': ensure => running, - enable => 'true', - hasstatus => 'true', - hasrestart => 'true', + enable => true, + hasstatus => true, + hasrestart => true, }
  • 33. COMMIT HOOKS SCRIPT RUNNING THE DSL TOOLS AGAINST NEW FILES
  • 35.
  • 39. WHY NOT RSPEC OR BEAKER?
  • 41. REMEMBER TRUNK BASED DEPLOYMENT? # Keep environment up-to-date vcsrepo { '/etc/puppet/environments/production': ensure => latest, provider => hg, source => 'https://localhost/mercurial/puppet-modules', }
  • 42. REVIEW TIME! Catch mistakes early Automation with a human touch Trunk Based Deployments
  • 44. Slide sources at THANKS! BILL O'NEILL WONEILL@POBOX.COM @WONEILL http://github.com/woneill/puppetcamp_atlanta_2014