Puppet is a system for centrally specifying and managing infrastructure consisting of 3 main parts: 1) A declarative, resource-oriented language for specifying infrastructure, 2) An execution engine for applying specs repeatably, and 3) Daemons and tools that determine Puppet's distributed architecture. Puppet allows infrastructure to be coded and centrally managed from a Puppet master, bringing consistency across machines while reducing manual work. It uses SSL and provides a certificate authority to securely manage infrastructure at scale.

1. Puppet: the Why
and How
Teyo Tyree
teyo@puppetlabs.com
Puppet Labs
Portland, Oregon
USA

2. Puppet is a system for
centrally specifying and
managing your
infrastructure

3. Written in Ruby

4. Three major pieces

5. Three major pieces
•A declarative, resource-
oriented language

6. Three major pieces
•A declarative, resource-
oriented language
• An execution engine

7. Three major pieces
•A declarative, resource-
oriented language
• An execution engine
•A bunch of daemons and
tools

8. 1) A resource-
oriented language
Image from http://www.flickr.com/photos/heather/147388906/sizes/l/

9. Your infrastructure
is code
Image from http://www.flickr.com/photos/echo_29/25829591/sizes/o/

10. Resource
Abstraction Layer
(RAL)

11. Do you really care
how rpm works?

12. Resource Providers
• 29 package types
• Users in NetInfo, useradd, pw
• Support for Debian, Ubuntu, Red Hat, Solaris,
OS X, Gentoo, SuSE, FreeBSD, and more
• Windows support was announced this
week

13. 2) An
engine for
applying
specs
repeatably
Image from http://www.flickr.com/photos/jurvetson/480227362/sizes/l/

14. Specifications are
idempotent

15. Specifications are
idempotent

16. 3) Daemons and
executables that
determine Puppet’s
architecture

17. Centralized
Management
Code
Puppetmasterd
puppetd puppetd
OS X in the
puppetd
cloud
Linux

18. Uses SSL, and
provides a Certificate
Authority
Image from http://www.flickr.com/photos/piet_musterd/2307596484/sizes/l/

19. ralsh - a thin API wrapper

20. Puppet Is Pervasive
Web Entertainment Technology
Financial
Defense

21. Community
• 2000+ people on the
mailing lists
• 300+ people in IRC all day
• More than 100 contributors

22. Shell scripts are
infrastructure assembly code
Programming SysAdmin
Low-level, non- Assembly commands and
portable files
Abstract, C* Resources
portable
* For small values of
abstract

23. Speciation
Image from http://flickr.com/photos/kenskritters/2128853769/

24. Sysadmins do
too much
Image from http://flickr.com/photos/shirleytwofeathers/2068713495/

25. Let’s talk about you

26. Some questions

27. Some questions
• How many of you have
written software to manage
computers?

28. Some questions
• How many of you have
written software to manage
computers?
• How many have published
this software?

29. Three
people
Developer Sysadmin

30. Puppet allows you
to bridge that gap
Image from http://www.flickr.com/photos/patrick-smith-photography/2969769911/sizes/o/

31. Either you can manage
many machines with
little effort

32. Either you can manage
many machines with
little effort
Or you can’t

33. How to use Puppet
The strategical version

34. Seek the pain
Image from http://www.flickr.com/photos/pagedooley/2147718252/sizes/l/

35. Solve the simple
problems

36. Add the infrastructure
features you always
wanted

37. How to use Puppet
The tactical version

38. Think like Puppet
thinks

39. Think like Puppet
thinks
• Resources,not text snippets or
lines added to files

40. Think like Puppet
thinks
• Resources,not text snippets or
lines added to files
• What
resources are you
managing?

41. Think like Puppet
thinks
• Resources,not text snippets or
lines added to files
• What
resources are you
managing?
• How are they related to each
other?

42. Replace Shell Scripts
This:
with Resources
Becomes:

43. Replace Shell Scripts
This:
with Resources
Becomes:

44. Replace Shell Scripts
This:
with Resources
Becomes:

45. Replace Shell Scripts
This:
with Resources
Becomes:

46. Relationships
matter but are often
Configuration should get
modifed after package
installation
30
Service should restart when
Configuration configuration changes
30
Service

47. Relationships
matter but are often
Configuration should get
Package modifed after package
installation
30
Service should restart when
Configuration configuration changes
30
Service

48. Relationships provide
ordering and
notification
"Exec[createrepo-PM-RHEL5-noarch]"
"Yumrepo[PM-RHEL5-x86_64]"
"Package[postgresql-server]"
"Postgres::Role[puppet]"
"Package[thttpd]"
"File[/var/www/thttpd/html/yum-PM-RHEL5-x86_64]" "File[/var/www/thttpd/html/yum-PM-RHEL5-noarch]"
"Exec[rsync-rpmdir-PM-RHEL5-x86_64]" "Exec[rsync-rpmdir-PM-RHEL5-noarch]"
"Exec[createrepo-PM-RHEL5-x86_64]"
"Yumrepo[PM-RHEL5-noarch]"

49. Classes document Intent

50. Organize files into
modules

51. Provide platform
abstraction
Debian
Red Hat

52. Provide platform
abstraction
Debian
Red Hat

53. Portability and Naming

54. Class Membership

55. Class Membership

56. Puppet in the cloud

57. Heavily used in
EC2, VMWare, Xen,
etc

58. Puppet allows you
to avoid the foil ball
Image from http://www.flickr.com/photos/fungep/2516767121/sizes/l_

59. The Gory Details

60. Status and
Roadmap
• In production usage for years
• Aboutto release a new version with
significant internal refactoring
• Adding simple graphical tools this
year

61. Puppet and
Capistrano
or ControlTier

62. It scales like HTTPS
because it is https

63. Logs go to syslog
(by default)

64. puppet
labs
The people behind
Puppet

65. Bad product,
hungry Luke

66. From 3 to 17 people
in the last year

67. Support, Services,
and more

68. Questions