SlideShare a Scribd company logo

Automating complex infrastructures with Puppet

Kris Buytaert
Kris Buytaert

Automating Complex infrastructures with Puppet, with sipX as an example as presented at Froscon in Sankt-Augusting (Germany) on August 21st 2011

Technology
1 of 43
Download to read offline
Puppetizing Complex Applications with sipXecs as an example Kris Buytaert
Kris Buytaert ● I used to be a Dev, Then Became an Op ● Senior Linux and Open Source Consultant @inuits.be ● „Infrastructure Architect“ ● Building Clouds since before the Cloud ● Surviving the 10th floor test ● Co-Author of some books ● Guest Editor at some sites
Today ● About SIPX ● About Puppet ● Deploying SipX ● ...
Introduction 2 Puppet
Not quite a Muppet... ● Puppet is... ● OSS ● A DSL language ● Written in Ruby ● Client/server oriented ● Contains abstraction layers ● Repeatable processes
Master of Puppets ● Puppet master • CA authority • Modules • Node descriptions • Compare, compile, apply ● Master is not a requirement !
Puppet Clients ● Puppet client nodes • Daemon • Cron jobs • External orchestration: • for i in $hosts; do ssh $i “puppetd --test”; done • mCollective, Func, …
Facts ● Facts # facter memoryfree => 387.21 MB memorysize => 492.75 MB swapfree => 481.00 MB swapsize => 481.00 MB domain => dev.inuits.be fqdn => node3.dev.inuits.be hostname => node3 interfaces => eth0 ipaddress => 172.16.142.141 macaddress => 00:0c:29:42:0b:8a netmask => 255.255.255.0
Modules ● Dedicated per service ● Reusable ● Called from the manifests ● Live in /etc/puppet/modules/
Module Structure ● Files ● Templates • Dynamic content • Variables <IfModule mpm_worker_module> StartServers <%= StartServers %> MaxClients <%= MaxClients %> MinSpareThreads <%= MinSpare %> MaxSpareThreads <%= MaxSpare %> ThreadsPerChild <%= ThreadsChild %> MaxRequestsPerChild <%= RequestsChild %> </IfModule> ● Manifests
Modules ● Files ● Templates ● Manifests • DSL • Classes • Elements
Node definitions ● Nodes.pp class defaults { $search = "inuits.be" $nameservers = ['208.67.220.220', '208.67.222.222'] include dns::resolv include ssh::keys include ssh::server } node "ns1.dev.inuits.be" { include defaults include dns::powerdns::server include dns::powerdns::resolver } node “web1.dev.inuits.be” { include defaults include apache2 include mysql }
Ralsh ● Simplifies writing manifests ● Will generate parts of the manifest for you ● Based on your running config ● Limited functionality master1.dev.inuits.be:~# ralsh user root user { 'root': uid => '0', gid => '0', comment => 'root', ensure => 'present', password => 'f34wi94$PmlI0CxQLb9HD', shell => '/bin/bash', home => '/root' } master1.dev.inuits.be:~# ralsh service apache2 service { 'apache2': ensure => 'running', enable => 'true' }
Puppetizing your Infra ● Define common parts ● Define unique parts ● Write your manifests ● Use modules • Puppet Forge • GitHub • Your own modules
SipXecs
What is sipXecs ? ● sipX ECS (Enterprise Communications Server) ● Open Source voice over IP telephony server ● Implementation of the Session Initiation Protocol (SIP) ● IP based communications system (IP PBX) ● Not unlike Asterisk ● Development started in 1999 ● GNU Lesser General Public License (LGPL) ● Commercial offering from eZuce Inc. ● Designed around FreeSWITCH ● Modular and highly scalable system
We don't know VOIP ● External VOIP consultancy • Hardware selection • Codecs etc • Scale out ● Irc.freenode.org #sipx ● s/don/didn/t ● Don't buy the book
Installing sipxecs ● Prebuilt ISO ● Kickstart ● Install scripts placed in .bashrc ● Ncurses based ● Lots of python scripts ● Heavy GUI usage
Why not Just ? ● Backup and Restore ? • CDR Integration etc ● Image ? ● Productization • Think 20-100 setups • For different customers • Different networks, different domains
So, that Python Script ? ● Configures your network ● Configures your dhcpd ● Configures your dns ● Configures your ntpd ● Configures your tftp ● Generates SSL stuff for you There's puppet modules for that !
SipXconfig ● Is enabled by writing “enabled” to /var/sipxdata/process-state/ConfigServer ● The configuration and management server (sipXconfig) provides Web administration and user portals, Web services APIs, as well as all the abstraction logic to make using sipXecs as simple as it is. It provides centralized management of all the aspects of sipXecs, including installation, configuration, backup & restore, upgrade, troubleshooting and cluster management. ● “Pushes” configs to other nodes ● Should be rewritten in Puppet or a like.
Configuring sipXecs ● A couple of files ● Some of them even obsoleted ● Putting the SSL stuff in the right location
Everything is a funky SSL problem ● Sipx generates keys at install time • Ca + keypairs per node ● 2nd node needs those keys ● Copy to puppetmaster and transfer back to other nodes ? ● Or generate on puppetmaster and redistribute ? => Generated on Puppetmaster
Adding a second node ● <> clustering ● <> high availability ( please don't start crying) ● Create an entry in the management interface ● Then repeat manual installation using ncurses ● Or just do a wget to register it with the primary
class voip::sipx { sipx::netconfig { "sipx": ipaddress => $ip_address, netmask => $netmask; } if $nodename == 'sipx-a' { sipx::configserver{ "sipx": } sipx::staticcertdbca{ "$hostname": } sipx::staticcertdbnodes{ "SIPX-A.${platformdomainextension}": clientname => "SIPX-A"; } sipx::staticcertdbnodes{ "SIPX-B.${platformdomainextension}": clientname => "SIPX-B"; } include sipx::runmaster } else { include sipx::runslave sipx::register{ "$nodename": clientname =>"${nodename}.${platformdomainextension}", password =>"yourpw",} } sipx::supervisor { "$hostname": sipx_supervisor => "sipx-a.$platformdomainextension"; } sipx::staticssl{ "$hostname": } }
More complexity Or regular puppet ordering ● Sipx requires PgSQL ● You want PgSQL on an isolated LV ● PgSQL configuration has to be done after it initialized a DB ● SipX insist on starting PgSQL for you
class voip::storage { file { "/var/lib/pgsql": ensure => directory; lvm::volume { "pgsql": vg => "systemvg", pv => "/dev/cciss/c0d0p2", fstype => "ext3", size => "20G", ensure => present, } mount { "/var/lib/pgsql": atboot => true, device => "/dev/systemvg/pgsql", ensure => mounted, fstype => "ext3", options => "defaults", require => [Logical_volume['pgsql'],File['/var/lib/pgsql']], } } class voip::pgsql { include postgres postgres::initdb { "sipx": } postgres::config{ "sipx": listen => "*", postgres::hba { "sipx": allowedrules => [ "host SIPXCDR all ${clientip}/32 trust", ], } }
include voip::storage include voip::pgsql include voip::sipx Class["voip::storage"] -> Class["voip::pgsql"] -> Class["voip::sipx"]
More complexity Or manipulating content of files ● Bug in SIPX writes wrong listen adress for Freeswitch ● XML Gibberish ● Sipxconfig generates parts of the config files from unknown sources
Augeas With Augtool augtool > set /augeas/load/Xml/incl[3] /tmp/blah.xml augtool > set /augeas/load/Xml/lens Xml.lns augtool > load augtool >print /files/tmp/blah.xml/profile/settings/param[17]/ /files/tmp/blah.xml/profile/settings/param[17] = "#empty" /files/tmp/blah.xml/profile/settings/param[17]/#attribute /files/tmp/blah.xml/profile/settings/param[17]/#attribute/name = "sip-ip" /files/tmp/blah.xml/profile/settings/param[17]/#attribute/value = "10.255.202.90" augtool> print /files/tmp/blah.xml/profile/settings/param[18]/ /files/tmp/blah.xml/profile/settings/param[18] = "#empty" /files/tmp/blah.xml/profile/settings/param[18]/#attribute /files/tmp/blah.xml/profile/settings/param[18]/#attribute/name = "ext-rtp-ip" /files/tmp/blah.xml/profile/settings/param[18]/#attribute/value = "auto-nat" augtool> print /files/tmp/blah.xml/profile/settings/param[16]/ /files/tmp/blah.xml/profile/settings/param[16] = "#empty" /files/tmp/blah.xml/profile/settings/param[16]/#attribute /files/tmp/blah.xml/profile/settings/param[16]/#attribute/name = "rtp-ip" /files/tmp/blah.xml/profile/settings/param[16]/#attribute/value = "10.255.202.90"
Augeas augtool> get /files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml/profile/settings/param[17]/#attribut e/value / files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml/profile/settings/param[17]/#attribute /value = 10.255.202.90 augtool> set /files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml/profile/settings/param[16]/#attribut e/value 10.0.0.2
Augeas & Puppet augeas{"sipxprofile" : changes => [ "set /augeas/load/Xml/incl[last()+1]/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml", "set /files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml/profile/settings/param[16]/#attribute/value 10.0.0.2", "set /files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml/profile/settings/param[17]/#attribute/value 10.0.0.2", ], } augeas{"sipxprofile" : lens => "Xml.lns", incl => "/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml", context => "/files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml", changes => [ "set profile/settings/param[16]/#attribute/value $ipaddress", "set profile/settings/param[17]/#attribute/value $ipaddress", ], onlyif => "get profile/settings/param[16]/#attribute/value != $ipaddress", }
Manual config of the services via the gui is still required :(
I want to ● Automatically create my admin pw ● Automatically add that second node ● Automatically disable/ enable functions in the sipX server • e.g conferencing, openfire ● Add users/phones ● There's an API ! ● Which only implements limited functionality , and no configuration
Screen scraping ? (03:28:30 PM) lazyboy: y, you just need a form processing library, one that can read a form values and allow you to post back your changes (03:30:04 PM) lazyboy: the problem w/this method as you know is that it is constantly breaking (03:30:41 PM) sdog: yep .. whan you change the gui .. it will break .... (03:30:45 PM) lazyboy: maybe we need a serverside abstraction layer, that does the screenscraping and exports out a clean REST API (03:31:13 PM) lazyboy: overtime, APIs go straight thru (03:36:18 PM) lazyboy: so it's possible some of what you want to do is available w/not a lot of screen scraping.
Abusing Test Frameworks to configure services on a webgui
Cucumber ● Looks extremely easy • “Hey our manager could write these test” ● Isn't • Heavily under documented • Best docs are in the RSpec book • Online examples are mostly broken ● Requires to write a lot of code
Apache Jmeter ● Test tool ● Load generation tool ● Lets you record session by using a proxy ● Only recent versions support SSL
Selenium ● Firefox plugin ● Replays your actions • No need to write code ● Can export to perl, php, ruby .. • Which requires the a Selenium Remote Control Server • Which launches Firefox ● SSL Fun ahead
Alternatives ● Sahi • Similar to selenium • Requires proxy ● www::mechanize ● Mechanize rubygem ● Webtest ● Your idea ?
I want an API
Conclusions ● No good solution yet :( ● Talk to your upstream supplier • Vendor / project ● Be patient ● Show the good example ● All bugs produced during this experience are on https://github.com/KrisBuytaert
Contact Kris Buytaert Kris.Buytaert@inuits.be Further Reading @krisbuytaert http://www.krisbuytaert.be/blog/ http://www.inuits.be/ Inuits Esquimaux 't Hemeltje Kheops Business Gemeentepark 2 Center 2930 Brasschaat Avenque Georges 891.514.231 Lemaître 54 6041 Gosselies +32 473 441 636 889.780.406

Recommended

Automating Complex Setups with Puppet
Automating Complex Setups with PuppetAutomating Complex Setups with Puppet
Automating Complex Setups with PuppetKris Buytaert
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOpsОмские ИТ-субботники
 
Varnish - PLNOG 4
Varnish - PLNOG 4Varnish - PLNOG 4
Varnish - PLNOG 4Leszek Urbanski
 
Ansible, best practices
Ansible, best practicesAnsible, best practices
Ansible, best practicesBas Meijer
 
Best practices for ansible
Best practices for ansibleBest practices for ansible
Best practices for ansibleGeorge Shuklin
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
Herd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration managementHerd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration managementFrederik Engelen
 
Installation Openstack Swift
Installation Openstack SwiftInstallation Openstack Swift
Installation Openstack Swiftymtech
 

Recommended

Automating Complex Setups with Puppet
Automating Complex Setups with PuppetAutomating Complex Setups with Puppet
Automating Complex Setups with PuppetKris Buytaert
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOpsОмские ИТ-субботники
 
Varnish - PLNOG 4
Varnish - PLNOG 4Varnish - PLNOG 4
Varnish - PLNOG 4Leszek Urbanski
 
Ansible, best practices
Ansible, best practicesAnsible, best practices
Ansible, best practicesBas Meijer
 
Best practices for ansible
Best practices for ansibleBest practices for ansible
Best practices for ansibleGeorge Shuklin
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
Herd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration managementHerd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration managementFrederik Engelen
 
Installation Openstack Swift
Installation Openstack SwiftInstallation Openstack Swift
Installation Openstack Swiftymtech
 
Learn basic ansible using docker
Learn basic ansible using dockerLearn basic ansible using docker
Learn basic ansible using dockerLarry Cai
 
Varnish http accelerator
Varnish http acceleratorVarnish http accelerator
Varnish http acceleratorno no
 
Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and ContainersRodolfo Carvalho
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe BookTim Riley
 
Kubernetes #4 volume &amp; stateful set
Kubernetes #4 volume &amp; stateful setKubernetes #4 volume &amp; stateful set
Kubernetes #4 volume &amp; stateful setTerry Cho
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with DockerGeeta Vinnakota
 
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerRunning High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerSematext Group, Inc.
 
MySQL NDB 8.0 clusters in your laptop with dbdeployer
MySQL NDB 8.0 clusters in your laptop with dbdeployerMySQL NDB 8.0 clusters in your laptop with dbdeployer
MySQL NDB 8.0 clusters in your laptop with dbdeployerGiuseppe Maxia
 
Ansible - Introduction
Ansible - IntroductionAnsible - Introduction
Ansible - IntroductionStephane Manciot
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx InternalsJoshua Zhu
 
Ansible not only for Dummies
Ansible not only for DummiesAnsible not only for Dummies
Ansible not only for DummiesŁukasz Proszek
 
Red hat lvm cheatsheet
Red hat lvm cheatsheetRed hat lvm cheatsheet
Red hat lvm cheatsheetPrakash Ghosh
 
Content Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusContent Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusKevin Jones
 
Ansible for beginners
Ansible for beginnersAnsible for beginners
Ansible for beginnersKuo-Le Mei
 
nginx: writing your first module
nginx: writing your first modulenginx: writing your first module
nginx: writing your first moduleredivy
 
Docker up and running
Docker up and runningDocker up and running
Docker up and runningVictor S. Recio
 
Node.js in production
Node.js in productionNode.js in production
Node.js in productionFelix Geisendörfer
 
Hadoop meet Rex(How to construct hadoop cluster with rex)
Hadoop meet Rex(How to construct hadoop cluster with rex)Hadoop meet Rex(How to construct hadoop cluster with rex)
Hadoop meet Rex(How to construct hadoop cluster with rex)Jun Hong Kim
 
Apache Traffic Server & Lua
Apache Traffic Server & LuaApache Traffic Server & Lua
Apache Traffic Server & LuaKit Chan
 
Infrastructure Deployment with Docker & Ansible
Infrastructure Deployment with Docker & AnsibleInfrastructure Deployment with Docker & Ansible
Infrastructure Deployment with Docker & AnsibleRobert Reiz
 
Beyond Puppet
Beyond PuppetBeyond Puppet
Beyond PuppetKris Buytaert
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Alex S
 

More Related Content

What's hot

Learn basic ansible using docker
Learn basic ansible using dockerLearn basic ansible using docker
Learn basic ansible using dockerLarry Cai
 
Varnish http accelerator
Varnish http acceleratorVarnish http accelerator
Varnish http acceleratorno no
 
Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and ContainersRodolfo Carvalho
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe BookTim Riley
 
Kubernetes #4 volume &amp; stateful set
Kubernetes #4 volume &amp; stateful setKubernetes #4 volume &amp; stateful set
Kubernetes #4 volume &amp; stateful setTerry Cho
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with DockerGeeta Vinnakota
 
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerRunning High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerSematext Group, Inc.
 
MySQL NDB 8.0 clusters in your laptop with dbdeployer
MySQL NDB 8.0 clusters in your laptop with dbdeployerMySQL NDB 8.0 clusters in your laptop with dbdeployer
MySQL NDB 8.0 clusters in your laptop with dbdeployerGiuseppe Maxia
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx InternalsJoshua Zhu
 
Ansible not only for Dummies
Ansible not only for DummiesAnsible not only for Dummies
Ansible not only for DummiesŁukasz Proszek
 
Red hat lvm cheatsheet
Red hat lvm cheatsheetRed hat lvm cheatsheet
Red hat lvm cheatsheetPrakash Ghosh
 
Content Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusContent Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusKevin Jones
 
Ansible for beginners
Ansible for beginnersAnsible for beginners
Ansible for beginnersKuo-Le Mei
 
nginx: writing your first module
nginx: writing your first modulenginx: writing your first module
nginx: writing your first moduleredivy
 
Hadoop meet Rex(How to construct hadoop cluster with rex)
Hadoop meet Rex(How to construct hadoop cluster with rex)Hadoop meet Rex(How to construct hadoop cluster with rex)
Hadoop meet Rex(How to construct hadoop cluster with rex)Jun Hong Kim
 
Apache Traffic Server & Lua
Apache Traffic Server & LuaApache Traffic Server & Lua
Apache Traffic Server & LuaKit Chan
 
Infrastructure Deployment with Docker & Ansible
Infrastructure Deployment with Docker & AnsibleInfrastructure Deployment with Docker & Ansible
Infrastructure Deployment with Docker & AnsibleRobert Reiz
 

What's hot (20)

Learn basic ansible using docker
Learn basic ansible using dockerLearn basic ansible using docker
Learn basic ansible using docker
 
Varnish http accelerator
Varnish http acceleratorVarnish http accelerator
Varnish http accelerator
 
Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and Containers
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe Book
 
Kubernetes #4 volume &amp; stateful set
Kubernetes #4 volume &amp; stateful setKubernetes #4 volume &amp; stateful set
Kubernetes #4 volume &amp; stateful set
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with Docker
 
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerRunning High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
 
MySQL NDB 8.0 clusters in your laptop with dbdeployer
MySQL NDB 8.0 clusters in your laptop with dbdeployerMySQL NDB 8.0 clusters in your laptop with dbdeployer
MySQL NDB 8.0 clusters in your laptop with dbdeployer
 
Ansible - Introduction
Ansible - IntroductionAnsible - Introduction
Ansible - Introduction
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx Internals
 
Ansible not only for Dummies
Ansible not only for DummiesAnsible not only for Dummies
Ansible not only for Dummies
 
Red hat lvm cheatsheet
Red hat lvm cheatsheetRed hat lvm cheatsheet
Red hat lvm cheatsheet
 
Content Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusContent Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX Plus
 
Ansible for beginners
Ansible for beginnersAnsible for beginners
Ansible for beginners
 
nginx: writing your first module
nginx: writing your first modulenginx: writing your first module
nginx: writing your first module
 
Docker up and running
Docker up and runningDocker up and running
Docker up and running
 
Node.js in production
Node.js in productionNode.js in production
Node.js in production
 
Hadoop meet Rex(How to construct hadoop cluster with rex)
Hadoop meet Rex(How to construct hadoop cluster with rex)Hadoop meet Rex(How to construct hadoop cluster with rex)
Hadoop meet Rex(How to construct hadoop cluster with rex)
 
Apache Traffic Server & Lua
Apache Traffic Server & LuaApache Traffic Server & Lua
Apache Traffic Server & Lua
 
Infrastructure Deployment with Docker & Ansible
Infrastructure Deployment with Docker & AnsibleInfrastructure Deployment with Docker & Ansible
Infrastructure Deployment with Docker & Ansible
 

Similar to Automating complex infrastructures with Puppet

Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Alex S
 
Postgres the hardway
Postgres the hardwayPostgres the hardway
Postgres the hardwayDave Pitts
 
Capistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient wayCapistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient waySylvain Rayé
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis OverviewLeo Lorieri
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014biicode
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Cosimo Streppone
 
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworknix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworkSander van der Burg
 
Practical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppPractical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppSmartLogic
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetOmar Reygaert
 
Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...
Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...
Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...Nagios
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINXKevin Jones
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Sean Dague
 
OSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey Lensen
OSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey LensenOSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey Lensen
OSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey LensenNETWAYS
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to AnsibleCédric Delgehier
 
Cutting through the fog of cloud
Cutting through the fog of cloudCutting through the fog of cloud
Cutting through the fog of cloudKyle Rames
 
Deploying Perl apps on dotCloud
Deploying Perl apps on dotCloudDeploying Perl apps on dotCloud
Deploying Perl apps on dotClouddaoswald
 
Developing with-devstack
Developing with-devstackDeveloping with-devstack
Developing with-devstackDeepak Garg
 

Similar to Automating complex infrastructures with Puppet (20)

Beyond Puppet
Beyond PuppetBeyond Puppet
Beyond Puppet
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015
 
Postgres the hardway
Postgres the hardwayPostgres the hardway
Postgres the hardway
 
Capistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient wayCapistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient way
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013
 
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworknix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
 
Practical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppPractical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails App
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
 
Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...
Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...
Nagios Conference 2014 - Rob Hassing - How To Maintain Over 20 Monitoring App...
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
 
Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015Minimal OpenStack LinuxCon NA 2015
Minimal OpenStack LinuxCon NA 2015
 
The Accidental DBA
The Accidental DBAThe Accidental DBA
The Accidental DBA
 
OSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey Lensen
OSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey LensenOSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey Lensen
OSMC 2011 | Case Study - Icinga at Hyves.nl by Jeffrey Lensen
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
 
Cutting through the fog of cloud
Cutting through the fog of cloudCutting through the fog of cloud
Cutting through the fog of cloud
 
Deploying Perl apps on dotCloud
Deploying Perl apps on dotCloudDeploying Perl apps on dotCloud
Deploying Perl apps on dotCloud
 
Developing with-devstack
Developing with-devstackDeveloping with-devstack
Developing with-devstack
 
Chef solo the beginning
Chef solo the beginning Chef solo the beginning
Chef solo the beginning
 

More from Kris Buytaert

Years of (not) learning , from devops to devoops
Years of (not) learning , from devops to devoopsYears of (not) learning , from devops to devoops
Years of (not) learning , from devops to devoopsKris Buytaert
 
Observability will not fix your Broken Monitoring ,Ignite
Observability will not fix your Broken Monitoring ,IgniteObservability will not fix your Broken Monitoring ,Ignite
Observability will not fix your Broken Monitoring ,IgniteKris Buytaert
 
Infrastructure as Code Patterns
Infrastructure as Code PatternsInfrastructure as Code Patterns
Infrastructure as Code PatternsKris Buytaert
 
From devoops to devops 13 years of (not) learning
From devoops to devops 13 years of (not) learningFrom devoops to devops 13 years of (not) learning
From devoops to devops 13 years of (not) learningKris Buytaert
 
Pipeline all the Dashboards as Code
Pipeline all the Dashboards as CodePipeline all the Dashboards as Code
Pipeline all the Dashboards as CodeKris Buytaert
 
Help , My Datacenter is on fire
Help , My Datacenter is on fireHelp , My Datacenter is on fire
Help , My Datacenter is on fireKris Buytaert
 
Devops is Dead, Long live Devops
Devops is Dead, Long live DevopsDevops is Dead, Long live Devops
Devops is Dead, Long live DevopsKris Buytaert
 
10 years of #devopsdays, but what have we really learned ?
10 years of #devopsdays, but what have we really learned ? 10 years of #devopsdays, but what have we really learned ?
10 years of #devopsdays, but what have we really learned ? Kris Buytaert
 
Continuous Infrastructure First
Continuous Infrastructure FirstContinuous Infrastructure First
Continuous Infrastructure FirstKris Buytaert
 
Is there a Future for devops ?
Is there a Future for devops ? Is there a Future for devops ?
Is there a Future for devops ? Kris Buytaert
 
10 Years of #devopsdays weirdness
10 Years of #devopsdays weirdness10 Years of #devopsdays weirdness
10 Years of #devopsdays weirdnessKris Buytaert
 
ADDO 2019: Looking back at over 10 years of Devops
ADDO 2019: Looking back at over 10 years of DevopsADDO 2019: Looking back at over 10 years of Devops
ADDO 2019: Looking back at over 10 years of DevopsKris Buytaert
 
Can we fix dev-oops ?
Can we fix dev-oops ?Can we fix dev-oops ?
Can we fix dev-oops ?Kris Buytaert
 
Continuous Infrastructure First Ignite Edition
Continuous Infrastructure First Ignite EditionContinuous Infrastructure First Ignite Edition
Continuous Infrastructure First Ignite EditionKris Buytaert
 
Continuous Infrastructure First
Continuous Infrastructure FirstContinuous Infrastructure First
Continuous Infrastructure FirstKris Buytaert
 
Open Source Monitoring in 2019
Open Source Monitoring in 2019 Open Source Monitoring in 2019
Open Source Monitoring in 2019 Kris Buytaert
 
Migrating to Puppet 5
Migrating to Puppet 5Migrating to Puppet 5
Migrating to Puppet 5Kris Buytaert
 
Repositories as Code
Repositories as CodeRepositories as Code
Repositories as CodeKris Buytaert
 
Devops is a Security Requirement
Devops is a Security RequirementDevops is a Security Requirement
Devops is a Security RequirementKris Buytaert
 

More from Kris Buytaert (20)

Years of (not) learning , from devops to devoops
Years of (not) learning , from devops to devoopsYears of (not) learning , from devops to devoops
Years of (not) learning , from devops to devoops
 
Observability will not fix your Broken Monitoring ,Ignite
Observability will not fix your Broken Monitoring ,IgniteObservability will not fix your Broken Monitoring ,Ignite
Observability will not fix your Broken Monitoring ,Ignite
 
Infrastructure as Code Patterns
Infrastructure as Code PatternsInfrastructure as Code Patterns
Infrastructure as Code Patterns
 
From devoops to devops 13 years of (not) learning
From devoops to devops 13 years of (not) learningFrom devoops to devops 13 years of (not) learning
From devoops to devops 13 years of (not) learning
 
Pipeline all the Dashboards as Code
Pipeline all the Dashboards as CodePipeline all the Dashboards as Code
Pipeline all the Dashboards as Code
 
Help , My Datacenter is on fire
Help , My Datacenter is on fireHelp , My Datacenter is on fire
Help , My Datacenter is on fire
 
GitOps , done Right
GitOps , done RightGitOps , done Right
GitOps , done Right
 
Devops is Dead, Long live Devops
Devops is Dead, Long live DevopsDevops is Dead, Long live Devops
Devops is Dead, Long live Devops
 
10 years of #devopsdays, but what have we really learned ?
10 years of #devopsdays, but what have we really learned ? 10 years of #devopsdays, but what have we really learned ?
10 years of #devopsdays, but what have we really learned ?
 
Continuous Infrastructure First
Continuous Infrastructure FirstContinuous Infrastructure First
Continuous Infrastructure First
 
Is there a Future for devops ?
Is there a Future for devops ? Is there a Future for devops ?
Is there a Future for devops ?
 
10 Years of #devopsdays weirdness
10 Years of #devopsdays weirdness10 Years of #devopsdays weirdness
10 Years of #devopsdays weirdness
 
ADDO 2019: Looking back at over 10 years of Devops
ADDO 2019: Looking back at over 10 years of DevopsADDO 2019: Looking back at over 10 years of Devops
ADDO 2019: Looking back at over 10 years of Devops
 
Can we fix dev-oops ?
Can we fix dev-oops ?Can we fix dev-oops ?
Can we fix dev-oops ?
 
Continuous Infrastructure First Ignite Edition
Continuous Infrastructure First Ignite EditionContinuous Infrastructure First Ignite Edition
Continuous Infrastructure First Ignite Edition
 
Continuous Infrastructure First
Continuous Infrastructure FirstContinuous Infrastructure First
Continuous Infrastructure First
 
Open Source Monitoring in 2019
Open Source Monitoring in 2019 Open Source Monitoring in 2019
Open Source Monitoring in 2019
 
Migrating to Puppet 5
Migrating to Puppet 5Migrating to Puppet 5
Migrating to Puppet 5
 
Repositories as Code
Repositories as CodeRepositories as Code
Repositories as Code
 
Devops is a Security Requirement
Devops is a Security RequirementDevops is a Security Requirement
Devops is a Security Requirement
 

Recently uploaded

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 

Automating complex infrastructures with Puppet

  • 1. Puppetizing Complex Applications with sipXecs as an example Kris Buytaert
  • 2. Kris Buytaert ● I used to be a Dev, Then Became an Op ● Senior Linux and Open Source Consultant @inuits.be ● „Infrastructure Architect“ ● Building Clouds since before the Cloud ● Surviving the 10th floor test ● Co-Author of some books ● Guest Editor at some sites
  • 3. Today ● About SIPX ● About Puppet ● Deploying SipX ● ...
  • 5. Not quite a Muppet... ● Puppet is... ● OSS ● A DSL language ● Written in Ruby ● Client/server oriented ● Contains abstraction layers ● Repeatable processes
  • 6. Master of Puppets ● Puppet master • CA authority • Modules • Node descriptions • Compare, compile, apply ● Master is not a requirement !
  • 7. Puppet Clients ● Puppet client nodes • Daemon • Cron jobs • External orchestration: • for i in $hosts; do ssh $i “puppetd --test”; done • mCollective, Func, …
  • 8. Facts ● Facts # facter memoryfree => 387.21 MB memorysize => 492.75 MB swapfree => 481.00 MB swapsize => 481.00 MB domain => dev.inuits.be fqdn => node3.dev.inuits.be hostname => node3 interfaces => eth0 ipaddress => 172.16.142.141 macaddress => 00:0c:29:42:0b:8a netmask => 255.255.255.0
  • 9. Modules ● Dedicated per service ● Reusable ● Called from the manifests ● Live in /etc/puppet/modules/
  • 10. Module Structure ● Files ● Templates • Dynamic content • Variables <IfModule mpm_worker_module> StartServers <%= StartServers %> MaxClients <%= MaxClients %> MinSpareThreads <%= MinSpare %> MaxSpareThreads <%= MaxSpare %> ThreadsPerChild <%= ThreadsChild %> MaxRequestsPerChild <%= RequestsChild %> </IfModule> ● Manifests
  • 11. Modules ● Files ● Templates ● Manifests • DSL • Classes • Elements
  • 12. Node definitions ● Nodes.pp class defaults { $search = "inuits.be" $nameservers = ['208.67.220.220', '208.67.222.222'] include dns::resolv include ssh::keys include ssh::server } node "ns1.dev.inuits.be" { include defaults include dns::powerdns::server include dns::powerdns::resolver } node “web1.dev.inuits.be” { include defaults include apache2 include mysql }
  • 13. Ralsh ● Simplifies writing manifests ● Will generate parts of the manifest for you ● Based on your running config ● Limited functionality master1.dev.inuits.be:~# ralsh user root user { 'root': uid => '0', gid => '0', comment => 'root', ensure => 'present', password => 'f34wi94$PmlI0CxQLb9HD', shell => '/bin/bash', home => '/root' } master1.dev.inuits.be:~# ralsh service apache2 service { 'apache2': ensure => 'running', enable => 'true' }
  • 14. Puppetizing your Infra ● Define common parts ● Define unique parts ● Write your manifests ● Use modules • Puppet Forge • GitHub • Your own modules
  • 16. What is sipXecs ? ● sipX ECS (Enterprise Communications Server) ● Open Source voice over IP telephony server ● Implementation of the Session Initiation Protocol (SIP) ● IP based communications system (IP PBX) ● Not unlike Asterisk ● Development started in 1999 ● GNU Lesser General Public License (LGPL) ● Commercial offering from eZuce Inc. ● Designed around FreeSWITCH ● Modular and highly scalable system
  • 17. We don't know VOIP ● External VOIP consultancy • Hardware selection • Codecs etc • Scale out ● Irc.freenode.org #sipx ● s/don/didn/t ● Don't buy the book
  • 18. Installing sipxecs ● Prebuilt ISO ● Kickstart ● Install scripts placed in .bashrc ● Ncurses based ● Lots of python scripts ● Heavy GUI usage
  • 19. Why not Just ? ● Backup and Restore ? • CDR Integration etc ● Image ? ● Productization • Think 20-100 setups • For different customers • Different networks, different domains
  • 20. So, that Python Script ? ● Configures your network ● Configures your dhcpd ● Configures your dns ● Configures your ntpd ● Configures your tftp ● Generates SSL stuff for you There's puppet modules for that !
  • 21. SipXconfig ● Is enabled by writing “enabled” to /var/sipxdata/process-state/ConfigServer ● The configuration and management server (sipXconfig) provides Web administration and user portals, Web services APIs, as well as all the abstraction logic to make using sipXecs as simple as it is. It provides centralized management of all the aspects of sipXecs, including installation, configuration, backup & restore, upgrade, troubleshooting and cluster management. ● “Pushes” configs to other nodes ● Should be rewritten in Puppet or a like.
  • 22. Configuring sipXecs ● A couple of files ● Some of them even obsoleted ● Putting the SSL stuff in the right location
  • 23. Everything is a funky SSL problem ● Sipx generates keys at install time • Ca + keypairs per node ● 2nd node needs those keys ● Copy to puppetmaster and transfer back to other nodes ? ● Or generate on puppetmaster and redistribute ? => Generated on Puppetmaster
  • 24. Adding a second node ● <> clustering ● <> high availability ( please don't start crying) ● Create an entry in the management interface ● Then repeat manual installation using ncurses ● Or just do a wget to register it with the primary
  • 25. class voip::sipx { sipx::netconfig { "sipx": ipaddress => $ip_address, netmask => $netmask; } if $nodename == 'sipx-a' { sipx::configserver{ "sipx": } sipx::staticcertdbca{ "$hostname": } sipx::staticcertdbnodes{ "SIPX-A.${platformdomainextension}": clientname => "SIPX-A"; } sipx::staticcertdbnodes{ "SIPX-B.${platformdomainextension}": clientname => "SIPX-B"; } include sipx::runmaster } else { include sipx::runslave sipx::register{ "$nodename": clientname =>"${nodename}.${platformdomainextension}", password =>"yourpw",} } sipx::supervisor { "$hostname": sipx_supervisor => "sipx-a.$platformdomainextension"; } sipx::staticssl{ "$hostname": } }
  • 26. More complexity Or regular puppet ordering ● Sipx requires PgSQL ● You want PgSQL on an isolated LV ● PgSQL configuration has to be done after it initialized a DB ● SipX insist on starting PgSQL for you
  • 27. class voip::storage { file { "/var/lib/pgsql": ensure => directory; lvm::volume { "pgsql": vg => "systemvg", pv => "/dev/cciss/c0d0p2", fstype => "ext3", size => "20G", ensure => present, } mount { "/var/lib/pgsql": atboot => true, device => "/dev/systemvg/pgsql", ensure => mounted, fstype => "ext3", options => "defaults", require => [Logical_volume['pgsql'],File['/var/lib/pgsql']], } } class voip::pgsql { include postgres postgres::initdb { "sipx": } postgres::config{ "sipx": listen => "*", postgres::hba { "sipx": allowedrules => [ "host SIPXCDR all ${clientip}/32 trust", ], } }
  • 28. include voip::storage include voip::pgsql include voip::sipx Class["voip::storage"] -> Class["voip::pgsql"] -> Class["voip::sipx"]
  • 29. More complexity Or manipulating content of files ● Bug in SIPX writes wrong listen adress for Freeswitch ● XML Gibberish ● Sipxconfig generates parts of the config files from unknown sources
  • 30. Augeas With Augtool augtool > set /augeas/load/Xml/incl[3] /tmp/blah.xml augtool > set /augeas/load/Xml/lens Xml.lns augtool > load augtool >print /files/tmp/blah.xml/profile/settings/param[17]/ /files/tmp/blah.xml/profile/settings/param[17] = "#empty" /files/tmp/blah.xml/profile/settings/param[17]/#attribute /files/tmp/blah.xml/profile/settings/param[17]/#attribute/name = "sip-ip" /files/tmp/blah.xml/profile/settings/param[17]/#attribute/value = "10.255.202.90" augtool> print /files/tmp/blah.xml/profile/settings/param[18]/ /files/tmp/blah.xml/profile/settings/param[18] = "#empty" /files/tmp/blah.xml/profile/settings/param[18]/#attribute /files/tmp/blah.xml/profile/settings/param[18]/#attribute/name = "ext-rtp-ip" /files/tmp/blah.xml/profile/settings/param[18]/#attribute/value = "auto-nat" augtool> print /files/tmp/blah.xml/profile/settings/param[16]/ /files/tmp/blah.xml/profile/settings/param[16] = "#empty" /files/tmp/blah.xml/profile/settings/param[16]/#attribute /files/tmp/blah.xml/profile/settings/param[16]/#attribute/name = "rtp-ip" /files/tmp/blah.xml/profile/settings/param[16]/#attribute/value = "10.255.202.90"
  • 32. Augeas & Puppet augeas{"sipxprofile" : changes => [ "set /augeas/load/Xml/incl[last()+1]/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml", "set /files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml/profile/settings/param[16]/#attribute/value 10.0.0.2", "set /files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml/profile/settings/param[17]/#attribute/value 10.0.0.2", ], } augeas{"sipxprofile" : lens => "Xml.lns", incl => "/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml", context => "/files/etc/sipxpbx/freeswitch/conf/sip_profiles/sipX_profile.xml", changes => [ "set profile/settings/param[16]/#attribute/value $ipaddress", "set profile/settings/param[17]/#attribute/value $ipaddress", ], onlyif => "get profile/settings/param[16]/#attribute/value != $ipaddress", }
  • 33. Manual config of the services via the gui is still required :(
  • 34. I want to ● Automatically create my admin pw ● Automatically add that second node ● Automatically disable/ enable functions in the sipX server • e.g conferencing, openfire ● Add users/phones ● There's an API ! ● Which only implements limited functionality , and no configuration
  • 35. Screen scraping ? (03:28:30 PM) lazyboy: y, you just need a form processing library, one that can read a form values and allow you to post back your changes (03:30:04 PM) lazyboy: the problem w/this method as you know is that it is constantly breaking (03:30:41 PM) sdog: yep .. whan you change the gui .. it will break .... (03:30:45 PM) lazyboy: maybe we need a serverside abstraction layer, that does the screenscraping and exports out a clean REST API (03:31:13 PM) lazyboy: overtime, APIs go straight thru (03:36:18 PM) lazyboy: so it's possible some of what you want to do is available w/not a lot of screen scraping.
  • 36. Abusing Test Frameworks to configure services on a webgui
  • 37. Cucumber ● Looks extremely easy • “Hey our manager could write these test” ● Isn't • Heavily under documented • Best docs are in the RSpec book • Online examples are mostly broken ● Requires to write a lot of code
  • 38. Apache Jmeter ● Test tool ● Load generation tool ● Lets you record session by using a proxy ● Only recent versions support SSL
  • 39. Selenium ● Firefox plugin ● Replays your actions • No need to write code ● Can export to perl, php, ruby .. • Which requires the a Selenium Remote Control Server • Which launches Firefox ● SSL Fun ahead
  • 40. Alternatives ● Sahi • Similar to selenium • Requires proxy ● www::mechanize ● Mechanize rubygem ● Webtest ● Your idea ?
  • 41. I want an API
  • 42. Conclusions ● No good solution yet :( ● Talk to your upstream supplier • Vendor / project ● Be patient ● Show the good example ● All bugs produced during this experience are on https://github.com/KrisBuytaert
  • 43. Contact Kris Buytaert Kris.Buytaert@inuits.be Further Reading @krisbuytaert http://www.krisbuytaert.be/blog/ http://www.inuits.be/ Inuits Esquimaux 't Hemeltje Kheops Business Gemeentepark 2 Center 2930 Brasschaat Avenque Georges 891.514.231 Lemaître 54 6041 Gosselies +32 473 441 636 889.780.406