SlideShare ist ein Scribd-Unternehmen logo

Integrating Puppet and Gitolite for sysadmins cooperations

Luca Mazzaferro
Luca Mazzaferro

In this slides is presented a light solution based on the integration between Puppet-Foreman and Gitolite to the problem: How to enable many sysadmins to work together on one work environment without interfering with each other?

Software
1 von 30
Cooperating sysadmins: it’s not an oxymoron. Integrating Puppet and Gitolite to make our lives easier. Luca Mazzaferro 04 December 2014
Outline ● About me... ● The Motivations ● The Ingredients ● Puppet-Gitolite integration ● Final considerations. ● Conclusions. ...in 20 minutes (approximately) 2
About me... Born 33 years ago here... Master Degree in Physics at “La Sapienza” PhD in Physics at “Tor Vergata” Rome: a place with many cultural interests, but I was still looking for other experiences... Why not München? 3
RZG Garching Computing support for many experiments and collaborations: Storage and Data archiving for Max Planck Scientists: ● up to 90PBytes ● 30K Tapes IBM Supercomputer Hydra (80k cores, total memory: 260 TByte; water cooling): ● Research on Nuclear Fusions and Plasma Physics ● High Energy Physics ● Material Science ● Simulations Applications support of high-performance-computing applications to Max-Planck Institutes: ● development ● optimization ● analysis ● visualization http://www.rzg.mpg.de/ 4 Many dedicated linux clusters
Ok, let’s start: Motivations 5
The problem 6
How to enable many sysadmins to work together on one centralize puppet master without interfering with each other? 7 The problem
The Ingredients 8
Puppet ● It’s an opensource multiplatform management tool based on Ruby (“Wikipedia”). ● It helps to manage an entire infrastructure throughout its lifecycle from the provisioning and configuration to orchestration and reporting (“PuppetLabs.com”) ● In few word it is like a good orchestra conductor 9
Quick overview about Puppet Puppet Code 3. Enforce the changes Install... Update... Configure... Restart... etc... 4. Reporting 2. Simulate them before deploying changes 1. Define your services/resources in reusable manifests eventually organized in modules 10 Dashboard Foreman Terminal
Foreman ● Foreman is an open source project that gives system administrators the power to easily automate repetitive tasks, quickly deploy applications, and proactively manage servers, on-premises or in the cloud. [http: //theforeman.org/] ● We use it on top of Puppet as ○ User and grants management ○ Monitor ○ Report collector ○ External Node Classifier (ENC) 11
Quick overview about Gitolite 12 “Gitolite allows you to setup git hosting on a central server, with fine-grained access control and many more powerful features”. [http://gitolite.com/gitolite/index.html] ● Easy to install: it’s a tarball working with few setup ● Security based on ssh-key exchange ● Easy manageable via a dedicated repository (no direct intervention on the server) ● Extensible with plugins and graphical interface ● Hooks and Triggers available to add customizations
Let’s cook Puppet-Gitolite integration 13
Putting things together ● Puppet: ○ deployment service ● Foreman: ○ puppet management service (stops admins interfering with each other) ● Gitolite: ○ enables admins to develop and share modules without interfering each other. ○ avoiding direct access to puppet server 14
Puppet - Gitolite integration /environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes 15
/environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes Puppet - Gitolite integration 16
/environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes Puppet - Gitolite integration 17
/environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes Puppet - Gitolite integration 18
Our Solution gitolite 19
Puppet User Management /environments / /modules /manifests Exp/App Storage CP Nodes Storage Foreman Interface as ENC: ● User management: ○ association environments <-> users ○ association environments <-> nodes ○ correlation with gitolite repositories ● Centralized management of puppet master, certificates, ● Monitoring 20
A bit deeper inside Gitolite gitweb Experiments.git Storage.git Compute Nodes.git Experiments /environments Storage Compute Nodes Repositories Experiments [applications] gitolite ● Access to repositories via git protocol ● Authorizations and Authentications based on ssh-keys ● Web interface (gitweb) for modules visualization 21
Some considerations about Gitolite Benefits: ● Allows several sysadmins to work on the same puppet master in a safe way ● Provide a revision control ● Web Interface (gitweb) for code viewing ● Allows simply code sharing 22
Final considerations 23
● Closed environments to avoid errors propagation but... ● ... still enabling code sharing between different sysadmins ● One only centralized service to maintain ● Revision controller ● Increase the safety ● Open Source ● Suggestions? ● Maybe: a bit tricky to install and configure the first time?! But Doable! ● Suggestions? 24
Next Steps ● continuous integration + continuous delivery: ○ Docker and/or Jenkins? ● Improve authorization and access in the gitolite web interface 25
Conclusions Enable many sysadmins to work together on one centralize puppet master without interfering with each other! ● Increase the safety: no direct interaction with P.M. ● Revision Control ● Just started but looks promising 26
Thanks for your attention Any question or suggestion? 27 luca.mazzaferro@rzg.mpg.de
Some Tech Details Very Light Weight Type: VM OS: SL6.6 cpu: 1 mem: 2G Docker Version: 1.3.1 Foreman Version: 1.6.1 Puppet Master: 3.7.3 /var/log /etc/foreman link /var/lib/puppet/ssl /etc/puppet/environments /etc/puppet/modules gitolite About our infrastructure Computing farm for physics experiments: ● Storage: 1.5 PBytes ● Computes Nodes: hundreds ● Many services for users Research Communities: ● up to 10 Owncloud internal service: ● just started Total sysadmins supported: ● three 22
Motivations What ONE sysadmin would like to have: ● Easy life: ○ easily deploy of new softwares or upgrades ○ fast and easy reconfigurations/restart of the services ○ possibly, one interface for different tools ○ OS independent ○ higher level of abstraction ○ automation 6
Motivations ...but what if MANY sysadmins are working on the same system? ● closed environments ● sharing of the code and configurations ● writing code?! Revision controller! ● centralized automation system 7

Empfohlen

Linux Containers & Docker
Linux Containers & DockerLinux Containers & Docker
Linux Containers & Docker
Jumping Bean
 
Using GIT for Everyone
Using GIT for EveryoneUsing GIT for Everyone
Using GIT for Everyone
GLC Networks
 
OpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph Galuschka
OpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph GaluschkaOpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph Galuschka
OpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph Galuschka
NETWAYS
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
Andrey Vagin
 
LAS16-211: Using LAVA V2 for advanced KVM testing
LAS16-211: Using LAVA V2 for advanced KVM testingLAS16-211: Using LAVA V2 for advanced KVM testing
LAS16-211: Using LAVA V2 for advanced KVM testing
Linaro
 
Debian packaging talk, Pysheff sept 2012
Debian packaging talk, Pysheff sept 2012Debian packaging talk, Pysheff sept 2012
Debian packaging talk, Pysheff sept 2012
takluyver
 
Publican
PublicanPublican
Publican
Stephen Gordon
 
Monitoring the Hashistack with Prometheus
Monitoring the Hashistack with PrometheusMonitoring the Hashistack with Prometheus
Monitoring the Hashistack with Prometheus
Grafana Labs
 

Empfohlen

Linux Containers & Docker
Linux Containers & DockerLinux Containers & Docker
Linux Containers & Docker
Jumping Bean
 
Using GIT for Everyone
Using GIT for EveryoneUsing GIT for Everyone
Using GIT for Everyone
GLC Networks
 
OpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph Galuschka
OpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph GaluschkaOpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph Galuschka
OpenNebula Conf 2014: CentOS, QA an OpenNebula - Christoph Galuschka
NETWAYS
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
Andrey Vagin
 
LAS16-211: Using LAVA V2 for advanced KVM testing
LAS16-211: Using LAVA V2 for advanced KVM testingLAS16-211: Using LAVA V2 for advanced KVM testing
LAS16-211: Using LAVA V2 for advanced KVM testing
Linaro
 
Debian packaging talk, Pysheff sept 2012
Debian packaging talk, Pysheff sept 2012Debian packaging talk, Pysheff sept 2012
Debian packaging talk, Pysheff sept 2012
takluyver
 
Publican
PublicanPublican
Publican
Stephen Gordon
 
Monitoring the Hashistack with Prometheus
Monitoring the Hashistack with PrometheusMonitoring the Hashistack with Prometheus
Monitoring the Hashistack with Prometheus
Grafana Labs
 
CfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
CfgMgmtCamp 2015 - Managing the Content Lifecycle with KatelloCfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
CfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
Stephen Benjamin
 
How to use miniedit
How to use minieditHow to use miniedit
How to use miniedit
Takuji IIMURA
 
Code review and automated testing for Puppet code
Code review and automated testing for Puppet codeCode review and automated testing for Puppet code
Code review and automated testing for Puppet code
wzzrd
 
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Anne Nicolas
 
VASCAN - Docker and Security
VASCAN - Docker and SecurityVASCAN - Docker and Security
VASCAN - Docker and Security
Michael Irwin
 
Matthew Mosesohn - Configuration Management at Large Companies
Matthew Mosesohn - Configuration Management at Large Companies Matthew Mosesohn - Configuration Management at Large Companies
Matthew Mosesohn - Configuration Management at Large Companies
Yandex
 
Docker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal MeetupDocker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal Meetup
Colin Surprenant
 
OpenStack Cinder On-Boarding Education - Boston Summit - 2017
OpenStack Cinder On-Boarding Education - Boston Summit - 2017OpenStack Cinder On-Boarding Education - Boston Summit - 2017
OpenStack Cinder On-Boarding Education - Boston Summit - 2017
Jay Bryant
 
OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017
Stacy Véronneau
 
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
Jay Bryant
 
NuGet (anti-)patterns - Tales from the Trenches
NuGet (anti-)patterns - Tales from the TrenchesNuGet (anti-)patterns - Tales from the Trenches
NuGet (anti-)patterns - Tales from the Trenches
Xavier Decoster
 
Orchestrating Linux Containers
Orchestrating Linux ContainersOrchestrating Linux Containers
Orchestrating Linux Containers
Bergamo Linux Users Group
 
Delivering a bleeding edge community-led openstack distribution: RDO
Delivering a bleeding edge community-led openstack distribution: RDO Delivering a bleeding edge community-led openstack distribution: RDO
Delivering a bleeding edge community-led openstack distribution: RDO
Chandan Kumar
 
Cinder On-boarding Room - Berlin (11-13-2018)
Cinder On-boarding Room - Berlin (11-13-2018)Cinder On-boarding Room - Berlin (11-13-2018)
Cinder On-boarding Room - Berlin (11-13-2018)
Jay Bryant
 
Performance Profiling Tools and Tricks
Performance Profiling Tools and TricksPerformance Profiling Tools and Tricks
Performance Profiling Tools and Tricks
Phase2
 
OpenNebula 5.4 Hands-on Tutorial
OpenNebula 5.4 Hands-on TutorialOpenNebula 5.4 Hands-on Tutorial
OpenNebula 5.4 Hands-on Tutorial
OpenNebula Project
 
OVN DBs HA with scale test
OVN DBs HA with scale testOVN DBs HA with scale test
OVN DBs HA with scale test
Aliasgar Ginwala
 
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Red Hat Developers
 
OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017
Stacy Véronneau
 
OpenDaylight go
OpenDaylight goOpenDaylight go
OpenDaylight go
YoungChoonTae
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Stanislav Pogrebnyak
 
Rejekts 24 EU No GitOps Pain, No Platform Gain
Rejekts 24 EU No GitOps Pain, No Platform GainRejekts 24 EU No GitOps Pain, No Platform Gain
Rejekts 24 EU No GitOps Pain, No Platform Gain
Łukasz Piątkowski
 

Weitere ähnliche Inhalte

Was ist angesagt?

Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Anne Nicolas
 
NuGet (anti-)patterns - Tales from the Trenches
NuGet (anti-)patterns - Tales from the TrenchesNuGet (anti-)patterns - Tales from the Trenches
NuGet (anti-)patterns - Tales from the Trenches
Xavier Decoster
 

Was ist angesagt? (20)

CfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
CfgMgmtCamp 2015 - Managing the Content Lifecycle with KatelloCfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
CfgMgmtCamp 2015 - Managing the Content Lifecycle with Katello
 
How to use miniedit
How to use minieditHow to use miniedit
How to use miniedit
 
Code review and automated testing for Puppet code
Code review and automated testing for Puppet codeCode review and automated testing for Puppet code
Code review and automated testing for Puppet code
 
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
Embedded recipes 2018 - End-to-end software production for embedded - Guy Lun...
 
VASCAN - Docker and Security
VASCAN - Docker and SecurityVASCAN - Docker and Security
VASCAN - Docker and Security
 
Matthew Mosesohn - Configuration Management at Large Companies
Matthew Mosesohn - Configuration Management at Large Companies Matthew Mosesohn - Configuration Management at Large Companies
Matthew Mosesohn - Configuration Management at Large Companies
 
Docker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal MeetupDocker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal Meetup
 
OpenStack Cinder On-Boarding Education - Boston Summit - 2017
OpenStack Cinder On-Boarding Education - Boston Summit - 2017OpenStack Cinder On-Boarding Education - Boston Summit - 2017
OpenStack Cinder On-Boarding Education - Boston Summit - 2017
 
OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017OpenStack Ottawa Q2 MeetUp - May 31st 2017
OpenStack Ottawa Q2 MeetUp - May 31st 2017
 
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
 
NuGet (anti-)patterns - Tales from the Trenches
NuGet (anti-)patterns - Tales from the TrenchesNuGet (anti-)patterns - Tales from the Trenches
NuGet (anti-)patterns - Tales from the Trenches
 
Orchestrating Linux Containers
Orchestrating Linux ContainersOrchestrating Linux Containers
Orchestrating Linux Containers
 
Delivering a bleeding edge community-led openstack distribution: RDO
Delivering a bleeding edge community-led openstack distribution: RDO Delivering a bleeding edge community-led openstack distribution: RDO
Delivering a bleeding edge community-led openstack distribution: RDO
 
Cinder On-boarding Room - Berlin (11-13-2018)
Cinder On-boarding Room - Berlin (11-13-2018)Cinder On-boarding Room - Berlin (11-13-2018)
Cinder On-boarding Room - Berlin (11-13-2018)
 
Performance Profiling Tools and Tricks
Performance Profiling Tools and TricksPerformance Profiling Tools and Tricks
Performance Profiling Tools and Tricks
 
OpenNebula 5.4 Hands-on Tutorial
OpenNebula 5.4 Hands-on TutorialOpenNebula 5.4 Hands-on Tutorial
OpenNebula 5.4 Hands-on Tutorial
 
OVN DBs HA with scale test
OVN DBs HA with scale testOVN DBs HA with scale test
OVN DBs HA with scale test
 
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
 
OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017OpenStack Toronto Q2 MeetUp - June 1st 2017
OpenStack Toronto Q2 MeetUp - June 1st 2017
 
OpenDaylight go
OpenDaylight goOpenDaylight go
OpenDaylight go
 

Ähnlich wie Integrating Puppet and Gitolite for sysadmins cooperations

Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
Weaveworks
 
Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...
Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...
Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...
Sauce Labs
 
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsDevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
Ambassador Labs
 
Implementing Observability for Kubernetes.pdf
Implementing Observability for Kubernetes.pdfImplementing Observability for Kubernetes.pdf
Implementing Observability for Kubernetes.pdf
Jose Manuel Ortega Candel
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, PuppetPuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
Puppet
 
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlueWhat’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
ShapeBlue
 

Ähnlich wie Integrating Puppet and Gitolite for sysadmins cooperations (20)

Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Rejekts 24 EU No GitOps Pain, No Platform Gain
Rejekts 24 EU No GitOps Pain, No Platform GainRejekts 24 EU No GitOps Pain, No Platform Gain
Rejekts 24 EU No GitOps Pain, No Platform Gain
 
Using Docker Platform to Provide Services
Using Docker Platform to Provide ServicesUsing Docker Platform to Provide Services
Using Docker Platform to Provide Services
 
Docker Monitoring Webinar
Docker Monitoring WebinarDocker Monitoring Webinar
Docker Monitoring Webinar
 
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
 
OpenTelemetry For Architects
OpenTelemetry For ArchitectsOpenTelemetry For Architects
OpenTelemetry For Architects
 
Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...
Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...
Slow, Flaky and Legacy Tests: FTFY - Our New Testing Strategy at Net-A-Porter...
 
SCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scalingSCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scaling
 
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsDevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
 
Implementing Observability for Kubernetes.pdf
Implementing Observability for Kubernetes.pdfImplementing Observability for Kubernetes.pdf
Implementing Observability for Kubernetes.pdf
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
 
John Spray - Ceph in Kubernetes
John Spray - Ceph in KubernetesJohn Spray - Ceph in Kubernetes
John Spray - Ceph in Kubernetes
 
OpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylightOpenStack Integration with OpenContrail and OpenDaylight
OpenStack Integration with OpenContrail and OpenDaylight
 
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, PuppetPuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik Hotspot
 
MTCNA Intro to routerOS
MTCNA Intro to routerOSMTCNA Intro to routerOS
MTCNA Intro to routerOS
 
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlueWhat’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
 
HiPEAC 2019 Tutorial - Maestro RTOS
HiPEAC 2019 Tutorial - Maestro RTOSHiPEAC 2019 Tutorial - Maestro RTOS
HiPEAC 2019 Tutorial - Maestro RTOS
 
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
 

Kürzlich hochgeladen

Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
masabamasaba
 

Kürzlich hochgeladen (20)

%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Boksburg [(+27832195400*)] 🏥 Women's Abortion Clinic in ...
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - Kanchana
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 

Integrating Puppet and Gitolite for sysadmins cooperations

  • 1. Cooperating sysadmins: it’s not an oxymoron. Integrating Puppet and Gitolite to make our lives easier. Luca Mazzaferro 04 December 2014
  • 2. Outline ● About me... ● The Motivations ● The Ingredients ● Puppet-Gitolite integration ● Final considerations. ● Conclusions. ...in 20 minutes (approximately) 2
  • 3. About me... Born 33 years ago here... Master Degree in Physics at “La Sapienza” PhD in Physics at “Tor Vergata” Rome: a place with many cultural interests, but I was still looking for other experiences... Why not München? 3
  • 4. RZG Garching Computing support for many experiments and collaborations: Storage and Data archiving for Max Planck Scientists: ● up to 90PBytes ● 30K Tapes IBM Supercomputer Hydra (80k cores, total memory: 260 TByte; water cooling): ● Research on Nuclear Fusions and Plasma Physics ● High Energy Physics ● Material Science ● Simulations Applications support of high-performance-computing applications to Max-Planck Institutes: ● development ● optimization ● analysis ● visualization http://www.rzg.mpg.de/ 4 Many dedicated linux clusters
  • 5. Ok, let’s start: Motivations 5
  • 7. How to enable many sysadmins to work together on one centralize puppet master without interfering with each other? 7 The problem
  • 9. Puppet ● It’s an opensource multiplatform management tool based on Ruby (“Wikipedia”). ● It helps to manage an entire infrastructure throughout its lifecycle from the provisioning and configuration to orchestration and reporting (“PuppetLabs.com”) ● In few word it is like a good orchestra conductor 9
  • 10. Quick overview about Puppet Puppet Code 3. Enforce the changes Install... Update... Configure... Restart... etc... 4. Reporting 2. Simulate them before deploying changes 1. Define your services/resources in reusable manifests eventually organized in modules 10 Dashboard Foreman Terminal
  • 11. Foreman ● Foreman is an open source project that gives system administrators the power to easily automate repetitive tasks, quickly deploy applications, and proactively manage servers, on-premises or in the cloud. [http: //theforeman.org/] ● We use it on top of Puppet as ○ User and grants management ○ Monitor ○ Report collector ○ External Node Classifier (ENC) 11
  • 12. Quick overview about Gitolite 12 “Gitolite allows you to setup git hosting on a central server, with fine-grained access control and many more powerful features”. [http://gitolite.com/gitolite/index.html] ● Easy to install: it’s a tarball working with few setup ● Security based on ssh-key exchange ● Easy manageable via a dedicated repository (no direct intervention on the server) ● Extensible with plugins and graphical interface ● Hooks and Triggers available to add customizations
  • 14. Putting things together ● Puppet: ○ deployment service ● Foreman: ○ puppet management service (stops admins interfering with each other) ● Gitolite: ○ enables admins to develop and share modules without interfering each other. ○ avoiding direct access to puppet server 14
  • 15. Puppet - Gitolite integration /environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes 15
  • 16. /environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes Puppet - Gitolite integration 16
  • 17. /environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes Puppet - Gitolite integration 17
  • 18. /environments / /modules gitolite /manifests Experiments [applications] Storage Compute Nodes Exp/App Storage CP Nodes Puppet - Gitolite integration 18
  • 20. Puppet User Management /environments / /modules /manifests Exp/App Storage CP Nodes Storage Foreman Interface as ENC: ● User management: ○ association environments <-> users ○ association environments <-> nodes ○ correlation with gitolite repositories ● Centralized management of puppet master, certificates, ● Monitoring 20
  • 21. A bit deeper inside Gitolite gitweb Experiments.git Storage.git Compute Nodes.git Experiments /environments Storage Compute Nodes Repositories Experiments [applications] gitolite ● Access to repositories via git protocol ● Authorizations and Authentications based on ssh-keys ● Web interface (gitweb) for modules visualization 21
  • 22. Some considerations about Gitolite Benefits: ● Allows several sysadmins to work on the same puppet master in a safe way ● Provide a revision control ● Web Interface (gitweb) for code viewing ● Allows simply code sharing 22
  • 24. ● Closed environments to avoid errors propagation but... ● ... still enabling code sharing between different sysadmins ● One only centralized service to maintain ● Revision controller ● Increase the safety ● Open Source ● Suggestions? ● Maybe: a bit tricky to install and configure the first time?! But Doable! ● Suggestions? 24
  • 25. Next Steps ● continuous integration + continuous delivery: ○ Docker and/or Jenkins? ● Improve authorization and access in the gitolite web interface 25
  • 26. Conclusions Enable many sysadmins to work together on one centralize puppet master without interfering with each other! ● Increase the safety: no direct interaction with P.M. ● Revision Control ● Just started but looks promising 26
  • 27. Thanks for your attention Any question or suggestion? 27 luca.mazzaferro@rzg.mpg.de
  • 28. Some Tech Details Very Light Weight Type: VM OS: SL6.6 cpu: 1 mem: 2G Docker Version: 1.3.1 Foreman Version: 1.6.1 Puppet Master: 3.7.3 /var/log /etc/foreman link /var/lib/puppet/ssl /etc/puppet/environments /etc/puppet/modules gitolite About our infrastructure Computing farm for physics experiments: ● Storage: 1.5 PBytes ● Computes Nodes: hundreds ● Many services for users Research Communities: ● up to 10 Owncloud internal service: ● just started Total sysadmins supported: ● three 22
  • 29. Motivations What ONE sysadmin would like to have: ● Easy life: ○ easily deploy of new softwares or upgrades ○ fast and easy reconfigurations/restart of the services ○ possibly, one interface for different tools ○ OS independent ○ higher level of abstraction ○ automation 6
  • 30. Motivations ...but what if MANY sysadmins are working on the same system? ● closed environments ● sharing of the code and configurations ● writing code?! Revision controller! ● centralized automation system 7