SlideShare ist ein Scribd-Unternehmen logo
1 von 41
Downloaden Sie, um offline zu lesen
Puppet Camp
 April 9th 2013
What’s in a name?

Andrew Fong and Gary Josack
     fong@dropbox.com
     gary@dropbox.com
About Dropbox

•  Thousands of instances/servers
•  Mostly Python Stack
•  EC2 and Large Self Datacenters
•  Over a billion file syncs per day
•  Thousands of MySQL Shards
•  4 SREs and 1 DBA
A story of a startup...




 Hostapuppet.com
Chapter One


•  1 or 2 teams

•  Couple of hosts

•  Webserver and a database

•  Maybe one ops guy
What Ops People Like


•  Simplicity

•  Repeatability

•  Assurances that things remain consistent

•  Puppet / Configuration management
Config Management

node 'www1.example.com' {
    include common
    include apache
    include squid
  }
node 'db1.example.com' {
    include common
    include mysql
  }
My First Puppet Config

Node ‘mickey.hostapuppet.com’ {
      include common
      include webserver
      include sudoers
}
Node ‘donald.hostapuppet.com’{
      include common
      include db
      include sudoers
}
Sudoers Module

…
file { "/etc/sudoers":
           owner => root,
           group => root,
           mode => "440",
           source => "puppet:///modules/sudo/sudoers",
  }
…
Sudoers File itself

Host_Alias DONALD=donald.hostapuppet.com
Host_Alias MICKEY=mickey.hostapuppet.com


db_guy DONALD=(all) NOPASSWD: ALL
ops_guy MICKEY=(all) NOPASSWD: ALL
Chapter Two: A growing service

•  A few teams
•  2 or 3 services
•  multiple types of hosts
  –  Web
  –  API
  –  DB
Hostnames


•  sjc-web[1-N]

•  sjc-db[1-N]

•  sjc-api[1-N]
Host Regex

$hosttype = inline_template('<%=
hostname.sub(/w+-([a-z]+)d*/){$1} %>’)
Hosttypes
   $hosttype = inline_template('<%= hostname.sub(/w+-([a-z]+)d*/){$1} %>’)



if $hosttype == ‘web’ {                  if $hosttype == ‘api’ {
        include sudoers                           include sudoers
        include web                               include api
                                         }
}

If $hosttype == ‘db’ {
        include sudoers
        include db
}
Back to sudoers

…
file { "/etc/sudoers":
           owner => root,
           group => root,
           mode => "440",
           source => "puppet:///modules/sudo/sudoers",
  }
…
Sudoers File itself

Host_Alias      WEB=sjc-web*
Host_Alias      DB=sjc-db*
Host_Alias      API=sjc-api*


database_guy DB=(all) NOPASSWD: ALL
ops_guy WEB=(all) NOPASSWD: ALL
api_team API=(all) NOPASSWD: ALL
Hypergrowth
           Users (millions)
120

100

 80

 60

 40

 20

  0
      0      2                  3   5
             Users (millions)
Chapter 3: An Expanding
            Infrastructure

•  Lots of new hires!

•  A bunch more developers

•  Some PMs

•  Some Designers
All Kinds Of Problems…

•  Boxes of same hardware class running
 different services

•  Boxes serving more than one role
 (remember sudoers?)

•  Deploying or moving hosts quickly
Renaming a host

•  Update dns

•  Update dhcpd.conf

•  Push both

•  Update puppet configs

•  Update code
OMG I JUST RENAME HOSTS!
Sudoers File From Chapter Two…

Host_Alias   WEB= sjc-web*
Host_Alias   API=sjc-api*
Host_Alias   DB=sjc-db*

database_guy DB=(all) NOPASSWD: ALL
ops_guy WEB=(all) NOPASSWD: ALL
api_team API(all) NOPASSWD: ALL
Sudoers File in Chapter 3

Host_Alias   WEB= sjc-web*
Host_Alias   API=sjc-api*,sjc-web550,sjc-
web551,sjc-web552,sjc-web553
Host_Alias   DB=sjc-db*

database_guy DB=(all) NOPASSWD: ALL
ops_guy WEB=(all) NOPASSWD: ALL
api_team API(all) NOPASSWD: ALL
Dropbox

•  We did all that.

•  We’re still paying the taxes for doing
  that.

•  But there is a light at the end of the
  tunnel…
ABSTRACT THE
    SERVICE
FROM THE HOST!
So what does that mean?


• Make hosts role agnostic


• Do not require invasive changes


• Simple interfaces
Making hosts role agnostic


• Positional


• Serial Numbers


• Anything that doesn't change
The Dropbox Plan

• Positional names

• Custom Machine Database

• External Node Classifier

• Transitioning Puppet configs

• Naming service(s) for convenient names
Service/Machine Management
             Database
• Universal Source of Truth

• Manage roles / attributes

• Generated configs
  - Gmond,   Nagios, etc
What exactly is the ENC

• External Node Classifier

• Inject variables (and other) from external
process

• YAML Output
Part 2: External Node Encoders
Sudoers++

• Move from monolithic to modular
• Includes! (Weird caveats)
• Just use ALL for Host_Lists
Sudoers at Dropbox
Part 3: Helper Functions
Sudoers with tags
Sudoers with tags
Provisioning

• Preload MDB, DNS, DHCPD, etc.
  - Set   it and forget it

• Have spares ready for any roles

• Assigning a role is one command

• No more renames!
Dynamic Naming w/ PowerDNS
Dynamic Naming w/ PowerDNS
Zookeeper

• ZKNS included with the Vitess project
• ZK is in use at various different companies
(YouTube, Twitter, AirBnB)
Q&A

 FAQ #1: Are you hiring?
λ 

   - Yes! Come talk to us. :)

Weitere ähnliche Inhalte

Was ist angesagt?

Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to AnsibleKnoldus Inc.
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Alex S
 
Ansible Introduction - Ansible Brno #1 - David Karban
Ansible Introduction - Ansible Brno #1 - David KarbanAnsible Introduction - Ansible Brno #1 - David Karban
Ansible Introduction - Ansible Brno #1 - David Karbanansiblebrno
 
Building Windows Images with Packer
Building Windows Images with PackerBuilding Windows Images with Packer
Building Windows Images with PackerMatt Wrock
 
[2D1]Elasticsearch 성능 최적화
[2D1]Elasticsearch 성능 최적화[2D1]Elasticsearch 성능 최적화
[2D1]Elasticsearch 성능 최적화NAVER D2
 
docker build with Ansible
docker build with Ansibledocker build with Ansible
docker build with AnsibleBas Meijer
 
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017Jumping Bean
 
Debugging and Testing ES Systems
Debugging and Testing ES SystemsDebugging and Testing ES Systems
Debugging and Testing ES SystemsChris Birchall
 
Introduction to JCR and Apache Jackrabbi
Introduction to JCR and Apache JackrabbiIntroduction to JCR and Apache Jackrabbi
Introduction to JCR and Apache JackrabbiJukka Zitting
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabricandymccurdy
 
Learning Puppet basic thing
Learning Puppet basic thing Learning Puppet basic thing
Learning Puppet basic thing DaeHyung Lee
 
Docker & CoreOS at Utah Gophers
Docker & CoreOS at Utah GophersDocker & CoreOS at Utah Gophers
Docker & CoreOS at Utah GophersJosh Braegger
 
Ansible on aws - Pop-up Loft Tel Aviv
Ansible on aws - Pop-up Loft Tel AvivAnsible on aws - Pop-up Loft Tel Aviv
Ansible on aws - Pop-up Loft Tel AvivAmazon Web Services
 
PDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoPDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoHannes Hapke
 

Was ist angesagt? (20)

Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
Node.js - A Quick Tour II
Node.js - A Quick Tour IINode.js - A Quick Tour II
Node.js - A Quick Tour II
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015
 
Ansible Introduction - Ansible Brno #1 - David Karban
Ansible Introduction - Ansible Brno #1 - David KarbanAnsible Introduction - Ansible Brno #1 - David Karban
Ansible Introduction - Ansible Brno #1 - David Karban
 
Building Windows Images with Packer
Building Windows Images with PackerBuilding Windows Images with Packer
Building Windows Images with Packer
 
Mysqlnd uh
Mysqlnd uhMysqlnd uh
Mysqlnd uh
 
[2D1]Elasticsearch 성능 최적화
[2D1]Elasticsearch 성능 최적화[2D1]Elasticsearch 성능 최적화
[2D1]Elasticsearch 성능 최적화
 
Docker up and running
Docker up and runningDocker up and running
Docker up and running
 
docker build with Ansible
docker build with Ansibledocker build with Ansible
docker build with Ansible
 
Chef
ChefChef
Chef
 
Ansible
AnsibleAnsible
Ansible
 
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
 
Debugging and Testing ES Systems
Debugging and Testing ES SystemsDebugging and Testing ES Systems
Debugging and Testing ES Systems
 
Introduction to JCR and Apache Jackrabbi
Introduction to JCR and Apache JackrabbiIntroduction to JCR and Apache Jackrabbi
Introduction to JCR and Apache Jackrabbi
 
Ansible 101
Ansible 101Ansible 101
Ansible 101
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabric
 
Learning Puppet basic thing
Learning Puppet basic thing Learning Puppet basic thing
Learning Puppet basic thing
 
Docker & CoreOS at Utah Gophers
Docker & CoreOS at Utah GophersDocker & CoreOS at Utah Gophers
Docker & CoreOS at Utah Gophers
 
Ansible on aws - Pop-up Loft Tel Aviv
Ansible on aws - Pop-up Loft Tel AvivAnsible on aws - Pop-up Loft Tel Aviv
Ansible on aws - Pop-up Loft Tel Aviv
 
PDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoPDXPortland - Dockerize Django
PDXPortland - Dockerize Django
 

Andere mochten auch

Inline Template Puppet Type
Inline Template Puppet TypeInline Template Puppet Type
Inline Template Puppet TypeLyndon Swan
 
PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...
PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...
PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...Puppet
 
Puppet and AWS: Getting the best of both worlds
Puppet and AWS: Getting the best of both worldsPuppet and AWS: Getting the best of both worlds
Puppet and AWS: Getting the best of both worldsPuppet
 
PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.
PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.
PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.Puppet
 
PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...
PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...
PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...Puppet
 
PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...
PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...
PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...Puppet
 
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble Systems
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble SystemsPuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble Systems
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble SystemsPuppet
 
PuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar
PuppetConf. 2016: External Data in Puppet 4 – R.I. PienaarPuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar
PuppetConf. 2016: External Data in Puppet 4 – R.I. PienaarPuppet
 
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...Puppet
 
PuppetConf track overview: Modern Infrastructure
PuppetConf track overview: Modern InfrastructurePuppetConf track overview: Modern Infrastructure
PuppetConf track overview: Modern InfrastructurePuppet
 
PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...
PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...
PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...Puppet
 
PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...
PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...
PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...Puppet
 
PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...
PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...
PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...Puppet
 
PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations
PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water OperationsPuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations
PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water OperationsPuppet
 
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, PuppetPuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, PuppetPuppet
 
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...Puppet
 

Andere mochten auch (16)

Inline Template Puppet Type
Inline Template Puppet TypeInline Template Puppet Type
Inline Template Puppet Type
 
PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...
PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...
PuppetConf 2016: DevOps Where You Wouldn't Have Expected – Thomas Limoncelli,...
 
Puppet and AWS: Getting the best of both worlds
Puppet and AWS: Getting the best of both worldsPuppet and AWS: Getting the best of both worlds
Puppet and AWS: Getting the best of both worlds
 
PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.
PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.
PuppetConf 2016: Multi-Tenant Puppet at Scale – John Jawed, eBay, Inc.
 
PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...
PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...
PuppetConf 2016: Scaling Puppet on AWS ECS with Terraform and Docker – Maxime...
 
PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...
PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...
PuppetConf 2016: Running Puppet Software in Docker Containers – Gareth Rushgr...
 
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble Systems
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble SystemsPuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble Systems
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble Systems
 
PuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar
PuppetConf. 2016: External Data in Puppet 4 – R.I. PienaarPuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar
PuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar
 
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
 
PuppetConf track overview: Modern Infrastructure
PuppetConf track overview: Modern InfrastructurePuppetConf track overview: Modern Infrastructure
PuppetConf track overview: Modern Infrastructure
 
PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...
PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...
PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...
 
PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...
PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...
PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...
 
PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...
PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...
PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management a...
 
PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations
PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water OperationsPuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations
PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations
 
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, PuppetPuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
 
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...
 

Ähnlich wie Functional Hostnames and Why they are Bad

Automating Complex Setups with Puppet
Automating Complex Setups with PuppetAutomating Complex Setups with Puppet
Automating Complex Setups with PuppetKris Buytaert
 
Deploying to Ubuntu on Linode
Deploying to Ubuntu on LinodeDeploying to Ubuntu on Linode
Deploying to Ubuntu on LinodeWO Community
 
Automating complex infrastructures with Puppet
Automating complex infrastructures with PuppetAutomating complex infrastructures with Puppet
Automating complex infrastructures with PuppetKris Buytaert
 
20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasaggarrett honeycutt
 
Introduction to NodeJS with LOLCats
Introduction to NodeJS with LOLCatsIntroduction to NodeJS with LOLCats
Introduction to NodeJS with LOLCatsDerek Anderson
 
Puppet and Apache CloudStack
Puppet and Apache CloudStackPuppet and Apache CloudStack
Puppet and Apache CloudStackPuppet
 
Infrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStackInfrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStackke4qqq
 
Herd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration managementHerd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration managementFrederik Engelen
 
Managing Infrastructure as Code
Managing Infrastructure as CodeManaging Infrastructure as Code
Managing Infrastructure as CodeAllan Shone
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of AnsibleDevOps Ltd.
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpresoke4qqq
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Cosimo Streppone
 
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Codemotion
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014Miguel Zuniga
 
Puppet and CloudStack
Puppet and CloudStackPuppet and CloudStack
Puppet and CloudStackke4qqq
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to AnsibleMichael Bahr
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnwgarrett honeycutt
 
Environment for training models
Environment for training modelsEnvironment for training models
Environment for training modelsFlyElephant
 

Ähnlich wie Functional Hostnames and Why they are Bad (20)

Automating Complex Setups with Puppet
Automating Complex Setups with PuppetAutomating Complex Setups with Puppet
Automating Complex Setups with Puppet
 
Deploying to Ubuntu on Linode
Deploying to Ubuntu on LinodeDeploying to Ubuntu on Linode
Deploying to Ubuntu on Linode
 
Automating complex infrastructures with Puppet
Automating complex infrastructures with PuppetAutomating complex infrastructures with Puppet
Automating complex infrastructures with Puppet
 
20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag
 
Introduction to NodeJS with LOLCats
Introduction to NodeJS with LOLCatsIntroduction to NodeJS with LOLCats
Introduction to NodeJS with LOLCats
 
#WeSpeakLinux Session
#WeSpeakLinux Session#WeSpeakLinux Session
#WeSpeakLinux Session
 
Puppet and Apache CloudStack
Puppet and Apache CloudStackPuppet and Apache CloudStack
Puppet and Apache CloudStack
 
Infrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStackInfrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStack
 
Herd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration managementHerd your chickens: Ansible for DB2 configuration management
Herd your chickens: Ansible for DB2 configuration management
 
Managing Infrastructure as Code
Managing Infrastructure as CodeManaging Infrastructure as Code
Managing Infrastructure as Code
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of Ansible
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpreso
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013
 
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
 
Puppet and CloudStack
Puppet and CloudStackPuppet and CloudStack
Puppet and CloudStack
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw
 
Environment for training models
Environment for training modelsEnvironment for training models
Environment for training models
 

Mehr von Puppet

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)Puppet
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscodePuppet
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codePuppet
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowPuppet
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Puppet
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppetPuppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Take control of your dev ops dumping ground
Take control of your  dev ops dumping groundTake control of your  dev ops dumping ground
Take control of your dev ops dumping groundPuppet
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy SoftwarePuppet
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User GroupPuppet
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsPuppet
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet
 

Mehr von Puppet (20)

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyaml
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscode
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twenties
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance code
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approach
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automation
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliance
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNow
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden Windows
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael Pinson
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin Reeuwijk
 
Take control of your dev ops dumping ground
Take control of your  dev ops dumping groundTake control of your  dev ops dumping ground
Take control of your dev ops dumping ground
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User Group
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOps
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
 

Kürzlich hochgeladen

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
🐬 The future of MySQL is Postgres 🐘
🐬  The future of MySQL is Postgres   🐘🐬  The future of MySQL is Postgres   🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Kürzlich hochgeladen (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
🐬 The future of MySQL is Postgres 🐘
🐬  The future of MySQL is Postgres   🐘🐬  The future of MySQL is Postgres   🐘
🐬 The future of MySQL is Postgres 🐘
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Functional Hostnames and Why they are Bad

  • 1. Puppet Camp April 9th 2013
  • 2. What’s in a name? Andrew Fong and Gary Josack fong@dropbox.com gary@dropbox.com
  • 3. About Dropbox •  Thousands of instances/servers •  Mostly Python Stack •  EC2 and Large Self Datacenters •  Over a billion file syncs per day •  Thousands of MySQL Shards •  4 SREs and 1 DBA
  • 4. A story of a startup... Hostapuppet.com
  • 5. Chapter One •  1 or 2 teams •  Couple of hosts •  Webserver and a database •  Maybe one ops guy
  • 6. What Ops People Like •  Simplicity •  Repeatability •  Assurances that things remain consistent •  Puppet / Configuration management
  • 7. Config Management node 'www1.example.com' { include common include apache include squid } node 'db1.example.com' { include common include mysql }
  • 8. My First Puppet Config Node ‘mickey.hostapuppet.com’ { include common include webserver include sudoers } Node ‘donald.hostapuppet.com’{ include common include db include sudoers }
  • 9. Sudoers Module … file { "/etc/sudoers": owner => root, group => root, mode => "440", source => "puppet:///modules/sudo/sudoers", } …
  • 10. Sudoers File itself Host_Alias DONALD=donald.hostapuppet.com Host_Alias MICKEY=mickey.hostapuppet.com db_guy DONALD=(all) NOPASSWD: ALL ops_guy MICKEY=(all) NOPASSWD: ALL
  • 11. Chapter Two: A growing service •  A few teams •  2 or 3 services •  multiple types of hosts –  Web –  API –  DB
  • 13. Host Regex $hosttype = inline_template('<%= hostname.sub(/w+-([a-z]+)d*/){$1} %>’)
  • 14. Hosttypes $hosttype = inline_template('<%= hostname.sub(/w+-([a-z]+)d*/){$1} %>’) if $hosttype == ‘web’ { if $hosttype == ‘api’ { include sudoers include sudoers include web include api } } If $hosttype == ‘db’ { include sudoers include db }
  • 15. Back to sudoers … file { "/etc/sudoers": owner => root, group => root, mode => "440", source => "puppet:///modules/sudo/sudoers", } …
  • 16. Sudoers File itself Host_Alias WEB=sjc-web* Host_Alias DB=sjc-db* Host_Alias API=sjc-api* database_guy DB=(all) NOPASSWD: ALL ops_guy WEB=(all) NOPASSWD: ALL api_team API=(all) NOPASSWD: ALL
  • 17. Hypergrowth Users (millions) 120 100 80 60 40 20 0 0 2 3 5 Users (millions)
  • 18. Chapter 3: An Expanding Infrastructure •  Lots of new hires! •  A bunch more developers •  Some PMs •  Some Designers
  • 19. All Kinds Of Problems… •  Boxes of same hardware class running different services •  Boxes serving more than one role (remember sudoers?) •  Deploying or moving hosts quickly
  • 20. Renaming a host •  Update dns •  Update dhcpd.conf •  Push both •  Update puppet configs •  Update code
  • 21. OMG I JUST RENAME HOSTS!
  • 22. Sudoers File From Chapter Two… Host_Alias WEB= sjc-web* Host_Alias API=sjc-api* Host_Alias DB=sjc-db* database_guy DB=(all) NOPASSWD: ALL ops_guy WEB=(all) NOPASSWD: ALL api_team API(all) NOPASSWD: ALL
  • 23. Sudoers File in Chapter 3 Host_Alias WEB= sjc-web* Host_Alias API=sjc-api*,sjc-web550,sjc- web551,sjc-web552,sjc-web553 Host_Alias DB=sjc-db* database_guy DB=(all) NOPASSWD: ALL ops_guy WEB=(all) NOPASSWD: ALL api_team API(all) NOPASSWD: ALL
  • 24. Dropbox •  We did all that. •  We’re still paying the taxes for doing that. •  But there is a light at the end of the tunnel…
  • 25. ABSTRACT THE SERVICE FROM THE HOST!
  • 26. So what does that mean? • Make hosts role agnostic • Do not require invasive changes • Simple interfaces
  • 27. Making hosts role agnostic • Positional • Serial Numbers • Anything that doesn't change
  • 28. The Dropbox Plan • Positional names • Custom Machine Database • External Node Classifier • Transitioning Puppet configs • Naming service(s) for convenient names
  • 29. Service/Machine Management Database • Universal Source of Truth • Manage roles / attributes • Generated configs - Gmond, Nagios, etc
  • 30. What exactly is the ENC • External Node Classifier • Inject variables (and other) from external process • YAML Output
  • 31. Part 2: External Node Encoders
  • 32. Sudoers++ • Move from monolithic to modular • Includes! (Weird caveats) • Just use ALL for Host_Lists
  • 34. Part 3: Helper Functions
  • 37. Provisioning • Preload MDB, DNS, DHCPD, etc. - Set it and forget it • Have spares ready for any roles • Assigning a role is one command • No more renames!
  • 38. Dynamic Naming w/ PowerDNS
  • 39. Dynamic Naming w/ PowerDNS
  • 40. Zookeeper • ZKNS included with the Vitess project • ZK is in use at various different companies (YouTube, Twitter, AirBnB)
  • 41. Q&A FAQ #1: Are you hiring? λ  - Yes! Come talk to us. :)