SlideShare ist ein Scribd-Unternehmen logo

London Puppet Camp 2015: Hiscox

Puppet
Puppet

Six Weird Facts About Puppet on Windows

Technologie
1 von 30
Downloaden Sie, um offline zu lesen
Six Weird Facts about Puppet on Windows … and more facts worth knowing 3 November 2015 Presented by Jeremy McGee and Steven Hawkins
Disclaimer: This is probably not the recommended approach. But it works for us
Who are Hiscox? 3 USA Atlanta Chicago Los Angeles New York City San Francisco White Plains Guernsey St Peter Port Latin American gateway Miami Bermuda Hamilton Europe Amsterdam Bordeaux Brussels Cologne Dublin Hamburg Lisbon Lyon Madrid Munich Paris UK Birmingham Colchester Glasgow Leeds London Maidenhead Manchester York Asia Bangkok Hong Kong Singapore International specialist insurer £2.0B in GWP 2,000 employees
The Hiscox IT landscape Hiscox is an insurance company. Where possible we buy, not build. The organisation relies on customised, packaged applications. This has its own challenges. 4
Deployment stack 5 Paceofchange Stage Item Examples Tools Ready Application components DLLs, SQL scripts, configuration IBM UrbanCode Octopus Deploy Deployed Middleware IIS, JBoss Puppet Configured Server configuration NTFS, registry Puppet Installed Server applications AV, SQL Server VMware templates Built Operating system OS, partitions, AD membership VMware templates Provisioned Orchestration CMP/ITSM VMware Purchased Requisition CMP/ITSM Paceofchange
Using Puppet on Windows
Installation 7
Puppet Agent is Ruby-based and cross-platform 8
Weird Fact Number One You need a Linux master
The Puppet Master is just a file system 10
Weird Fact Number Two There’s no package manager
Package manager alternatives There’s Chocolatey, which is immature; the usual “Programs and Features” control panel, which doesn’t handle versions well; storing each file individually, which doesn’t scale; or direct use of archives, which is ugly. 12
I like archives: the best of a poor choice 13
Windows Package Manager Chocolatey is the way to go as far as package management for Puppet on Windows, but how does it work for enterprise? Not so well, it turns out. Packages vary in quality and most go off to other provider’s Web sites for installers. So, take control: – Write your own Chocolatey packages – Manage Chocolatey packages and providers’ installers locally 14
Chocolatey configuration - It’s actually quite simple to write your own Chocolatey puppet module. We change the following configuration - Disable ‘chocolatey’ source - Add a new source to your internal Chocolatey repository - Set autoUninstaller = true allowGlobalConfirmation = true failOnAutoUninstaller = true - Add an API key to be able to push new packages to your internal Chocolatey repository 15
Creating a Chocolatey package is easier than might you think - choco new Then edit as needed. Finally - cpack - choco push 16
Creating a Chocolatey package Live Demo 17
Great – but what does this mean for Puppet? 18 Becomes...
Great – but what does this mean for Puppet? 19 This!!!
Weird Fact Number Three There are backslashes as path separators, and spaces in filenames
That module again 21 ! ! !?
PowerShell to the rescue 22
Weird Fact Number Four PowerShell isn’t the default provider
Weird Fact Number Five Windows ACLs are special
Windows and ACLs Puppet supports Windows access control lists natively, but the defaults are Linux style, not Windows. So you won’t get what you expect. Typically, Administrator won’t have access. We use native Windows utilities to apply permissions and wrap this up in PowerShell modules.
Weird Fact Number Six It all works very well
Our results We have 120+ test servers, 22+ environments, and in total about 20 modules in use. We have 100% automation of deployments from bare operating system to production deployments. We have no access to production servers. This has saved several thousand pounds over alternative approaches and means we can deploy much more frequently. 27
Some other facts worth knowing
We found this the hard way The Puppet documentation is just the start. Network with colleagues across your organisation and in other companies too. Invest in a training / scratch environment. Keep abreast of new Puppet modules. Buy Puppet Enterprise support. It’s good! 29
Thank you www.hiscox.co.uk @jeremymcgee

Empfohlen

PHP: Hypertext Preprocessor Introduction
PHP: Hypertext Preprocessor IntroductionPHP: Hypertext Preprocessor Introduction
PHP: Hypertext Preprocessor IntroductionOto Brglez
 
Six Weird Facts about Puppet on Windows
Six Weird Facts about Puppet on WindowsSix Weird Facts about Puppet on Windows
Six Weird Facts about Puppet on WindowsPuppet
 
Puppet for Windows Users - PuppetConf 2014
Puppet for Windows Users - PuppetConf 2014Puppet for Windows Users - PuppetConf 2014
Puppet for Windows Users - PuppetConf 2014Puppet
 
Using Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSXUsing Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSXPuppet
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksPuppet
 
Infrastructure as Software - PuppetConf 2014
Infrastructure as Software - PuppetConf 2014Infrastructure as Software - PuppetConf 2014
Infrastructure as Software - PuppetConf 2014Puppet
 
Getting Started with Puppet on Windows - PuppetConf 2014
Getting Started with Puppet on Windows - PuppetConf 2014Getting Started with Puppet on Windows - PuppetConf 2014
Getting Started with Puppet on Windows - PuppetConf 2014Puppet
 
Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15
Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15
Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15Puppet
 

Empfohlen

PHP: Hypertext Preprocessor Introduction
PHP: Hypertext Preprocessor IntroductionPHP: Hypertext Preprocessor Introduction
PHP: Hypertext Preprocessor IntroductionOto Brglez
 
Six Weird Facts about Puppet on Windows
Six Weird Facts about Puppet on WindowsSix Weird Facts about Puppet on Windows
Six Weird Facts about Puppet on WindowsPuppet
 
Puppet for Windows Users - PuppetConf 2014
Puppet for Windows Users - PuppetConf 2014Puppet for Windows Users - PuppetConf 2014
Puppet for Windows Users - PuppetConf 2014Puppet
 
Using Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSXUsing Puppet on Linux, Windows, and Mac OSX
Using Puppet on Linux, Windows, and Mac OSXPuppet
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksPuppet
 
Infrastructure as Software - PuppetConf 2014
Infrastructure as Software - PuppetConf 2014Infrastructure as Software - PuppetConf 2014
Infrastructure as Software - PuppetConf 2014Puppet
 
Getting Started with Puppet on Windows - PuppetConf 2014
Getting Started with Puppet on Windows - PuppetConf 2014Getting Started with Puppet on Windows - PuppetConf 2014
Getting Started with Puppet on Windows - PuppetConf 2014Puppet
 
Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15
Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15
Deliver on DevOps with Puppet Application Orchestration Webinar 11/19/15Puppet
 
iOSDevUK Conference- DevOps for iOS Apps
iOSDevUK Conference- DevOps for iOS AppsiOSDevUK Conference- DevOps for iOS Apps
iOSDevUK Conference- DevOps for iOS AppsShashikant Jagtap
 
Proper Connections Development for Proper Domino Developers
Proper Connections Development for Proper Domino DevelopersProper Connections Development for Proper Domino Developers
Proper Connections Development for Proper Domino DevelopersMark Myers
 
DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017Amazon Web Services
 
Securing the Pipeline
Securing the PipelineSecuring the Pipeline
Securing the PipelineThoughtworks
 
I Love APIs - Oct 2015
I Love APIs - Oct 2015I Love APIs - Oct 2015
I Love APIs - Oct 2015Mike McNeil
 
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018Giulio Vian
 
OpenWhisk by Example - Auto Retweeting Example in Python
OpenWhisk by Example - Auto Retweeting Example in PythonOpenWhisk by Example - Auto Retweeting Example in Python
OpenWhisk by Example - Auto Retweeting Example in PythonCodeOps Technologies LLP
 
Codeigniter
CodeigniterCodeigniter
CodeigniterEmmanuelMasyenene1
 
Setting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudSetting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudFernando Lopez Aguilar
 
Security Automation Simplified - BSides Austin 2019
Security Automation Simplified - BSides Austin 2019Security Automation Simplified - BSides Austin 2019
Security Automation Simplified - BSides Austin 2019Moses Schwartz
 
CyberArk Impact 2017 - REST for the Rest of Us
CyberArk Impact 2017 - REST for the Rest of UsCyberArk Impact 2017 - REST for the Rest of Us
CyberArk Impact 2017 - REST for the Rest of UsJoe Garcia
 
Build your own discovery index of scholary e-resources
Build your own discovery index of scholary e-resourcesBuild your own discovery index of scholary e-resources
Build your own discovery index of scholary e-resourcesMartin Czygan
 
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat Llama
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat LlamaMigrating to an Agile Architecture, Will Demaine, Engineer, Fat Llama
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat LlamaUXDXConf
 
Hacking the Kinect with GAFFTA Day 1
Hacking the Kinect with GAFFTA Day 1Hacking the Kinect with GAFFTA Day 1
Hacking the Kinect with GAFFTA Day 1benDesigning
 
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!Anderson Bassani
 
Beyond Web Interfaces
Beyond Web InterfacesBeyond Web Interfaces
Beyond Web Interfacesciacchi
 
How to begin with Amazon EC2?
How to begin with Amazon EC2?How to begin with Amazon EC2?
How to begin with Amazon EC2?Cuelogic Technologies Pvt. Ltd.
 
A Tale of Two Apps
A Tale of Two AppsA Tale of Two Apps
A Tale of Two AppsChris Tankersley
 
Enterprise PHP (PHP London Conference 2008)
Enterprise PHP (PHP London Conference 2008)Enterprise PHP (PHP London Conference 2008)
Enterprise PHP (PHP London Conference 2008)Ivo Jansch
 
Finding attacks with these 6 events
Finding attacks with these 6 eventsFinding attacks with these 6 events
Finding attacks with these 6 eventsMichael Gough
 
Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 

Weitere ähnliche Inhalte

Ähnlich wie London Puppet Camp 2015: Hiscox

iOSDevUK Conference- DevOps for iOS Apps
iOSDevUK Conference- DevOps for iOS AppsiOSDevUK Conference- DevOps for iOS Apps
iOSDevUK Conference- DevOps for iOS AppsShashikant Jagtap
 
Proper Connections Development for Proper Domino Developers
Proper Connections Development for Proper Domino DevelopersProper Connections Development for Proper Domino Developers
Proper Connections Development for Proper Domino DevelopersMark Myers
 
DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017Amazon Web Services
 
Securing the Pipeline
Securing the PipelineSecuring the Pipeline
Securing the PipelineThoughtworks
 
I Love APIs - Oct 2015
I Love APIs - Oct 2015I Love APIs - Oct 2015
I Love APIs - Oct 2015Mike McNeil
 
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018Giulio Vian
 
OpenWhisk by Example - Auto Retweeting Example in Python
OpenWhisk by Example - Auto Retweeting Example in PythonOpenWhisk by Example - Auto Retweeting Example in Python
OpenWhisk by Example - Auto Retweeting Example in PythonCodeOps Technologies LLP
 
Setting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudSetting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudFernando Lopez Aguilar
 
Security Automation Simplified - BSides Austin 2019
Security Automation Simplified - BSides Austin 2019Security Automation Simplified - BSides Austin 2019
Security Automation Simplified - BSides Austin 2019Moses Schwartz
 
CyberArk Impact 2017 - REST for the Rest of Us
CyberArk Impact 2017 - REST for the Rest of UsCyberArk Impact 2017 - REST for the Rest of Us
CyberArk Impact 2017 - REST for the Rest of UsJoe Garcia
 
Build your own discovery index of scholary e-resources
Build your own discovery index of scholary e-resourcesBuild your own discovery index of scholary e-resources
Build your own discovery index of scholary e-resourcesMartin Czygan
 
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat Llama
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat LlamaMigrating to an Agile Architecture, Will Demaine, Engineer, Fat Llama
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat LlamaUXDXConf
 
Hacking the Kinect with GAFFTA Day 1
Hacking the Kinect with GAFFTA Day 1Hacking the Kinect with GAFFTA Day 1
Hacking the Kinect with GAFFTA Day 1benDesigning
 
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!Anderson Bassani
 
Beyond Web Interfaces
Beyond Web InterfacesBeyond Web Interfaces
Beyond Web Interfacesciacchi
 
Enterprise PHP (PHP London Conference 2008)
Enterprise PHP (PHP London Conference 2008)Enterprise PHP (PHP London Conference 2008)
Enterprise PHP (PHP London Conference 2008)Ivo Jansch
 
Finding attacks with these 6 events
Finding attacks with these 6 eventsFinding attacks with these 6 events
Finding attacks with these 6 eventsMichael Gough
 

Ähnlich wie London Puppet Camp 2015: Hiscox (20)

iOSDevUK Conference- DevOps for iOS Apps
iOSDevUK Conference- DevOps for iOS AppsiOSDevUK Conference- DevOps for iOS Apps
iOSDevUK Conference- DevOps for iOS Apps
 
Proper Connections Development for Proper Domino Developers
Proper Connections Development for Proper Domino DevelopersProper Connections Development for Proper Domino Developers
Proper Connections Development for Proper Domino Developers
 
DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017
 
Securing the Pipeline
Securing the PipelineSecuring the Pipeline
Securing the Pipeline
 
I Love APIs - Oct 2015
I Love APIs - Oct 2015I Love APIs - Oct 2015
I Love APIs - Oct 2015
 
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018
There and Back Again (My DevOps journey) - DevOps Days Copenhagen 2018
 
OpenWhisk by Example - Auto Retweeting Example in Python
OpenWhisk by Example - Auto Retweeting Example in PythonOpenWhisk by Example - Auto Retweeting Example in Python
OpenWhisk by Example - Auto Retweeting Example in Python
 
Codeigniter
CodeigniterCodeigniter
Codeigniter
 
Setting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudSetting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloud
 
Security Automation Simplified - BSides Austin 2019
Security Automation Simplified - BSides Austin 2019Security Automation Simplified - BSides Austin 2019
Security Automation Simplified - BSides Austin 2019
 
CyberArk Impact 2017 - REST for the Rest of Us
CyberArk Impact 2017 - REST for the Rest of UsCyberArk Impact 2017 - REST for the Rest of Us
CyberArk Impact 2017 - REST for the Rest of Us
 
Build your own discovery index of scholary e-resources
Build your own discovery index of scholary e-resourcesBuild your own discovery index of scholary e-resources
Build your own discovery index of scholary e-resources
 
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat Llama
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat LlamaMigrating to an Agile Architecture, Will Demaine, Engineer, Fat Llama
Migrating to an Agile Architecture, Will Demaine, Engineer, Fat Llama
 
Hacking the Kinect with GAFFTA Day 1
Hacking the Kinect with GAFFTA Day 1Hacking the Kinect with GAFFTA Day 1
Hacking the Kinect with GAFFTA Day 1
 
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!
Blockchain - Hyperledger Fabric v1.0 Running on LinuxONE, see it in action!
 
Beyond Web Interfaces
Beyond Web InterfacesBeyond Web Interfaces
Beyond Web Interfaces
 
How to begin with Amazon EC2?
How to begin with Amazon EC2?How to begin with Amazon EC2?
How to begin with Amazon EC2?
 
A Tale of Two Apps
A Tale of Two AppsA Tale of Two Apps
A Tale of Two Apps
 
Enterprise PHP (PHP London Conference 2008)
Enterprise PHP (PHP London Conference 2008)Enterprise PHP (PHP London Conference 2008)
Enterprise PHP (PHP London Conference 2008)
 
Finding attacks with these 6 events
Finding attacks with these 6 eventsFinding attacks with these 6 events
Finding attacks with these 6 events
 

Mehr von Puppet

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)Puppet
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscodePuppet
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codePuppet
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowPuppet
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Puppet
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppetPuppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping groundPuppet
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy SoftwarePuppet
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User GroupPuppet
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsPuppet
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet
 

Mehr von Puppet (20)

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyaml
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscode
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twenties
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance code
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approach
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automation
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliance
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNow
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden Windows
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael Pinson
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin Reeuwijk
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping ground
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User Group
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOps
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
 

Kürzlich hochgeladen

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 

Kürzlich hochgeladen (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 

London Puppet Camp 2015: Hiscox

  • 1. Six Weird Facts about Puppet on Windows … and more facts worth knowing 3 November 2015 Presented by Jeremy McGee and Steven Hawkins
  • 2. Disclaimer: This is probably not the recommended approach. But it works for us
  • 3. Who are Hiscox? 3 USA Atlanta Chicago Los Angeles New York City San Francisco White Plains Guernsey St Peter Port Latin American gateway Miami Bermuda Hamilton Europe Amsterdam Bordeaux Brussels Cologne Dublin Hamburg Lisbon Lyon Madrid Munich Paris UK Birmingham Colchester Glasgow Leeds London Maidenhead Manchester York Asia Bangkok Hong Kong Singapore International specialist insurer £2.0B in GWP 2,000 employees
  • 4. The Hiscox IT landscape Hiscox is an insurance company. Where possible we buy, not build. The organisation relies on customised, packaged applications. This has its own challenges. 4
  • 5. Deployment stack 5 Paceofchange Stage Item Examples Tools Ready Application components DLLs, SQL scripts, configuration IBM UrbanCode Octopus Deploy Deployed Middleware IIS, JBoss Puppet Configured Server configuration NTFS, registry Puppet Installed Server applications AV, SQL Server VMware templates Built Operating system OS, partitions, AD membership VMware templates Provisioned Orchestration CMP/ITSM VMware Purchased Requisition CMP/ITSM Paceofchange
  • 6. Using Puppet on Windows
  • 8. Puppet Agent is Ruby-based and cross-platform 8
  • 9. Weird Fact Number One You need a Linux master
  • 10. The Puppet Master is just a file system 10
  • 11. Weird Fact Number Two There’s no package manager
  • 12. Package manager alternatives There’s Chocolatey, which is immature; the usual “Programs and Features” control panel, which doesn’t handle versions well; storing each file individually, which doesn’t scale; or direct use of archives, which is ugly. 12
  • 13. I like archives: the best of a poor choice 13
  • 14. Windows Package Manager Chocolatey is the way to go as far as package management for Puppet on Windows, but how does it work for enterprise? Not so well, it turns out. Packages vary in quality and most go off to other provider’s Web sites for installers. So, take control: – Write your own Chocolatey packages – Manage Chocolatey packages and providers’ installers locally 14
  • 15. Chocolatey configuration - It’s actually quite simple to write your own Chocolatey puppet module. We change the following configuration - Disable ‘chocolatey’ source - Add a new source to your internal Chocolatey repository - Set autoUninstaller = true allowGlobalConfirmation = true failOnAutoUninstaller = true - Add an API key to be able to push new packages to your internal Chocolatey repository 15
  • 16. Creating a Chocolatey package is easier than might you think - choco new Then edit as needed. Finally - cpack - choco push 16
  • 18. Great – but what does this mean for Puppet? 18 Becomes...
  • 19. Great – but what does this mean for Puppet? 19 This!!!
  • 20. Weird Fact Number Three There are backslashes as path separators, and spaces in filenames
  • 22. PowerShell to the rescue 22
  • 23. Weird Fact Number Four PowerShell isn’t the default provider
  • 24. Weird Fact Number Five Windows ACLs are special
  • 25. Windows and ACLs Puppet supports Windows access control lists natively, but the defaults are Linux style, not Windows. So you won’t get what you expect. Typically, Administrator won’t have access. We use native Windows utilities to apply permissions and wrap this up in PowerShell modules.
  • 26. Weird Fact Number Six It all works very well
  • 27. Our results We have 120+ test servers, 22+ environments, and in total about 20 modules in use. We have 100% automation of deployments from bare operating system to production deployments. We have no access to production servers. This has saved several thousand pounds over alternative approaches and means we can deploy much more frequently. 27
  • 28. Some other facts worth knowing
  • 29. We found this the hard way The Puppet documentation is just the start. Network with colleagues across your organisation and in other companies too. Invest in a training / scratch environment. Keep abreast of new Puppet modules. Buy Puppet Enterprise support. It’s good! 29