SlideShare ist ein Scribd-Unternehmen logo

Puppet Camp Chicago 2014: Puppet at backstop another year of lessons

Puppet
Puppet

Puppet Camp Chicago 2014: "Puppet at backstop another year of lessons" by Bill Weiss, Backstop

Software
1 von 53
Downloaden Sie, um offline zu lesen
Puppet at Backstop Another year of lessons 1
$ whoami ‣ Bill Weiss <bill@backstopsolutions.com> ‣ @BillWeiss ‣ Probably responsible for 90% of the badness in this talk, 25% of the good ‣ Still not a designer 2
What’s this talk about? aka, who cares? 3
4 Image via MemeCrunch. Original owned by the History Channel.
No, wait, that’s not it (Come talk to me afterward about that) 5
‣ I’m here to talk about things that work (and don’t) for us in our environment ‣ Hopefully most of it is useful to you ‣ Some might just be there so you can point and laugh 6
–You “What the heck is Backstop?” 7
Super helpful, I know 8
SaaS for institutional investment firms ‣ That’s it. ‣ You’re probably not our target audience ‣ If you are, awesome, let’s talk later 9
Some numbers ‣ ~195 Puppeted machines in production (US) ‣ ~350 total ‣ 2 datacenters, 2 AWS AZs, 1 office closet full of machines ‣ 50+ Engineering folks (IT, dev, QA, etc) Numbers of machines from MCollective! 10
Logo owned by the CentOS project Logo also owned by Oracle, of course Logo owned by Oracle Logo by David Heinemeier Hansson 11
‣ Big application is J2EE on JBoss ‣ Lots of smaller bits (“services”) on Tomcat ‣ Second app is Ruby on Rails 12
How ‘bout that Puppet? ‣ Moved to GitHub 2013/11/18 ‣ ~4100 commits since then (~15 commits/day!) ‣ 2700 from people outside sysadmin team ‣ ~1350 pull requests from 21 contributors 13
The move to GitHub was awesome ‣ 4 years of Subversion before that had 29 authors and 6700 commits ‣ Other things at play here beside just s/svn/git/ , but it helped a lot ‣ How? 14
! git workflow ‣ Org-owned repo, two branches ‣ master ➡ production ‣ office ➡ testing (pre-prod) ‣ Everyone forks from master and sends pull requests to office ‣ Pull changes from office to master as needed 15
‣ Everyone has their own fork with work branches ‣ Branch names probably are Jira ticket numbers ‣ Everyone bases from master, not office, so we can pull changes independently 16
This is why we have so many contributors 17
‣ If you’re a software shop, you already have a workflow. Do that ‣ Otherwise, this is working well for us 18
" git hooks ‣ We had a pretty good set of pre-commit hooks in svn to test changes ‣ Github doesn’t do that # ‣ Git pre-commit hooks exist, but it’s up to each person to set them up ‣ No awesome answer yet ‣ The answer might be… 19
! Jenkins! ‣ We used to have this “deploy” job on the Puppet masters as a cron job: • (cd /etc/puppet && svn up) ‣ Nothing could go wrong there, right? ‣ For a while we just did it manually instead 20
‣ Jenkins polls for changes to either branch ‣ Runs a deploy job that grabs repo, runs librarian-puppet, a “build” step, and then pushes it out to the masters ‣ Determines masters via mco call ‣ All the good (and bad) of capistrano for the push 21
22 alias puppet-test='sudo puppet agent --test --noop -- environment' That deploys an environment titled UserBranch, camel-cased
‣ Jenkins also runs a test suite in parallel ‣ Some day that’ll be a precursor to the deploy job. Some day… 23
" Sometimes you just want to do something to prod ‣ All that well-defined procedure means time for quick fixes goes up ‣ Make a branch, make some changes, commit, push, PR to office, merge, PR to prod, merge, run deploy… 24
‣ Possible answers here: • Pull some things out into their own repos • Accept that it’s slower • Tool it up, make the machines do the slow parts 25
! MCollective is still awesome 26 Original image: http://xkcd.com/353/ Cheapo editing courtesy OS X Preview “Annotate” Same graphic as last year’s talk. I love you, mco!
It’s like Frank’s Red Hot ‣ Our deploys (not IT, app teams) now use it to figure out which machines to deploy to ‣ We wrote an agent for our VM system (Proxmox) Which, uh, evidently we haven’t released. Will do. ‣ Stop/start the world for Oracle maintenance 27
" ActiveMQ is hard ‣ MCollective sits on top of ActiveMQ ‣ Easy, right? Just install it (with Puppet, even) and go to town ‣ Second datacenter? Yeah, just get them talking to each other and… 28
A sad example 29
Suddenly, one day… ‣ Pretend x is time ‣ y is memory usage ‣ That’s our activeMQ • At 2AM • Every day 30
31 “Sudden Clarity Clarence” via memecreator.eu Original image? Who knows. Might be Clarence.
‣ Long story short: make really sure your broker names are unique across your network ‣ Really really sure 32
That won’t happen to us ‣ Maybe not ‣ Just know you’re adding another service you rely on ‣ Monitor it ‣ Measure it ‣ Have a game plan for what to do when it goes horribly wrong 33
‣ R.I.’s scripts [1] ‣ Erwan Ben Souiden, aka labynocle [2] ‣ A script I butchered to help 34 [1]: https://github.com/ripienaar/monitoring-scripts/tree/master/activemq [2]: https://github.com/labynocle/nagios_plugins_by_labynocle/tree/master/check_activeMQ [3]: https://github.com/BillWeiss/MiscScripts/blob/master/check_activemq.pl I know, I know, bleh, Nagios
! Cloudstack! ‣ It’s great ‣ Setup was easy ‣ Only using it in test now (so we only kinda care if the machines burn down) 35 That’s the CloudStack monkey, owned by the Apache Software Foundation
‣ Remember that puppet-test alias? ‣ That + CloudStack means people can build machines to test Puppet changes to ‣ I was surprised recently by a service that just showed up ready to run in prod, Puppet and all 36
You don’t have to use CloudStack, but you need something like it ‣ That could be OpenStack, Vagrant, even some AWS credit ‣ You just need fast to build disposable machines 37
" Would be better in prod ‣ We’re not yet running CloudStack in production. It’ll happen someday. ‣ So, while I’m singing its praises, I can’t say we’re all in. 38
! create_resources ‣ I have to show off one chunk of code ‣ Let me quote from TFM: 39 ‣ That’s vague, right? The example in TFM didn’t inspire me either, so I glossed over it for years. Converts a hash into a set of resources and adds them to the catalog.
I already said something about Frank’s Red Hot, right? Almost everywhere I use it looks like this 40 $thing = loadYaml(“${yamlDir}/thing/${environment}.yaml”)
 create_resources( some::define, $thing ) That same YAML gets used in a bunch of those. backstopsolutions:
 lastOctet: 226
 clientFqdn: 'www.backstopsolutions.com'
 seconddn: 'backstopsolutions.com'
 includeFile: 'true'
‣ One define uses the lastOctet and some knowledge about our systems to set up an interface on the load balancers ‣ Another uses the hostnames to set up a couple of vhosts for the Rails app ‣ Yet another adds it into several DNS zones 41
‣ Another benefit: it’s YAML. You don’t have to write it by hand ‣ Grab some external data source, frob as needed, dump out some YAML. As long as you meet the spec, you’ll be fine 42
Huge gotcha here ‣ Everything you pass that YAML to needs to do something with all the parameters named in the file ‣ Adding a field thus means changing all those defines ‣ We have a lot of ‘$foo = “dontcare”’ in there. Just come up with an idiom and stick to it ‣ You could probably do something clever to filter out params? 43
" Maybe not everything goes in Puppet ‣ Last year I had this slide (included verbatim) 44
Well, I can’t always be right 45
‣ Think to yourself: do I ever want to do this thing without running Puppet? ‣ Does it make sense for this to go through the same test -> prod cycle? ‣ Do the same people need to see this content as the Puppet manifests? ‣ Can it be generated in one place, or do you need to gather data from several? 46
‣ As we’ve grown to more sites and more Puppet masters, this has hurt all over the place ‣ The deploy concept (vs `svn up`) made a mess of the checkin of this derived data ‣ I still think it’s an OK approach, but it needs thought 47
Examples ‣ DNS data: there’s only one actual copy of your DNS, and that’s what the world can see. What does a beta machine do with it? ‣ Load balancer configs: multiple datacenters need to know about each other, but can’t see the other’s database to derive config from 48
</TechnicalContent> 49
Want to help out? We’re hiring 50 ‣ Sysadmins ‣ Developers (Rails or Java) ‣ Testers ‣ Lots more backstopsolutions.com/careers
DevOpsDays Chicago! ‣ October 7th and 8th @ the Sears Tower ‣ CFP open until the 22nd ‣ Registration open now! Use code PUPPET_CAMP for 10% off
 devopsdays.org/events/2014-chicago/registration/ ‣ I might be on the committee 51 I refuse to call it the Willis Tower, y’all
Puppet Users Group ‣ Hosted by this guy, downtown, ~monthly (coming soon!) ‣ meetup.com/Chicago-Puppet-users-group/ 52
That’s it Questions? 53

Empfohlen

From Zero To Visibility
From Zero To VisibilityFrom Zero To Visibility
From Zero To Visibilitybridgetkromhout
 
PuppetCamp Austin 2015 Talk - Getting started with puppet
PuppetCamp Austin 2015 Talk - Getting started with puppetPuppetCamp Austin 2015 Talk - Getting started with puppet
PuppetCamp Austin 2015 Talk - Getting started with puppetByron Miller
 
Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...
Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...
Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...Puppet
 
Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC
Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC
Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC Puppet
 
Demystifying TLS
Demystifying TLSDemystifying TLS
Demystifying TLSPuppet
 
Puppet for dummies - ZendCon 2011 Edition
Puppet for dummies - ZendCon 2011 EditionPuppet for dummies - ZendCon 2011 Edition
Puppet for dummies - ZendCon 2011 EditionJoshua Thijssen
 
Cfgmgmt Challenges aren't technical anymore
Cfgmgmt Challenges aren't technical anymoreCfgmgmt Challenges aren't technical anymore
Cfgmgmt Challenges aren't technical anymoreJulien Pivotto
 
Aug 2012 HUG: Hug BigTop
Aug 2012 HUG: Hug BigTopAug 2012 HUG: Hug BigTop
Aug 2012 HUG: Hug BigTopYahoo Developer Network
 

Empfohlen

From Zero To Visibility
From Zero To VisibilityFrom Zero To Visibility
From Zero To Visibilitybridgetkromhout
 
PuppetCamp Austin 2015 Talk - Getting started with puppet
PuppetCamp Austin 2015 Talk - Getting started with puppetPuppetCamp Austin 2015 Talk - Getting started with puppet
PuppetCamp Austin 2015 Talk - Getting started with puppetByron Miller
 
Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...
Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...
Puppet Camp DC 2014: Continuous Deployment of Dynamic Environments Using Hier...Puppet
 
Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC
Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC
Puppet Camp Austin 2015: How I learned to stop worrying and love the ENC Puppet
 
Demystifying TLS
Demystifying TLSDemystifying TLS
Demystifying TLSPuppet
 
Puppet for dummies - ZendCon 2011 Edition
Puppet for dummies - ZendCon 2011 EditionPuppet for dummies - ZendCon 2011 Edition
Puppet for dummies - ZendCon 2011 EditionJoshua Thijssen
 
Cfgmgmt Challenges aren't technical anymore
Cfgmgmt Challenges aren't technical anymoreCfgmgmt Challenges aren't technical anymore
Cfgmgmt Challenges aren't technical anymoreJulien Pivotto
 
Aug 2012 HUG: Hug BigTop
Aug 2012 HUG: Hug BigTopAug 2012 HUG: Hug BigTop
Aug 2012 HUG: Hug BigTopYahoo Developer Network
 
Puppet for dummies - PHPBenelux UG edition
Puppet for dummies - PHPBenelux UG editionPuppet for dummies - PHPBenelux UG edition
Puppet for dummies - PHPBenelux UG editionJoshua Thijssen
 
Sylius, the good choice
Sylius, the good choiceSylius, the good choice
Sylius, the good choiceJacques Bodin-Hullin
 
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLoveOSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLoveNETWAYS
 
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012TEST Huddle
 
The Art Of Performance Tuning - with presenter notes!
The Art Of Performance Tuning - with presenter notes!The Art Of Performance Tuning - with presenter notes!
The Art Of Performance Tuning - with presenter notes!Jonathan Ross
 
The JavaScript Delusion
The JavaScript DelusionThe JavaScript Delusion
The JavaScript DelusionJUGBD
 
The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)Julien SIMON
 
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...Burr Sutter
 
Old Dogs and New Tricks
Old Dogs and New TricksOld Dogs and New Tricks
Old Dogs and New TricksElizabeth Leddy
 
What does OOP stand for?
What does OOP stand for?What does OOP stand for?
What does OOP stand for?Colin Riley
 
React Conf 17 Recap
React Conf 17 RecapReact Conf 17 Recap
React Conf 17 RecapAlex Babkov
 
Puppet for SysAdmins
Puppet for SysAdminsPuppet for SysAdmins
Puppet for SysAdminsPuppet
 
IC3 -- Configuration Management 101
IC3 -- Configuration Management 101IC3 -- Configuration Management 101
IC3 -- Configuration Management 101Gabriel Schuyler
 
Y U NO CRAFTSMAN
Y U NO CRAFTSMANY U NO CRAFTSMAN
Y U NO CRAFTSMANPaul Blundell
 
Using the puppet debugger for lightweight exploration
Using the puppet debugger for lightweight explorationUsing the puppet debugger for lightweight exploration
Using the puppet debugger for lightweight explorationCorey Osman
 
3stages Wdn08 V3
3stages Wdn08 V33stages Wdn08 V3
3stages Wdn08 V3Boris Mann
 
Spaghetti gate
Spaghetti gateSpaghetti gate
Spaghetti gateJon Bachelor
 
Capistrano, Puppet, and Chef
Capistrano, Puppet, and ChefCapistrano, Puppet, and Chef
Capistrano, Puppet, and ChefDavid Benjamin
 
Life in the tech trenches (2015)
Life in the tech trenches (2015)Life in the tech trenches (2015)
Life in the tech trenches (2015)Julien SIMON
 
CTO Crunch avec Julien Simon, Viadeo
CTO Crunch avec Julien Simon, ViadeoCTO Crunch avec Julien Simon, Viadeo
CTO Crunch avec Julien Simon, ViadeoFrance Digitale
 
Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 

Weitere ähnliche Inhalte

Ähnlich wie Puppet Camp Chicago 2014: Puppet at backstop another year of lessons

Puppet for dummies - PHPBenelux UG edition
Puppet for dummies - PHPBenelux UG editionPuppet for dummies - PHPBenelux UG edition
Puppet for dummies - PHPBenelux UG editionJoshua Thijssen
 
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLoveOSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLoveNETWAYS
 
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012TEST Huddle
 
The Art Of Performance Tuning - with presenter notes!
The Art Of Performance Tuning - with presenter notes!The Art Of Performance Tuning - with presenter notes!
The Art Of Performance Tuning - with presenter notes!Jonathan Ross
 
The JavaScript Delusion
The JavaScript DelusionThe JavaScript Delusion
The JavaScript DelusionJUGBD
 
The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)Julien SIMON
 
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...Burr Sutter
 
What does OOP stand for?
What does OOP stand for?What does OOP stand for?
What does OOP stand for?Colin Riley
 
React Conf 17 Recap
React Conf 17 RecapReact Conf 17 Recap
React Conf 17 RecapAlex Babkov
 
Puppet for SysAdmins
Puppet for SysAdminsPuppet for SysAdmins
Puppet for SysAdminsPuppet
 
IC3 -- Configuration Management 101
IC3 -- Configuration Management 101IC3 -- Configuration Management 101
IC3 -- Configuration Management 101Gabriel Schuyler
 
Using the puppet debugger for lightweight exploration
Using the puppet debugger for lightweight explorationUsing the puppet debugger for lightweight exploration
Using the puppet debugger for lightweight explorationCorey Osman
 
3stages Wdn08 V3
3stages Wdn08 V33stages Wdn08 V3
3stages Wdn08 V3Boris Mann
 
Capistrano, Puppet, and Chef
Capistrano, Puppet, and ChefCapistrano, Puppet, and Chef
Capistrano, Puppet, and ChefDavid Benjamin
 
Life in the tech trenches (2015)
Life in the tech trenches (2015)Life in the tech trenches (2015)
Life in the tech trenches (2015)Julien SIMON
 
CTO Crunch avec Julien Simon, Viadeo
CTO Crunch avec Julien Simon, ViadeoCTO Crunch avec Julien Simon, Viadeo
CTO Crunch avec Julien Simon, ViadeoFrance Digitale
 

Ähnlich wie Puppet Camp Chicago 2014: Puppet at backstop another year of lessons (20)

Puppet for dummies - PHPBenelux UG edition
Puppet for dummies - PHPBenelux UG editionPuppet for dummies - PHPBenelux UG edition
Puppet for dummies - PHPBenelux UG edition
 
Sylius, the good choice
Sylius, the good choiceSylius, the good choice
Sylius, the good choice
 
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLoveOSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
 
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012
Graham Thomas - 10 Great but Now Overlooked Tools - EuroSTAR 2012
 
The Art Of Performance Tuning - with presenter notes!
The Art Of Performance Tuning - with presenter notes!The Art Of Performance Tuning - with presenter notes!
The Art Of Performance Tuning - with presenter notes!
 
The JavaScript Delusion
The JavaScript DelusionThe JavaScript Delusion
The JavaScript Delusion
 
The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)
 
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
 
Old Dogs and New Tricks
Old Dogs and New TricksOld Dogs and New Tricks
Old Dogs and New Tricks
 
What does OOP stand for?
What does OOP stand for?What does OOP stand for?
What does OOP stand for?
 
React Conf 17 Recap
React Conf 17 RecapReact Conf 17 Recap
React Conf 17 Recap
 
Puppet for SysAdmins
Puppet for SysAdminsPuppet for SysAdmins
Puppet for SysAdmins
 
IC3 -- Configuration Management 101
IC3 -- Configuration Management 101IC3 -- Configuration Management 101
IC3 -- Configuration Management 101
 
Y U NO CRAFTSMAN
Y U NO CRAFTSMANY U NO CRAFTSMAN
Y U NO CRAFTSMAN
 
Using the puppet debugger for lightweight exploration
Using the puppet debugger for lightweight explorationUsing the puppet debugger for lightweight exploration
Using the puppet debugger for lightweight exploration
 
3stages Wdn08 V3
3stages Wdn08 V33stages Wdn08 V3
3stages Wdn08 V3
 
Spaghetti gate
Spaghetti gateSpaghetti gate
Spaghetti gate
 
Capistrano, Puppet, and Chef
Capistrano, Puppet, and ChefCapistrano, Puppet, and Chef
Capistrano, Puppet, and Chef
 
Life in the tech trenches (2015)
Life in the tech trenches (2015)Life in the tech trenches (2015)
Life in the tech trenches (2015)
 
CTO Crunch avec Julien Simon, Viadeo
CTO Crunch avec Julien Simon, ViadeoCTO Crunch avec Julien Simon, Viadeo
CTO Crunch avec Julien Simon, Viadeo
 

Mehr von Puppet

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)Puppet
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscodePuppet
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codePuppet
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowPuppet
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Puppet
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppetPuppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping groundPuppet
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy SoftwarePuppet
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User GroupPuppet
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsPuppet
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet
 

Mehr von Puppet (20)

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyaml
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscode
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twenties
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance code
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approach
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automation
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliance
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNow
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden Windows
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael Pinson
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin Reeuwijk
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping ground
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User Group
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOps
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
 

Kürzlich hochgeladen

Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfVishalKumarJha10
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfayushiqss
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfproinshot.com
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxalwaysnagaraju26
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfkalichargn70th171
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfryanfarris8
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedDelhi Call girls
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456KiaraTiradoMicha
 

Kürzlich hochgeladen (20)

Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
 

Puppet Camp Chicago 2014: Puppet at backstop another year of lessons

  • 1. Puppet at Backstop Another year of lessons 1
  • 2. $ whoami ‣ Bill Weiss <bill@backstopsolutions.com> ‣ @BillWeiss ‣ Probably responsible for 90% of the badness in this talk, 25% of the good ‣ Still not a designer 2
  • 3. What’s this talk about? aka, who cares? 3
  • 4. 4 Image via MemeCrunch. Original owned by the History Channel.
  • 5. No, wait, that’s not it (Come talk to me afterward about that) 5
  • 6. ‣ I’m here to talk about things that work (and don’t) for us in our environment ‣ Hopefully most of it is useful to you ‣ Some might just be there so you can point and laugh 6
  • 7. –You “What the heck is Backstop?” 7
  • 9. SaaS for institutional investment firms ‣ That’s it. ‣ You’re probably not our target audience ‣ If you are, awesome, let’s talk later 9
  • 10. Some numbers ‣ ~195 Puppeted machines in production (US) ‣ ~350 total ‣ 2 datacenters, 2 AWS AZs, 1 office closet full of machines ‣ 50+ Engineering folks (IT, dev, QA, etc) Numbers of machines from MCollective! 10
  • 11. Logo owned by the CentOS project Logo also owned by Oracle, of course Logo owned by Oracle Logo by David Heinemeier Hansson 11
  • 12. ‣ Big application is J2EE on JBoss ‣ Lots of smaller bits (“services”) on Tomcat ‣ Second app is Ruby on Rails 12
  • 13. How ‘bout that Puppet? ‣ Moved to GitHub 2013/11/18 ‣ ~4100 commits since then (~15 commits/day!) ‣ 2700 from people outside sysadmin team ‣ ~1350 pull requests from 21 contributors 13
  • 14. The move to GitHub was awesome ‣ 4 years of Subversion before that had 29 authors and 6700 commits ‣ Other things at play here beside just s/svn/git/ , but it helped a lot ‣ How? 14
  • 15. ! git workflow ‣ Org-owned repo, two branches ‣ master ➡ production ‣ office ➡ testing (pre-prod) ‣ Everyone forks from master and sends pull requests to office ‣ Pull changes from office to master as needed 15
  • 16. ‣ Everyone has their own fork with work branches ‣ Branch names probably are Jira ticket numbers ‣ Everyone bases from master, not office, so we can pull changes independently 16
  • 17. This is why we have so many contributors 17
  • 18. ‣ If you’re a software shop, you already have a workflow. Do that ‣ Otherwise, this is working well for us 18
  • 19. " git hooks ‣ We had a pretty good set of pre-commit hooks in svn to test changes ‣ Github doesn’t do that # ‣ Git pre-commit hooks exist, but it’s up to each person to set them up ‣ No awesome answer yet ‣ The answer might be… 19
  • 20. ! Jenkins! ‣ We used to have this “deploy” job on the Puppet masters as a cron job: • (cd /etc/puppet && svn up) ‣ Nothing could go wrong there, right? ‣ For a while we just did it manually instead 20
  • 21. ‣ Jenkins polls for changes to either branch ‣ Runs a deploy job that grabs repo, runs librarian-puppet, a “build” step, and then pushes it out to the masters ‣ Determines masters via mco call ‣ All the good (and bad) of capistrano for the push 21
  • 22. 22 alias puppet-test='sudo puppet agent --test --noop -- environment' That deploys an environment titled UserBranch, camel-cased
  • 23. ‣ Jenkins also runs a test suite in parallel ‣ Some day that’ll be a precursor to the deploy job. Some day… 23
  • 24. " Sometimes you just want to do something to prod ‣ All that well-defined procedure means time for quick fixes goes up ‣ Make a branch, make some changes, commit, push, PR to office, merge, PR to prod, merge, run deploy… 24
  • 25. ‣ Possible answers here: • Pull some things out into their own repos • Accept that it’s slower • Tool it up, make the machines do the slow parts 25
  • 26. ! MCollective is still awesome 26 Original image: http://xkcd.com/353/ Cheapo editing courtesy OS X Preview “Annotate” Same graphic as last year’s talk. I love you, mco!
  • 27. It’s like Frank’s Red Hot ‣ Our deploys (not IT, app teams) now use it to figure out which machines to deploy to ‣ We wrote an agent for our VM system (Proxmox) Which, uh, evidently we haven’t released. Will do. ‣ Stop/start the world for Oracle maintenance 27
  • 28. " ActiveMQ is hard ‣ MCollective sits on top of ActiveMQ ‣ Easy, right? Just install it (with Puppet, even) and go to town ‣ Second datacenter? Yeah, just get them talking to each other and… 28
  • 30. Suddenly, one day… ‣ Pretend x is time ‣ y is memory usage ‣ That’s our activeMQ • At 2AM • Every day 30
  • 31. 31 “Sudden Clarity Clarence” via memecreator.eu Original image? Who knows. Might be Clarence.
  • 32. ‣ Long story short: make really sure your broker names are unique across your network ‣ Really really sure 32
  • 33. That won’t happen to us ‣ Maybe not ‣ Just know you’re adding another service you rely on ‣ Monitor it ‣ Measure it ‣ Have a game plan for what to do when it goes horribly wrong 33
  • 34. ‣ R.I.’s scripts [1] ‣ Erwan Ben Souiden, aka labynocle [2] ‣ A script I butchered to help 34 [1]: https://github.com/ripienaar/monitoring-scripts/tree/master/activemq [2]: https://github.com/labynocle/nagios_plugins_by_labynocle/tree/master/check_activeMQ [3]: https://github.com/BillWeiss/MiscScripts/blob/master/check_activemq.pl I know, I know, bleh, Nagios
  • 35. ! Cloudstack! ‣ It’s great ‣ Setup was easy ‣ Only using it in test now (so we only kinda care if the machines burn down) 35 That’s the CloudStack monkey, owned by the Apache Software Foundation
  • 36. ‣ Remember that puppet-test alias? ‣ That + CloudStack means people can build machines to test Puppet changes to ‣ I was surprised recently by a service that just showed up ready to run in prod, Puppet and all 36
  • 37. You don’t have to use CloudStack, but you need something like it ‣ That could be OpenStack, Vagrant, even some AWS credit ‣ You just need fast to build disposable machines 37
  • 38. " Would be better in prod ‣ We’re not yet running CloudStack in production. It’ll happen someday. ‣ So, while I’m singing its praises, I can’t say we’re all in. 38
  • 39. ! create_resources ‣ I have to show off one chunk of code ‣ Let me quote from TFM: 39 ‣ That’s vague, right? The example in TFM didn’t inspire me either, so I glossed over it for years. Converts a hash into a set of resources and adds them to the catalog.
  • 40. I already said something about Frank’s Red Hot, right? Almost everywhere I use it looks like this 40 $thing = loadYaml(“${yamlDir}/thing/${environment}.yaml”)
 create_resources( some::define, $thing ) That same YAML gets used in a bunch of those. backstopsolutions:
 lastOctet: 226
 clientFqdn: 'www.backstopsolutions.com'
 seconddn: 'backstopsolutions.com'
 includeFile: 'true'
  • 41. ‣ One define uses the lastOctet and some knowledge about our systems to set up an interface on the load balancers ‣ Another uses the hostnames to set up a couple of vhosts for the Rails app ‣ Yet another adds it into several DNS zones 41
  • 42. ‣ Another benefit: it’s YAML. You don’t have to write it by hand ‣ Grab some external data source, frob as needed, dump out some YAML. As long as you meet the spec, you’ll be fine 42
  • 43. Huge gotcha here ‣ Everything you pass that YAML to needs to do something with all the parameters named in the file ‣ Adding a field thus means changing all those defines ‣ We have a lot of ‘$foo = “dontcare”’ in there. Just come up with an idiom and stick to it ‣ You could probably do something clever to filter out params? 43
  • 44. " Maybe not everything goes in Puppet ‣ Last year I had this slide (included verbatim) 44
  • 45. Well, I can’t always be right 45
  • 46. ‣ Think to yourself: do I ever want to do this thing without running Puppet? ‣ Does it make sense for this to go through the same test -> prod cycle? ‣ Do the same people need to see this content as the Puppet manifests? ‣ Can it be generated in one place, or do you need to gather data from several? 46
  • 47. ‣ As we’ve grown to more sites and more Puppet masters, this has hurt all over the place ‣ The deploy concept (vs `svn up`) made a mess of the checkin of this derived data ‣ I still think it’s an OK approach, but it needs thought 47
  • 48. Examples ‣ DNS data: there’s only one actual copy of your DNS, and that’s what the world can see. What does a beta machine do with it? ‣ Load balancer configs: multiple datacenters need to know about each other, but can’t see the other’s database to derive config from 48
  • 50. Want to help out? We’re hiring 50 ‣ Sysadmins ‣ Developers (Rails or Java) ‣ Testers ‣ Lots more backstopsolutions.com/careers
  • 51. DevOpsDays Chicago! ‣ October 7th and 8th @ the Sears Tower ‣ CFP open until the 22nd ‣ Registration open now! Use code PUPPET_CAMP for 10% off
 devopsdays.org/events/2014-chicago/registration/ ‣ I might be on the committee 51 I refuse to call it the Willis Tower, y’all
  • 52. Puppet Users Group ‣ Hosted by this guy, downtown, ~monthly (coming soon!) ‣ meetup.com/Chicago-Puppet-users-group/ 52