SlideShare a Scribd company logo

Puppet Camp Düsseldorf 2014: External Node Classifiers - Get Efficient and Do A Lot More (Beginner)

Puppet
Puppet

"External Node Classifiers - Get Efficient and Do A Lot More" (Beginner) - Anirban Saha, BlackRock given at Puppet Camp Düsseldorf 2014

Software
1 of 14
Download to read offline
Organizing Puppet nodes with External Node Classifiers and LDAP PuppetCamp Dusseldorf October, 2014
Objectives : • Organizing data and avoiding clutter • Learn the workflow of External Node Classifiers (ENCs) • How to write ENCs and demonstration • Learn the workflow of organizing node data with LDAP backend • How to configure LDAP for puppet nodes
Why bother to organize data ? because without it ….
• Prepare to scale for now and for the future • Adopt standardized naming conventions to be used in configuring ENCs and maintaining inventory • Practice the art of better module writing • Avoid unnecessary troubleshooting of nodes.pp • Educate teams to practice ENCs (and avoid malpractice such as defining resources in nodes.pp…believe me, they do this)
ENC Workflow • Basically a script in any language (Ruby, Python, Perl, etc) • Takes the hostname (FQDN) or certname as the sole argument • Manipulates the argument and collects the data as written in the script • Produces the output in YAML format • Output has three main keys – classes, parameters and environment • A basic example of the output : environment: production classes: - sudo - ssh - ntp parameters: location: datacenter3
ENC output explained Environment : The environment of the node (e.g. production, staging, development, etc.) being sync’d as configured in puppet Classes : List of modules configured in puppet and supposed to be sync’d with the node, e.g. classes: - groups - users - ntp Parameters : A list of top scope variables which can be used in any of the modules listed in the ‘classes ‘ section. The value of the ‘parameters’ key is a hash of variable names and their values, can be used in the modules and templates, e.g. parameters: puppetserver: puppet-dusseldorf adminserver: admin-dusseldorf location: dusseldorf
Puppet Configuration changes for ENC Following changes need to be made : In puppet configuration file of puppet master (lets say /opt/puppet/puppet.conf, if puppet conf directory is /opt/puppet) : [master] node_terminus = exec external_nodes = /opt/puppet/enc/node_classifier.rb All node classifier scripts need to be placed in the same directory (here /opt/puppet/enc)
ENC Demonstration ENC scripts present in this repository : https://github.com/rosesnthornz/puppetcamp-dusseldorf-2014.git Path to scripts : puppetcamp-dusseldorf-2014/enc_scripts/
Organizing Puppet Data with LDAP Prerequisites : • Active LDAP server or a new LDAP implementation • ruby-ldap package needs to be present on the Puppet worker node WorkFlow : • A new LDAP ‘objectclass’ called ‘puppetClient’ is added by extending the LDAP schema using the node terminus shipped with Puppet (/usr/share/puppet/ext/ldap/puppet.schema) • This schema adds some new attributes for the puppetClient objectclass as follows : • environment – equivalent to the ‘environment’ hash key in ENC scripts • puppetClass – equivalent to the ‘classes’ hash key in ENC scripts • puppetvar – equivalent to the ‘parameters’ hash key in ENC scripts • Each new node to be added to the Puppet database need to be added with the above attributes and objectclass in the LDAP directory
Puppet LDAP configuration steps Containers need to be added under the top-level organizations in LDAP as follows : dn: ou=hosts,dc=puppetcamp,dc=com objectclass: organizationalUnit ou: hosts dn: ou=production,ou=hosts,dc=puppetcamp,dc=com objectclass: organizationalUnit ou: production dn: ou=staging,ou=hosts,dc=puppetcamp,dc=com objectclass: organizationalUnit ou: staging The containers above represent each of the environments configured in the Puppet infrastructure
Puppet LDAP configuration steps The nodes need to be configured and added to LDAP as follows : dn: cn=pcdppms01.puppetcamp.com,ou=production,ou=hosts,dc=puppetcamp,dc=com objectclass: puppetClient objectclass: device environment: production puppetClass: groups puppetClass: sudo puppetClass: users::ops puppetClass: users::keys puppetvar: location='puppetcamp_dusseldorf' puppetvar: puppetserver='172.31.84.91' puppetvar: adminserver='172.31.0.2‘ The above configuration needs to be populated in ldif files and added to the LDAP directory
Puppet configuration changes for LDAP The following changes need to be done in puppet.conf on the puppet master node to use LDAP as the node backend: node_terminus = ldap ldapserver = ldap.puppetcamp.com ldapbase = ou=hosts,dc=puppetcamp,dc=com The puppet master then needs to be restarted for the changes to take effect
LDAP Demonstration LDAP files present in this repository : https://github.com/rosesnthornz/puppetcamp-dusseldorf-2014.git Path to files : puppetcamp-dusseldorf-2014/ldap/
Contact: Anirban Saha Email : sahaanirban1988@gmail.com Twitter : @rosesnthornz Skype : anirban.saha.88

Recommended

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)Puppet
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscodePuppet
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codePuppet
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 

Recommended

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)Puppet
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscodePuppet
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codePuppet
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowPuppet
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Puppet
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppetPuppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping groundPuppet
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy SoftwarePuppet
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User GroupPuppet
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsPuppet
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Puppet in k8s, Miroslav Hadzhiev
Puppet in k8s, Miroslav HadzhievPuppet in k8s, Miroslav Hadzhiev
Puppet in k8s, Miroslav HadzhievPuppet
 
Bolt on Windows - James Pogran
Bolt on Windows - James PogranBolt on Windows - James Pogran
Bolt on Windows - James PogranPuppet
 
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...Puppet
 
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020Puppet
 
Navigating the new normal with self healing infrastructure automation
Navigating the new normal with self healing infrastructure automationNavigating the new normal with self healing infrastructure automation
Navigating the new normal with self healing infrastructure automationPuppet
 
Take control of your DevOps Dumping Ground; Melissa Sussmann
Take control of your DevOps Dumping Ground; Melissa SussmannTake control of your DevOps Dumping Ground; Melissa Sussmann
Take control of your DevOps Dumping Ground; Melissa SussmannPuppet
 
Ben ford intro
Ben ford introBen ford intro
Ben ford introPuppet
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2
 

More Related Content

More from Puppet

Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowPuppet
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Puppet
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppetPuppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping groundPuppet
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy SoftwarePuppet
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User GroupPuppet
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsPuppet
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Puppet in k8s, Miroslav Hadzhiev
Puppet in k8s, Miroslav HadzhievPuppet in k8s, Miroslav Hadzhiev
Puppet in k8s, Miroslav HadzhievPuppet
 
Bolt on Windows - James Pogran
Bolt on Windows - James PogranBolt on Windows - James Pogran
Bolt on Windows - James PogranPuppet
 
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...Puppet
 
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020Puppet
 
Navigating the new normal with self healing infrastructure automation
Navigating the new normal with self healing infrastructure automationNavigating the new normal with self healing infrastructure automation
Navigating the new normal with self healing infrastructure automationPuppet
 
Take control of your DevOps Dumping Ground; Melissa Sussmann
Take control of your DevOps Dumping Ground; Melissa SussmannTake control of your DevOps Dumping Ground; Melissa Sussmann
Take control of your DevOps Dumping Ground; Melissa SussmannPuppet
 
Ben ford intro
Ben ford introBen ford intro
Ben ford introPuppet
 

More from Puppet (20)

Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliance
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNow
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden Windows
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael Pinson
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin Reeuwijk
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping ground
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User Group
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOps
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin Reeuwijk
 
Puppet in k8s, Miroslav Hadzhiev
Puppet in k8s, Miroslav HadzhievPuppet in k8s, Miroslav Hadzhiev
Puppet in k8s, Miroslav Hadzhiev
 
Bolt on Windows - James Pogran
Bolt on Windows - James PogranBolt on Windows - James Pogran
Bolt on Windows - James Pogran
 
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
 
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020
Manage your Windows Infrastructure with Puppet Bolt - August 26 - 2020
 
Navigating the new normal with self healing infrastructure automation
Navigating the new normal with self healing infrastructure automationNavigating the new normal with self healing infrastructure automation
Navigating the new normal with self healing infrastructure automation
 
Take control of your DevOps Dumping Ground; Melissa Sussmann
Take control of your DevOps Dumping Ground; Melissa SussmannTake control of your DevOps Dumping Ground; Melissa Sussmann
Take control of your DevOps Dumping Ground; Melissa Sussmann
 
Ben ford intro
Ben ford introBen ford intro
Ben ford intro
 

Recently uploaded

WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisamasabamasaba
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...masabamasaba
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationJuha-Pekka Tolvanen
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 

Recently uploaded (20)

WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 

Puppet Camp Düsseldorf 2014: External Node Classifiers - Get Efficient and Do A Lot More (Beginner)

  • 1. Organizing Puppet nodes with External Node Classifiers and LDAP PuppetCamp Dusseldorf October, 2014
  • 2. Objectives : • Organizing data and avoiding clutter • Learn the workflow of External Node Classifiers (ENCs) • How to write ENCs and demonstration • Learn the workflow of organizing node data with LDAP backend • How to configure LDAP for puppet nodes
  • 3. Why bother to organize data ? because without it ….
  • 4. • Prepare to scale for now and for the future • Adopt standardized naming conventions to be used in configuring ENCs and maintaining inventory • Practice the art of better module writing • Avoid unnecessary troubleshooting of nodes.pp • Educate teams to practice ENCs (and avoid malpractice such as defining resources in nodes.pp…believe me, they do this)
  • 5. ENC Workflow • Basically a script in any language (Ruby, Python, Perl, etc) • Takes the hostname (FQDN) or certname as the sole argument • Manipulates the argument and collects the data as written in the script • Produces the output in YAML format • Output has three main keys – classes, parameters and environment • A basic example of the output : environment: production classes: - sudo - ssh - ntp parameters: location: datacenter3
  • 6. ENC output explained Environment : The environment of the node (e.g. production, staging, development, etc.) being sync’d as configured in puppet Classes : List of modules configured in puppet and supposed to be sync’d with the node, e.g. classes: - groups - users - ntp Parameters : A list of top scope variables which can be used in any of the modules listed in the ‘classes ‘ section. The value of the ‘parameters’ key is a hash of variable names and their values, can be used in the modules and templates, e.g. parameters: puppetserver: puppet-dusseldorf adminserver: admin-dusseldorf location: dusseldorf
  • 7. Puppet Configuration changes for ENC Following changes need to be made : In puppet configuration file of puppet master (lets say /opt/puppet/puppet.conf, if puppet conf directory is /opt/puppet) : [master] node_terminus = exec external_nodes = /opt/puppet/enc/node_classifier.rb All node classifier scripts need to be placed in the same directory (here /opt/puppet/enc)
  • 8. ENC Demonstration ENC scripts present in this repository : https://github.com/rosesnthornz/puppetcamp-dusseldorf-2014.git Path to scripts : puppetcamp-dusseldorf-2014/enc_scripts/
  • 9. Organizing Puppet Data with LDAP Prerequisites : • Active LDAP server or a new LDAP implementation • ruby-ldap package needs to be present on the Puppet worker node WorkFlow : • A new LDAP ‘objectclass’ called ‘puppetClient’ is added by extending the LDAP schema using the node terminus shipped with Puppet (/usr/share/puppet/ext/ldap/puppet.schema) • This schema adds some new attributes for the puppetClient objectclass as follows : • environment – equivalent to the ‘environment’ hash key in ENC scripts • puppetClass – equivalent to the ‘classes’ hash key in ENC scripts • puppetvar – equivalent to the ‘parameters’ hash key in ENC scripts • Each new node to be added to the Puppet database need to be added with the above attributes and objectclass in the LDAP directory
  • 10. Puppet LDAP configuration steps Containers need to be added under the top-level organizations in LDAP as follows : dn: ou=hosts,dc=puppetcamp,dc=com objectclass: organizationalUnit ou: hosts dn: ou=production,ou=hosts,dc=puppetcamp,dc=com objectclass: organizationalUnit ou: production dn: ou=staging,ou=hosts,dc=puppetcamp,dc=com objectclass: organizationalUnit ou: staging The containers above represent each of the environments configured in the Puppet infrastructure
  • 11. Puppet LDAP configuration steps The nodes need to be configured and added to LDAP as follows : dn: cn=pcdppms01.puppetcamp.com,ou=production,ou=hosts,dc=puppetcamp,dc=com objectclass: puppetClient objectclass: device environment: production puppetClass: groups puppetClass: sudo puppetClass: users::ops puppetClass: users::keys puppetvar: location='puppetcamp_dusseldorf' puppetvar: puppetserver='172.31.84.91' puppetvar: adminserver='172.31.0.2‘ The above configuration needs to be populated in ldif files and added to the LDAP directory
  • 12. Puppet configuration changes for LDAP The following changes need to be done in puppet.conf on the puppet master node to use LDAP as the node backend: node_terminus = ldap ldapserver = ldap.puppetcamp.com ldapbase = ou=hosts,dc=puppetcamp,dc=com The puppet master then needs to be restarted for the changes to take effect
  • 13. LDAP Demonstration LDAP files present in this repository : https://github.com/rosesnthornz/puppetcamp-dusseldorf-2014.git Path to files : puppetcamp-dusseldorf-2014/ldap/
  • 14. Contact: Anirban Saha Email : sahaanirban1988@gmail.com Twitter : @rosesnthornz Skype : anirban.saha.88