2. John Painter Jon Spinks
Solutions Architect Solutions Architect
www.linkedin.com/in/painterj www.linkedin.com/in/jonspinks
sourcedgroup.com
3. Sourced Group architect and
deploy a globally distributed
multi-master puppet solution
for a large investment bank
February 2011
4. CUSTOMER REQUIREMENTS
• Provide a single point of control for a globally
distributed IT environment
• Reduce overall configuration drift in the existing
fleet
• Provide a change control process to manage code
updates
9. KEY TAKEAWAYS
• LDAP is a great distributed ENC
• Puppet Reports can be large en masse
• A Puppet Master can used to manage other
Puppet Masters
• Version control is critical as a basis for a change
control process
10. Sourced Group architect and
deploy a globally distributed
multi-master puppet solution
for a large investment bank
February 2011
11. Sourced are the first to onboard
an Asia Pacific
telecommunications company
onto AWS, powered by Puppet
Enterprise
February 2012
12. CUSTOMER REQUIREMENTS
• Provide a single point of control for instance
provisioning
• Provide infrastructure orchestration
• Maintain portability of applications to the
traditional data centre
22. CLOUDPACK UPLIFT
• Uplifted the existing Puppet CloudPack
to support AWS VPC
• Left Puppet Enterprise in the middle of
the provisioning and lifecycle
management
• Supported Multi-cloud provisioning
• http://www.youtube.com/watch?
v=mwiBjJZWraA
34. Infrastructure, deployment, and configuration
have standardised
!
It was not just servers that were transient, it was
entire application stacks
!
Cloud computing has significantly changed the
application lifecycle
39. PROBLEM SPACE
• Puppet Masters were designed to manage long lived
OS instances
• Transient compute doesn’t really need a dashboard
• Puppet Console accuracy was impacted by stale
instance data
• Requirement to simplify the Auto Scale process
40. MASTERLESS COMPONENTS
• CloudFormation for orchestration
• AWS EC2 Instance Tags provide node definition
• Facter is extended to understand AWS Instance
Metadata
• Manifests and modules are bundled and centrally
managed
• Centralised logging to provide state data
41. Version Control
CI/CD
AWS S3
Instance Instance Instance
Instance
Centralised Logging
44. KEY TAKEAWAYS
• Cloud Computing is fundamentally different
• Harnessing transient compute is extremely
valuable
• Losing the Puppet Master reduces overall
visibility when considering long lived and
transient instances as a whole
49. Autoscale BROKER Simple Queue Service (SQS)
Instance Instance
SNS Topic
Simple Notification Service (SNS)
Autoscaling Group
Instance Instance
50. KEY TAKEAWAYS
• Using a Puppet Master as a point of control for all
compute builds transparency
• The Puppet Master framework is very extensible
• PuppetDB is very valuable
• Leverage AWS Auto Scale orchestration features
54. Rather than making the OS a good candidate for
the application, we are now tailoring the
applications to be a good citizen of a standardised
compute platform.
55. Pivotal CF
Docker
Azure Pack
OpenShift
Examples of higher-level application delivery frameworks that can run on
AWS
59. In an ideal world with true vendor arbitrage we
would be able to deliver an application to AWS,
OpenShift on Rackspace and Docker running on
managed VMware using only CI/CD tooling
61. KEY TAKEAWAYS
• Through the adoption of PaaS the bar of
commoditisation continues to rise
• Governance and compliance are still critical
• Application delivery performance continues to
increase