Puppet and Software Delivery with Puppet Code

Puppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software deliveryPuppet and Software delivery
Shipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet codeShipping your product with Puppet code
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
Belgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User GroupBelgian Puppet User Group
March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015March 17, 2015

$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user$::user
• Open-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.euOpen-Source consultant at inuits.eu
• Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011Puppet User since 2011
• Speaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at PuppetcampsSpeaker/attendee at Puppetcamps
• Member of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUGMember of the Belgian PUG
• Puppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributorPuppet core contributor
• Puppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributorPuppet(labs) modules contributor
• @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github

Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015Welcome in 2015
• VVVVVVVVVVVVVVVVVirtualization
• CCCCCCCCCCCCCCCCContainers
• CCCCCCCCCCCCCCCCCloud
• SSSSSSSSSSSSSSSSStateless software
• SSSSSSSSSSSSSSSSScalable daemons

Distributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing SoftwareDistributing Software
• Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)Plain FTP (+SCM)
• TarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarballTarball
• Self-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarballSelf-extracting tarball
• curl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bashcurl|bash
• Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?Containers? What's inside?
• Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)Packages (.deb, .rpm,…)

Real WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal WorldReal World
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/kwarz/13293732384/

Welcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my worldWelcome in my world
• CCCCCCCCCCCCCCCCComplex SW
• SSSSSSSSSSSSSSSSSelf-hosting
• SSSSSSSSSSSSSSSSStateless software
• SSSSSSSSSSSSSSSSScalable daemons

Software distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distributionSoftware distribution
• SSSSSSSSSSSSSSSSSoftware (Source code or binaries)
• UUUUUUUUUUUUUUUUUser guide
• IIIIIIIIIIIIIIIIInstallation guide
• PPPPPPPPPPPPPPPPPeople who install the software

Challenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distributionChallenges of SW distribution
• AAAAAAAAAAAAAAAAArtifacts
• SSSSSSSSSSSSSSSSSecurity
• HHHHHHHHHHHHHHHHHW requirements
• SSSSSSSSSSSSSSSSSW requirements
• UUUUUUUUUUUUUUUUUpgrades
• MMMMMMMMMMMMMMMMMaintenance
• MMMMMMMMMMMMMMMMMonitoring

IntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroduction

Artifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: PackagingArtifacts: Packaging
• Consistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file listsConsistency checks, file lists
• Dependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolvingDependencies resolving
• RepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositoriesRepositories
• GPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-SigningGPG-Signing
• Lots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of toolsLots of tools
• VersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioningVersioning
• Unique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible buildUnique artifacts, reproducible build
• CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)CfgMgmt integration (Puppet, Chef…)

DependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependencies
• Use packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages alsoUse packages also
• Version your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositoriesVersion your repositories
• Test your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependenciesTest your dependencies
• Distribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packagesDistribution, Upstream packages
• Mirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream reposMirror and cherry pick from upstream repos
• Limit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependenciesLimit the number of dependencies

AutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomationAutomation
• AAAAAAAAAAAAAAAAAutomate all the things
• OOOOOOOOOOOOOOOOOS, Monitoring, Application
• RRRRRRRRRRRRRRRRReproducable builds
• RRRRRRRRRRRRRRRRRepositories management

Cultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changesCultural changes
• NNNNNNNNNNNNNNNNNo more manual work
• UUUUUUUUUUUUUUUUUse an appropriate toolchain
• MMMMMMMMMMMMMMMMManual action = Error prone
• WWWWWWWWWWWWWWWWWhat did I change 3 years ago?

DocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentationDocumentation
• NNNNNNNNNNNNNNNNNo more complex install guides
• PPPPPPPPPPPPPPPPPuppet training
• VVVVVVVVVVVVVVVVValid for several products

Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/jimmcd/4859841581

PuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppetPuppet
• WWWWWWWWWWWWWWWWWidely used Automation tool
• VVVVVVVVVVVVVVVVVery mature
• CCCCCCCCCCCCCCCCClient/Server mode
• SSSSSSSSSSSSSSSSStandalone mode
• DDDDDDDDDDDDDDDDDeclarative
• SSSSSSSSSSSSSSSSScales

What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?What to automate?
Application
Reverse Proxy / Databases
Monitoring
Operation System
Platform

To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?To manage or not?
You have to be able to chose which
part you will setup with Puppet.

Use Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modulesUse Puppet modules
Use separate meta-modules for OS,
Dependencies, Monitoring,
Application… And include them only
of needed.

Yes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noopYes, no or noop
• IIIIIIIIIIIIIIIIInclude or not each class
• YYYYYYYYYYYYYYYYYou can put a whole class in no-op
• include myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_osinclude myapp_os
• class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}class {'myapp_os': noop => true,}

Puppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet ModulesPuppet Modules

External modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modulesExternal modules
• PPPPPPPPPPPPPPPPPick the best ones
• PPPPPPPPPPPPPPPPPuppetlabs modules
• UUUUUUUUUUUUUUUUUpstream modules
• MMMMMMMMMMMMMMMMModules active on Github
• FFFFFFFFFFFFFFFFForge rating
• TTTTTTTTTTTTTTTTTesting, doc
• MMMMMMMMMMMMMMMMModules that fit your usecase

Review the modules you plan to include. You
do not want bad code in your app, why
would you want it in the code that deploys
your app?

Contribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute backContribute back
• GGGGGGGGGGGGGGGGGet feedback (peer review)
• EEEEEEEEEEEEEEEEEasier to maintain in long term
• FFFFFFFFFFFFFFFFForces you to write tests
• HHHHHHHHHHHHHHHHHelp other people
• PPPPPPPPPPPPPPPPPuppet is not your core business

Your modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modulesYour modules
• EEEEEEEEEEEEEEEEEveryone has write access
• FFFFFFFFFFFFFFFFFollow code standards (puppet-lint)
• BBBBBBBBBBBBBBBBBe future-proof
• SSSSSSSSSSSSSSSSSeparation between code and data

Your puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet treeYour puppet tree
• YYYYYYYYYYYYYYYYYour tree is next to your app code
• SSSSSSSSSSSSSSSSSubmodules of your app
• GGGGGGGGGGGGGGGGGets the same version number
• PPPPPPPPPPPPPPPPParameters matches your apps parameters

Distribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your treeDistribute your tree
• PPPPPPPPPPPPPPPPPackage the whole tree in a package
• UUUUUUUUUUUUUUUUUse package dependencies to pull puppet
• MMMMMMMMMMMMMMMMMaybe add a helper script for the first run

• YYYYYYYYYYYYYYYYYour tree is next to your app code
• SSSSSSSSSSSSSSSSSubmodules of your app
• GGGGGGGGGGGGGGGGGets the same version number
• CCCCCCCCCCCCCCCCContains the right parameters

Puppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterlessPuppet Agent or masterless
• PPPPPPPPPPPPPPPPPuppet has 2 modes
• PPPPPPPPPPPPPPPPPull your catalog
• AAAAAAAAAAAAAAAAApply it from files
• BBBBBBBBBBBBBBBBBoth have advantages
• DDDDDDDDDDDDDDDDDepends on what you want

Masterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless modeMasterless mode
• OOOOOOOOOOOOOOOOOne-time run
• NNNNNNNNNNNNNNNNNo daemon running
• NNNNNNNNNNNNNNNNNo need for a Puppet master
• NNNNNNNNNNNNNNNNNo exported resources
• NNNNNNNNNNNNNNNNNo PuppetDB

Agent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent modeAgent mode
• RRRRRRRRRRRRRRRRRun every X time (to be tuned)
• CCCCCCCCCCCCCCCCConsitency check
• RRRRRRRRRRRRRRRRRequires one master
• PPPPPPPPPPPPPPPPPuppet daemon running (as root)
• RRRRRRRRRRRRRRRRReports sent to the master

PuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDBPuppetDB
• RRRRRRRRRRRRRRRRRequires a master
• SSSSSSSSSSSSSSSSStores facts and reports
• EEEEEEEEEEEEEEEEEasy to query
• DDDDDDDDDDDDDDDDDashboards available
• EEEEEEEEEEEEEEEEExported resources

HieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHieraHiera
• DDDDDDDDDDDDDDDDData separation
• YYYYYYYYYYYYYYYYYou classes should have a stable API
• YYYYYYYYYYYYYYYYYour main class dispatches to other
modules
• UUUUUUUUUUUUUUUUUse functions:
▶ cccccccccccccccccreate_resource
▶ mmmmmmmmmmmmmmmmmysql_deepmerge

Automatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter LookupAutomatic Parameter Lookup
• class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"class::param: "foobar"
• AAAAAAAAAAAAAAAAAvailable in Puppet 3+
• SSSSSSSSSSSSSSSSShould be avoided (obscurification)
• NNNNNNNNNNNNNNNNNice to have for edge cases

SecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecuritySecurity
• PPPPPPPPPPPPPPPPPuppet agent runs as root
• TTTTTTTTTTTTTTTTThe master runs as "puppet" user
• IIIIIIIIIIIIIIIIIsolated on a separated host
• PPPPPPPPPPPPPPPPPuppetDB/Server only listens to Loopback
• PPPPPPPPPPPPPPPPPut a reverse proxy (even for server)

Security - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/ServerSecurity - Master/Server
• DDDDDDDDDDDDDDDDDo not use autosign
• YYYYYYYYYYYYYYYYYou can rely on external CA
• IIIIIIIIIIIIIIIIIsolate the service from the application
• QQQQQQQQQQQQQQQQQuery PuppetDB from your monitoring tool

Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet

Pre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing PuppetPre Existing Puppet
• TTTTTTTTTTTTTTTTThere might be a puppet setup
• WWWWWWWWWWWWWWWWWork in a separated environment
• PPPPPPPPPPPPPPPPPuppet hieradata in a subdirectory
• PPPPPPPPPPPPPPPPPrefix your custom functions
• BBBBBBBBBBBBBBBBBe careful with exported resources

RuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntimeRuntime

Deploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet treeDeploy your Puppet tree
• IIIIIIIIIIIIIIIIInstall your puppet tree package
• IIIIIIIIIIIIIIIIInstall the hiera files (versioned?)
• OOOOOOOOOOOOOOOOOne puppet apply to deploy a basic server
• TTTTTTTTTTTTTTTTThen the first agent run to deploy PuppetDB
and the rest
• TTTTTTTTTTTTTTTTThere is no puppetlabs-puppet module

ConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusion

Shipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet codeShipping with puppet code
• EEEEEEEEEEEEEEEEEveryone gets benefits
• FFFFFFFFFFFFFFFFFrom devs to QA to customers
• NNNNNNNNNNNNNNNNNeed to review how you release
• NNNNNNNNNNNNNNNNNeed to review how you deploy your OS
• PPPPPPPPPPPPPPPPPuppet code is part of your app

AdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantagesAdvantages
• SSSSSSSSSSSSSSSSSetup your app easily (internally and
externally)
• GGGGGGGGGGGGGGGGGet consistent deployments at several
customer
• PPPPPPPPPPPPPPPPPredict what will be deployed
• GGGGGGGGGGGGGGGGGet a clear view of the infrastructure
• SSSSSSSSSSSSSSSSSay bye bye to long procedures

There is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is workThere is work
• BBBBBBBBBBBBBBBBBig cultural changes
▶ RRRRRRRRRRRRRRRRRoot access?
▶ TTTTTTTTTTTTTTTTThe shell script works…
▶ IIIIIIIIIIIIIIIII can't do X anymore…
• PPPPPPPPPPPPPPPPPurge old artifacts on updates
• DDDDDDDDDDDDDDDDDeal with your data
• KKKKKKKKKKKKKKKKKeep that infra up to date

Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!Open the pandora box!
• MMMMMMMMMMMMMMMMMonitoring
• BBBBBBBBBBBBBBBBBest practices enforcement
• RRRRRRRRRRRRRRRRRepositories management
• BBBBBBBBBBBBBBBBBring your own tools

Thank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank youThank you
Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?Any question?

ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact
julien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu
@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie
inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuits
https://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu
info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu
+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636

Puppet and Software Delivery with Puppet Code

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Puppet and Software Delivery with Puppet Code

Ähnlich wie Puppet and Software Delivery with Puppet Code (20)

Mehr von Julien Pivotto

Mehr von Julien Pivotto (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Puppet and Software Delivery with Puppet Code