MIXED ENVIRONMENTSCONFIGURATION & LIFECYCLE:

1

KIREEVDMITRY

2github.com/kireevco

DevOps, Tinkerer, Hacker

WE HAVE TO BE SUPERHEROES

We have no choice…

3

WORLDIDEAL

4

WORLD(LESS) IDEAL

5

REALITYBITTER

6

CONFIGURATION & LIFECYCLE: MIXED ENVIRONMENTS

LINUX VS WINDOWS: SO DIFFERENT

▸ ls vs dir

▸ bash vs cmd

▸ cat vs type

▸ $PATH vs %PATH%

▸ /boot vs C:\Windows

▸ ext4 vs NTFS

▸ apt-get vs ???

7

CAN THEY LIVE TOGETHER?

8

WE MUST LEARN TO LIVE TOGETHER AS BROTHERS OR PERISH TOGETHER AS FOOLS

Martin Luther King, Jr.

CONFIGURATION & LIFECYCLE: MIXED ENVIRONMENTS 9

- CONFIGURATION MANAGEMENT - LIFECYCLE MANAGEMENT

YES.We just need something that would make sense for both worlds:

10

CONFIGURATION MANAGEMENT

11

CONFIGURATION MANAGEMENT

WHEN IT IS MORE OF SPAGHETTI

▸ Scripts are hard to re-use

▸ High code duplication

▸ High entry point for new staff

▸ Low documentation quality

▸ No clear standards

▸ No business behind provision.sh

12

CONFIGURATION MANAGEMENT

BENEFITS OF CONFIGURATION MANAGEMENT

▸ Improved Efficiency (no more duplication and golden image maintenance. Almost like in Hollywood)

▸ Visibility

▸ Confidence (if a change is made it is made to a right range of systems)

▸ Auditability (source control and reports allow you to track all changes down)

▸ Predictability (rolling out a change is similar to a software release)

▸ Configuration Drift Remediation (two or more entities are identical)

▸ Living Documentation (configurations serve as a «source of truth» and are up-to-date)

▸ Captured Effort (two or more entities are identical)

13

CONFIGURATION MANAGEMENT

CROSS-PLATFORM

▸ Puppet

▸ Chef

▸ Ansible

▸ Salt

▸ CFEngine

WINDOWS PROPRIETARY

▸ PowerShell DSC

▸ SCCM

▸ WDS

▸ Dell KACE

14

CONFIGURATION MANAGEMENT

PUPPET: MULTI-PLATFORM SUPPORT

▸ Linux

▸ RHEL, Debian, Ubuntu, Fedora, SUSE, Gentoo, Arch

▸ BSD

▸ FreeBSD, OpenBSD

▸ Other Unix

▸ MacOS X, Solaris, AIX, HP-UX

▸ Microsoft Windows

15

CONFIGURATION MANAGEMENT

PUPPET: WINDOWS & LINUX SUPPORT

▸ IIS

▸ Powershell

▸ Windows Registry

▸ NewRelic Agent

▸ Apt-Get

▸ Nginx

▸ Bash

▸ Augeas

▸ NewRelic Agent

▸ Chocolatey

16

CONFIGURATION MANAGEMENT

PUPPET: DEFINED STATE OF RESOURCES

▸ Define

▸ Test

▸ Enforce

▸ Report

17

CONFIGURATION MANAGEMENT

WINDOWS

LINUX

FILE RESOURCE

18

CONFIGURATION MANAGEMENT

IIS CONFIG EXAMPLE

▸ Install IIS form scratch

▸ Site directory

▸ Hosts file entry

▸ IIS App Pool

▸ IIS Site

▸ IIS Application

▸ IIS Virtual Directory

▸ Includes SSL configuration

19

CONFIGURATION MANAGEMENT

NGINX CONFIG EXAMPLE

▸ Install and configure Nginx

▸ Set up reverse proxy

▸ Configure root location

20

CONFIGURATION MANAGEMENT

SOURCE CONTROL

21

CONFIGURATION MANAGEMENT

WINDOWS PACKAGE MANAGER

22

THIS?HOW DO WE USE

23

LIFE CYCLE MANAGEMENT

24

LIFECYCLE MANAGEMENT

CROSS-PLATFORM

▸ Puppet razor

▸ Chef knife-bootstrap

▸ Foreman (GUI, foreman-cli, REST)

WINDOWS PROPRIETARY

▸ SCCM

▸ WDS

▸ Dell KACE

25

LIFE CYCLE MANAGEMENT

Provisioning Configuration MonitoringProvision on bare-metal & public or private clouds all from one place with one simple process.

A complete configuration management solution including an ENC for Puppet and Salt, built-in support for parameterized classes and hierarchical parameter storage.

Collect Puppet, Chef and Salt reports and facts. Monitor host configuration, report status, distribution and trends.

THE FOREMAN

26

LIFE CYCLE MANAGEMENT

THE FOREMAN

▸ Platform agnostic provisioning

▸ CLI

▸ RBAC and LDAP integration

▸ Plugins

▸ API

▸ Audits

▸ Host groups

▸ ERB Templates

▸ PXEBoot, TFTP, Kickstart

27

LIFECYCLE MANAGEMENT 28

LIFECYCLE MANAGEMENT

HOST INFO

29

LIFECYCLE MANAGEMENT

HOST CONFIGURATION

30

LIFECYCLE MANAGEMENT

HOST CONFIGURATION

31

TEMPLATESFOREMAN

32

LIFECYCLE MANAGEMENT

UNATTEND.XML

33

Xml kickstart for Windows

LIFECYCLE MANAGEMENT

JOIN DOMAIN SNIPPET

34

LIFECYCLE MANAGEMENT

COMMUNITY TEMPLATES

35

WIMAGINGFOREMAN

36

LIFECYCLE MANAGEMENT

WIMAGING

▸ Linux style installation using http:// or ftp:// installation media

▸ No extra servers like WDS needed - all relevant settings can be configured in Foreman directly

▸ Official Microsoft utilities are used for all relevant setup stages making it easy to add (future) operating systems

▸ Driver installation during build time

▸ Support for localization settings (like time zone, locale, UI language)

▸ Optional domain join including target OU

▸ Optional local user creation

▸ Support for Foreman's root password using Base64 encoding

▸ Correctly report finished host building

▸ Optional software installation and user tasks at the end of the build (like installing puppet etc)

37

LIFECYCLE MANAGEMENT

WIMAGING: 10_INIT.CMD, CALLED FROM STARTNET.CMDDuring WinPE boot

38

LIFECYCLE MANAGEMENT

WIMAGING FLOW

▸ Create host (user)

▸ Download bootfiles

▸ Boot to WinPE via wimboot

▸ Partition disk

▸ Apply image

▸ Add drivers

▸ User software (Puppet)

▸ Finish script

▸ Reboot

39

LIFECYCLE MANAGEMENT

WIMAGING SETUP

▸ Clone repo

▸ Setup Foreman & Templates

▸ Setup Medium

▸ Produce boot medium

▸ Produce install medium

▸ Sync medium to http/ftp

▸ Provision host

40

CONFIGURATION & LIFECYCLE: MIXED ENVIRONMENTS

WHAT DO WE GET

▸ Infrastructure as a code

▸ Platform-agnostic

▸ Reusable code & templates (Puppet, ERB) that make sense

▸ Single point of entry for DevOps, Developers, APIs

▸ As much Open Source as possible (presence + contribution)

▸ Well supported (RedHat, PuppetLabs, Community)

41

QUESTIONS?All trademarks, logos, characters are properties of their respective owners.

(Or maybe a quick demo)

42

MIXED ENVIRONMENT

OTHER THINGS THAT I SHOULD’VE MENTIONED

▸ Foreman supports Chef, Salt Ansible

▸ profile::nginx::www_site_com vs provision.sh

▸ Chocolatey supports private repositories

▸ Puppet can also operate in server-less mode

▸ IntelliJ IDEA or RubyMine support puppet DSL

▸ Logstash is awesome

43