Business Continuity Planning with Bareos and rear (Loadays 2015)
Puppet managed loadays
-
Upload
loadays -
Category
Technology
-
view
855 -
download
1
Transcript of Puppet managed loadays
![Page 1: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/1.jpg)
login
Puppetmanaged.orgHow to use it in
yourenvironment
![Page 2: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/2.jpg)
id
uid=500(Yaakov M. Nemoy) gid=500(Human) groups=10(wheel),501(Fedora Project Ambassador),502(Puppetmanaged.org
Developer),503(RHCE),666(UMC Utrecht BOFH)
![Page 3: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/3.jpg)
elinks
● Puppetmanaged.org is a collection of (mostly) standalone common puppet modules for per service deployment of your infrastructure
● It's designed around principles of good configuration management
![Page 4: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/4.jpg)
elinks
● Puppet● Mysql● Apache● Bind● Cobbler● Yum● Samba
● Zarafa● Openldap● Openvpn● Postfix● Monit● Munin● Nagios
![Page 5: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/5.jpg)
elinks
● Authconfig● Autofs● Func● Iptables● NFS● NTP● Rsync
● Selinux● Ssh● Sudo● Trac● Virt● Xen● Pam
![Page 6: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/6.jpg)
elinks
● Each module contains● A bunch of file declarations● Gets your service up and running● RHEL default configurations● Well defined classes with logical meaning● Every class has a disabled subclass for cleanup● A pony – development, testing, and production
branches
![Page 7: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/7.jpg)
elinks
● pm.org is file based – just deliver the files and get out of the way
● There are five options for file locations● Environment + Host● Environment● System Wide + Host● System Wide● PM.org default
![Page 8: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/8.jpg)
elinks
● puppet://$server/private/$environment/webserver/httpd.conf.$hostname
● puppet://$server/private/$environment/webserver/httpd.conf
● puppet://$server/files/webserver/httpd.conf.$hostname
● puppet://$server/files/webserver/httpd.conf
● puppet://$server/webserver/httpd.conf
![Page 9: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/9.jpg)
elinks
node 'node1.example.org' { include webserver
webserver::virtualhost { "www.example.org": enable => true }
webserver::module::enable { "php": enable => true }}
![Page 10: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/10.jpg)
elinks
● Uses definitions to create pseudo resources● Makes these modules very easy to adopt● Easy to deploy in your current infrastructure,
one module at a time● Easy to collaborate with upstream on
![Page 11: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/11.jpg)
git clone
All modules in a git repository
![Page 12: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/12.jpg)
make
● All you need is a git repo with a directory per module
● Each branch is a seperate environment● The master branch is the site-wide
configuration● The pm.org puppet module handles the rest
![Page 13: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/13.jpg)
make
● Some services require OS version specific files, then you get twenty options● OS + minor version● OS + major version● OS● Default
● For example:● pam
![Page 14: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/14.jpg)
make install
● ah... um.....
![Page 15: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/15.jpg)
make install
● Actually this slide should be febootstrap/debootstrap
![Page 16: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/16.jpg)
git svn
I can't talk about how to fix this in your environment...
![Page 17: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/17.jpg)
git svn
Or can i?
[Insert Shamless Hire Me Plug]
![Page 18: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/18.jpg)
git svn
The UMC Utrecht DBG née Genomics Center is a public institution, so we can talk about how we
solved the problem there
![Page 19: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/19.jpg)
git foo
● There are good gateways for git and other source control
![Page 20: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/20.jpg)
git svn
● We started with an old experimental version of pm.org● conf/manifests – this is our site manifest● distr/modules – one git repo per module● distr/files – legacy files● distr/files/private – file domain structure
● We only have one environment currently
![Page 21: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/21.jpg)
git branch
● Each repo is cloned into the svn, then branched to a umc specific branch
● Since we're using svn, i freely use git rebase, so it's obvious which patches are not yet upstream
● The diff between development and umc is meant to be as short as possible
![Page 22: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/22.jpg)
emacs
● Our umc branches normally just edit file locations and comment out code defined in legacy
● UMC specific classes are in conf/manifests/classes/*pp
![Page 23: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/23.jpg)
git rebase
● Every time i commit to git, i can also commit it to our SVN
● Everytime someone else commits to svn, i can rebase the git on top
![Page 24: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/24.jpg)
git push
● Commiting is then very easy, just switch to the right branch and push
● git format patch is great● There is a devel mailing list open for patches● Frequent patchers can probably get commit
access
![Page 25: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/25.jpg)
publican
● Documentation is yet another git repo● We store it at documentation/● We branch and merge like usual
![Page 26: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/26.jpg)
make install
● Move all code into modules or classes● Migrate to pm.org's puppet module managing
site.pp● Sort all files into distr/files/private● Ensure every module we have is pm.org quality
![Page 27: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/27.jpg)
make install
● Move each git repo to its own toplevel in svn (except maybe distr/modules)
● git-svn handles mapping svn branches● Fix the puppet module to do svn too
![Page 28: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/28.jpg)
cat /dev/future
● Environments per working group● Each group has write access to their own branch
● Porcelain – extensions on top of pm.org standard
● More modules● Better integration with external nodes
![Page 29: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/29.jpg)
who
● ogd.nl● kolabsys.com● genomicscenter.nl● op.umcutrecht.nl● berica.nl● fedoraunity.org● puppetmanaged.org
● rpmfusion.org● kanarip.com
![Page 30: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/30.jpg)
wget puppetmanaged.org
● http://www.puppetmanaged.org/● http://git.puppetmanaged.org/● http://www.puppetmanaged.org/mailman/listinfo
● Commits● Devel● Users
![Page 31: Puppet managed loadays](https://reader033.fdocuments.in/reader033/viewer/2022052621/558585ddd8b42aac148b4e47/html5/thumbnails/31.jpg)
questions?
● [email protected]● loupgaroublond on practically every social
network, especially freenode● #[email protected]● Or just annoy kanarip
● the one with the ugly haircut