PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of...
-
Upload
puppet -
Category
Technology
-
view
95 -
download
1
Transcript of PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of...
![Page 1: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/1.jpg)
The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan
![Page 2: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/2.jpg)
environment
how
lessons
future
2
![Page 3: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/3.jpg)
environment
3
![Page 4: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/4.jpg)
service catalog
Alumni and Advancement
Consumer Information
Facilities Mangement
Library Systems
Application Development
Content and Collaboration
Finance and Procurement
Printing Services
Assesment Services
Device Management Human Resources Relationship Management
BroadCast and Streaming
Email and Calendering
Identity and Access Reporting, Data and Analytics
Classroom Technology
Emergency Notification
Learning Management
Research Computing
Communications E-Portfolio Lecture Capture Storage
4
![Page 5: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/5.jpg)
application catalog
5
![Page 6: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/6.jpg)
before
• templates
• automation
• group policy
• scripts
• manual documentation
6
![Page 7: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/7.jpg)
challenges
● change control
● culture change
● development/test/production
● ill defined standards
● silos
7
![Page 8: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/8.jpg)
why bother
8
![Page 9: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/9.jpg)
we have problems
• speed up deployment.
• configuration drift
• standardize
• troubleshooting
9
![Page 10: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/10.jpg)
how
10
![Page 11: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/11.jpg)
getting started
• weekly architecture team meetings
• puppet ramp up project
• on site training
11
![Page 12: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/12.jpg)
puppet architecture # production branch control-repo/PuppetFile
forge http://forge.puppetlabs.com
# Modules from the Puppet Forge
mod "puppetlabs/inifile", '1.4.2‘
# systems written modules
moduledir 'site-modules/systems'
mod 'profiles',
:git => '[email protected]:puppet/profiles.git',
:ref => 'production'
mod 'roles',
:git => '[email protected]:puppet/roles.git',
:ref => 'production'
12
![Page 13: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/13.jpg)
initial git code workflow
13
production
test
development
merge
merge
![Page 14: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/14.jpg)
better git code workflow
14 14
production
test
development merge
merge
feature
merge
![Page 15: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/15.jpg)
15
![Page 16: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/16.jpg)
class roles::analytics {
include profiles::base_rhel
include profiles::apache
include profiles::mod_auth_cas
include profiles::mysql
::apache::mod { 'auth_basic': }
::apache::mod { 'authn_file': }
class { 'profiles::php':
display_errors => 'Off',
display_startup_errors => 'On',
track_errors => 'On',
}
class profiles::mod_auth_cas {
package { 'sds-mod_auth_cas': ensure => 'installed',}
file { '/etc/httpd/conf.d/z50_mod_auth_cas.conf':
ensure => present,
require => Package['httpd'],
content => '# CAS setup
LoadModule auth_cas_module modules/mod_auth_cas.so
CASCookiePath /var/mod_auth_cas/
CASLoginURL https://<redacted>/cas/login
CASValidateURL https://<redacted>/cas/serviceValidate
CASTimeout 36000
CASIdleTimeout 3600
<Location /> CASScope / </Location>',}
16
![Page 17: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/17.jpg)
class roles::cs_bookware_as {
case $::hostname {
/^books(dev|test)?$/: {
accounts::user {'SASK':
comment => 'Bookware application account',
home => '/home/SASK/USERS',
home_mode => '750',
}
/^booksdb(dev|test)?$/: {
postgresql::server::config_entry { 'max_connections' :
ensure => present,
value => '200',
}
17
![Page 18: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/18.jpg)
18
![Page 19: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/19.jpg)
19
![Page 20: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/20.jpg)
useful mco commands
mco find –W profiles::apache
mco puppet disable "Investigating a problem with the apache module. -NF" -
C /profiles::apache/
mco package mariadb status
20
![Page 21: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/21.jpg)
lessons
21
![Page 22: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/22.jpg)
lessons learned
• confine custom facts by kernel
• confine :kernel => %w(Linux SunOS FreeBSD Darwin)
• https://puppet.com/blog/wsus-client-module-beginners-guide
• long lived branches make more work
• base_os generic role
22
![Page 23: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/23.jpg)
more lessons
Windows I can do that with a
gpo
Linux I have to do a lot of
typing just to change one file?
Dba’s Thou shalt not play in
development
Service owners How are you slower at
this.
23
![Page 24: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/24.jpg)
Are we getting better?
24
• PCI DSS
• increase speed of deployment
• centrally managed system administrators desktop
![Page 25: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/25.jpg)
future
25
![Page 26: PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at the University of Saskatchewan – Jennifer Hadley, University of Saskatchewan](https://reader034.fdocuments.in/reader034/viewer/2022051721/587495da1a28abc62f8bab45/html5/thumbnails/26.jpg)
Room for improvement
• code review
• pull requests
• dynamic environments
• large number of role classes
• vRealize
26