WELCOME

Puppet and AWSGetting the Best of Both Worlds

Mike Ryan - Epitech BV23

August2013

CONTACT:mike@epitech.nlwww.epitech.nl

Saturday, August 24, 13

EPITECH BV

Hello, I’m Mike2

CONTACT:mike@epitech.nlwww.epitech.nl

Sysadmin  with  a  passion  for  automa2on

Londoner  in  Amsterdam

Epitech.nl  -­‐  sysadmin  as  a  service

Saturday, August 24, 13

EPITECH BV

AWS - A very brief introduction

3

CONTACT:mike@epitech.nlwww.epitech.nl

EC2  -­‐  Elas2c  Compute  Cloud

AMI  -­‐  Amazon  Machine  Images

User  Data

Saturday, August 24, 13

EPITECH BV

EC2 - Auto Scaling4

CONTACT:mike@epitech.nlwww.epitech.nl

Saturday, August 24, 13

EPITECH BV

CloudFormation5

CONTACT:mike@epitech.nlwww.epitech.nl

{ "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "EC2 instance", "Resources" : { "MyEC2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "ImageId" : "ami-79fd7eee", "KeyName" : "my-ssh-key", } } }}

Saturday, August 24, 13

EPITECH BV

6

CONTACT:mike@epitech.nlwww.epitech.nl

"Enabled" : "true", "Logging" : { "Bucket" : "webapplication.s3.amazonaws.com", "Prefix" : "webapp-logging/" } } } },

"asgMyAutoScalingGroup": { "Type": "AWS::AutoScaling::AutoScalingGroup", "Properties": { "AvailabilityZones": [ "us-east-1b", "us-east-1c" ], "Cooldown": "300", "DesiredCapacity": "1", "MaxSize": "1", "MinSize": "1", "LaunchConfigurationName": { "Ref": "lcMyLC" }, "LoadBalancerNames": [ { "Ref": "elbMyLB" } ] } }, "s3webapplication": { "Type": "AWS::S3::Bucket" }, "sgwebappsecuritygroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "for web app", "SecurityGroupIngress": [

Saturday, August 24, 13

EPITECH BV

7

CONTACT:mike@epitech.nlwww.epitech.nl

Bootstrapping an Infrastructure

www.infrastructures.org

Saturday, August 24, 13

EPITECH BV

8

CONTACT:mike@epitech.nlwww.epitech.nl

CloudFormation or Puppet

Saturday, August 24, 13

EPITECH BV

9

CONTACT:mike@epitech.nlwww.epitech.nl

Files, Services and Packages with cfn-init

"Metadata": { "AWS::CloudFormation::Init": { "config": { "sources" : { "/etc/puppet" : "http://example.com/puppet.tar.gz" }, "packages": { "yum": { "puppet-server": [], }, }, "services": { "sysvinit": { "puppetmaster": { "ensureRunning": "true", "enabled": "true"

Saturday, August 24, 13

EPITECH BV

10

CONTACT:mike@epitech.nlwww.epitech.nl

Run a script at launch time with User Data

{ "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "EC2 instance", "Resources" : { "PuppetMasterInstance": { "Type": "AWS::EC2::Instance", "Metadata": { }, "Properties": { "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "#!/bin/bash\n", "/opt/aws/bin/cfn-init --region ", "\n", "/usr/bin/puppet apply site.pp, "\n" ]...

Saturday, August 24, 13

EPITECH BV

11

CONTACT:mike@epitech.nlwww.epitech.nl

cfn-create-stack

cfn-create-stack puppetmaster \--template-file=puppetmaster.json

http://aws.amazon.com/developertools/2555753788650372

http://aws.amazon.com/cli/

Saturday, August 24, 13

EPITECH BV

12

CONTACT:mike@epitech.nlwww.epitech.nl

Auto Scale = Autosign

Saturday, August 24, 13

EPITECH BV

13

CONTACT:mike@epitech.nlwww.epitech.nl

The Hostname Issuemike@ip-10-32-34-116:~$ hostname -fip-10-32-34-116.eu-west-1.compute.internal

Saturday, August 24, 13

EPITECH BV

14

CONTACT:mike@epitech.nlwww.epitech.nl

User Data - Web Console

Saturday, August 24, 13

EPITECH BV

15

CONTACT:mike@epitech.nlwww.epitech.nl

User Data - CloudFormation},"UserData": { "Fn::Base64": { "Fn::Join": [ "", [ “{\”role\”: \”web\”, ”, “\”env\”: \”staging\”} ” ] ] }}

Saturday, August 24, 13

EPITECH BV

16

CONTACT:mike@epitech.nlwww.epitech.nl

include stdlibnode default {  $userdata = parsejson($ec2_userdata) $role = userdata[‘role’] $environment = userdata[‘env’]

case $role { ‘web’: { include nginx } ‘db’: { include postgresql } }}

Saturday, August 24, 13

EPITECH BV

17

CONTACT:mike@epitech.nlwww.epitech.nl

Vagrant -> EC2

Saturday, August 24, 13

EPITECH BV

18

CONTACT:mike@epitech.nlwww.epitech.nl

Saturday, August 24, 13

EPITECH BV

19

CONTACT:mike@epitech.nlwww.epitech.nl

Vagrant::Config.run do |config| config.vm.provision :puppet do |puppet| puppet.manifests_path = "../puppet/manifests" puppet.module_path = "../puppet/modules" puppet.manifest_file = "site.pp" puppet.options = "--verbose --debug" puppet.facter = { :ec2_userdata => { :role => "database", :env => "vagrant", }.to_json, :vagrant => "true" } endend

Saturday, August 24, 13

EPITECH BV

20

CONTACT:mike@epitech.nlwww.epitech.nl

Decoupling

Saturday, August 24, 13

EPITECH BV

21

CONTACT:mike@epitech.nlwww.epitech.nl

Broken Puppet Master =Broken Auto Scaling

No

Saturday, August 24, 13

EPITECH BV

22

CONTACT:mike@epitech.nlwww.epitech.nl

#!/bin/bash

/usr/local/bin/update.sh/usr/bin/puppet apply site.pp

/etc/rc.local

Saturday, August 24, 13

EPITECH BV

23

CONTACT:mike@epitech.nlwww.epitech.nl

But you lose...

Puppet  Dashboard

Exported  Resources

Stored  configs

Saturday, August 24, 13

EPITECH BV

24

CONTACT:mike@epitech.nlwww.epitech.nl

env.roledefs = { 'web': ['www1', 'www2', 'www3'], 'db': ['db1', 'db1']}

@roles('db', ‘web’)def run_puppet(): sudo('puppet apply site.pp')

$fab run_puppet #run puppet everywhere$fab run_puppet --roles db # role-specific

Triggering Puppet with Fabric

Saturday, August 24, 13

EPITECH BV

25

CONTACT:mike@epitech.nlwww.epitech.nl

def configure_roles():

 tags = EC2TagManager(AWS_KEY, AWS_SECRET,   regions=['eu-west-1'])

 roles = {}

for role in [‘db’, ‘web’]: roles[role] = tags.get_instances(role=role) return roles

Triggering Puppet with Fabric

https://github.com/mikery/fabric-ec2

Saturday, August 24, 13

THANK YOUBACK X

CONTACT:

Mike Ryan - Epitech BVmike@epitech.nl

mike@epitech.nlwww.epitech.nl

Saturday, August 24, 13