Workshop puppet (dev opsdays ams 2015)

Workshop PuppetWalter HeckSascha Greven

●●●●●●●●

Who are we and who are you?

Walter Heck● Founder and CTO @

OlinData● Certified Puppet

Professional● Certified Puppet

Instructor● Father, geek, traveler

Sascha Greven● Freelance systems

engineer @ OlinData● Cloud consultant● Technical engineer● Dancer:

Who is this workshop for?

● Building a LAMP stack with Puppet -> Simple WordPress instance on a single host

● Beginners with Puppet

● Follow along on your own laptop or look over someone else’s shoulder

Architecture of a Puppet Setup

Puppet Agent● (usually) initiates

puppet run● gathers facts about

the node● compares the catalog

from the master to the local machine

Puppet Master● holds puppet code● compiles code into a catalog

for each node● processes reports● functions as Certificate

Authority● stores information about

nodes in PuppetDB● technically optional but

highly recommended

Lifecycle of a Puppet runagent (or mcollective) starts puppet runagent authenticates with master over SSLif it’s authorized to run it gets a list of facts it needs to gatherfacts are gathered by the agent and sent to the mastermaster parses puppet code and compiles a catalog with all resources and their required state for the node. This includes correct ordering.agent receives catalog from masteragent compares all resources in the catalog to the state of the resource on the node itself and makes changes where neededagent keeps a report of all resources in the catalog and their state, sends the report back to the mastermaster parses report and sends it to destination (disk, central logs, elasticsearch, irc, hipchat, etc.)

Setting up puppet

set up DNS, NTPdinstall puppetmaster

yum install puppet-serverinstall agent

yum install puppetrun ’puppet agent -t’ to create agent cert and create certificate signing request

5. sign the certificate on the masterpuppet cert list puppet cert sign --all

Create a puppet repo

● root of your repo will be in /etc/puppetlabs/puppet/environments/production

● install the needed puppet modules○ puppet module install puppetlabs-apache

hunner-wordpress puppetlabs-mysql● create a node block in site.pp

○ node ‘training.puppetlabs.vm’ {

fail(‘write code here’)

}

● check documentation on http://forge.puppetlabs.com and decide which resources you need

Run Puppet

Dry run: puppet agent -t --noopNormal run: puppet agent -t

Next steps

● use a dashboard ○ puppet enterprise console○ the foreman/sattelite○ puppet explorer

● use an IDE○ gepetto, sublime text

● externalise configuration data to hiera○ hiera-eyaml, hiera-gpg, hiera-vault(?)

● split up mysql and apache to multiple nodes○ create haProxy instance to load balance http traffic

● create more than one virtual host● use roles and profiles● exported resources

http://bit.ly/olindata-galera-migration

http://bit.ly/olindata-galera-migration