1 / 52

Don’t Miss These Sessions!

Don’t Miss These Sessions!. List of sessions/demos/ HOLs : bit.ly/OOW14-Solaris. …and Demos in Moscone South. Best Practice Configuration Management with Puppet. September 28 – October 2, 2014 San Francisco. Eric Saxe, Glynn Foster

dard
Download Presentation

Don’t Miss These Sessions!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Don’t Miss These Sessions! List of sessions/demos/HOLs: bit.ly/OOW14-Solaris …and Demos in Moscone South

  2. Best Practice Configuration Management with Puppet September 28 – October 2, 2014 San Francisco Eric Saxe, Glynn Foster Oracle Solaris Core TechnologiesManuel Zachbwin.party digital entertainment

  3. What is Puppet? • Open source automation software • Defines and enforces the state of your infrastructure • Ensures consistency and dependability • Optimized for complete software lifecycle • Scales to cloud environments • Uses master/agent architecture • Easily extensible through reusable modules • Puppet integrated in Oracle Solaris 11.2

  4. Oracle Solaris Deployment Automated Installer Image Packaging System

  5. How Does it Work? 3 Master compiles a catalogbased on data for how theclient should be configured Client connects toPuppet master – sends normalized dataabout itself using Facts 2 IPS Server Puppet Master 4 1 Client configures itselfbased on catalog andreports back to master Client installs Puppetagent software from repository

  6. Lifecycle Management Flow Unified Archives, Puppet, and IPS: Lifecycle & Configuration Management at Scale Puppet Installs Additional Packages, Configuration Base “Golden Image” Created Base Image Deployed at Scale Update configuration, packages easily via Puppet & IPS First Boot: Systems Contact Puppet Master Puppet Master IPS Repository Deployed at Scale Golden Image

  7. Puppet Integration Easy to install Single IPS package for Agent and Master Automatic service restart Integrated with SMF Puppet configuration through SMF stencils Support for new OS features Packaging Networking SMF Configuration

  8. Scaling Out to the Data Center Puppet Master Puppet Agent / Master Puppet Agent / Master Puppet Master Puppet Agents Puppet Agents Puppet Agents

  9. Getting Started with Puppet • Install Puppet Master/Agent # pkg install puppet • Ensure time synchronization Edit /etc/inet/ntp.conf Enable SMF service:# svcadm enable network/ntp Puppet, Factorand dependencies IPS Server

  10. Getting Started with Puppet • Configure Puppet master # svccfg -spuppet:mastersetpropconfig/server = master.fqdn.com # svccfg -spuppet:master refresh # svcadm enable puppet:master • Configure Puppet agent # svccfg -spuppet:agentsetpropconfig/server = master.fqdn.com # svccfg -spuppetagent refresh # svcadm enable puppet:agent Puppet Master Puppet Agent

  11. Getting Started with Puppet • Create SSL keys/certs and test connection on agent # puppet agent --test --server master.fqdn.com • List and sign SSL cert on master # puppet cert list # puppet cert sign agent.fqdn.com • Re-test and start agent # puppet agent --test --server master.fqdn.com # svcadm enable puppet:agent Puppet Master Puppet Agent

  12. Getting Started with Puppet • Puppet configuration is managed with SMF Stencils • Automatically synchronizes /etc/puppet/puppet.conf# svccfg -spuppet:mastersetpropconfig/<option> = <value># svccfg -spuppet:master refresh

  13. Hello Manuel Zach Unix System Engineer Home: Vienna, Austria Twitter: @mzachh Blog: http://blog.zach.st

  14. An introduction to bwin.party A pioneer in online gaming Leading brands in online sports betting, casino, poker and bingo Focused on regulated markets (US since end 2013) Merger of bwin and PartyGaming 2700 full time employees in 10+ locations 2013 revenue: $ 840m Listed on the LSE – MCAP of approx. $ 1.3bn

  15. Poker Key brands: 18

  16. Sports Key brand: 19

  17. Case Study

  18. Case Study: Intro Puppet at bwin.party Improved server delivery time (ready for business) from weeks to days Manage configuration of old “non-cloudy” (brownfield) systems Make servers ready for Oracle database installation in minutes – Solaris 10, Solaris 11.1 and Solaris 11.2 servers

  19. Backstory Technology Drivers Time to market is critical for our business Company transformation to DevOps, Agile, Lean Merged companies: many datacenters, many standards, many engineers

  20. The Problem Too many legacy systems (old technologies, different configurations) Global team challenges: different standards, documentation!? Big backlog of infrastructure teams

  21. Iterative Adoption Early payoff necessary Plan Apply Implement

  22. Solution: Puppet

  23. Puppet at bwin.party Main target: critical database servers (my team) Approach: Production: conservative, only human-triggered Lab: fully automated

  24. Adoption Velocity In-house 
Puppet agent 
(masterless) VCS (GIT) 2013 2014 Mid 2014

  25. Early Puppet manifest File: base/global.pp pkg_publisher{ 'solaris': ensure => 'present', enable => 'true', origin => ['http://test-repo-server/solaris’], }

  26. Workflow Changes GIT Server (current configuration) Admin Orchestrator(SSH) Target - Servers

  27. Adoption Velocity Hiera Separate Data and Code In-house 
Puppet agent 
(masterless) VCS (GIT) 2013 2014 Mid 2014

  28. Hiera – Separate Data from Code File: base/global.pp pkg_publisher{ 'solaris': ensure => 'present', enable => 'true', origin => hiera('publisher_url'), } File: env/test.yaml -- publisher_url: -'http://test-repo-server/solaris' File: env/production.yaml -- publisher_url: -'http://prod-repo-server/solaris'

  29. Adoption Master (central server) (pkg install puppet) Velocity Hiera Separate Data and Code In-house 
Puppet agent 
(masterless) VCS (GIT) 2013 2014 Mid 2014

  30. Adoption Master (central server) (pkg install puppet) Velocity Hiera Separate Data and Code In-house 
Puppet agent 
(masterless) VCS (GIT) 2013 2014 Mid 2014

  31. Server definition Main manifest “site.pp” loads correct role File: nodes/testserver1.yaml -- bpty_role: oradbserver bpty_env: test password_oracle: $5$YoLy4k$ZJ10XsY6lZtDv6k4sInGo2eoTjJ9

  32. Outcome Shorter server delivery time The initial delivery time was not our biggest improvement, but most notably the 100% correct initial delivery fewer handoffs Server Team Queue Server Team Queue

  33. Outcome: Managed DB Servers 150 25 20 10

  34. Outcome: Reconfigurations with Puppet Changes Test/LAB: Production: 500 50 40 30

  35. WINs Faster deployment of configuration Faster to ship new servers Faster fixing of non-compliant systems More consistency

  36. Server Checklist?

  37. WINs – Easier compliance check Automated “Server Checklist” (NOOP-Mode) # puppet apply --noopdbserver-standards.pp ... Notice: /Stage[main]/Main/Zfs[rpool/export]/quota: 
current_value 8G, should be 5G (noop) ...

  38. WINs - Documentation Version controlled infrastructure

  39. WINs – VCS supported workflows Manage environments with VCS tooling trunk/master new feature lab test prod

  40. WINs – VCS supported workflows SMF integration in Solaris 11.2 master # svccfg -s puppet svc:/application/puppet> add labsvc:/application/puppet> add testsvc:/application/puppet> add prodsvc:/application/puppet> exit master # svccfg -s puppet:labsetpropconfig/modulepath = \ "$confdir/environments/$environment/modules:$confdir/modules" master # svccfg -s puppet:test... master # svccfg -s puppet:prod...

  41. Lessons learned Easy Challenging Writing Puppet manifests Iterative adoption Find documentation Get help from community http://blog.zach.st Keep it simple! Git– harder to learn than Puppet (Sysadmins) Some tasks need time (human habits, etc)

  42. Benefits of “Solaris Puppet” Best of both worlds Open source software covered by existing Oracle Premier Support Integration is done by Oracle engineers (“Puppet Providers”) Solaris Audit framework integration SMF integration (sysconfig profiles) Supported Ruby 1.9.x

  43. Benefits of “Solaris Puppet” Best of both worlds Puppet Open Source Community “Lucky User” Zone Oracle Premier Support

  44. Questions? oracle.com/solaris @ORCL_Solaris facebook.com/oraclesolaris Oracle Solaris Insider blogs.oracle.com/solaris youtube.com/oraclesolaris Learn More; Stay Connected List of sessions/demos/HOLs: bit.ly/OOW14-Solaris

More Related