DevOps: Puppet & Chef

Transcript

1. DevOps, Puppet & Chef (from susestudio.com's perspective)

2. I'm James Tan @jamestyj on Twitter & Github blog.susestudio.com Engineering

   Manager @

3. Where I'm from... Singapore! (but living in Germany)

4. None
5. None
6. None

7. What I work on...

8. None
9. None

10. Appliance / Image

11. SUSE Cloud

12. None
13. None
14. None
15. None
16. None
17. None
18. None
19. None
20. None
21. None

22. DevOps

23. I want change! I want stability! Wall of Confusion Development

    Operations

24. Wall of Confusion Development Operations

25. Wall of Confusion Development Operations

26. Communication Collaboration Integration Automation

27. We have change without pain We're in it together! Development

    Operations

28. Continuous deployments Continuous (automated) builds, integration, tests, and deployments

29. 0 10 20 30 40 50 60 susestudio.com deployments (per

    month) Jun 2009 to Sep 2012 Deployments Continuous deployments!

30. Configuration Management is not easy

31. None
32. None

33. What happens when the server crashes? How do you scale

    this to other servers? How do you deploy to other data centers or to the cloud?

34. Infrastructure as Code Repeatable Scalable Maintainable

35. Infrastructure as Code Version control Peer code reviews Tests

36. vs

37. Flavors Serverless Puppet Master/Agent Puppet Puppet Enterprise Chef Solo Chef

    Client & Server Private Chef Hosted Chef

38. Installing on openSUSE 12.2 # Installing Puppet > zypper ar

    http://download.opensuse.org/repositories\ /systemsmanagement:/puppet/openSUSE_12.2/ Puppet > zypper in puppet # Installing Chef > zypper ar http://download.opensuse.org/repositories\ /systemsmanagement:/chef/openSUSE_12.2/ Chef > zypper in rubygem-chef

39. Puppet quickstart (serverless) > vim test.pp file { 'testfile-puppet': path

    => '/tmp/testfile-puppet', ensure => present, mode => '0640', content => "I'm a test file.\n" } > puppet apply test.pp

40. Chef quickstart (solo) > knife cookbook create test > vim

    /var/chef/cookbooks/test/recipes/default.rb file "/tmp/testfile-chef" do mode "0640" content "I'm a test file.\n" action :create end > chef-solo -o test -N test

41. Puppet package, file, service package { 'openssh-server': ensure => present,

    before => File['/etc/ssh/sshd_config'] } file { '/etc/ssh/sshd_config': ensure => file, mode => '0600', source => 'sshd_config' } service { 'sshd': ensure => running, enable => true, hasrestart => true, hasstatus => true, subscribe => File['/etc/ssh/sshd_config'] } Ensure order!

42. Chef package, file, service package "openssh-server" do action :install end

    cookbook_file "/etc/ssh/sshd_config" do source "sshd_config" mode "0600" end service "sshd" do supports :status => true, :restart => true action [ :enable, :start ] subscribes :reload, resources( "cookbook_file[/etc/ssh/sshd_config]") end

43. Puppet vs Chef package, file, service package { 'openssh-server': ensure

    => present, before => File['/etc/ssh/sshd_config'] } file { '/etc/ssh/sshd_config': ensure => file, mode => '0600', source => 'sshd_config' } service { 'sshd': ensure => running, enable => true, hasrestart => true, hasstatus => true, subscribe => File['/etc/ssh/sshd_config'] } package "openssh-server" do action :install end cookbook_file "/etc/ssh/sshd_config" do source "sshd_config" mode "0600" end service "sshd" do supports :status => true, :restart => true action [ :enable, :start ] subscribes :reload, resources( "cookbook_file[/etc/ssh/sshd_config]") end

44. Resources Puppet & Chef: cron, exec/execute, file, group, mount, package,

    service, user Puppet: augeas, host, interface, nagios_command, ssh_authorized_key, sshkey, zfs, zone, … Chef: deploy, directory, env, git, HTTP request, Link, log, route, Ruby block, subversion, ...

45. Puppet & Chef templates (ERB) # Puppet manifest: balancer.pp $nodes

    = [ "node100", "node101", "node102" ] file { '/etc/apache/balancer.conf': path => '/etc/apache/balancer.conf', ensure => file, content => template("balancer.erb") } # Chef recipe: balancer.rb template "/etc/apache/balancer.conf" do source "balancer.erb" variables({ :nodes => ["node100", "node101", "node102"] }) end

46. Puppet & Chef templates (ERB) # Template: balancer.erb <Proxy balancer://mycluster>

    <% nodes.each do |node| -%> BalancerMember http://<%= node %>.cluster.xs:81 <% end -%> </Proxy> # Output: /etc/apache/balancer.conf <Proxy balancer://mycluster> BalancerMember http://node100.cluster.xs:81 BalancerMember http://node101.cluster.xs:81 BalancerMember http://node102.cluster.xs:81 </Proxy>

47. Code reuse Puppet modules Manifests Files Libraries Templates (ERB) Chef

    cookbooks Recipes File Distribution Libraries Templates (ERB) Attributes Definitions Lightweight Resources & Providers (LWRP) Metadata

48. Puppet Master / Agent Puppet Master Workstation Nodes Git Git

    MCollective PuppetDB Puppet Dashboard Puppet Agent Facter
49. None

50. Chef Server / Client Chef API server Workstation Nodes Git

    knife Chef Indexer (Solr) Chef Web UI Chef Client Ohai CouchDB RabbitMQ knife (ssh)
51. None
52. None

53. Other concepts Puppet Classes External Node Classifier (ENC) Chef Roles

    Run lists (Encrypted) Databags Search

54. We're moving from Puppet to Chef Why?

55. More maintainers needed!

56. Questions? Slides @ http://speakerdeck.com/u/jamestyj