Integrating Puppet & Ansible

Transcript

1. INTEGRATING PUPPET & ANSIBLE Ansible Dynamic Inventory & Puppet ENCs

2. WHY USE ANSIBLE & PUPPET TOGETHER? • Puppet • Offers

   continuous integration via its agent • A great choice for configuring your base OS • Extensive ecosystem and 3rd party support • Ansible • A great ad hoc task runner & operational tool • Gives ultimate control and flexibility for application deployments • Can be used to trigger Puppet runs in the appropriate order if you choose to deploy your app with Puppet

3. WHAT ABOUT FOREMAN? • Using a product like Foreman is

   a great way to deploy your Puppet Master • Allows grouping of hosts • Provides a graphical dashboard for Puppet runs and facts • Optionally allows you to assign Puppet classes and parameters via a web frontend • Suggested usage (based on my experience) • Use hiera instead of Foreman's smart variables • Use r10k and the roles / profiles pattern • Assign roles to hostgroups in Foreman

4. START BY CHOOSING A MASTER DATABASE FOR YOUR HOSTS •

   Ansible Inventory: Simple, powerful and great if Ansible is your main orchestration tool • Foreman: Can be managed via a clean web interface and is a great choice if Puppet is your main orchestration tool and/or Foreman is your provisioning tool of choice • PuppetDB: Not the greatest choice for open-source Puppet as there is no ability to group your hosts • Other: • Cloud Providers (via API) • A custom storage format (e.g. YAML)

5. HOW DOES ANSIBLE INTEGRATE WITH AN EXTERNAL INVENTORY? • A

   dynamic inventory plugin may be developed to obtain a server listing from any source • This source could be something like PuppetDB, Foreman or any other source • The plugin is an executable script in any programming language that must output JSON containing all hosts, host groups and related facts • Reference: http://docs.ansible.com/ansible/ intro_dynamic_inventory.html

6. EXAMPLE OF DYNAMIC INVENTORY OUTPUT { "Management/Elasticsearch/Data_Node": { "hosts": [

   "esdat01.example.com", "esdat02.example.com", "esdat03.example.com" ], "vars": { "id": 106, "operating_system": "RHEL", ... }, }, ... }

7. HOW DOES PUPPET INTEGRATE WITH AN EXTERNAL INVENTORY? • External

   node classifiers (ENCs) may be used for this purpose • The source may be Ansible YAML inventory which contains a variable that assigns the Puppet role and any other source for Puppet class mappings • The plugin is an executable script in any programming language that must output YAML containing any associated classes, parameters and the Puppet environment for a given host • As an example, Foreman uses an ENC to integrate its web interface with Puppet • Reference: https://docs.puppet.com/guides/ external_nodes.html

8. EXAMPLE OF ENC OUTPUT --- parameters: location: melbourne classes: -

   role::elasticsearch::data_node environment: production

9. EXAMPLE ANSIBLE INVENTORY THAT COULD BE USED IN AN ENC

   [es_datanode] esdat01.example.com esdat02.example.com esdat03.example.com [es_datanode:vars] puppet_role=role::elasticsearch::data_node

10. RESOURCES • Ansible Dynamic Inventory for Foreman Code & Demo

    • Code: https://gist.github.com/fgimian/ f83fca522ca11d915a41e5ca2fd1b9de • Uses the Foreman API to provide Ansible its inventory including hosts, host groups and parameters • Puppet ENC for Foreman Code & Demonstration • Code: Installed in /etc/puppet/node.rb by Foreman • Uses the Foreman API to advise Puppet what configuration should be applied to a host

11. QUESTIONS?