Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Managed Puppet Servers
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Julian Meier
November 10, 2015
Technology
0
90
Managed Puppet Servers
Speech at the Zürich Puppet Meetup in November 2015.
Julian Meier
November 10, 2015
Tweet
Share
Other Decks in Technology
See All in Technology
[CV勉強会@関東 World Model 読み会] Orbis: Overcoming Challenges of Long-Horizon Prediction in Driving World Models (Mousakhan+, NeurIPS 2025)
abemii
0
110
Context Engineeringが企業で不可欠になる理由
hirosatogamo
PRO
3
530
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
17k
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
220
GitLab Duo Agent Platform × AGENTS.md で実現するSpec-Driven Development / GitLab Duo Agent Platform × AGENTS.md
n11sh1
0
130
外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night
soudai
PRO
12
5.2k
【Oracle Cloud ウェビナー】[Oracle AI Database + AWS] Oracle Database@AWSで広がるクラウドの新たな選択肢とAI時代のデータ戦略
oracle4engineer
PRO
1
120
SREチームをどう作り、どう育てるか ― Findy横断SREのマネジメント
rvirus0817
0
120
20260208_第66回 コンピュータビジョン勉強会
keiichiito1978
0
100
ブロックテーマ、WordPress でウェブサイトをつくるということ / 2026.02.07 Gifu WordPress Meetup
torounit
0
170
15 years with Rails and DDD (AI Edition)
andrzejkrzywda
0
180
~Everything as Codeを諦めない~ 後からCDK
mu7889yoon
3
310
Featured
See All Featured
The Language of Interfaces
destraynor
162
26k
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
0
250
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.7k
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
1
120
The Pragmatic Product Professional
lauravandoore
37
7.1k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1k
First, design no harm
axbom
PRO
2
1.1k
Odyssey Design
rkendrick25
PRO
1
490
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
320
GraphQLとの向き合い方2022年版
quramy
50
14k
B2B Lead Gen: Tactics, Traps & Triumph
marketingsoph
0
53
Transcript
Managed Puppet Servers Julian Meier November 2015
Julian Meier ICT System Engineer @ Swisscom
[email protected]
twitter.com/_juame github.com/juame
Idea & Goals • a small team (working in Luzern)
• simple goal: automate tasks and help others within the company to do so (legacy - non-cloud services)
Puppet • every team wants to start with Puppet… •
every team has different requirements… • several layers of responsibilities: • OS-Team —> root ;-) • Application Team —> sudo (list of commands)
Puppet … provide Automation Stack (Puppet):
Puppet
ENC - External Node Classifier Simple solution with YAML and
Hiera (https://github.com/Zetten/puppet-hiera-enc): puppet.conf: [master] node_terminus = exec external_nodes = /etc/puppetlabs/code/enc/enclassifier git checkout —> Puppet Module: vcsrepo + script returns simple YAML + protects environment + future: use any other system…
Hieradata I hiera.yaml: --- :backends: - yaml - eyaml …
:yaml: :datadir: /etc/puppetlabs/code/environments/%{environment}/hieradata … :eyaml: :datadir: /etc/puppetlabs/code/environments/%{environment}/hieradata :extension: eyaml :pkcs7_private_key: /etc/puppetlabs/puppet/keys/private_key.pkcs7.pem :pkcs7_public_key: /etc/puppetlabs/puppet/keys/public_key.pkcs7.pem
Hieradata II hiera.yaml: --- … :hierarchy: - secure/nodes/%{::clientcert} - secure/services/%{::service}/%{::stack}/%{::role}
- secure/services/%{::service}/%{::stack} - secure/services/%{::service}/%{::role} - nodes/%{::clientcert} - services/%{::service}/%{::stack}/%{::role} - services/%{::service}/%{::stack} - services/%{::service}/%{::role} - services/%{::service} - locations/%{::location} - common
Hieradata III
Roles & Profiles How we do it… —> Roles are
defined in Hiera —> Profiles are Puppet Modules (shared / service specific) —> Forge / Internal Modules site.pp: hiera_include('default_classes', []) hiera_include($role,[]) role_repository_server.yaml:
Forge Module: ospuppet https://forge.puppetlabs.com/juame/ospuppet —> Manage Puppet Agent —> Manage
Puppet Server —> Manage Puppet Master Configs Dependencies: - puppetlabs/inifile - puppetlabs/hocon
ospuppet class { ::ospuppet::server: package_version => '2.1.1-1.el7', service_running => true,
service_enabled => true, init_settings_java_xms => '2g', init_settings_java_xmx => '2g', init_settings_java_maxpermsize => '256m', init_settings_custom_settings => {}, init_settings_custom_subsettings => {}, puppetserver_max_active_instances => undef, puppetserver_admin_client_whitelist => [ $::fqdn ], puppetserver_custom_settings => {}, webserver_client_auth => 'want', webserver_ssl_host => '0.0.0.0', webserver_ssl_port => '8140', webserver_custom_settings => {}, } class { '::ospuppet::master': custom_settings = { "node_terminus" => { 'ensure' => 'present', 'setting' => 'node_terminus', 'value' => ‘exec', }, }, hiera_eyaml_package_version => '2.0.8', hiera_backends => [ 'yaml', 'eyaml' ], hiera_hierarchy => [ 'secure/nodes/%{::clientcert}', ... ‘common', ], hiera_yaml_datadir => …, }
Questions? Thanks!
abemii
hirosatogamo
sansan33
slsops
n11sh1
soudai
oracle4engineer
rvirus0817
keiichiito1978
torounit
andrzejkrzywda
mu7889yoon
destraynor
reverentgeek
bcantrill
stephenakadiri
lauravandoore
tanoku
tammyeverts
axbom
rkendrick25
marktimemedia
quramy
marketingsoph
![Julian Meier ICT System Engineer @ Swisscom [email protected] twitter.com/_juame github.com/juame](https://files.speakerdeck.com/presentations/2443428f3d9245c1aa1b7fc32207bbe5/slide_1.jpg){kind=link}
