Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Developing your Windows environments with Puppet

Avatar for Peter Ericson Peter Ericson
October 29, 2013
Technology
0
69

Developing your Windows environments with Puppet

From packer build to mco puppet runonce, automate and version your entire workflow in code.

Avatar for Peter Ericson

Peter Ericson

October 29, 2013
Tweet

More Decks by Peter Ericson

See All by Peter Ericson
Back to the future with Erlang (and Elixir)
Avatar for Peter Ericson pdericson
3
370

Other Decks in Technology

See All in Technology
「使い方教えて」「事例教えて」じゃもう遅い! Microsoft 365 Copilot を触り倒そう!
Avatar for Taichi Nakamura taichinakamura
0
360
小学4年生夏休みの自由研究「ぼくと Copilot エージェント」
Avatar for Taichi Nakamura taichinakamura
0
670
AWS 잘하는 개발자 되기 - AWS 시작하기: 클라우드 개념부터 IAM까지
Avatar for KimJaewook kimjaewook
0
130
Large Vision Language Modelを用いた 文書画像データ化作業自動化の検証、運用 / shibuya_AI
Avatar for Sansan R&D sansan_randd
0
130
20251014_Pythonを実務で徹底的に使いこなした話
Avatar for 森田 一平 ippei0923
0
190
『OCI で学ぶクラウドネイティブ 実践 × 理論ガイド』 書籍概要
Avatar for oracle4engineer oracle4engineer
PRO
3
210
自動テストのコストと向き合ってみた
Avatar for SmartHR 品質保証部 qa
1
220
ガバメントクラウドの概要と自治体事例(名古屋市)
Avatar for 高橋広和 techniczna
2
230
後進育成のしくじり〜任せるスキルとリーダーシップの両立〜
Avatar for mtskhs matsu0228
7
3.3k
Oracle Base Database Service 技術詳細
Avatar for oracle4engineer oracle4engineer
PRO
11
80k
ComposeではないコードをCompose化する case ビズリーチ / DroidKaigi 2025 koyasai
Avatar for Visional Engineering & Design visional_engineering_and_design
0
110
OpenAI gpt-oss ファインチューニング入門
Avatar for kmotohas kmotohas
2
1.2k

Featured

See All Featured
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
667
120k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.2k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
PRO
23
1.5k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
56
6.6k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
2.8k
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
127
17k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
49
14k
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
620
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
70k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
55
3k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
9
590
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
43
7.7k

Transcript

  1. Developing your Windows environments with Puppet Peter Ericson @pdericson [email protected]

  2. About me • I like OSs! • I don’t like

    typing the same thing more than twice… • …so naturally I’m into automation! • I also like distributed systems and RESTful web services…
  3. None

  4. • High maintenance cost • Low flexibility • Focus is

    removed from business value Hand crafted machines, no CM (idealised)
  5. None

  6. Automated OS install, CM • One Puppet Master • Sheep

    herd well, outliers seldom get lost because of pack awareness • Cheap - utilising shared infrastructure (road), able to adapt to peak traffic
  7. None

  8. Hand crafted machines, no CM (reality) • chaos! • configuration

    drift • slow turnaround • key-man risks • focus and energy spent in the wrong areas

  9. Introducing The Sheep- Cat Herding Spectrum

  10. Introducing The Sheep- Cat Herding Spectrum Hand crafted machines, no

    CM

  11. Introducing The Sheep- Cat Herding Spectrum Hand crafted machines, no

    CM Hand crafted machines, CM

  12. Introducing The Sheep- Cat Herding Spectrum Hand crafted machines, no

    CM Hand crafted machines, CM Automated OS install, CM

  13. Beyond the physical (and virtual physical) • The environment is

    defined in code • Changes to the environment happen in code (e.g. Git branches, pull requests, etc) • Environments are hooked into CI/CD

  14. Insert analogy here… • There does not currently exist an

    automated way to produce sheep that are ready to be shawn and/or butchered • Infrastructure as code allows us to do something more meta

  15. Demos…

  16. What are we building? • A Puppet Master • A

    Vagrant Base Box (Windows) • Two nodes (Windows)

  17. vagrant up --provider=vmware_fusion puppet Demo - A Puppet Master

  18. Vagrant.configure("2") do |config| ! config.vm.define :puppet do |puppet| puppet.vm.box =

    "precise64_vmware" puppet.vm.box_url = "http://files.vagrantup.com/precise64_vmware.box" puppet.vm.hostname = "puppet" ! puppet.vm.provider :vmware_fusion do |v| v.vmx["memsize"] = 1024 v.vmx["rtc.diffFromUTC"] = 0 end ! puppet.vm.provision :shell, :path => "provision.sh" Vagrantfile

  19. if [ ! -e /opt/puppet/bin/puppet ]; then ! # fix

    hosts (add missing fqdn) sed -i 's/^127\.0\.0\.1.*/127.0.0.1 localhost/' /etc/hosts sed -i 's/^127\.0\.1\.1.*/127.0.1.1 puppet.localdomain puppet/' /etc/hosts ! # set apt proxy and update echo 'Acquire::http::Proxy "http://192.168.13.1:3128/";' >> /etc/apt/apt.conf apt-get update ! # install extra packages apt-get install -y rsync samba ! # install puppet enterprise tar xzf /vagrant/puppet-enterprise-3.1.0-ubuntu-12.04-amd64.tar.gz -C /tmp /tmp/puppet-enterprise-3.1.0-ubuntu-12.04-amd64/puppet-enterprise-installer -a / vagrant/puppet-enterprise-3.1.0-ubuntu-12.04-amd64.answers provision.sh (part 1/2)

  20. q_all_in_one_install=y q_backup_and_purge_old_configuration=n q_backup_and_purge_old_database_directory=n q_database_host=localhost q_database_install=y q_database_port=5432 q_database_root_password=uSQJSzwTfYAyxywAiZ1R q_database_root_user=pe-postgres q_install=y q_pe_database=y

    q_puppet_cloud_install=n q_puppet_enterpriseconsole_auth_database_name=console_auth q_puppet_enterpriseconsole_auth_database_password=CLUM7ShY0qcjj0LV5eDv q_puppet_enterpriseconsole_auth_database_user=console_auth q_puppet_enterpriseconsole_auth_password=password q_puppet_enterpriseconsole_auth_user_email=admin@puppet.localdomain q_puppet_enterpriseconsole_database_name=console q_puppet_enterpriseconsole_database_password=16DAKlq0Ke0YBtYCFyP5 q_puppet_enterpriseconsole_database_user=console q_puppet_enterpriseconsole_httpd_port=443 q_puppet_enterpriseconsole_install=y q_puppet_enterpriseconsole_master_hostname=puppet.localdomain q_puppet_enterpriseconsole_smtp_host=localhost q_puppet_enterpriseconsole_smtp_password= q_puppet_enterpriseconsole_smtp_port=25 q_puppet_enterpriseconsole_smtp_use_tls=n q_puppet_enterpriseconsole_smtp_user_auth=n q_puppet_enterpriseconsole_smtp_username= q_puppet_symlinks_install=y q_puppetagent_certname=puppet.localdomain q_puppetagent_install=y q_puppetagent_server=puppet.localdomain q_puppetdb_database_name=pe-puppetdb q_puppetdb_database_password=cIunOpWBPRJqv3RbAywZ q_puppetdb_database_user=pe-puppetdb q_puppetdb_hostname=puppet.localdomain q_puppetdb_install=y q_puppetdb_port=8081 q_puppetmaster_certname=puppet.localdomain q_puppetmaster_dnsaltnames=puppet,puppet.localdomain q_puppetmaster_enterpriseconsole_hostname=localhost q_puppetmaster_enterpriseconsole_port=443 q_puppetmaster_install=y q_run_updtvpkg=n q_vendor_packages_install=y puppet-enterprise-3.1.0- ubuntu-12.04-amd64.answers q_puppetmaster_install=y

  21. # setup autosign for *.localdomain echo '*.localdomain' > /etc/puppetlabs/puppet/autosign.conf !

    # add windows nodes to hosts as they come online # XXX this is less than ideal sudo -i -u root crontab -l > /tmp/crontab cat >> /tmp/crontab <<EOF * * * * * for n in \`/opt/puppet/bin/puppet cert list --all | grep '^+ "[a-z][a-z]*\.localdomain"' | grep -v '^+ "puppet\.' | sed 's/^+ "\(.*\)\..*/\1/'\`; do grep "\$n\.localdomain" /etc/hosts || echo \`nmblookup \$n | grep -v ^querying | awk '{print \$1}'\` \$n.localdomain \$n >> /etc/hosts; done EOF sudo -i -u root crontab /tmp/crontab rm -f /tmp/crontab ! … ! else ! # copy manifests and modules to puppet master rsync -prtv --delete --exclude \*~ /vagrant/manifests/ /etc/puppetlabs/puppet/manifests/ rsync -prtv --delete --exclude \*~ /vagrant/modules/ /etc/puppetlabs/puppet/modules/ ! # queue a puppet run on all nodes sudo -i -u peadmin mco puppet runonce -v # sudo -i -u peadmin mco puppet -F osfamily=windows runonce -v ! fi provision.sh (part 2/2)

  22. packer build -var proxy=http://192.168.13.1:3128 template.json Demo - A Vagrant Base

    Box (Windows)

  23. { "variables": { … }, ! "builders": [ … ],

    ! "provisioners": [ … ], ! "post-processors": [ … ] ! } template.json

  24. { "type": "vmware", "guest_os_type": "windows7srv-64", ! "vmx_data": { "memsize": 2048,

    "numvcpus": 1 }, ! "disk_size": 50000, ! "iso_url": "./7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso", "iso_checksum": "30832ad76ccfa4ce48ccb936edefe02079d42fb1da32201bf9e3a880c8ed6312", "iso_checksum_type": "sha256", ! "ssh_username": "Administrator", "ssh_password": "{{user `password`}}", ! "boot_wait": "5m", ! "floppy_files": [ "scripts/Autounattend.xml", "scripts/cygwin.bat", "scripts/winrm.bat", "scripts/vmware.cer" ], ! "shutdown_command": "shutdown /d p:4:1 /s /t 0", ! "tools_upload_flavor": "windows" } builders

  25. { "variables": { … }, ! "builders": [ … ],

    ! "provisioners": [ … ], ! "post-processors": [ … ] ! } template.json

  26. { "type": "shell", "script": "scripts/vmware.sh", "execute_command": "chmod +x {{.Path}}; {{.Vars}}

    http_proxy={{user `proxy`}} {{.Path}}" }, { "type": "shell", "inline": [ "mkdir -p .ssh", "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr +kz4TjGYe7gHzIw +niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBck FXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL +GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX +FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key' >> .ssh/authorized_keys" ], "execute_command": "chmod +x {{.Path}}; {{.Vars}} http_proxy={{user `proxy`}} {{.Path}}" } provisioners

  27. { "variables": { … }, ! "builders": [ … ],

    ! "provisioners": [ … ], ! "post-processors": [ … ] ! } template.json

  28. { "type": "vagrant", "output": "windows.box", "compression_level": 0 } post-processors

  29. vagrant up --provider=vmware_fusion foo bar Demo - Two nodes (Windows)

  30. Let’s get coding • Add windows support to Puppet Forge

    puppetlabs-ntp

  31. else ! # copy manifests and modules to puppet master

    rsync -prtv --delete --exclude \*~ /vagrant/manifests/ /etc/ puppetlabs/puppet/manifests/ rsync -prtv --delete --exclude \*~ /vagrant/modules/ /etc/ puppetlabs/puppet/modules/ ! # queue a puppet run on all nodes sudo -i -u peadmin mco puppet runonce -v # sudo -i -u peadmin mco puppet -F osfamily=windows runonce -v ! fi provision.sh (part 2/2)

  32. mod 'puppetlabs/ntp' ! #mod 'ntp', # :git => '[email protected]:pdericson/puppetlabs- ntp.git',

    # :ref => 'windows' ! mod 'puppetlabs/registry' Puppetfile

  33. Demo - puppetlabs-ntp • Does not currently have Windows support…

    • …So expect it to fail on Windows vagrant provision puppet

  34. puppetlabs-ntp • Fork the puppetlabs repo, make some changes, submit

    a pull request • https://github.com/pdericson/puppetlabs- ntp

  35. #mod 'puppetlabs/ntp' ! mod 'ntp', :git => '[email protected]:pdericson/puppetlabs-ntp.git', :ref =>

    'windows' ! mod 'puppetlabs/registry' Puppetfile (updated)

  36. Demo - puppetlabs-ntp (fork) • Working? • If it isn’t

    repeat vagrant provision puppet

  37. More... • https://github.com/pdericson/talk-pupwin • @pdericson • [email protected]