Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Developing your Windows environments with Puppet
Search
Peter Ericson
October 29, 2013
Technology
0
65
Developing your Windows environments with Puppet
From packer build to mco puppet runonce, automate and version your entire workflow in code.
Peter Ericson
October 29, 2013
Tweet
Share
More Decks by Peter Ericson
See All by Peter Ericson
Back to the future with Erlang (and Elixir)
pdericson
3
370
Other Decks in Technology
See All in Technology
分布で見る効果検証入門 / ai-distributional-effect
cyberagentdevelopers
PRO
4
700
Apple/Google/Amazonの決済システムの違いを踏まえた定期購読課金システムの構築 / abema-billing-system
cyberagentdevelopers
PRO
1
220
omakaseしないための.rubocop.yml のつくりかた / How to Build Your .rubocop.yml to Avoid Omakase #kaigionrails
linkers_tech
3
740
visionOSでの空間表現実装とImmersive Video表示について / ai-immersive-visionos
cyberagentdevelopers
PRO
1
110
CyberAgent 生成AI Deep Dive with Amazon Web Services / genai-aws
cyberagentdevelopers
PRO
1
480
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
3.6k
プロダクトチームへのSystem Risk Records導入・運用事例の紹介/Introduction and Case Studies on Implementing and Operating System Risk Records for Product Teams
taddy_919
1
170
話題のGraphRAG、その可能性と課題を理解する
hide212131
4
1.5k
ガバメントクラウド先行事業中間報告を読み解く
sugiim
1
1.4k
AWS CDKでデータリストアの運用、どのように設計する?~Aurora・EFSの実践事例を紹介~/aws-cdk-data-restore-aurora-efs
mhrtech
4
660
10分でわかるfreeeのQA
freee
1
3.4k
わたしとトラックポイント / TrackPoint tips
masahirokawahara
1
240
Featured
See All Featured
KATA
mclloyd
29
13k
Art, The Web, and Tiny UX
lynnandtonic
296
20k
Rails Girls Zürich Keynote
gr2m
93
13k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.6k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
14
1.9k
4 Signs Your Business is Dying
shpigford
180
21k
The World Runs on Bad Software
bkeepers
PRO
65
11k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Designing on Purpose - Digital PM Summit 2013
jponch
115
6.9k
Embracing the Ebb and Flow
colly
84
4.4k
Making Projects Easy
brettharned
115
5.9k
GitHub's CSS Performance
jonrohan
1030
460k
Transcript
Developing your Windows environments with Puppet Peter Ericson @pdericson
[email protected]
About me • I like OSs! • I don’t like
typing the same thing more than twice… • …so naturally I’m into automation! • I also like distributed systems and RESTful web services…
None
• High maintenance cost • Low flexibility • Focus is
removed from business value Hand crafted machines, no CM (idealised)
None
Automated OS install, CM • One Puppet Master • Sheep
herd well, outliers seldom get lost because of pack awareness • Cheap - utilising shared infrastructure (road), able to adapt to peak traffic
None
Hand crafted machines, no CM (reality) • chaos! • configuration
drift • slow turnaround • key-man risks • focus and energy spent in the wrong areas
Introducing The Sheep- Cat Herding Spectrum
Introducing The Sheep- Cat Herding Spectrum Hand crafted machines, no
CM
Introducing The Sheep- Cat Herding Spectrum Hand crafted machines, no
CM Hand crafted machines, CM
Introducing The Sheep- Cat Herding Spectrum Hand crafted machines, no
CM Hand crafted machines, CM Automated OS install, CM
Beyond the physical (and virtual physical) • The environment is
defined in code • Changes to the environment happen in code (e.g. Git branches, pull requests, etc) • Environments are hooked into CI/CD
Insert analogy here… • There does not currently exist an
automated way to produce sheep that are ready to be shawn and/or butchered • Infrastructure as code allows us to do something more meta
Demos…
What are we building? • A Puppet Master • A
Vagrant Base Box (Windows) • Two nodes (Windows)
vagrant up --provider=vmware_fusion puppet Demo - A Puppet Master
Vagrant.configure("2") do |config| ! config.vm.define :puppet do |puppet| puppet.vm.box =
"precise64_vmware" puppet.vm.box_url = "http://files.vagrantup.com/precise64_vmware.box" puppet.vm.hostname = "puppet" ! puppet.vm.provider :vmware_fusion do |v| v.vmx["memsize"] = 1024 v.vmx["rtc.diffFromUTC"] = 0 end ! puppet.vm.provision :shell, :path => "provision.sh" Vagrantfile
if [ ! -e /opt/puppet/bin/puppet ]; then ! # fix
hosts (add missing fqdn) sed -i 's/^127\.0\.0\.1.*/127.0.0.1 localhost/' /etc/hosts sed -i 's/^127\.0\.1\.1.*/127.0.1.1 puppet.localdomain puppet/' /etc/hosts ! # set apt proxy and update echo 'Acquire::http::Proxy "http://192.168.13.1:3128/";' >> /etc/apt/apt.conf apt-get update ! # install extra packages apt-get install -y rsync samba ! # install puppet enterprise tar xzf /vagrant/puppet-enterprise-3.1.0-ubuntu-12.04-amd64.tar.gz -C /tmp /tmp/puppet-enterprise-3.1.0-ubuntu-12.04-amd64/puppet-enterprise-installer -a / vagrant/puppet-enterprise-3.1.0-ubuntu-12.04-amd64.answers provision.sh (part 1/2)
q_all_in_one_install=y q_backup_and_purge_old_configuration=n q_backup_and_purge_old_database_directory=n q_database_host=localhost q_database_install=y q_database_port=5432 q_database_root_password=uSQJSzwTfYAyxywAiZ1R q_database_root_user=pe-postgres q_install=y q_pe_database=y
q_puppet_cloud_install=n q_puppet_enterpriseconsole_auth_database_name=console_auth q_puppet_enterpriseconsole_auth_database_password=CLUM7ShY0qcjj0LV5eDv q_puppet_enterpriseconsole_auth_database_user=console_auth q_puppet_enterpriseconsole_auth_password=password q_puppet_enterpriseconsole_auth_user_email=admin@puppet.localdomain q_puppet_enterpriseconsole_database_name=console q_puppet_enterpriseconsole_database_password=16DAKlq0Ke0YBtYCFyP5 q_puppet_enterpriseconsole_database_user=console q_puppet_enterpriseconsole_httpd_port=443 q_puppet_enterpriseconsole_install=y q_puppet_enterpriseconsole_master_hostname=puppet.localdomain q_puppet_enterpriseconsole_smtp_host=localhost q_puppet_enterpriseconsole_smtp_password= q_puppet_enterpriseconsole_smtp_port=25 q_puppet_enterpriseconsole_smtp_use_tls=n q_puppet_enterpriseconsole_smtp_user_auth=n q_puppet_enterpriseconsole_smtp_username= q_puppet_symlinks_install=y q_puppetagent_certname=puppet.localdomain q_puppetagent_install=y q_puppetagent_server=puppet.localdomain q_puppetdb_database_name=pe-puppetdb q_puppetdb_database_password=cIunOpWBPRJqv3RbAywZ q_puppetdb_database_user=pe-puppetdb q_puppetdb_hostname=puppet.localdomain q_puppetdb_install=y q_puppetdb_port=8081 q_puppetmaster_certname=puppet.localdomain q_puppetmaster_dnsaltnames=puppet,puppet.localdomain q_puppetmaster_enterpriseconsole_hostname=localhost q_puppetmaster_enterpriseconsole_port=443 q_puppetmaster_install=y q_run_updtvpkg=n q_vendor_packages_install=y puppet-enterprise-3.1.0- ubuntu-12.04-amd64.answers q_puppetmaster_install=y
# setup autosign for *.localdomain echo '*.localdomain' > /etc/puppetlabs/puppet/autosign.conf !
# add windows nodes to hosts as they come online # XXX this is less than ideal sudo -i -u root crontab -l > /tmp/crontab cat >> /tmp/crontab <<EOF * * * * * for n in \`/opt/puppet/bin/puppet cert list --all | grep '^+ "[a-z][a-z]*\.localdomain"' | grep -v '^+ "puppet\.' | sed 's/^+ "\(.*\)\..*/\1/'\`; do grep "\$n\.localdomain" /etc/hosts || echo \`nmblookup \$n | grep -v ^querying | awk '{print \$1}'\` \$n.localdomain \$n >> /etc/hosts; done EOF sudo -i -u root crontab /tmp/crontab rm -f /tmp/crontab ! … ! else ! # copy manifests and modules to puppet master rsync -prtv --delete --exclude \*~ /vagrant/manifests/ /etc/puppetlabs/puppet/manifests/ rsync -prtv --delete --exclude \*~ /vagrant/modules/ /etc/puppetlabs/puppet/modules/ ! # queue a puppet run on all nodes sudo -i -u peadmin mco puppet runonce -v # sudo -i -u peadmin mco puppet -F osfamily=windows runonce -v ! fi provision.sh (part 2/2)
packer build -var proxy=http://192.168.13.1:3128 template.json Demo - A Vagrant Base
Box (Windows)
{ "variables": { … }, ! "builders": [ … ],
! "provisioners": [ … ], ! "post-processors": [ … ] ! } template.json
{ "type": "vmware", "guest_os_type": "windows7srv-64", ! "vmx_data": { "memsize": 2048,
"numvcpus": 1 }, ! "disk_size": 50000, ! "iso_url": "./7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso", "iso_checksum": "30832ad76ccfa4ce48ccb936edefe02079d42fb1da32201bf9e3a880c8ed6312", "iso_checksum_type": "sha256", ! "ssh_username": "Administrator", "ssh_password": "{{user `password`}}", ! "boot_wait": "5m", ! "floppy_files": [ "scripts/Autounattend.xml", "scripts/cygwin.bat", "scripts/winrm.bat", "scripts/vmware.cer" ], ! "shutdown_command": "shutdown /d p:4:1 /s /t 0", ! "tools_upload_flavor": "windows" } builders
{ "variables": { … }, ! "builders": [ … ],
! "provisioners": [ … ], ! "post-processors": [ … ] ! } template.json
{ "type": "shell", "script": "scripts/vmware.sh", "execute_command": "chmod +x {{.Path}}; {{.Vars}}
http_proxy={{user `proxy`}} {{.Path}}" }, { "type": "shell", "inline": [ "mkdir -p .ssh", "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr +kz4TjGYe7gHzIw +niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBck FXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL +GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX +FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key' >> .ssh/authorized_keys" ], "execute_command": "chmod +x {{.Path}}; {{.Vars}} http_proxy={{user `proxy`}} {{.Path}}" } provisioners
{ "variables": { … }, ! "builders": [ … ],
! "provisioners": [ … ], ! "post-processors": [ … ] ! } template.json
{ "type": "vagrant", "output": "windows.box", "compression_level": 0 } post-processors
vagrant up --provider=vmware_fusion foo bar Demo - Two nodes (Windows)
Let’s get coding • Add windows support to Puppet Forge
puppetlabs-ntp
else ! # copy manifests and modules to puppet master
rsync -prtv --delete --exclude \*~ /vagrant/manifests/ /etc/ puppetlabs/puppet/manifests/ rsync -prtv --delete --exclude \*~ /vagrant/modules/ /etc/ puppetlabs/puppet/modules/ ! # queue a puppet run on all nodes sudo -i -u peadmin mco puppet runonce -v # sudo -i -u peadmin mco puppet -F osfamily=windows runonce -v ! fi provision.sh (part 2/2)
mod 'puppetlabs/ntp' ! #mod 'ntp', # :git => '
[email protected]
:pdericson/puppetlabs- ntp.git',
# :ref => 'windows' ! mod 'puppetlabs/registry' Puppetfile
Demo - puppetlabs-ntp • Does not currently have Windows support…
• …So expect it to fail on Windows vagrant provision puppet
puppetlabs-ntp • Fork the puppetlabs repo, make some changes, submit
a pull request • https://github.com/pdericson/puppetlabs- ntp
#mod 'puppetlabs/ntp' ! mod 'ntp', :git => '
[email protected]
:pdericson/puppetlabs-ntp.git', :ref =>
'windows' ! mod 'puppetlabs/registry' Puppetfile (updated)
Demo - puppetlabs-ntp (fork) • Working? • If it isn’t
repeat vagrant provision puppet
More... • https://github.com/pdericson/talk-pupwin • @pdericson •
[email protected]