puppetconf 2016: docker, mesos, kubernetes and...puppet? don't panic! – deepak...
Post on 15-Apr-2017
188 Views
Preview:
TRANSCRIPT
Project Blueshift Deepak Giridharagopal
CTO & Chief Architect @ Puppet PuppetConf 2016
@ grim_radical
The way we build systems today will not be the way we build systems tomorrow.
deepak / @grim_radical / #puppetconf 2016
Now is a great time for those who build & manage systems!
deepak / @grim_radical / #puppetconf 2016
Bare metal, virtual machines, containers, job schedulers, infrastructure APIs, service discovery, dynamic configuration, cloud functions, unikernels…
deepak / @grim_radical / #puppetconf 2016
What can the systems of the past & present teach us about how to manage stuff in the future?
deepak / @grim_radical / #puppetconf 2016
What is configuration management?
No, seriously, what is it?
deepak / @grim_radical / #puppetconf 2016
deepak / @grim_radical / #puppetconf 2016
Identification Control Status accounting Verification and audit
deepak / @grim_radical / #puppetconf 2016
thanks @garethr!
To properly manage a system, you must understand & control the inputs to that system, over time.
deepak / @grim_radical / #puppetconf 2016
I mean "system" in the abstract sense. stay with me, people!
Example:
Files vs. Packages
deepak / @grim_radical / #puppetconf 2016
Example:
AWS autoscaling group
deepak / @grim_radical / #puppetconf 2016
Example:
etcd key/value pairs
deepak / @grim_radical / #puppetconf 2016
The nature of your systems’ inputs may change along with your tech, but they’re still there and they’re your problem.
deepak / @grim_radical / #puppetconf 2016
There’s more to running a farm than the dilemma of pets vs. cattle.
(n.b. I hate this analogy)
deepak / @grim_radical / #puppetconf 2016
There’s more to running The Empire than the dilemma of Jango Fett vs. clone troopers
(thanks @brianb!)
deepak / @grim_radical / #puppetconf 2016
New technology eliminates some management problems, but creates some new ones.
Just like all software, ever.
deepak / @grim_radical / #puppetconf 2016
There is no future with fewer servers.
deepak / @grim_radical / #puppetconf 2016
note: I mean server in the SRE sense
If you’re going to put all your eggs in one basket, you need to take expert care of that basket.
deepak / @grim_radical / #puppetconf 2016
The future is not evenly distributed.
deepak / @grim_radical / #puppetconf 2016
Unified tooling across physical, virtual, containerized, cloud, etc. infrastructure is a big deal!
deepak / @grim_radical / #puppetconf 2016
Puppet is a bridge to the future.
Project Blueshift:
Use Puppet to provide and manage next generation software in a simple, reliable, and consistent way.
deepak / @grim_radical / #puppetconf 2016
(without introducing more risk)
Docker module
(without introducing more risk)
Configure Docker
class { 'docker': tcp_bind => 'tcp://127.0.0.1:4243', socket_bind => 'unix:///var/run/docker.sock',
version => '1.11', dns => '8.8.8.8', }
(without introducing more risk)
Run Docker containers
docker::run { 'helloworld': image => 'ubuntu:precise',
command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"', }
(without introducing more risk)
Manage networks
docker_network { 'my-net': ensure => present, driver => 'overlay', subnet => '192.168.1.0/24', gateway => '192.168.1.1', ip_range => '192.168.1.4/32', }
(without introducing more risk)
Setup UCPclass { 'docker_ucp': controller => true, version => '1.0.0', tracking => false, swarm_scheduler => 'binpack', preserve_certs => true, docker_socket_path => '/var/run/docker.sock', license_file => '/etc/docker/subscription.lic', }
(without introducing more risk)
Real world case studies
(without introducing more risk)
Read the book
(without introducing more risk)
puppet-in-docker
(without introducing more risk)
Docker Hub
(without introducing more risk)
Run Puppet in Docker
$ docker run --net puppet \ --name puppet \ --hostname puppet \ puppet/puppetserver
(without introducing more risk)
Develop on Windows
(without introducing more risk)
Launch with Composeversion: '2'
services: puppet: container_name: puppet hostname: puppet image: puppet/puppetserver ports:
- 8140 volumes:
- ./code:/etc/puppetlabs/code/
(without introducing more risk)
puppetlabs-image_build
Building Docker images with Puppet should be as simple as building them with docker build
(without introducing more risk)
Building with Puppet
$ ls Puppetfile manifests $ puppet docker build \ --image-name garethr/someimage
(without introducing more risk)
Kubernetes module
(without introducing more risk)
Puppet has a long history of making software deployment easier and more reliable… I'm really excited to see Puppet enabling their customers to seamlessly adopt new technology like containers and Kubernetes while maintaining a consistent, familiar experience for production quality software deployment.Brendan Burns, cofounder, Kubernetes
(without introducing more risk)
Model K8S resourceskubernetes_pod { 'sample-pod': ensure => present, metadata => { namespace => 'default', }, spec => { containers => [{ name => 'container-name', image => 'nginx', }], },}
(without introducing more risk)
Create abstractions
controller_service_pair { 'frontend': app => 'guestbook', role => 'php-redis', tier => 'frontend', port => 80, image => 'gcr.io/google_samples/gb-frontend:v3', replicas => 3, service_type => 'LoadBalancer',}
(without introducing more risk)
Official blog post
(without introducing more risk)
Extending to OpenShift
Minimal OS’s
(without introducing more risk)(without introducing more risk)
VMware Photon OS
(without introducing more risk)
CoreOS ecosystem
(without introducing more risk)
Mesos support
(without introducing more risk)
Consul integration
(without introducing more risk)
Rancher
class { 'docker': }class { 'rancher::server': }class { 'rancher': registration_url => http://127.0.0.1:8080/v1/scripts/ agent_address => $::ipaddress_eth1,}
(without introducing more risk)
$ puppet resource rkt_pod rkt_pod { 'c8ecd9ae': ensure => 'exited', app => 'hello', image_name => 'hello',}
Rkt
(without introducing more risk)
Find out more about Puppet as the bridge to the future with Project Blueshift athttps://puppet.com/product/managed-technology/blueshift
Modern infrastructure track
"The challenges with container configuration" —David Lutterkort, Thurs 2:30P
"Running puppet software in Docker containers" —Gareth Rushgrove, Fri 1:30P
deepak / @grim_radical / #puppetconf 2016
(without introducing more risk)
top related