Today I attended my third Puppet Camp – Puppet Camp London Spring 2015 – at The Mermaid Conference Center in Blackfriars, London. The event was really informative and I thought it was worth posting up some notes and links about the day.
The auditorium was really nice with plenty of room, very clear sound and a nice clear cinema-sized screen. Some smaller tech events I’ve been to recently weren’t as good as this, so well done to the organisers and many thanks to sponsors Solidfire, Pagerduty and Speerhead.
Here’s a list of the talks:
Puppet Keynote by Gareth Rushgrove of Puppetlabs. Twitter: @garethr. Gareth gave a great overview of Puppet and Configuration Management (ideal for some members of the audience who were looking at Puppet for the first time) and then spoke about the new features in Puppet 4.0. The key take away was how the newer, best practice methods of managing servers has really evolved over the last 10-20 years. He pointed to the 2014 DevOps Report in which servers and infrastructure are now more reliable than ever, but teams also need to be more agile (more releases, more often) in order to beat their competition. A quick show of hands in the audience showed how configuration management is used by both traditional developers and traditional sysadmins in equal measure.
— David Shackelford (@dshack) April 13, 2015
Why Puppet? Why now? by David Mytton, Server Density. Twitter: @davidmytton An interesting talk from the point of view of someone who started building a business using a small number of hand-crafted servers and quickly realised the importance of using Configuration Management to scale out the infrastructure in a consistent way.
Helping Data Teams with Puppet by Sergii Khomenko, STYLIGHT. Twitter: @lc0d3r
Autosigning Certificates with Time-based One Time Passwords by David Ellis, TIM Group. (David Ellis, TIM Group, Developer Blog)
Puppet and Your Metadata by Marc Cluet, Ukon Cherry. Twitter: @lynxman. Marc was a really good presenter and gave a great overview of the different types of metadata that is available: Structural Metadata like IP Addresses, Architecture (things that are typically set and cannot be changed) and Descriptive Metadata like $puppetver, $apachever (things that you typically want to set on a host). Marc made two great references which I’ll look into for storing sensitive information: hiera_gpg and hiera_eyaml (hiera_eyaml on github). When automating metadata there are 4 sources to look for: Provisioning, Puppet, Monitoring, Services. Marc touched on Consul for data discovery and there was more on that in a later talk. Another great point he made was to make sure that any custom facts you create in puppet must be returned in a timely manner. Consider it might take 20 seconds to generate a dynamic fact. Scale that out over hundreds of servers and hundreds of puppet runs and you can see that is wasteful. For any custom facts that may take time to generate (say, running an SQL query to set some custom stats) run them as a cron job and simply store the data in a text file in /etc/facter/facts.d/
Slides for Marc’s talk can be found here: Puppet and Your Metadata
Puppet Demo by Steven Thwaites, Puppet Labs
Puppet Contained by Owen Ben Davies, Big Sofa. Personal Homepage: Owen Ben Davies UK. Slides: Puppet Contained Ben covered how developers can use Vagrant and Docker together in order to set up and test applications that are representative of production environments. One point around Docker images was discussed at the end of the presentation which was when to use Puppet – during the creation of a container, or during the runtime of a container? As containers are small and made up of small deltas, there is an argument to say you should use puppet on the build side for generating images, and then use Service Discovery with Puppet when you the images are being run. Do the work once up front.
The last presentation was meant to be Puppet Performance Profiling (Intermediate) – R.I.Pienaar but unfortunately RI couldn’t make the conference.
Instead, Gareth Rushgrove gave a talk and demo titled Service Discovery and Configuration Management – Two Speeds of Configuration. The slides for Gareth’s talk can be found at here: Service Discovery and Configuration Management. The idea here is that we can use Service Discovery with puppet to dynamically configure our infrastructure. A number of different service discovery tools exist already such as etcd, Consul and Zookeeper. They’re all use in well known projects (etcd by CoreOS, Cloud Foundry and Kubernetes; Hadoop used by Zookeeper; SocketPlane and Cloud Foundry use Consul). In Gareth’s example, he demonstrated Consul with puppet, triggering a puppet run when changes were made to the running services. The puppet run creates a dynamic configuration file (in this case NGINX) pointing at the active applications which were discovered by Consul. So, stopping an application on one node triggers an immediate puppet run on a server which relies on it. Within in a few seconds web requests are redirected only to applications running on different servers. The code for the module can be found at lynxman/hiera_consul on github.
Overall, this was a day well spent with plenty of ideas to make better use of puppet.