![class webserver {
package { 'httpd':
ensure => latest
} ->
file { '/etc/httpd/conf.d/local.conf':
ensure => file,
mode => 644,
source => 'puppet:///modules/httpd/local.conf',
} ->
service { 'httpd':
ensure => running,
enable => true,
subscribe => File['/etc/httpd/conf.d/local.conf'],
}
}
A basic manifest
12](https://image.slidesharecdn.com/talk-140610201008-phpapp01/85/Beyond-Golden-Containers-Complementing-Docker-with-Puppet-10-320.jpg)
![class webserver2 inherits webserver {
File['/etc/httpd/conf.d/local.conf'] {
source => 'puppet:///modules/httpd/other-local.conf',
}
}
Override via inheritance
13](https://image.slidesharecdn.com/talk-140610201008-phpapp01/85/Beyond-Golden-Containers-Complementing-Docker-with-Puppet-11-320.jpg)
![docker::run { 'appserver2':
image => 'fedora:20',
command => '/usr/sbin/init',
ports => ['80', '443'],
links => ['mysql:db'],
use_name => true,
volumes => ['/var/lib/couchdb', '/var/log'],
volumes_from => 'appserver1',
memory_limit => 10485760, # bytes
username => 'appy',
hostname => 'app2.example.com',
env => ['FOO=BAR', 'FOO2=BAR2'],
dns => ['8.8.8.8', ‘8.8.4.4']
}
Running containers
20](https://image.slidesharecdn.com/talk-140610201008-phpapp01/85/Beyond-Golden-Containers-Complementing-Docker-with-Puppet-18-320.jpg)
![Dockerfile for puppet apply
22
FROM jamtur01/puppetbase
MAINTAINER James Turnbull <james@lovedthanlost.net>
ADD modules /tmp/modules
RUN yum -y install puppet;
puppet apply --modulepath=/tmp/modules
-e "class { 'nginx': service_ensure => disable }”
EXPOSE 80
CMD ["nginx"]](https://image.slidesharecdn.com/talk-140610201008-phpapp01/85/Beyond-Golden-Containers-Complementing-Docker-with-Puppet-20-320.jpg)
Beyond Golden Containers: Complementing Docker with Puppet
- 1. Beyond Golden Containers Complementing Docker with Puppet David Lutterkort [email protected]
- 3. http://www.partialhospitalization.com/2010/08/363/
- 4. lang en_US.UTF-8 keyboard us … rootpw --iscrypted $1$uw6MV$m6VtUWPed4SqgoW6fKfTZ/ part / --size 1024 --fstype ext4 --ondisk sda repo --name=fedora —mirrorlist=… repo --name=updates —mirrorlist=… %packages @core %end %post curl http://example.com/the-script.pl | /usr/bin/perl What’s that machine doing ? 6
- 7. Overview • Puppet from 10,000 feet • Managing the host • Building images – without a master (puppet apply) – with a master (puppet agent) • Runtime configuration 9
- 8. Infrastructure as Code 10 1)DEFINE 2)SIMULATE 4)REPORT 3)ENFORCE Re-usable infrastructure-as-code Insight into changes Before deploying changes Automatically and reliably
- 10. class webserver { package { 'httpd': ensure => latest } -> file { '/etc/httpd/conf.d/local.conf': ensure => file, mode => 644, source => 'puppet:///modules/httpd/local.conf', } -> service { 'httpd': ensure => running, enable => true, subscribe => File['/etc/httpd/conf.d/local.conf'], } } A basic manifest 12
- 11. class webserver2 inherits webserver { File['/etc/httpd/conf.d/local.conf'] { source => 'puppet:///modules/httpd/other-local.conf', } } Override via inheritance 13
- 12. The site-wide manifest 14 node host1.example.com { class { 'webserver': } } node host2.example.com { class { 'webserver2': } } node host3.example.com { class {'mongodb::server': port => 27018 } }
- 13. 15
- 14. Overview • Puppet from 10,000 feet • Managing the host • Building images – without a master (puppet apply) – with a master (puppet agent) • Runtime configuration 16
- 15. Managing the host Gareth Rushgrove’s module: https://forge.puppetlabs.com/garethr/docker • Install docker (Ubuntu and CentOS) • Manage images • Run containers 17
- 16. class { 'docker': tcp_bind => 'tcp://127.0.0.1:4243', socket_bind => 'unix:///var/run/docker.sock', } Setting up Docker 18
- 17. docker::image { 'ubuntu': image_tag => 'precise' } Pulling down images 19
- 18. docker::run { 'appserver2': image => 'fedora:20', command => '/usr/sbin/init', ports => ['80', '443'], links => ['mysql:db'], use_name => true, volumes => ['/var/lib/couchdb', '/var/log'], volumes_from => 'appserver1', memory_limit => 10485760, # bytes username => 'appy', hostname => 'app2.example.com', env => ['FOO=BAR', 'FOO2=BAR2'], dns => ['8.8.8.8', ‘8.8.4.4'] } Running containers 20
- 19. Overview • Puppet from 10,000 feet • Managing the host • Building images – without a master (puppet apply) – with a master (puppet agent) • Runtime configuration 21
- 20. Dockerfile for puppet apply 22 FROM jamtur01/puppetbase MAINTAINER James Turnbull <[email protected]> ADD modules /tmp/modules RUN yum -y install puppet; puppet apply --modulepath=/tmp/modules -e "class { 'nginx': service_ensure => disable }” EXPOSE 80 CMD ["nginx"]
- 21. Overview • Puppet from 10,000 feet • Managing the host • Building images – without a master (puppet apply) – with a master (puppet agent) • Runtime configuration 23
- 22. FROM fedora:20 MAINTAINER David Lutterkort <[email protected]> ADD puppet /tmp/puppet-docker RUN yum -y install puppet; yum clean all; /tmp/puppet-docker/bin/puppet-docker Dockerfile for puppet agent 24
- 23. > tree puppet puppet/ ├── bin │ └── puppet-docker ├── config.yaml └── ssl ├── agent-cert.pem ├── agent-private.pem ├── agent-public.pem └── ca.pem Support files 25
- 24. > cat puppet/config.yaml --- certname: docker # server: puppet-master.example.com facts: container: docker build: true Configure agent run 26
- 25. Overview • Puppet from 10,000 feet • Managing the host • Building images – without a master (puppet apply) – with a master (puppet agent) • Runtime configuration 27
- 26. Runtime configuration • Install an init system (systemd) – run cron or puppetd – run target service(s) • Possibly move to one agent per host 28
- 27. Summary • Explain what you are doing clearly (or scare those trying to understand you to death) • Manage container hosts with https://forge.puppetlabs.com/garethr/docker • Sample materials for puppet agent etc. at https://github.com/lutter/puppet-docker 29 Questions ?