Best Practices for Puppet in the Cloud

Randall Hunt – AWS Tech Evangalist Andrew Popp – DevOps System Engineer (ServiceChannel)

Contents / Agenda

Who is SC ?

Moving into AWS

Im in a Cloud Now … Whats Next ?

Deploying Puppet in AWS

Puppetlabs AWS Module

2 Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All

ServiceChannel At a Glance Who is this guy, and what does this company do?

3

4

Andrew Popp DevOps Systems Engineer

@doctahpopp99

5

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 6

200+ Employees around the globe

300+ Clients from many industries

50K+ Commercial contractors & suppliers

200K Locations under management

63 Countries using service daily

1.4Million Work orders processed per month

Where we started …

7

8

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 9

•  Dev Env •  Single Server •  IIS/MSSQL colo

•  Prod Env •  6 Servers (Web) •  1 DB Server

•  No Load balancers •  No CI/CD •  No Codebase

No Cfg Mgmt !

Moving into AWS When the going gets tough … virtualize dat.

10

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 11

There is a road, no simple highway …

•  Exploration •  Single function

•  Classic EC2 •  No VPC •  Hybrid Approach •  Majority of Production Payload still on prem.

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 12

Somethings shaking, on Shakedown Street …

Became …

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 13

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 14

AWS 2012

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 15

So I'm in the cloud now This is awesome, but what's next ?

16

AWS Today

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 17

94 EC2 Nodes

62 ELBs

39 Cache Clusters

DevOps Team

90 SQS Queues

500 SNS Queues

92 Dynamo DB tables

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 18

•  Understand your Services •  Know your Limits (API)

•  Decide on a Network Config (Region) •  Available across AZ •  VPC Architecture

•  Enable CloudTrail •  Meta-data URI •  User-Data •  IAM Roles

Initial Network Deployment

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 19

•  Single Region •  Single VPC

•  Subnets Across AZ’s •  NAT Instance •  Security Group Inbound Rules •  Route 53

Deploying Puppet in your VPC The beginning of great things …

21

Key Management Features

•  Puppet Architecture in Cloud (Prod/Testing)

•  EC2 Auto-Signing

•  EC2 Tags

•  Class creation and resource organization

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 22

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 23

https://docs.puppet.com/puppet/latest/reference/ssl_attributes_extensions.html#puppet-specific-registered-ids

Puppetlabs-AWS Now were cooking w/ gas

24

DevOps Team Performance

Preso title goes here. To update, go to File > Page Setup > Header/Footer, paste title, Apply All 25

•  Throughput •  A deploy a day keeps the …

•  X Deploys per year. •  Lead time for changes ~3 hours

•  We can do 60 min •  Stability

•  Recovery •  1-2 hour range and its getting smaller …

•  Rate of failure •  15-20% •  Increase of confidence

So What Happens If Hurricane Sandy Comes back ?

26

Thanks! Q/A?

@jrhunt @doctahpopp99