The PuppetConf 2013 cloud automation track featured speakers covering everything from how to provision Google Compute Engine resources with a Puppet manifest to how to use Puppet Enterprise with VMware's brand new vCloud Hybrid Service. We've gathered their decks below. You should also take a look at our recap of PuppetConf keynote presentations, and keep an eye out for more collections of decks from other PuppetConf tracks through the rest of this week.
Architecting for Failure in AWS
Jos Boumans, VP of Operations at Krux Digital, helped grow his company from zero traffic to several billion requests per day in the span of two years, and did so exclusively in AWS. He spoke about the pitfalls Krux Digital encountered, and how, through architecture, convention and common sense, it managed to build an infrastructure that is "Always Up" from the end user perspective and incredibly economical to build, scale & operate. Every bit of the AWS stack is automated, monitored & graphed, with maximized resilience and minimized cost.
Deploying VMware vCloud Hybrid Service With Puppet
Nan Liu, senior systems engineer at VMware, provided an overview of the challenges deploying and managing VMware vCloud Hybrid service with Puppet. VMware vCloud Hybrid service automation not only requires configuration management of operating systems, but also configuration management of several VMware products through their APIs:
- VMware vCenter (vSphere API)
- VMware vCloud Network and Security (vShield API)
- VMware vCloud Director (vCloud API).
Before moving to VMware, Nan worked as a technical evangelist and professional service engineer at Puppet Labs developing and promoting DevOps solutions for partners and customers. It was great to see him back at PuppetConf 2013!
Building a Hyper-Secure VPC on AWS With Puppet
Tim Nolet, a technical architect at Xebia, described the techniques and patterns used in a real life project where the goal was to build a VPC on AWS, make it extremely secure on all accounts, do it automated.
Tim described how you can use Puppet technologies and AWS and introduce all kinds of real life security measures, all managed by Puppet. These security measures include: log collection and analysis (in combination with Graylog2), transparent proxy hosts for DMZ separation, host-based firewalls to augment the non-logging AWS firewalls/security groups, CIS (Center for Internet Security) benchmark enforcement on standard AWS Linux AMIs, and change tracking with SVN.
Using Puppet for Deploying Hyper-V OpenStack Compute Nodes
Peter Pouliot, works within Microsoft's Open Source Technology Center, and he's the company's official subject matter expert on OpenStack. He discussed how to use Puppet technologies to deploy OpenStack on Hyper-V, and recounted his experiences writing Puppet DSL manifests for Windows.
A One Stop Solution for Puppet and OpenStack
Daniel Lobato Garcia, a software engineer at CERN, has been working with other engineers at CERN to use and develop tools that allow them to have an IaaS where the data center is configured by Puppet and virtualization and authentication needs are handled by OpenStack. The team uses RedHat's foreman for its lifecycle management tool, which it has configured to support both bare metal and OpenStack virtual machines. The team also uses Git to manage environments and host group configurations. Daniel spoke about how to deal with security implications and how to store Hiera data secrets.
Daniel said nearly everyone at CERN has started to wear the DevOps hat, which brings new challenges in terms of development workflows and scalability.
Puppet, Now With Google!
Marc Cohen and Eric Johnson of Google offered a tour of Google Cloud Platform, dove into Google Compute Engine, and then explained how it all comes together with Puppet technologies. If you're interested in experimenting with the sort of software-defined cloud infrastructure GCE and Puppet Enterprise can offer, don't miss Ryan Coleman's blog post on managing GCE resources with the Puppet DSL.
Puppet and AWS: Getting the Best of Both Worlds
Mike Ryan, founder and cloud infrastructure consultant at Epitech BV, provided technical examples of how to use Puppet technologies to manage large infrastructures in Amazon's cloud, and gave some background in to how Puppet fits in to the AWS ecosystem.
He also spoke about OpsWorks (Amazon's Chef-based configuration management offering) and what it means for Puppet, using Puppet in conjunction with CloudFormation, using Puppet to automate common AWS tasks (such as building AMIs), and using Vagrant and Puppet to create an easy path from local development to production.
Puppet and Apache CloudStack
David Nalley, a committer and PMC member of the Apache CloudStack team, said Puppet technologies are ideal for abstracting away the configurations of machines. Since Puppet's arrival, said David, IaaS has started to creep into the mainstream. Now instead of just managing the configuration in the machine, the machine state itself can be configured, and even broken out to manage the configuration of all the deployed instances in a datacenter. David explored the use of Apache CloudStack and other platforms to do so.
- The latest Puppet Enterprise release introduced important new cloud automation capabilities. Read about its orchestration engine.
- With cloud automation, software-defined infrastructure is that much more in reach. Learn how the Puppet Forge helps you create infrastructure as code.
- If you're ready to try it all out, download Puppet Enterprise and try it out on 10 nodes for free.