2024: Domino Containers - The Next Step. News from the Domino Container commu...
Windows: Having its ass kicked by Puppet and Powershell since 2012 #PuppetConf
1. Windows: Having It’sWindows: Having It’s
Ass Kicked by PuppetAss Kicked by Puppet
and PowerShell sinceand PowerShell since
20122012
Paul StackPaul Stack
http://www.paulstack.co.ukhttp://www.paulstack.co.uk
http://twitter.com/stack72http://twitter.com/stack72
mail:mail: puppetconf@paulstack.co.ukpuppetconf@paulstack.co.uk
2. PaurShellPaurShell
This is actually the Northern IrishThis is actually the Northern Irish pronunciation of
the Windows task based framework, PowerShell
3. About MeAbout Me
Develop software for OpenTableDevelop software for OpenTable
Member of the Jetbrains DevelopmentMember of the Jetbrains Development
AcademyAcademy
DevOps ExtremistDevOps Extremist
4. AgendaAgenda
Classic infrastructure managementClassic infrastructure management
Snowflake / Phoenix Servers / ImmutableSnowflake / Phoenix Servers / Immutable
InfrastructureInfrastructure
Infrastructure as CodeInfrastructure as Code
PowerShell as a way to manage WindowsPowerShell as a way to manage Windows
PowerShell + Puppet = Kicking Windows’ AssPowerShell + Puppet = Kicking Windows’ Ass
7. People are generallyPeople are generally
rubbish at performingrubbish at performing
manual repetitive tasksmanual repetitive tasks
8. SnowFlake ServerSnowFlake Server
Image courtesy of Liz West and under Creative CommonsImage courtesy of Liz West and under Creative Commons
LicenseLicense
Martin Fowler:Martin Fowler:
http://martinfowler.com/bliki/SnowflakeServer.htmlhttp://martinfowler.com/bliki/SnowflakeServer.html
9. Machines are muchMachines are much
more reliable atmore reliable at
performing repetitiveperforming repetitive
taskstasks
10. Image courtesy of FoodBev Photos and under CreativeImage courtesy of FoodBev Photos and under Creative
Commons LicenseCommons License
11. Can’t we automate ourCan’t we automate our
manual run books?manual run books?
25. SummarySummary
Code is much better for managing servers thanCode is much better for managing servers than
peoplepeople
PowerShell is a tool to use when working withPowerShell is a tool to use when working with
WindowsWindows
Puppet compliments what PowerShell doesPuppet compliments what PowerShell does
perfectly in a DSL formatperfectly in a DSL format
Windows Server management is no longer aWindows Server management is no longer a
pain in the ass.pain in the ass.
Puppet first support for windows was 2.7.6. I have only been using it since 2012 :)
Runbooks are a traditional way of instructing the users what steps to run when installing software, operating systems or doing server builds
They cut corners, they make mistakes, and techniques differ from person to person. Its important to remember that working at 100% all of the time is not the best use of time So when creating server builds for web, databases etc. this leads to..... snowflake servers
1. Difficult to reproduce if there are issuesand even more difficult to create similarenvironments in QA2. When trying to change a snowflake serverthings get really interesting. There are allsorts of potential knock on effects
(unless you are on windows and you get a blue screen of death....)
People cannot run at 100% - they will burn out. FYI machines should never be running at 100% either.
We (OpenTable) are desperately trying to move away from these manual runbooks. We used to have to create them for our systems and our “best” piece of work is approximately 57 pages in a work document.
The end goal of infrastructure as code is to perform as many infrastructure tasks as possible programmatically. So yes, we can automate (most of) our runbooks.
Martin Fowler wrote about Phoenix Servers on 10th July 2012 Each server is created and managed in exactly the same way each time it is provisioned. These would be using tooling to create them and maintain their configuration. Martin said: “ One day I had this fantasy of starting a certification service for operations. The certification assessment would consist of a colleague and I turning up at the corporate data center and setting about critical production servers with a baseball bat, a chainsaw, and a water pistol. The assessment would be based on how long it would take for the operations team to get all the applications up and running again.”
Chad Fowler 23rd June 2013 Immutable Deployments - Need to upgrade or patch a server would mean spinning up a new one on the fly instead of hoping for a success story on an existing server
Share code Review Code Training Read books Knowledge is portable / spreadable Tooling is available RSpec Puppet (test framework for puppet code) think of integration / unit tests here Can be run in a CI environment Tooling helps us write infrastructure code in the same way as application code TravisCI is awesome for pupept module continuous integration Code is structured for validity convention based linting tools etc. e.g. puppet lint based on guidance from experienced users IDEs are becoming available e.g. Gepetto, RubyMine now has support too Active communities
1.0 – 2006. Pretty much crap. It put a lot of people off PowerShell 2.0 – Much better! Things started to get going for automation PowerShell Remoting: Background Jobs: Transactions: Modules: Script Debugging: Eventing: Windows PowerShell Integrated Scripting Environment (ISE): 3.0 – Now we are rocking! Scheduled jobs: Session connectivity: Autocompletion and Intellisense Delegation support:
Demo Time We want to demo the script on how we install Windows Features and Also manage IIS. Point out that this even feels complex and that there should be another way to make this easier The problem here is that someone has to manually log into the server and run the scripts - show a runbook to demo what they would be doing.
Give details about puppet - show a sample manifest and explain how it works using the inbuilt types. Important to note that not all the same types are available for use on Windows as there is on Linux / Unix based systems
Think of someone tapping out of a submission move! Show the puppet script to install 7zip on a windows server. This will be able to demonstrate that it uses the system architecture to install the correct version of the application Show the scripts for Puppet-IIS and show that by running these values, I can manage IIS on any Windows Server 2008 webserver Look at the difference between this module for managing IIS and the Raw PowerShell script. This scripts looks so much easier Show the entire build_base_server manifest so that people can see exactly what runs. This log onto the box and demonstrate that the box runs against the snapshot.
Change to show the puppet modules currently available for Windows on the forge. From what I am told, Windows is the 3rd highest searched for term on the forge. There have been approx 15600 downloads of windows modules We should all thank Ryan Coleman and his team for doing an awesome job on the forge. BTW Ryan, Im not quite sure why windows is not in the popular tags :)
There are a lot of eyes on Windows automation now. We have at least 3 sessions on Windows here at Puppetconf. There are lots of questions to companies about it now. The Windows community is finally got the memo
