SlideShare una empresa de Scribd logo

Automatic Kamailio Deployments With Puppet

Giacomo Vacca
Giacomo Vacca

Description: Kamailio is a robust, powerful application; virtualization and cloud computing make it extremely easy and quick to setup Kamailio-based solutions. Scaling, geographic distribution and multiple environments (e.g. development, staging/QA, production), though, present some deployment challenges. Puppet provides a solution that dramatically cuts deployment time, reduces occurrences of errors, while at the same time documenting the configuration status. This presentation describes what we did in Truphone Labs to move from a freshly created virtual machine to a running Kamailio instance, automatically and in minutes. Firewall, nagios, syslog, monit, sec, and other related services are also automatically configured.

InternetTecnologíaEntretenimiento y humor
1 de 19
Descargar para leer sin conexión
Automatic Kamailio Deployments with Puppet Giacomo Vacca Senior Network Applications Developer
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 “He’s seen more SIP transactions than some SBCs in the market” (cit.) - Leads Network Dev Team at Truphone Labs - Hacking Kamailio, Asterisk, FreeSWITCH for 10+ ys - Hacking ejabberd, more recently @giavac
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Truphone
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 labs.truphone.com
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 “You know you’re in trouble when... you realize you’ve become good at 3-way diffs” The Problem
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Deploy and customize in-place • Extract variables into included defines file • A debian package with config per host No (automatic) documentation! The Problem – in the past
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Open Source configuration management tool • Defines the final status (‘what’, not ‘how’) • Idempotent (i.e. safely run multiple times) puppetlabs.com The Solution - Puppet
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Puppet code is contained in MANIFESTS • Puppet functionalities are organized in MODULES • “Compiled” manifests are CATALOGUES The Solution - Puppet
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Master/Slave vs Standalone
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 # nodes.pp node ‘k01.domain.com’ { include ‘kamailio’ } • As many environments as you want –Each environment defines a Site •A Site defines a group of Nodes – Every host is a Node Puppet Environments, Sites, Nodes
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Simple manifests • Independent from data • Extract data into nodes definition Puppet Separate logic from data
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 https://github.com/trulabs/puppet-kamailio 1. Deploy pre-requisites 2. Install packages (deb, rpm) 3. Set configuration files (kamailio.cfg, tls.cfg) 4. Define ‘service’ (“should be running”) Kamailio with Puppet
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Kamailio with Puppet The system around Kamailio Other areas (see 3rd party modules at PuppetForge): • apt/yum • TCP keepalives • Firewall (iptables) • monit • nagios • fail2ban • logrotate • sec • SSL certificates • Swappiness » What else? Tell me at the Q&A session. Useful tools: Check your modules against Best Practices with ‘puppet-lint’. http://puppet-lint.com/
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Video: http://vimeo.com/giavac/akdp 1. Build VM 2. SSH into VM 3. git clone Puppet repo 4. Run Puppet NOOP mode 5. Run Puppet Build and deploy a new instance
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Summary Automation is easy Deployments MUST be automated Deployments SHOULD be boring Deployments MAY be fun Puppet does the job (Diagram source: http://info.puppetlabs.com/2013-state-of-devops-report.html)
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Q&A @giavac labs@truphone.com * https://labs.truphone.com/about/
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 ADDITIONAL SLIDES
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Kamailio with Puppet Kamailio module – repo/apt.pp class kamailio::repo::apt inherits kamailio::repo { include '::apt' # Note the 40! apt::source { 'kamailio40_wheezy': location => 'http://deb.kamailio.org/kamailio40', release => 'wheezy', repos => 'main', required_packages => 'debian-keyring debian-archive-keyring', key => '07D5C01D', key_server => 'http://deb.kamailio.org/kamailiodebkey.gpg', include_src => true, } Apt::Source['kamailio40_wheezy'] -> Package<|tag == 'kamailio'|> }
© 2013 Truphone Limited. All Rights Reserved.03 April 2014 Kamailio with Puppet Kamailio module – config.pp • Manages configuration files • Can install from files or templates Example: templatize a kamailio.cfg define <% if with_tls %>#!define WITH_TLS<% end %>

Recomendados

Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017Giacomo Vacca
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansiblefmaccioni
 
CoreOS in a Nutshell
CoreOS in a NutshellCoreOS in a Nutshell
CoreOS in a NutshellCoreOS
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure CommunicationDaniel-Constantin Mierla
 
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with PrometheusOpenStack Korea Community
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 

Recomendados

Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017Giacomo Vacca
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansiblefmaccioni
 
CoreOS in a Nutshell
CoreOS in a NutshellCoreOS in a Nutshell
CoreOS in a NutshellCoreOS
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure CommunicationDaniel-Constantin Mierla
 
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with PrometheusOpenStack Korea Community
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningRUDDER
 
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2Quick Start Guide using Virtuozzo 7 (β) on AWS EC2
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2Kentaro Ebisawa
 
One
OneOne
OneMartin Alfke
 
CoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgCoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgTimo Derstappen
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
NkSIP: The Erlang SIP application server
NkSIP: The Erlang SIP application serverNkSIP: The Erlang SIP application server
NkSIP: The Erlang SIP application serverCarlos González Florido
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
How automated cloud infrastructure setups can help with Continuous Delivery
How automated cloud infrastructure setups can help with Continuous DeliveryHow automated cloud infrastructure setups can help with Continuous Delivery
How automated cloud infrastructure setups can help with Continuous DeliveryEdmund Siegfried Haselwanter
 
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltStack
 
IPTABLES Introduction
IPTABLES IntroductionIPTABLES Introduction
IPTABLES IntroductionHungWei Chiu
 
A Universe From Nothing
A Universe From NothingA Universe From Nothing
A Universe From NothingStigTelfer
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27Kentaro Ebisawa
 
Salting new ground one man ops from scratch
Salting new ground one man ops from scratchSalting new ground one man ops from scratch
Salting new ground one man ops from scratchJay Harrison
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabricandymccurdy
 
Infrastructure as Code with Chef / Puppet
Infrastructure as Code with Chef / PuppetInfrastructure as Code with Chef / Puppet
Infrastructure as Code with Chef / PuppetEdmund Siegfried Haselwanter
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
Fake IT, until you make IT
Fake IT, until you make ITFake IT, until you make IT
Fake IT, until you make ITBas Meijer
 
London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4London HashiCorp User Group
 
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenRefactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenNETWAYS
 
Webinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and moreWebinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and morepanagenda
 
Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...
Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...
Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...Digium
 
How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)Jose Hernandez
 

Más contenido relacionado

La actualidad más candente

Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningRUDDER
 
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2Quick Start Guide using Virtuozzo 7 (β) on AWS EC2
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2Kentaro Ebisawa
 
CoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgCoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgTimo Derstappen
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
How automated cloud infrastructure setups can help with Continuous Delivery
How automated cloud infrastructure setups can help with Continuous DeliveryHow automated cloud infrastructure setups can help with Continuous Delivery
How automated cloud infrastructure setups can help with Continuous DeliveryEdmund Siegfried Haselwanter
 
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltStack
 
IPTABLES Introduction
IPTABLES IntroductionIPTABLES Introduction
IPTABLES IntroductionHungWei Chiu
 
A Universe From Nothing
A Universe From NothingA Universe From Nothing
A Universe From NothingStigTelfer
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27Kentaro Ebisawa
 
Salting new ground one man ops from scratch
Salting new ground one man ops from scratchSalting new ground one man ops from scratch
Salting new ground one man ops from scratchJay Harrison
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabricandymccurdy
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet
 
Fake IT, until you make IT
Fake IT, until you make ITFake IT, until you make IT
Fake IT, until you make ITBas Meijer
 
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenRefactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenNETWAYS
 
Webinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and moreWebinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and morepanagenda
 

La actualidad más candente (20)

Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioning
 
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2Quick Start Guide using Virtuozzo 7 (β) on AWS EC2
Quick Start Guide using Virtuozzo 7 (β) on AWS EC2
 
One
OneOne
One
 
CoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgCoreOS @Codetalks Hamburg
CoreOS @Codetalks Hamburg
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with Nix
 
NkSIP: The Erlang SIP application server
NkSIP: The Erlang SIP application serverNkSIP: The Erlang SIP application server
NkSIP: The Erlang SIP application server
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
How automated cloud infrastructure setups can help with Continuous Delivery
How automated cloud infrastructure setups can help with Continuous DeliveryHow automated cloud infrastructure setups can help with Continuous Delivery
How automated cloud infrastructure setups can help with Continuous Delivery
 
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
 
IPTABLES Introduction
IPTABLES IntroductionIPTABLES Introduction
IPTABLES Introduction
 
A Universe From Nothing
A Universe From NothingA Universe From Nothing
A Universe From Nothing
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27
 
Salting new ground one man ops from scratch
Salting new ground one man ops from scratchSalting new ground one man ops from scratch
Salting new ground one man ops from scratch
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabric
 
Infrastructure as Code with Chef / Puppet
Infrastructure as Code with Chef / PuppetInfrastructure as Code with Chef / Puppet
Infrastructure as Code with Chef / Puppet
 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
 
Fake IT, until you make IT
Fake IT, until you make ITFake IT, until you make IT
Fake IT, until you make IT
 
London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4
 
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van WijngaardenRefactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
 
Webinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and moreWebinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and more
 

Similar a Automatic Kamailio Deployments With Puppet

Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...
Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...
Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...Digium
 
How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)Jose Hernandez
 
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docxSEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docxjeffreye3
 
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docxSEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docxedgar6wallace88877
 
How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)Jose Hernandez
 
Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44Jisc
 
Scalable Systems Management with Puppet
Scalable Systems Management with PuppetScalable Systems Management with Puppet
Scalable Systems Management with PuppetPuppet
 
Scalable systems management with puppet
Scalable systems management with puppetScalable systems management with puppet
Scalable systems management with puppetPuppet
 
Technical note Miro automatic ftp uploads - r 30 sep 16
Technical note Miro automatic ftp uploads - r 30 sep 16Technical note Miro automatic ftp uploads - r 30 sep 16
Technical note Miro automatic ftp uploads - r 30 sep 16Ajeesh Joseph
 
Intro To Linux
Intro To LinuxIntro To Linux
Intro To Linuxtechlug
 
Nagios 3
Nagios 3Nagios 3
Nagios 3zmoly
 
Cloud init and cloud provisioning [openstack summit vancouver]
Cloud init and cloud provisioning [openstack summit vancouver]Cloud init and cloud provisioning [openstack summit vancouver]
Cloud init and cloud provisioning [openstack summit vancouver]Joshua Harlow
 
Gluster Cloud Night in Tokyo 2013 -- Tips for getting started
Gluster Cloud Night in Tokyo 2013 -- Tips for getting startedGluster Cloud Night in Tokyo 2013 -- Tips for getting started
Gluster Cloud Night in Tokyo 2013 -- Tips for getting startedKeisuke Takahashi
 
Hack.lu 09 ip-morph
Hack.lu 09 ip-morphHack.lu 09 ip-morph
Hack.lu 09 ip-morphSteph Cliche
 
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Patricia Aas
 
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5James Jara
 
Launch and Environment Constraints Overview
Launch and Environment Constraints OverviewLaunch and Environment Constraints Overview
Launch and Environment Constraints OverviewCsaba Fitzl
 

Similar a Automatic Kamailio Deployments With Puppet (20)

Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...
Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...
Automatic Configuration Management for Kamailio and Asterisk in the era of Pu...
 
How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)
 
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docxSEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
 
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docxSEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
SEED Labs – Linux Firewall Exploration Lab 1Linux Firewall.docx
 
How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)How to Make a Honeypot Stickier (SSH*)
How to Make a Honeypot Stickier (SSH*)
 
Deep inside TOMOYO Linux
Deep inside TOMOYO LinuxDeep inside TOMOYO Linux
Deep inside TOMOYO Linux
 
Wissbi osdc pdf
Wissbi osdc pdfWissbi osdc pdf
Wissbi osdc pdf
 
Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44
 
Scalable Systems Management with Puppet
Scalable Systems Management with PuppetScalable Systems Management with Puppet
Scalable Systems Management with Puppet
 
Scalable systems management with puppet
Scalable systems management with puppetScalable systems management with puppet
Scalable systems management with puppet
 
How We Protected Our Router
How We Protected Our RouterHow We Protected Our Router
How We Protected Our Router
 
Technical note Miro automatic ftp uploads - r 30 sep 16
Technical note Miro automatic ftp uploads - r 30 sep 16Technical note Miro automatic ftp uploads - r 30 sep 16
Technical note Miro automatic ftp uploads - r 30 sep 16
 
Intro To Linux
Intro To LinuxIntro To Linux
Intro To Linux
 
Nagios 3
Nagios 3Nagios 3
Nagios 3
 
Cloud init and cloud provisioning [openstack summit vancouver]
Cloud init and cloud provisioning [openstack summit vancouver]Cloud init and cloud provisioning [openstack summit vancouver]
Cloud init and cloud provisioning [openstack summit vancouver]
 
Gluster Cloud Night in Tokyo 2013 -- Tips for getting started
Gluster Cloud Night in Tokyo 2013 -- Tips for getting startedGluster Cloud Night in Tokyo 2013 -- Tips for getting started
Gluster Cloud Night in Tokyo 2013 -- Tips for getting started
 
Hack.lu 09 ip-morph
Hack.lu 09 ip-morphHack.lu 09 ip-morph
Hack.lu 09 ip-morph
 
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
 
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
 
Launch and Environment Constraints Overview
Launch and Environment Constraints OverviewLaunch and Environment Constraints Overview
Launch and Environment Constraints Overview
 

Más de Giacomo Vacca

Modern VoIP in modern infrastructures
Modern VoIP in modern infrastructuresModern VoIP in modern infrastructures
Modern VoIP in modern infrastructuresGiacomo Vacca
 
Modern VoIP in Modern Infrastructures
Modern VoIP in Modern InfrastructuresModern VoIP in Modern Infrastructures
Modern VoIP in Modern InfrastructuresGiacomo Vacca
 
An SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environmentsAn SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environmentsGiacomo Vacca
 
Kamailio World 2018 - Workshop: kamailio-tests
Kamailio World 2018 - Workshop: kamailio-testsKamailio World 2018 - Workshop: kamailio-tests
Kamailio World 2018 - Workshop: kamailio-testsGiacomo Vacca
 
[workshop] The Revolutionary WebRTC
[workshop] The Revolutionary WebRTC[workshop] The Revolutionary WebRTC
[workshop] The Revolutionary WebRTCGiacomo Vacca
 
Continuous Integration and Kamailio
Continuous Integration and KamailioContinuous Integration and Kamailio
Continuous Integration and KamailioGiacomo Vacca
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To RunningGiacomo Vacca
 
Docker and Puppet for Continuous Integration
Docker and Puppet for Continuous IntegrationDocker and Puppet for Continuous Integration
Docker and Puppet for Continuous IntegrationGiacomo Vacca
 
Top 5 Challenges To Add Web Calls to Truphone VoIP Platform
Top 5 Challenges To Add Web Calls to Truphone VoIP PlatformTop 5 Challenges To Add Web Calls to Truphone VoIP Platform
Top 5 Challenges To Add Web Calls to Truphone VoIP PlatformGiacomo Vacca
 

Más de Giacomo Vacca (12)

STUN protocol
STUN protocolSTUN protocol
STUN protocol
 
Modern VoIP in modern infrastructures
Modern VoIP in modern infrastructuresModern VoIP in modern infrastructures
Modern VoIP in modern infrastructures
 
RIPP Notes
RIPP NotesRIPP Notes
RIPP Notes
 
Modern VoIP in Modern Infrastructures
Modern VoIP in Modern InfrastructuresModern VoIP in Modern Infrastructures
Modern VoIP in Modern Infrastructures
 
An SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environmentsAn SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environments
 
Kamailio World 2018 - Workshop: kamailio-tests
Kamailio World 2018 - Workshop: kamailio-testsKamailio World 2018 - Workshop: kamailio-tests
Kamailio World 2018 - Workshop: kamailio-tests
 
[workshop] The Revolutionary WebRTC
[workshop] The Revolutionary WebRTC[workshop] The Revolutionary WebRTC
[workshop] The Revolutionary WebRTC
 
Continuous Integration and Kamailio
Continuous Integration and KamailioContinuous Integration and Kamailio
Continuous Integration and Kamailio
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To Running
 
Docker From Scratch
Docker From ScratchDocker From Scratch
Docker From Scratch
 
Docker and Puppet for Continuous Integration
Docker and Puppet for Continuous IntegrationDocker and Puppet for Continuous Integration
Docker and Puppet for Continuous Integration
 
Top 5 Challenges To Add Web Calls to Truphone VoIP Platform
Top 5 Challenges To Add Web Calls to Truphone VoIP PlatformTop 5 Challenges To Add Web Calls to Truphone VoIP Platform
Top 5 Challenges To Add Web Calls to Truphone VoIP Platform
 

Último

Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxBipin Adhikari
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 

Último (20)

Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptx
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 

Automatic Kamailio Deployments With Puppet

  • 1. Automatic Kamailio Deployments with Puppet Giacomo Vacca Senior Network Applications Developer
  • 2. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 “He’s seen more SIP transactions than some SBCs in the market” (cit.) - Leads Network Dev Team at Truphone Labs - Hacking Kamailio, Asterisk, FreeSWITCH for 10+ ys - Hacking ejabberd, more recently @giavac
  • 3. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Truphone
  • 4. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 labs.truphone.com
  • 5. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 “You know you’re in trouble when... you realize you’ve become good at 3-way diffs” The Problem
  • 6. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Deploy and customize in-place • Extract variables into included defines file • A debian package with config per host No (automatic) documentation! The Problem – in the past
  • 7. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Open Source configuration management tool • Defines the final status (‘what’, not ‘how’) • Idempotent (i.e. safely run multiple times) puppetlabs.com The Solution - Puppet
  • 8. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Puppet code is contained in MANIFESTS • Puppet functionalities are organized in MODULES • “Compiled” manifests are CATALOGUES The Solution - Puppet
  • 9. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Master/Slave vs Standalone
  • 10. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 # nodes.pp node ‘k01.domain.com’ { include ‘kamailio’ } • As many environments as you want –Each environment defines a Site •A Site defines a group of Nodes – Every host is a Node Puppet Environments, Sites, Nodes
  • 11. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 • Simple manifests • Independent from data • Extract data into nodes definition Puppet Separate logic from data
  • 12. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 https://github.com/trulabs/puppet-kamailio 1. Deploy pre-requisites 2. Install packages (deb, rpm) 3. Set configuration files (kamailio.cfg, tls.cfg) 4. Define ‘service’ (“should be running”) Kamailio with Puppet
  • 13. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Kamailio with Puppet The system around Kamailio Other areas (see 3rd party modules at PuppetForge): • apt/yum • TCP keepalives • Firewall (iptables) • monit • nagios • fail2ban • logrotate • sec • SSL certificates • Swappiness » What else? Tell me at the Q&A session. Useful tools: Check your modules against Best Practices with ‘puppet-lint’. http://puppet-lint.com/
  • 14. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Video: http://vimeo.com/giavac/akdp 1. Build VM 2. SSH into VM 3. git clone Puppet repo 4. Run Puppet NOOP mode 5. Run Puppet Build and deploy a new instance
  • 15. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Summary Automation is easy Deployments MUST be automated Deployments SHOULD be boring Deployments MAY be fun Puppet does the job (Diagram source: http://info.puppetlabs.com/2013-state-of-devops-report.html)
  • 16. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Q&A @giavac labs@truphone.com * https://labs.truphone.com/about/
  • 17. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 ADDITIONAL SLIDES
  • 18. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Kamailio with Puppet Kamailio module – repo/apt.pp class kamailio::repo::apt inherits kamailio::repo { include '::apt' # Note the 40! apt::source { 'kamailio40_wheezy': location => 'http://deb.kamailio.org/kamailio40', release => 'wheezy', repos => 'main', required_packages => 'debian-keyring debian-archive-keyring', key => '07D5C01D', key_server => 'http://deb.kamailio.org/kamailiodebkey.gpg', include_src => true, } Apt::Source['kamailio40_wheezy'] -> Package<|tag == 'kamailio'|> }
  • 19. © 2013 Truphone Limited. All Rights Reserved.03 April 2014 Kamailio with Puppet Kamailio module – config.pp • Manages configuration files • Can install from files or templates Example: templatize a kamailio.cfg define <% if with_tls %>#!define WITH_TLS<% end %>