SlideShare una empresa de Scribd logo

PuppetConf 2015: Puppet API Roundup

Jeremy Adams
Jeremy Adams

Jeremy Adams and Lizzi Lindboe delivered this talk at PuppetConf 2015. You'll learn some REST / HTTP API basics, hear about some useful CLI tools, and get some useful examples that you can try on the Puppet Learning VM or any Puppet Enterprise install.

Tecnología
1 de 45
Descargar para leer sin conexión
Jeremy Adams Solutions Engineering Puppet Labs Puppet API Roundup Lizzi Lindboe Software Engineer Puppet Labs
What to expect The talk Guided examples After the talk Now you try! Slides, video, and code online github.com/jpadams/puppetconf_api
Begin! Let’s make an HTTP request https://docs.puppetlabs.com/pe/latest/status_api.html
Console status RBAC NC Activity PuppetDB API Puppet Server Puppet CA Services Overview
Components of an HTTP request Verb URL Data Auth
Components of an HTTP request Verb URL Data Auth
The verb: how GET request data PUT send data POST send data DELETE delete something
The verb: how GET request data
Components of an HTTP request Verb GET, PUT, POST, DELETE URL Data Auth
Components of an HTTP request Verb GET, PUT, POST, DELETE URL Data Auth
The URL: what protocol HTTP or HTTPS host node where API is port like a service address endpoint (a.k.a. route) which resource to interact with
How do I know what the URL is? https://docs.puppetlabs.com/pe/latest/status_api.html
Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data Auth
curl workhorse (install curl.exe with choco!) httpie sturdy, pretty pony python requests library (also `python -m json.tool`) ruby so many libs! github: puppetlabs/puppet-classify gem puppet github: dalen/puppet-puppetdbquery, puppetlabs/prosvcs-node_manager GUI tools browser extensions, standalone apps, web apps Some tools
Let’s request data! curl -X GET http://localhost:8123/status/v1/services #demo 1
Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data Auth
curl -X POST --data @my-data.json http://google.com The request body { "foo": "bar", "baz": "oof" } ./my-data.json
curl -X POST -d @my-data.json -H "Content-Type: application/json" http://google.com The request headers
curl -X GET http://google.com/?key1=val1&key2=val2 curl -X GET http://google.com --data "key1=val1" --data "key2=val2" curl -X GET --data-urlencode 'level=debug' http://localhost:8123/status/v1/services Query params #demo 2
Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth
Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth
For when you don’t want status information traveling unencrypted Let’s request status with SSL
Why SSL? encryption information security identity verification are you who you say are?
SSL components Certificate Public information Key Private, don’t share! CA Certificate Which certificate authority verified your identity?
Where do I get one? Default agent certs SSL dir: /etc/puppetlabs/puppet/ssl/ Certificate: certs/<agent_name>.pem Key: private_keys/<agent_name>.pem CA cert: certs/ca.pem
Where do I get one? Make your own: #demo 3 `puppet cert generate lizzi`
Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth HTTPS, certificate, key, CA certificate
cd /etc/puppetlabs/puppet/ssl curl -X GET --cert ./certs/lizzi.pem --key ./private_keys/lizzi.pem --cacert ./certs/ca.pem https://learning...vm:4433/status/v1/services Let’s request status with SSL now #demo 4
But wait, there’s more!
Authentication and authorization SSL need: certificate, key, CA certificate Whitelist
Certificate whitelist determines if certificate holder has access to an endpoint. Status API doesn’t use a whitelist, but many other routes will, including PuppetDB routes. Authorization
Authentication and authorization SSL need: certificate, key, CA certificate Whitelist need: SSL, add certificate to whitelist
Console status RBAC NC Activity PuppetDB API Puppet Server Puppet CA Can be configured for HTTP Must use HTTPS rbac-certificate-whitelist Services Overview certificate-whitelist ca.conf pe-puppet-server.conf #demo 5 :4433:8123:8140:8081 :4433 :8080
Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth HTTPS, certificate, key, CA certificate, cert whitelisting
curl -X GET --cert ./certs/lizzi.pem --key ./private_keys/lizzi.pem --cacert ./certs/ca.pem --data-urlencode query='["and", ["=", "name", "osfamily"], ["=", "value", "RedHat"]]' https://learning...vm:8081/pdb/query/v4/facts Let’s query PuppetDB #demo 6
Components of an HTTP request Verb choose: GET, PUT, POST, DELETE URL need: protocol, host, port, and route Data might need: headers, body, or query params Auth can use: HTTPS and cert whitelisting
API-only LDAP StartTLS feature https://learning...vm:4433/rbac-api GET /v1/ds > ds.json PUT /v1/ds --data @ds.json Let’s access some new features #demo 7,8 docs 1
https://learning...vm:4433/classifier-api GET /v1/groups > groups.json POST /v1/import-hierarchy --data @groups.json POST /v1/groups using API-only trusted and structured facts! Let’s do something with groups #demo 9,10,11 docs 2
`curl --verbose` for more information A brief note on responses 404 200 303
All the APIs and their documentation API Features Auth Docs Puppet Server Master, certificate authority ca.conf, auth.conf Puppet HTTP API Guide Console Node groups, access control, activity logging Certificate whitelist, cookies (UI) Node Classifier API Endpoints RBAC Service API Endpoints Activity Service API Endpoints PuppetDB Query data, reports Certificate whitelist PuppetDB API Overview
• No cert whitelist management required • Uses access control - configurable permissions • Doesn’t require root access to nodes like certs • Only available for some APIs, rolling out for more Making it easier: tokens coming soon! 100010 101011 010 111100 111010 111
Look out for new APIs in the future! API v11
Now it's your turn!
Thank you! Questions?

Recomendados

DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and Python
DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and PythonDEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and Python
DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and PythonCisco DevNet
 
HTTP and Your Angry Dog
HTTP and Your Angry DogHTTP and Your Angry Dog
HTTP and Your Angry DogRoss Tuck
 
Introduction to Web Programming with Perl
Introduction to Web Programming with PerlIntroduction to Web Programming with Perl
Introduction to Web Programming with PerlDave Cross
 
F# on the Web
F# on the WebF# on the Web
F# on the WebRyan Riley
 
A python web service
A python web serviceA python web service
A python web serviceTemian Vlad
 
Website releases made easy with the PEAR installer - Barcelona 2008
Website releases made easy with the PEAR installer - Barcelona 2008Website releases made easy with the PEAR installer - Barcelona 2008
Website releases made easy with the PEAR installer - Barcelona 2008Helgi Þormar Þorbjörnsson
 
Serverless Ballerina
Serverless BallerinaServerless Ballerina
Serverless BallerinaBallerina
 
From ZERO to REST in an hour
From ZERO to REST in an hour From ZERO to REST in an hour
From ZERO to REST in an hour Cisco DevNet
 

Recomendados

DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and Python
DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and PythonDEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and Python
DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and PythonCisco DevNet
 
HTTP and Your Angry Dog
HTTP and Your Angry DogHTTP and Your Angry Dog
HTTP and Your Angry DogRoss Tuck
 
Introduction to Web Programming with Perl
Introduction to Web Programming with PerlIntroduction to Web Programming with Perl
Introduction to Web Programming with PerlDave Cross
 
F# on the Web
F# on the WebF# on the Web
F# on the WebRyan Riley
 
A python web service
A python web serviceA python web service
A python web serviceTemian Vlad
 
Website releases made easy with the PEAR installer - Barcelona 2008
Website releases made easy with the PEAR installer - Barcelona 2008Website releases made easy with the PEAR installer - Barcelona 2008
Website releases made easy with the PEAR installer - Barcelona 2008Helgi Þormar Þorbjörnsson
 
Serverless Ballerina
Serverless BallerinaServerless Ballerina
Serverless BallerinaBallerina
 
From ZERO to REST in an hour
From ZERO to REST in an hour From ZERO to REST in an hour
From ZERO to REST in an hour Cisco DevNet
 
Puppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
Puppet Camp Düsseldorf 2014: Puppet CA Certificates ExplainedPuppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
Puppet Camp Düsseldorf 2014: Puppet CA Certificates ExplainedPuppet
 
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explained
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explainedPuppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explained
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explainedNETWAYS
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
HTTP Basics Demo
HTTP Basics DemoHTTP Basics Demo
HTTP Basics DemoInMobi Technology
 
Palestra VCR
Palestra VCRPalestra VCR
Palestra VCRCássio Marques
 
Amazon Web Service - Basics
Amazon Web Service - BasicsAmazon Web Service - Basics
Amazon Web Service - BasicsSang-Min Park
 
Automate your automation with Rudder’s API! \o/
Automate your automation with Rudder’s API! \o/Automate your automation with Rudder’s API! \o/
Automate your automation with Rudder’s API! \o/RUDDER
 
Rhel5
Rhel5Rhel5
Rhel5Yash Gulati
 
Design Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyDesign Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyManageIQ
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHPSulaeman .
 
Automating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTAutomating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTRevelation Technologies
 
ORCID OAuth Dance with google playground
ORCID OAuth Dance with google playgroundORCID OAuth Dance with google playground
ORCID OAuth Dance with google playgroundORCID, Inc
 
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutionsSecuring Network Access with Open Source solutions
Securing Network Access with Open Source solutionsNick Owen
 
Gohan
GohanGohan
GohanNachi Ueno
 
The Identity Problem of the Web and how to solve it
The Identity Problem of the Web and how to solve itThe Identity Problem of the Web and how to solve it
The Identity Problem of the Web and how to solve itBastian Hofmann
 
UserCentric Identity based Service Invocation
UserCentric Identity based Service InvocationUserCentric Identity based Service Invocation
UserCentric Identity based Service Invocationguestd5dde6
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response StructureBhagyashreeGajera1
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTPMykhailo Kolesnyk
 
Talking to Web Services
Talking to Web ServicesTalking to Web Services
Talking to Web ServicesDrupalcampAtlanta2012
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Más contenido relacionado

Similar a PuppetConf 2015: Puppet API Roundup

Puppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
Puppet Camp Düsseldorf 2014: Puppet CA Certificates ExplainedPuppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
Puppet Camp Düsseldorf 2014: Puppet CA Certificates ExplainedPuppet
 
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explained
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explainedPuppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explained
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explainedNETWAYS
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Amazon Web Service - Basics
Amazon Web Service - BasicsAmazon Web Service - Basics
Amazon Web Service - BasicsSang-Min Park
 
Automate your automation with Rudder’s API! \o/
Automate your automation with Rudder’s API! \o/Automate your automation with Rudder’s API! \o/
Automate your automation with Rudder’s API! \o/RUDDER
 
Design Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyDesign Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyManageIQ
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHPSulaeman .
 
Automating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTAutomating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTRevelation Technologies
 
ORCID OAuth Dance with google playground
ORCID OAuth Dance with google playgroundORCID OAuth Dance with google playground
ORCID OAuth Dance with google playgroundORCID, Inc
 
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutionsSecuring Network Access with Open Source solutions
Securing Network Access with Open Source solutionsNick Owen
 
The Identity Problem of the Web and how to solve it
The Identity Problem of the Web and how to solve itThe Identity Problem of the Web and how to solve it
The Identity Problem of the Web and how to solve itBastian Hofmann
 
UserCentric Identity based Service Invocation
UserCentric Identity based Service InvocationUserCentric Identity based Service Invocation
UserCentric Identity based Service Invocationguestd5dde6
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response StructureBhagyashreeGajera1
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTPMykhailo Kolesnyk
 

Similar a PuppetConf 2015: Puppet API Roundup (20)

Puppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
Puppet Camp Düsseldorf 2014: Puppet CA Certificates ExplainedPuppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
Puppet Camp Düsseldorf 2014: Puppet CA Certificates Explained
 
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explained
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explainedPuppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explained
Puppet Camp Duesseldorf 2014: Thomas Gelf - Puppet CA: certificates explained
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
HTTP Basics Demo
HTTP Basics DemoHTTP Basics Demo
HTTP Basics Demo
 
Palestra VCR
Palestra VCRPalestra VCR
Palestra VCR
 
Amazon Web Service - Basics
Amazon Web Service - BasicsAmazon Web Service - Basics
Amazon Web Service - Basics
 
Automate your automation with Rudder’s API! \o/
Automate your automation with Rudder’s API! \o/Automate your automation with Rudder’s API! \o/
Automate your automation with Rudder’s API! \o/
 
Rhel5
Rhel5Rhel5
Rhel5
 
Design Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyDesign Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John Hardy
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHP
 
Automating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTAutomating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and REST
 
ORCID OAuth Dance with google playground
ORCID OAuth Dance with google playgroundORCID OAuth Dance with google playground
ORCID OAuth Dance with google playground
 
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutionsSecuring Network Access with Open Source solutions
Securing Network Access with Open Source solutions
 
Gohan
GohanGohan
Gohan
 
The Identity Problem of the Web and how to solve it
The Identity Problem of the Web and how to solve itThe Identity Problem of the Web and how to solve it
The Identity Problem of the Web and how to solve it
 
UserCentric Identity based Service Invocation
UserCentric Identity based Service InvocationUserCentric Identity based Service Invocation
UserCentric Identity based Service Invocation
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response Structure
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTP
 
Talking to Web Services
Talking to Web ServicesTalking to Web Services
Talking to Web Services
 

Último

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 

Último (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 

PuppetConf 2015: Puppet API Roundup

  • 1.
  • 2. Jeremy Adams Solutions Engineering Puppet Labs Puppet API Roundup Lizzi Lindboe Software Engineer Puppet Labs
  • 3. What to expect The talk Guided examples After the talk Now you try! Slides, video, and code online github.com/jpadams/puppetconf_api
  • 4. Begin! Let’s make an HTTP request https://docs.puppetlabs.com/pe/latest/status_api.html
  • 5. Console status RBAC NC Activity PuppetDB API Puppet Server Puppet CA Services Overview
  • 6. Components of an HTTP request Verb URL Data Auth
  • 7. Components of an HTTP request Verb URL Data Auth
  • 8. The verb: how GET request data PUT send data POST send data DELETE delete something
  • 10. Components of an HTTP request Verb GET, PUT, POST, DELETE URL Data Auth
  • 11. Components of an HTTP request Verb GET, PUT, POST, DELETE URL Data Auth
  • 12. The URL: what protocol HTTP or HTTPS host node where API is port like a service address endpoint (a.k.a. route) which resource to interact with
  • 13. How do I know what the URL is? https://docs.puppetlabs.com/pe/latest/status_api.html
  • 14. Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data Auth
  • 15. curl workhorse (install curl.exe with choco!) httpie sturdy, pretty pony python requests library (also `python -m json.tool`) ruby so many libs! github: puppetlabs/puppet-classify gem puppet github: dalen/puppet-puppetdbquery, puppetlabs/prosvcs-node_manager GUI tools browser extensions, standalone apps, web apps Some tools
  • 16. Let’s request data! curl -X GET http://localhost:8123/status/v1/services #demo 1
  • 17. Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data Auth
  • 18. curl -X POST --data @my-data.json http://google.com The request body { "foo": "bar", "baz": "oof" } ./my-data.json
  • 19. curl -X POST -d @my-data.json -H "Content-Type: application/json" http://google.com The request headers
  • 20. curl -X GET http://google.com/?key1=val1&key2=val2 curl -X GET http://google.com --data "key1=val1" --data "key2=val2" curl -X GET --data-urlencode 'level=debug' http://localhost:8123/status/v1/services Query params #demo 2
  • 21. Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth
  • 22. Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth
  • 23. For when you don’t want status information traveling unencrypted Let’s request status with SSL
  • 25. SSL components Certificate Public information Key Private, don’t share! CA Certificate Which certificate authority verified your identity?
  • 26. Where do I get one? Default agent certs SSL dir: /etc/puppetlabs/puppet/ssl/ Certificate: certs/<agent_name>.pem Key: private_keys/<agent_name>.pem CA cert: certs/ca.pem
  • 27. Where do I get one? Make your own: #demo 3 `puppet cert generate lizzi`
  • 28. Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth HTTPS, certificate, key, CA certificate
  • 29. cd /etc/puppetlabs/puppet/ssl curl -X GET --cert ./certs/lizzi.pem --key ./private_keys/lizzi.pem --cacert ./certs/ca.pem https://learning...vm:4433/status/v1/services Let’s request status with SSL now #demo 4
  • 31. Authentication and authorization SSL need: certificate, key, CA certificate Whitelist
  • 32. Certificate whitelist determines if certificate holder has access to an endpoint. Status API doesn’t use a whitelist, but many other routes will, including PuppetDB routes. Authorization
  • 33. Authentication and authorization SSL need: certificate, key, CA certificate Whitelist need: SSL, add certificate to whitelist
  • 34. Console status RBAC NC Activity PuppetDB API Puppet Server Puppet CA Can be configured for HTTP Must use HTTPS rbac-certificate-whitelist Services Overview certificate-whitelist ca.conf pe-puppet-server.conf #demo 5 :4433:8123:8140:8081 :4433 :8080
  • 35. Components of an HTTP request Verb GET, PUT, POST, DELETE URL protocol, host, port, and route Data headers, body, or query params Auth HTTPS, certificate, key, CA certificate, cert whitelisting
  • 36. curl -X GET --cert ./certs/lizzi.pem --key ./private_keys/lizzi.pem --cacert ./certs/ca.pem --data-urlencode query='["and", ["=", "name", "osfamily"], ["=", "value", "RedHat"]]' https://learning...vm:8081/pdb/query/v4/facts Let’s query PuppetDB #demo 6
  • 37. Components of an HTTP request Verb choose: GET, PUT, POST, DELETE URL need: protocol, host, port, and route Data might need: headers, body, or query params Auth can use: HTTPS and cert whitelisting
  • 38. API-only LDAP StartTLS feature https://learning...vm:4433/rbac-api GET /v1/ds > ds.json PUT /v1/ds --data @ds.json Let’s access some new features #demo 7,8 docs 1
  • 39. https://learning...vm:4433/classifier-api GET /v1/groups > groups.json POST /v1/import-hierarchy --data @groups.json POST /v1/groups using API-only trusted and structured facts! Let’s do something with groups #demo 9,10,11 docs 2
  • 40. `curl --verbose` for more information A brief note on responses 404 200 303
  • 41. All the APIs and their documentation API Features Auth Docs Puppet Server Master, certificate authority ca.conf, auth.conf Puppet HTTP API Guide Console Node groups, access control, activity logging Certificate whitelist, cookies (UI) Node Classifier API Endpoints RBAC Service API Endpoints Activity Service API Endpoints PuppetDB Query data, reports Certificate whitelist PuppetDB API Overview
  • 42. • No cert whitelist management required • Uses access control - configurable permissions • Doesn’t require root access to nodes like certs • Only available for some APIs, rolling out for more Making it easier: tokens coming soon! 100010 101011 010 111100 111010 111
  • 43. Look out for new APIs in the future! API v11
  • 44. Now it's your turn!