SlideShare a Scribd company logo

Puppet at GitHub / ChatOps

ā€¢
ā€¢
Puppet
Puppet

"Puppet at GitHub / ChatOps" from PuppetConf 2012, by Jesse Newland Video of "Puppet at GitHub": http://bit.ly/WVS3vQ Learn more about Puppet: http://bit.ly/QQoAP1 Abstract: Ops at GitHub has a unique challenge - keeping up with the rabid pace of features and products that the GitHub team develops. In this talk, we'll focus on tools and techniques we use to rapidly and confidently ship infrastructure changes/features with Puppet using Puppet-Rspec, CI, Puppet-Lint, branch puppet deploys, and Hubot. Speaker Bio: Jesse Newland does Ops at GitHub. His favorite hobby is SPOF wack-a-mole, followed closely by guitar and piano. Prior to GitHub, Jesse was the CTO at Rails Machine where he ran a large private cloud and managed several hundred production Ruby on Rails applications using Puppet. To the delight and/or chagrin of the Puppet community, Jesse is to blame for Moonshine, the Ruby DSL for Puppet before Puppet had a Ruby DSL.

Technology
1 of 123
Download to read offline
Jesse Newland jnewland hey errbody my name is jesse newland I do ops at GitHub
Puppet at GitHub And today Iā€™m going to be talking about Puppet at GitHub. Really, Iā€™m telling a story in two parts.
All of the amazing Puppet OSS projects @rodjek has written but doesnā€™t want to talk about First... Iā€™ll be talking about all of the amazing Puppet open source projects Tim Sharpe has written but doesnā€™t want to talk about and how we use them at GitHub
* And then, I want to introduce you to the star of the GitHub Ops team, Hubot, and tell you a little bit about something weā€™ve been calling ChatOps
the Setup But, before I get into all of that, I'm actually going to talk about an upcoming talk, one by a coworker of mine at GitHub. Will Farrington is going to be speaking tomorrow at 2:45pm about The Setup, our Puppet-powered GitHubber laptop management solution. It's amazing. It's one of the coolest uses of Puppet I've ever seen, and it's going to completely change the way you think about your development environment. But Iā€™m not going to be talking about any of that today. So, yeah, go to Will's talk tommorrow. You won't be disappointed.
Puppet at GitHub So I guess you could say that Iā€™m talking about
THE of REST Puppet at GitHub the rest of puppet at github. For the scope of this talk, Iā€™m going to be talking about the Puppet infrastructure that runs github.com
4 years, >100k LOC Weā€™ve been managing GitHubā€™s infrastructure with Puppet for 4 years, since the move to Rackspace. Thereā€™s a ton of code, and weā€™re developing at a rapid pace.
Simple But we are obsessed with keeping our Puppet deployment simple
Single Master We use a single puppetmaster running lots of unicorns. Nothing fancy. It works for now. However, we will need to scale this tier up or out in about 6 months if the trends look right. Weā€™ll probably switch to two load balanced puppetmasters around that time.
cron FTW # cat /etc/cron.d/puppet 13 * * * * root /usr/bin/ We donā€™t run the agent, but rather run puppet on cron every hour in combination with runs triggered via Hubot (more on that later)
No ENC We donā€™t use an external node classiļ¬er
([a-z0-9-_]+)(d+)([a-z]?).(.*).github.com $ cat manifests/nodes/janky.rscloud.pp node /^jankyd+.rscloud.github.com$/ { github::role::janky { 'janky': public_address => dns_lookup($fqdn), nginx_hostname => $fqdn, } } Instead, we give nodes DNS names that adhere to a naming convention that maps them to a pre-deļ¬ned role
Where the magic happens $ head modules/github/manifests/role/janky.pp define github::role::janky($public_address, $nginx_hostname='', $god=true ) { github::core { 'janky': } include github::app::janky github::nginx { 'janky': } } Role deļ¬nitions are where the magic happens. We try to DRY common functionality into our core module and into other simple classes or deļ¬nes so that role deļ¬nitions read like a nice summary of what makes this role different from others
Heavy use of augeas augeas { 'my.cnf/avoid_cardinality_skew': context => '/files/etc/mysql/my.cnf/mysqld/', changes => [ 'set innodb_stats_auto_update 0', 'set innodb_stats_on_metadata 0', 'set innodb_stats_on_metadata 64' ], require => Percona::Server[$::fqdn], } We generally try to avoid templates for conļ¬guration ļ¬les in favor of using aw ge us Lets us manage the small pieces of conļ¬guration we care about and use the OS defaults for the things we don't.
BORING But I donā€™t want to just show all of you Puppet code for thirty minutes. That's boring
Whatā€™s interesting about Puppet at GitHub? Iā€™d rather talk about what's interesting about how we use Puppet at GitHub. And what I think is the most interesting is that we focus heavily on ensuring the Puppet development workļ¬‚ow is easily accessible to everyone at GitHub.
Making Puppet Less Scary Weā€™re doing our best to make puppet less scary for people that arenā€™t familiar with it, so they can help the Ops team grow and evolve our infrastructure. Weā€™re doing some things right here, but thereā€™s still a lot of work to do.
Iā€™ve been thinking about this a lot recently as weā€™ve just had two large infrastructure projects shipped by people that were completely or relatively new to puppet. First, Derek Greentree shipped a Cassandra cluster,,,
And Adam Roben shipped puppet manifests for our windows build and CI servers.
this is good This is an awesome trend, and I want it to continue. So I thought Iā€™d talk a bit today about what weā€™re doing to try to enable even more of this.
Flow just like a (GitHub) Ruby project For us, an important part of making Puppet development accessible for other developers at GitHub is making the development ļ¬‚ow on our puppet codebase as similar as possible to that of any other GitHub Ruby project. That means sticking with some common conventions
Setup $ ./script/bootstrap Like making it as easy to setup as any other project at GitHub
$ cat Gemfile source :rubygems gem 'puppet', '2.7.18' gem 'facter', '1.6.10' gem 'rspec-puppet', '0.1.2' gem 'rake', '0.8.7' gem 'puppet-lint', '0.2.1' gem 'ruby-augeas', '0.3.0' gem 'json', '1.5.1' gem 'fog', '1.3.1' gem 'librarian-puppet', '0.9.4' gem 'parallel_tests' So ruby deps are managed by Bundler
$ cat Puppetfile forge "http://forge.puppetlabs.com" mod 'puppetlabs/apt' ... And puppet deps are managed by librarian-puppet, a bundler-like library that manages the puppet modules your infrastructure depends on and install them directly from GitHub repositories. Iā€™m of the opinion that the unit of open source currency is no longer a tarball downloaded from a something named *forge. Itā€™s a GitHub repo. All of the developers at GitHub feel the same way, so Tim wrote librarian puppet
ļ€ rodjek / librarian-puppet For those of you keeping score at home, thatā€™s the ļ¬rst of Tim Sharpeā€™s open source projects that Iā€™ve mentioned. Hi Tim!
Making puppet ļ¬‚ow like other projects at GitHub means ensuring we have good editor support for the language
ļ€ rodjek / vim-puppet vim-puppet, thatā€™s two.
Tests $ ./script/cibuild It means running tests is a simple one-step process
TESTS! Tests are super important. A solid and easy to use test harness helps build developer conļ¬dence in a new language.
Safety net And tests are crucial safety net for helping people cut their teeth on Puppet if they havenā€™t ever touched it before.
rspec-puppet should contain_github__firewall_rule('internal_network') should contain_ssmtp__relay_to('smtp').with_relay_host('smtp') should contain_file('/etc/logstash/logstash.conf') should include_class('github::ksplice') should contain_networking__bond('bond0').with( :gateway => '172.22.0.2', :arp_ip_target => '172.22.0.2', :up_commands => nil ) We use rspec-puppet heavily. If you havenā€™t used rspec-puppet yet, go check it out right now. Itā€™s amazing. There are no less than three talks about it at Puppetconf, so Iā€™m not going to talk about HOW to use it today, just touch a little bit on how WE use it.
ļ€ rodjek / rspec-puppet rspec-puppet, thatā€™s three
role describe 'github::role::fe' do let(:title) { 'fe' } let(:node) { 'fe1.rs.github.com' } let(:params) { { specs :public_address => '207.97.227.242/27', :private_address => '172.22.1.59/22', :git_weight => '16' } } let(:facts) { are { :ipaddress => '172.22.1.59', :operatingsystem => 'Debian', :datacenter => 'rackspace-iad2', } king } it do should contain_github__core('fe') ... end end We try our best to adequately test our individual puppet modules, but our central and most frequently touched specs exercise our role system. Thereā€™s one spec for each role which describes its intended functionality. These specs focus on critical functionality of each role, and help a great deal to build conļ¬dence that weā€™re not introducing regressions when adding or refactoring functionality or working in other roles.
.git/hooks/pre-commit $ git commit -am "lolbadchange" modules/github/manifests/role/fe.pp:err: Could not parse for environment production: Syntax error at 'allow_outbound_syslog'; expected '}' at /Users/jnewland/github/puppet/modules/github/ manifests/role/fe.pp:31 modules/github/manifests/role/fe.pp - WARNING: => is not properly aligned on line 626 For an even faster feedback loop than running specs, all Puppet dev environments automatically get setup with a pre-commit hook that checks for syntax errors and ensures your changes conļ¬rm to the Puppet Style guide. This has proved amazingly useful for Puppet novices and experts alike, novices ļ¬nding it helps them understand language conventions quickly and guides them towards solutions, and experts using it to catch typos and help them not look like novices.
ļ€ rodjek / puppet-lint puppet-lint, thatā€™s four, btw.
specs run on each push auto deploy on CI pass rspec-puppet and puppet-lint are automatically run by CI on every commit on every branch pushed to our Puppet repo. Once master passes CI, puppet is automatically deployed
As you can see, Hubot automates a lot of the process of rolling out Puppet That example covered pushing changes to master, but what about a Pull-Request based workļ¬‚ow?
Say we have a pull request for a branch we want to merge, and that weā€™ve reviewed the code and it all looks good.
branches == environments On each deploy, we turn all git branches into puppet environments.
This combined with heaven, our capistrano-powered deployment API we interact with via Hubot, enables us to experiment with unmerged Puppet branches in a powerful way
So, to safely merge this pull request...
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github You might ask Hubot to conļ¬rm its build status
Build #108816 (5fe75932f26ea62cb5fc5e3d0cb302cc2461d11e) of puppet/git-gh13 was successful(421s) github/ puppet@567ea48...5fe7593 Yup, looks good.
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Then roll the branch out to a staging box to make everything applies cleanly there.
** [out :: REDACTED ] Bootstrapping... ** [out :: REDACTED ] Gem environment up-to-date. ** [out :: REDACTED ] Running librarian-puppet... ** [out :: REDACTED ] Generating puppet environments... ** [out :: REDACTED ] Cleaning up deleted branches... ** [out :: REDACTED ] Done! ** [out :: REDACTED ] Sending 'restart' command ** [out :: REDACTED ] The following watches were affected: ** [out :: REDACTED ] puppetmaster_unicorn ** [out :: fs1a.stg.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs1a.stg.github.com] notice: /Stage[main] Github::Common_packages/Package[git]/ensure: ensure changed '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ... Yup, looks good.
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Then, if you wanted an extra layer of conļ¬dence, you could noop the branch against a production node
** [out :: REDACTED ] Bootstrapping... ** [out :: REDACTED ] Gem environment up-to-date. ** [out :: REDACTED ] Running librarian-puppet... ** [out :: REDACTED ] Generating puppet environments... ** [out :: REDACTED ] Cleaning up deleted branches... ** [out :: REDACTED ] Done! ** [out :: REDACTED ] Sending 'restart' command ** [out :: REDACTED ] The following watches were affected: ** [out :: REDACTED ] puppetmaster_unicorn ** [out :: fs1a.rs.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs1a.rs.github.com] notice: /Stage[main]/ Github::Common_packages/Package[git]/ensure: would have changed from '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ... Yup, looks good
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Next, youā€™d merge the pull request. If you stopped here, the code would gradually roll out to all affected nodes over the next hour.
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github If you wanted the rollout to happen faster than that, you could force a puppet run on the affected class of nodes
** [out :: REDACTED ] Bootstrapping... ** [out :: REDACTED ] Gem environment up-to-date. ** [out :: REDACTED ] Running librarian-puppet... ** [out :: REDACTED ] Generating puppet environments... ** [out :: REDACTED ] Cleaning up deleted branches... ** [out :: REDACTED ] Done! ** [out :: REDACTED ] Sending 'restart' command ** [out :: REDACTED ] The following watches were affected: ** [out :: REDACTED ] puppetmaster_unicorn ** [out :: fs1a.rs.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs7b.rs.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs1a.rs.github.com] notice: /Stage[main]/ Github::Common_packages/Package[git]/ensure: ensure changed '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ** [out :: fs7b.rs.github.com] notice: /Stage[main]/ Github::Common_packages/Package[git]/ensure: ensure changed '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ... Yup, that looks good.
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Then youā€™d probably want to check out load to make sure nothing went crazy
Yup, looks good
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github ...and maybe check some logs or other related metrics to conļ¬rm your change didnā€™t break something
Yup, looks good
ChatOps How we interact with Puppet via Hubot is a great example of a core principal of how we do ops at GitHub. Weā€™ve been calling it ChatOps recently.
Essentially, ChatOps is the result of Hubot becoming sentient, and decreeing, among other things, that we now address him as ā€œSupreme Leaderā€ and communicate with our infrastructure though his secure channels alone. We occasionally observe him speaking in tongues that sound eerily like YouTube comments.
ļ€Ŗ Hubot Actually, thatā€™s not it at all. Hubot is the star of our Ops team.
heaven shell Hubot janky graphme We use hubot day in day out to interact with other simple tools weā€™ve written over JSON apis.
ALL OF hubotshell heaven janky THE APIS graphme Hubot interacts nicely with tons of external APIs too. If you have a JSON API, making your service work with Hubot is a piece of cake.
Why is this stupid chat bot so important to Ops? But why do we obsess about Hubot so much? Itā€™s just a chat bot, right? There are some distinct upsides to this approach weā€™ve notices as our use of Hubot in Ops has grown
hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Remember the ļ¬‚ow I just showed you for rolling out puppet changes to our infrastructure?
Everyone sees all of that happen on their first day Everyone sees all of this happen from the minute they join GitHub. Itā€™s right there, in the Ops room, right in the middle of the conversation in campļ¬re.
You donā€™t just see how to roll out puppet, you see how to...
hubot ci status github/smoke-perf check the status of branchā€™s last build
hubot deploy github/smoke-perf to prod/fe1 deploy a any branch of any github app to any server
hubot graph me -10min @app-perf get graphs of the appā€™s recent performance
hubot procs unicorn check the status of unicorns across all frontends
hubot resque critical check the status of the resque critical queue
hubot graph me -10min @collectd.load(fe*) check load on the frontends
hubot conns fe1 check current connections to a frontend that you suspect has a problem
hubot log me smoke fe1 grab smoke logs for that frontend and realize that you did, in fact, break it
hubot lbctl disable fe1 take it out of the load balancer
hubot status yellow Bad deploy. Reverting now. update the status blog
hubot whoā€™s on call determine who is currently on call so you can apologize to them
hubot pingdom checks check pingdom to make sure you havenā€™t broken everything
hubot upset me chill yourself out really quick
hubot deploy github to prod/fe1 revert back to master on the busted frontend
hubot log me smoke fe1 verify things have returned to normal
hubot air drum me get pumped up because you ļ¬xed it
hubot lbctl enable fe1 bring the ļ¬xed frontend back into the rotation
hubot status green All systems go. clear alerts on the status page
hubot whois 4.9.23.22 Once the outage has been resolved, you might see how to grab whois information for an IP that exhibited suspicious activity in the logs you saw
hubot khanify spammers and how to hit meme generator to make a joke when you realize that IP is a spammer
hubot play in the air tonight then someone would queue up the song that popped into their head when they thought about drums and gorillas at the same time
hubot tweet@github PuppetConf Drinkup Friday night at 8:30 at Zekeā€™s (3rd & Brannan) and then ļ¬nish it all off with a tweet about the Drinkup weā€™re throwing friday night
ChatOps ChatOps means building tools that make it easier to operate your infrastructure via Hubot than via Terminal or Chrome
By placing tools directly in the middle of the conversation Because...
Everyone is pairing all of the time This is the core concept behind ChatOps.
Teaching by doing Teaching by doing is awesome
This was always my main motivation with hubot - teaching by doing by making things visible. It's an extremely powerful teaching technique - @rtomayko Ryan Tomayko had this in mind from the very ļ¬rst commits to hubot, which just presented a simple wrapper around a repository of shell scripts we use for management and monitoring our infrastructure.
This is how I respond to ā€œhow to I do Xā€ questions in Campļ¬re now. If thereā€™s not yet Hubot functionality to do a thing, we try to write it.
Communicate by doing Placing tools in the middle of the conversation also means you get communication of your work for free. If youā€™re doing something in a shell or on a website, you have to do it, then tell people about it. If you do it with hubot, that comes free.
THINGS I HAVENā€™T ASKED RECENTLY For example, here are a few things I havenā€™t asked recently because Hubot has told me the answer
THINGS I HAVENā€™T ASKED howā€™s that deploy going? RECENTLY
THINGS I are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? RECENTLY
THINGS I are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY
THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY
THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY how does load look?
did anyone update the status page? THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY how does load look?
did anyone update the status page? THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY how does load look? did that deploy finish?
Free communication is especially crucial in a distributed environment.
Our Ops team is entirely remote, so Campļ¬re is our default means of communication.
http://www.flickr.com/photos/7997249@N06/6061305639/ This is extremely helpful during outages or other situations that require tactical response. You donā€™t have to SAY that youā€™re spraying water on the ļ¬re, people SEE you doing it.
Hide the ugly Another awesome beneļ¬t of ChatOps-ing all of the things is that you can hide ugly interfaces and design exactly the interaction you want with some simple porcelain commands
My favorite example of this is ugliest of the ugly, Nagios.
[nines] hubot opened issue #4263: Nagios (229906) - fs3b/syslog - Tue Sept 25 23:40:18 PDT 2012. github/nines#4263 Hubot politely delivers nagios alerts directly into chat
hubot nagios ack fs3b/syslog # fix stuff nagios check fs3b/syslog nagios status fs3b/syslog hubot nagios downtime fs3b/syslog 90 nagios mute fs3b/syslog nagios unmute fs3b/syslog Which we can interact with without any unnecessary eye bleeding. Making this easy means developers and other ops engineers actually mute or schedule downtime when theyā€™re testing things.
Mobile FTW Yet another awesome beneļ¬t of ChatOps is that you get mobile support for free
Well, that is, if you have a team of awesome iOS developers that have built an actually functioning Campļ¬re client for the iPhone This lets you do anything hubot can do from your phone. Which means from your couch. Or your bed. Or a beach in Hawaii. Which means you can ļ¬x a lot of things without pulling your laptop out of your bag.
ChatOps Thatā€™s ChatOps at its ļ¬nest.
And now for something completely different While Iā€™m showing off mobile stuff, I thought Iā€™d slip in a demo of something else weā€™ve done to make Ops more mobile friendly.
Weā€™ve hacked together support for PagerDuty alerts via Apple Push Notiļ¬cations. When you swipe on the alert, you go directly to the PagerDuty mobile UI for an incident
Which lets you ack an alert
while youā€™re still in bed
or on the couch.
Boom I canā€™t even begin to tell you how happy this makes me, and how less shitty it makes being on-call
So, who better to summarize all of this than Hubot himself. I asked him what he thought about ChatOps. Hereā€™s what he said:
ChatOps all the things. Listen to what Hubot said. Youā€™ll love it. Your ops team will love it. And youā€™ll help other developers learn how to interact with ops tools without any additional work. Thatā€™s awesome.
Work at GitHub jesse@github.com If you canā€™t ChatOps all the things at your gig now, you could always just come work with me at GitHub. Shoot me an email if youā€™re interested.
Thanks! Thatā€™s all I have. Thanks for listening! any questions?
Tomorrow @ 8:30 PM Zekeā€™s 3rd & Brannan While I still have everyoneā€™s attention, I wanted to mention the GitHub Drinkup weā€™re throwing for Puppetconf again. Itā€™s tomorrow night at 8:30pm at Zekeā€™s, which is on the corner of 3rd and Brannan, everyoneā€™s invited. Iā€™ll see you there. Thanks again!

Recommended

Puppet at Pinterest
Puppet at PinterestPuppet at Pinterest
Puppet at PinterestPuppet
Ā 
Intro to-puppet
Intro to-puppetIntro to-puppet
Intro to-puppetF.L. Jonathan AraƱa Cruz
Ā 
Learning Puppet Chapter 1
Learning Puppet Chapter 1Learning Puppet Chapter 1
Learning Puppet Chapter 1Vishal Biyani
Ā 
A Presentation about Puppet that I've made at the OSSPAC conference
A Presentation about Puppet that I've made at the OSSPAC conferenceA Presentation about Puppet that I've made at the OSSPAC conference
A Presentation about Puppet that I've made at the OSSPAC conferenceohadlevy
Ā 
Puppet for Sys Admins
Puppet for Sys AdminsPuppet for Sys Admins
Puppet for Sys AdminsPuppet
Ā 
Cooking Perl with Chef: Real World Tutorial with Jitterbug
Cooking Perl with Chef: Real World Tutorial with JitterbugCooking Perl with Chef: Real World Tutorial with Jitterbug
Cooking Perl with Chef: Real World Tutorial with JitterbugDavid Golden
Ā 
High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014
High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014
High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014Matthias Noback
Ā 
Learn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VMLearn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VMKumaran Balachandran
Ā 

Recommended

Puppet at Pinterest
Puppet at PinterestPuppet at Pinterest
Puppet at PinterestPuppet
Ā 
Intro to-puppet
Intro to-puppetIntro to-puppet
Intro to-puppetF.L. Jonathan AraƱa Cruz
Ā 
Learning Puppet Chapter 1
Learning Puppet Chapter 1Learning Puppet Chapter 1
Learning Puppet Chapter 1Vishal Biyani
Ā 
A Presentation about Puppet that I've made at the OSSPAC conference
A Presentation about Puppet that I've made at the OSSPAC conferenceA Presentation about Puppet that I've made at the OSSPAC conference
A Presentation about Puppet that I've made at the OSSPAC conferenceohadlevy
Ā 
Puppet for Sys Admins
Puppet for Sys AdminsPuppet for Sys Admins
Puppet for Sys AdminsPuppet
Ā 
Cooking Perl with Chef: Real World Tutorial with Jitterbug
Cooking Perl with Chef: Real World Tutorial with JitterbugCooking Perl with Chef: Real World Tutorial with Jitterbug
Cooking Perl with Chef: Real World Tutorial with JitterbugDavid Golden
Ā 
High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014
High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014
High Quality Symfony Bundles tutorial - Dutch PHP Conference 2014Matthias Noback
Ā 
Learn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VMLearn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VMKumaran Balachandran
Ā 
Replacing "exec" with a type and provider: Return manifests to a declarative ...
Replacing "exec" with a type and provider: Return manifests to a declarative ...Replacing "exec" with a type and provider: Return manifests to a declarative ...
Replacing "exec" with a type and provider: Return manifests to a declarative ...Puppet
Ā 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Puppet
Ā 
PECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterPECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterZendCon
Ā 
Maven 3.0 at Ƙredev
Maven 3.0 at ƘredevMaven 3.0 at Ƙredev
Maven 3.0 at ƘredevMatthew McCullough
Ā 
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Puppet
Ā 
Cooking Perl with Chef
Cooking Perl with ChefCooking Perl with Chef
Cooking Perl with ChefDavid Golden
Ā 
Oliver hookins puppetcamp2011
Oliver hookins puppetcamp2011Oliver hookins puppetcamp2011
Oliver hookins puppetcamp2011Puppet
Ā 
Puppet modules for Fun and Profit
Puppet modules for Fun and ProfitPuppet modules for Fun and Profit
Puppet modules for Fun and ProfitAlessandro Franceschi
Ā 
Writing Custom Puppet Types and Providers to Manage Web-Based Applications
Writing Custom Puppet Types and Providers to Manage Web-Based ApplicationsWriting Custom Puppet Types and Providers to Manage Web-Based Applications
Writing Custom Puppet Types and Providers to Manage Web-Based ApplicationsTim Cinel
Ā 
Twig: Friendly Curly Braces Invade Your Templates!
Twig: Friendly Curly Braces Invade Your Templates!Twig: Friendly Curly Braces Invade Your Templates!
Twig: Friendly Curly Braces Invade Your Templates!Ryan Weaver
Ā 
Puppi. Puppet strings to the shell
Puppi. Puppet strings to the shellPuppi. Puppet strings to the shell
Puppi. Puppet strings to the shellAlessandro Franceschi
Ā 
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQueryRemedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQueryTatsuhiko Miyagawa
Ā 
Deploying Symfony | symfony.cat
Deploying Symfony | symfony.catDeploying Symfony | symfony.cat
Deploying Symfony | symfony.catPablo Godel
Ā 
Plack - LPW 2009
Plack - LPW 2009Plack - LPW 2009
Plack - LPW 2009Tatsuhiko Miyagawa
Ā 
Tatsumaki
TatsumakiTatsumaki
TatsumakiTatsuhiko Miyagawa
Ā 
Mastering Maven 2.0 In 1 Hour V1.3
Mastering Maven 2.0 In 1 Hour V1.3Mastering Maven 2.0 In 1 Hour V1.3
Mastering Maven 2.0 In 1 Hour V1.3Matthew McCullough
Ā 
Anatomy of a reusable module
Anatomy of a reusable moduleAnatomy of a reusable module
Anatomy of a reusable moduleAlessandro Franceschi
Ā 
Master the New Core of Drupal 8 Now: with Symfony and Silex
Master the New Core of Drupal 8 Now: with Symfony and SilexMaster the New Core of Drupal 8 Now: with Symfony and Silex
Master the New Core of Drupal 8 Now: with Symfony and SilexRyan Weaver
Ā 
Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with PuppetAlessandro Franceschi
Ā 
Beyond Phoenix
Beyond PhoenixBeyond Phoenix
Beyond PhoenixGabriele Lana
Ā 
Puppet at GitHub
Puppet at GitHubPuppet at GitHub
Puppet at GitHubPuppet
Ā 
Boxen: How to Manage an Army of Laptops and Live to Talk About It
Boxen: How to Manage an Army of Laptops and Live to Talk About ItBoxen: How to Manage an Army of Laptops and Live to Talk About It
Boxen: How to Manage an Army of Laptops and Live to Talk About ItPuppet
Ā 

More Related Content

What's hot

Replacing "exec" with a type and provider: Return manifests to a declarative ...
Replacing "exec" with a type and provider: Return manifests to a declarative ...Replacing "exec" with a type and provider: Return manifests to a declarative ...
Replacing "exec" with a type and provider: Return manifests to a declarative ...Puppet
Ā 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Puppet
Ā 
PECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterPECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterZendCon
Ā 
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Puppet
Ā 
Cooking Perl with Chef
Cooking Perl with ChefCooking Perl with Chef
Cooking Perl with ChefDavid Golden
Ā 
Oliver hookins puppetcamp2011
Oliver hookins puppetcamp2011Oliver hookins puppetcamp2011
Oliver hookins puppetcamp2011Puppet
Ā 
Puppet modules for Fun and Profit
Puppet modules for Fun and ProfitPuppet modules for Fun and Profit
Puppet modules for Fun and ProfitAlessandro Franceschi
Ā 
Writing Custom Puppet Types and Providers to Manage Web-Based Applications
Writing Custom Puppet Types and Providers to Manage Web-Based ApplicationsWriting Custom Puppet Types and Providers to Manage Web-Based Applications
Writing Custom Puppet Types and Providers to Manage Web-Based ApplicationsTim Cinel
Ā 
Twig: Friendly Curly Braces Invade Your Templates!
Twig: Friendly Curly Braces Invade Your Templates!Twig: Friendly Curly Braces Invade Your Templates!
Twig: Friendly Curly Braces Invade Your Templates!Ryan Weaver
Ā 
Puppi. Puppet strings to the shell
Puppi. Puppet strings to the shellPuppi. Puppet strings to the shell
Puppi. Puppet strings to the shellAlessandro Franceschi
Ā 
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQueryRemedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQueryTatsuhiko Miyagawa
Ā 
Deploying Symfony | symfony.cat
Deploying Symfony | symfony.catDeploying Symfony | symfony.cat
Deploying Symfony | symfony.catPablo Godel
Ā 
Mastering Maven 2.0 In 1 Hour V1.3
Mastering Maven 2.0 In 1 Hour V1.3Mastering Maven 2.0 In 1 Hour V1.3
Mastering Maven 2.0 In 1 Hour V1.3Matthew McCullough
Ā 
Master the New Core of Drupal 8 Now: with Symfony and Silex
Master the New Core of Drupal 8 Now: with Symfony and SilexMaster the New Core of Drupal 8 Now: with Symfony and Silex
Master the New Core of Drupal 8 Now: with Symfony and SilexRyan Weaver
Ā 
Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with PuppetAlessandro Franceschi
Ā 
Beyond Phoenix
Beyond PhoenixBeyond Phoenix
Beyond PhoenixGabriele Lana
Ā 

What's hot (20)

Replacing "exec" with a type and provider: Return manifests to a declarative ...
Replacing "exec" with a type and provider: Return manifests to a declarative ...Replacing "exec" with a type and provider: Return manifests to a declarative ...
Replacing "exec" with a type and provider: Return manifests to a declarative ...
Ā 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Ā 
PECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life betterPECL Picks - Extensions to make your life better
PECL Picks - Extensions to make your life better
Ā 
Maven 3.0 at Ƙredev
Maven 3.0 at ƘredevMaven 3.0 at Ƙredev
Maven 3.0 at Ƙredev
Ā 
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Ā 
Cooking Perl with Chef
Cooking Perl with ChefCooking Perl with Chef
Cooking Perl with Chef
Ā 
Oliver hookins puppetcamp2011
Oliver hookins puppetcamp2011Oliver hookins puppetcamp2011
Oliver hookins puppetcamp2011
Ā 
Puppet modules for Fun and Profit
Puppet modules for Fun and ProfitPuppet modules for Fun and Profit
Puppet modules for Fun and Profit
Ā 
Writing Custom Puppet Types and Providers to Manage Web-Based Applications
Writing Custom Puppet Types and Providers to Manage Web-Based ApplicationsWriting Custom Puppet Types and Providers to Manage Web-Based Applications
Writing Custom Puppet Types and Providers to Manage Web-Based Applications
Ā 
Twig: Friendly Curly Braces Invade Your Templates!
Twig: Friendly Curly Braces Invade Your Templates!Twig: Friendly Curly Braces Invade Your Templates!
Twig: Friendly Curly Braces Invade Your Templates!
Ā 
Puppi. Puppet strings to the shell
Puppi. Puppet strings to the shellPuppi. Puppet strings to the shell
Puppi. Puppet strings to the shell
Ā 
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQueryRemedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Ā 
Deploying Symfony | symfony.cat
Deploying Symfony | symfony.catDeploying Symfony | symfony.cat
Deploying Symfony | symfony.cat
Ā 
Plack - LPW 2009
Plack - LPW 2009Plack - LPW 2009
Plack - LPW 2009
Ā 
Tatsumaki
TatsumakiTatsumaki
Tatsumaki
Ā 
Mastering Maven 2.0 In 1 Hour V1.3
Mastering Maven 2.0 In 1 Hour V1.3Mastering Maven 2.0 In 1 Hour V1.3
Mastering Maven 2.0 In 1 Hour V1.3
Ā 
Anatomy of a reusable module
Anatomy of a reusable moduleAnatomy of a reusable module
Anatomy of a reusable module
Ā 
Master the New Core of Drupal 8 Now: with Symfony and Silex
Master the New Core of Drupal 8 Now: with Symfony and SilexMaster the New Core of Drupal 8 Now: with Symfony and Silex
Master the New Core of Drupal 8 Now: with Symfony and Silex
Ā 
Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with Puppet
Ā 
Beyond Phoenix
Beyond PhoenixBeyond Phoenix
Beyond Phoenix
Ā 

Similar to Puppet at GitHub / ChatOps

Puppet at GitHub
Puppet at GitHubPuppet at GitHub
Puppet at GitHubPuppet
Ā 
Boxen: How to Manage an Army of Laptops and Live to Talk About It
Boxen: How to Manage an Army of Laptops and Live to Talk About ItBoxen: How to Manage an Army of Laptops and Live to Talk About It
Boxen: How to Manage an Army of Laptops and Live to Talk About ItPuppet
Ā 
Boxen: How to Manage an Army of Laptops
Boxen: How to Manage an Army of LaptopsBoxen: How to Manage an Army of Laptops
Boxen: How to Manage an Army of LaptopsPuppet
Ā 
PuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPhil Zimmerman
Ā 
Inside GitHub with Chris Wanstrath
Inside GitHub with Chris WanstrathInside GitHub with Chris Wanstrath
Inside GitHub with Chris WanstrathSV Ruby on Rails Meetup
Ā 
The Secrets of The FullStack Ninja - Part A - Session I
The Secrets of The FullStack Ninja - Part A - Session IThe Secrets of The FullStack Ninja - Part A - Session I
The Secrets of The FullStack Ninja - Part A - Session IOded Sagir
Ā 
CoffeeScript: A beginner's presentation for beginners copy
CoffeeScript: A beginner's presentation for beginners copyCoffeeScript: A beginner's presentation for beginners copy
CoffeeScript: A beginner's presentation for beginners copyPatrick Devins
Ā 
Puppet 3: Present and Future Tense
Puppet 3: Present and Future TensePuppet 3: Present and Future Tense
Puppet 3: Present and Future TenseEric Sorenson
Ā 
Puppet 3: Present and Future Tense
Puppet 3: Present and Future TensePuppet 3: Present and Future Tense
Puppet 3: Present and Future TensePuppet
Ā 
Cloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled InfrastructureCloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled InfrastructureHabeeb Rahman
Ā 
Matt Gauger - Git & Github web414 December 2010
Matt Gauger - Git & Github web414 December 2010Matt Gauger - Git & Github web414 December 2010
Matt Gauger - Git & Github web414 December 2010Matt Gauger
Ā 
Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Puppet
Ā 
How to build your own OpenStack distro using Puppet OpenStack
How to build your own OpenStack distro using Puppet OpenStackHow to build your own OpenStack distro using Puppet OpenStack
How to build your own OpenStack distro using Puppet OpenStackOpenStack
Ā 
Automate Yo' Self
Automate Yo' SelfAutomate Yo' Self
Automate Yo' SelfJohn Anderson
Ā 
Inside GitHub
Inside GitHubInside GitHub
Inside GitHuberr
Ā 
Infrastructure as code might be literally impossible
Infrastructure as code might be literally impossibleInfrastructure as code might be literally impossible
Infrastructure as code might be literally impossibleice799
Ā 
rake puppetexpert:create - Puppet Camp Silicon Valley 2014
rake puppetexpert:create - Puppet Camp Silicon Valley 2014rake puppetexpert:create - Puppet Camp Silicon Valley 2014
rake puppetexpert:create - Puppet Camp Silicon Valley 2014nvpuppet
Ā 
Infrastructure as code might be literally impossible / Joe Domato (packageclo...
Infrastructure as code might be literally impossible / Joe Domato (packageclo...Infrastructure as code might be literally impossible / Joe Domato (packageclo...
Infrastructure as code might be literally impossible / Joe Domato (packageclo...Ontico
Ā 

Similar to Puppet at GitHub / ChatOps (20)

Puppet at GitHub
Puppet at GitHubPuppet at GitHub
Puppet at GitHub
Ā 
Boxen: How to Manage an Army of Laptops and Live to Talk About It
Boxen: How to Manage an Army of Laptops and Live to Talk About ItBoxen: How to Manage an Army of Laptops and Live to Talk About It
Boxen: How to Manage an Army of Laptops and Live to Talk About It
Ā 
Boxen: How to Manage an Army of Laptops
Boxen: How to Manage an Army of LaptopsBoxen: How to Manage an Army of Laptops
Boxen: How to Manage an Army of Laptops
Ā 
PuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With NotesPuppetConf 2014 Killer R10K Workflow With Notes
PuppetConf 2014 Killer R10K Workflow With Notes
Ā 
Inside GitHub with Chris Wanstrath
Inside GitHub with Chris WanstrathInside GitHub with Chris Wanstrath
Inside GitHub with Chris Wanstrath
Ā 
The Secrets of The FullStack Ninja - Part A - Session I
The Secrets of The FullStack Ninja - Part A - Session IThe Secrets of The FullStack Ninja - Part A - Session I
The Secrets of The FullStack Ninja - Part A - Session I
Ā 
CoffeeScript: A beginner's presentation for beginners copy
CoffeeScript: A beginner's presentation for beginners copyCoffeeScript: A beginner's presentation for beginners copy
CoffeeScript: A beginner's presentation for beginners copy
Ā 
Puppet 3: Present and Future Tense
Puppet 3: Present and Future TensePuppet 3: Present and Future Tense
Puppet 3: Present and Future Tense
Ā 
Puppet 3: Present and Future Tense
Puppet 3: Present and Future TensePuppet 3: Present and Future Tense
Puppet 3: Present and Future Tense
Ā 
Cloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled InfrastructureCloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Ā 
Matt Gauger - Git & Github web414 December 2010
Matt Gauger - Git & Github web414 December 2010Matt Gauger - Git & Github web414 December 2010
Matt Gauger - Git & Github web414 December 2010
Ā 
Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014
Ā 
How to build your own OpenStack distro using Puppet OpenStack
How to build your own OpenStack distro using Puppet OpenStackHow to build your own OpenStack distro using Puppet OpenStack
How to build your own OpenStack distro using Puppet OpenStack
Ā 
Automate Yo' Self
Automate Yo' SelfAutomate Yo' Self
Automate Yo' Self
Ā 
Inside GitHub
Inside GitHubInside GitHub
Inside GitHub
Ā 
Infrastructure as code might be literally impossible
Infrastructure as code might be literally impossibleInfrastructure as code might be literally impossible
Infrastructure as code might be literally impossible
Ā 
Git hooks
Git hooksGit hooks
Git hooks
Ā 
Git::Hooks
Git::HooksGit::Hooks
Git::Hooks
Ā 
rake puppetexpert:create - Puppet Camp Silicon Valley 2014
rake puppetexpert:create - Puppet Camp Silicon Valley 2014rake puppetexpert:create - Puppet Camp Silicon Valley 2014
rake puppetexpert:create - Puppet Camp Silicon Valley 2014
Ā 
Infrastructure as code might be literally impossible / Joe Domato (packageclo...
Infrastructure as code might be literally impossible / Joe Domato (packageclo...Infrastructure as code might be literally impossible / Joe Domato (packageclo...
Infrastructure as code might be literally impossible / Joe Domato (packageclo...
Ā 

More from Puppet

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
Ā 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
Ā 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)Puppet
Ā 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscodePuppet
Ā 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
Ā 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codePuppet
Ā 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
Ā 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
Ā 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
Ā 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowPuppet
Ā 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet
Ā 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Puppet
Ā 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppetPuppet
Ā 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet
Ā 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
Ā 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping groundPuppet
Ā 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy SoftwarePuppet
Ā 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User GroupPuppet
Ā 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsPuppet
Ā 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet
Ā 

More from Puppet (20)

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
Ā 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyaml
Ā 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)
Ā 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscode
Ā 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twenties
Ā 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance code
Ā 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approach
Ā 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automation
Ā 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliance
Ā 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNow
Ā 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden Windows
Ā 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020
Ā 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppet
Ā 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael Pinson
Ā 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin Reeuwijk
Ā 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping ground
Ā 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software
Ā 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User Group
Ā 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOps
Ā 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
Ā 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
Ā 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
Ā 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...gurkirankumar98700
Ā 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
Ā 
#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024BookNet Canada
Ā 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
Ā 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
Ā 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
Ā 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
Ā 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
Ā 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
Ā 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
Ā 
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | DelhiFULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhisoniya singh
Ā 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
Ā 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
Ā 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
Ā 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
Ā 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
Ā 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
Ā 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
Ā 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
Ā 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
Ā 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service šŸø 8923113531 šŸŽ° Avail...
Ā 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Ā 
#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
Ā 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Ā 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Ā 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Ā 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Ā 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Ā 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
Ā 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Ā 
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | DelhiFULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
Ā 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Ā 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Ā 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Ā 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Ā 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Ā 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Ā 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Ā 

Puppet at GitHub / ChatOps

  • 1.
  • 2. Jesse Newland jnewland hey errbody my name is jesse newland I do ops at GitHub
  • 3. Puppet at GitHub And today Iā€™m going to be talking about Puppet at GitHub. Really, Iā€™m telling a story in two parts.
  • 4. All of the amazing Puppet OSS projects @rodjek has written but doesnā€™t want to talk about First... Iā€™ll be talking about all of the amazing Puppet open source projects Tim Sharpe has written but doesnā€™t want to talk about and how we use them at GitHub
  • 5. * And then, I want to introduce you to the star of the GitHub Ops team, Hubot, and tell you a little bit about something weā€™ve been calling ChatOps
  • 6. the Setup But, before I get into all of that, I'm actually going to talk about an upcoming talk, one by a coworker of mine at GitHub. Will Farrington is going to be speaking tomorrow at 2:45pm about The Setup, our Puppet-powered GitHubber laptop management solution. It's amazing. It's one of the coolest uses of Puppet I've ever seen, and it's going to completely change the way you think about your development environment. But Iā€™m not going to be talking about any of that today. So, yeah, go to Will's talk tommorrow. You won't be disappointed.
  • 7. Puppet at GitHub So I guess you could say that Iā€™m talking about
  • 8. THE of REST Puppet at GitHub the rest of puppet at github. For the scope of this talk, Iā€™m going to be talking about the Puppet infrastructure that runs github.com
  • 9. 4 years, >100k LOC Weā€™ve been managing GitHubā€™s infrastructure with Puppet for 4 years, since the move to Rackspace. Thereā€™s a ton of code, and weā€™re developing at a rapid pace.
  • 10. Simple But we are obsessed with keeping our Puppet deployment simple
  • 11. Single Master We use a single puppetmaster running lots of unicorns. Nothing fancy. It works for now. However, we will need to scale this tier up or out in about 6 months if the trends look right. Weā€™ll probably switch to two load balanced puppetmasters around that time.
  • 12. cron FTW # cat /etc/cron.d/puppet 13 * * * * root /usr/bin/ We donā€™t run the agent, but rather run puppet on cron every hour in combination with runs triggered via Hubot (more on that later)
  • 13. No ENC We donā€™t use an external node classiļ¬er
  • 14. ([a-z0-9-_]+)(d+)([a-z]?).(.*).github.com $ cat manifests/nodes/janky.rscloud.pp node /^jankyd+.rscloud.github.com$/ { github::role::janky { 'janky': public_address => dns_lookup($fqdn), nginx_hostname => $fqdn, } } Instead, we give nodes DNS names that adhere to a naming convention that maps them to a pre-deļ¬ned role
  • 15. Where the magic happens $ head modules/github/manifests/role/janky.pp define github::role::janky($public_address, $nginx_hostname='', $god=true ) { github::core { 'janky': } include github::app::janky github::nginx { 'janky': } } Role deļ¬nitions are where the magic happens. We try to DRY common functionality into our core module and into other simple classes or deļ¬nes so that role deļ¬nitions read like a nice summary of what makes this role different from others
  • 16. Heavy use of augeas augeas { 'my.cnf/avoid_cardinality_skew': context => '/files/etc/mysql/my.cnf/mysqld/', changes => [ 'set innodb_stats_auto_update 0', 'set innodb_stats_on_metadata 0', 'set innodb_stats_on_metadata 64' ], require => Percona::Server[$::fqdn], } We generally try to avoid templates for conļ¬guration ļ¬les in favor of using aw ge us Lets us manage the small pieces of conļ¬guration we care about and use the OS defaults for the things we don't.
  • 17. BORING But I donā€™t want to just show all of you Puppet code for thirty minutes. That's boring
  • 18. Whatā€™s interesting about Puppet at GitHub? Iā€™d rather talk about what's interesting about how we use Puppet at GitHub. And what I think is the most interesting is that we focus heavily on ensuring the Puppet development workļ¬‚ow is easily accessible to everyone at GitHub.
  • 19. Making Puppet Less Scary Weā€™re doing our best to make puppet less scary for people that arenā€™t familiar with it, so they can help the Ops team grow and evolve our infrastructure. Weā€™re doing some things right here, but thereā€™s still a lot of work to do.
  • 20. Iā€™ve been thinking about this a lot recently as weā€™ve just had two large infrastructure projects shipped by people that were completely or relatively new to puppet. First, Derek Greentree shipped a Cassandra cluster,,,
  • 21. And Adam Roben shipped puppet manifests for our windows build and CI servers.
  • 22. this is good This is an awesome trend, and I want it to continue. So I thought Iā€™d talk a bit today about what weā€™re doing to try to enable even more of this.
  • 23. Flow just like a (GitHub) Ruby project For us, an important part of making Puppet development accessible for other developers at GitHub is making the development ļ¬‚ow on our puppet codebase as similar as possible to that of any other GitHub Ruby project. That means sticking with some common conventions
  • 24. Setup $ ./script/bootstrap Like making it as easy to setup as any other project at GitHub
  • 25. $ cat Gemfile source :rubygems gem 'puppet', '2.7.18' gem 'facter', '1.6.10' gem 'rspec-puppet', '0.1.2' gem 'rake', '0.8.7' gem 'puppet-lint', '0.2.1' gem 'ruby-augeas', '0.3.0' gem 'json', '1.5.1' gem 'fog', '1.3.1' gem 'librarian-puppet', '0.9.4' gem 'parallel_tests' So ruby deps are managed by Bundler
  • 26. $ cat Puppetfile forge "http://forge.puppetlabs.com" mod 'puppetlabs/apt' ... And puppet deps are managed by librarian-puppet, a bundler-like library that manages the puppet modules your infrastructure depends on and install them directly from GitHub repositories. Iā€™m of the opinion that the unit of open source currency is no longer a tarball downloaded from a something named *forge. Itā€™s a GitHub repo. All of the developers at GitHub feel the same way, so Tim wrote librarian puppet
  • 27. ļ€ rodjek / librarian-puppet For those of you keeping score at home, thatā€™s the ļ¬rst of Tim Sharpeā€™s open source projects that Iā€™ve mentioned. Hi Tim!
  • 28. Making puppet ļ¬‚ow like other projects at GitHub means ensuring we have good editor support for the language
  • 29. ļ€ rodjek / vim-puppet vim-puppet, thatā€™s two.
  • 30. Tests $ ./script/cibuild It means running tests is a simple one-step process
  • 31. TESTS! Tests are super important. A solid and easy to use test harness helps build developer conļ¬dence in a new language.
  • 32. Safety net And tests are crucial safety net for helping people cut their teeth on Puppet if they havenā€™t ever touched it before.
  • 33. rspec-puppet should contain_github__firewall_rule('internal_network') should contain_ssmtp__relay_to('smtp').with_relay_host('smtp') should contain_file('/etc/logstash/logstash.conf') should include_class('github::ksplice') should contain_networking__bond('bond0').with( :gateway => '172.22.0.2', :arp_ip_target => '172.22.0.2', :up_commands => nil ) We use rspec-puppet heavily. If you havenā€™t used rspec-puppet yet, go check it out right now. Itā€™s amazing. There are no less than three talks about it at Puppetconf, so Iā€™m not going to talk about HOW to use it today, just touch a little bit on how WE use it.
  • 34. ļ€ rodjek / rspec-puppet rspec-puppet, thatā€™s three
  • 35. role describe 'github::role::fe' do let(:title) { 'fe' } let(:node) { 'fe1.rs.github.com' } let(:params) { { specs :public_address => '207.97.227.242/27', :private_address => '172.22.1.59/22', :git_weight => '16' } } let(:facts) { are { :ipaddress => '172.22.1.59', :operatingsystem => 'Debian', :datacenter => 'rackspace-iad2', } king } it do should contain_github__core('fe') ... end end We try our best to adequately test our individual puppet modules, but our central and most frequently touched specs exercise our role system. Thereā€™s one spec for each role which describes its intended functionality. These specs focus on critical functionality of each role, and help a great deal to build conļ¬dence that weā€™re not introducing regressions when adding or refactoring functionality or working in other roles.
  • 36. .git/hooks/pre-commit $ git commit -am "lolbadchange" modules/github/manifests/role/fe.pp:err: Could not parse for environment production: Syntax error at 'allow_outbound_syslog'; expected '}' at /Users/jnewland/github/puppet/modules/github/ manifests/role/fe.pp:31 modules/github/manifests/role/fe.pp - WARNING: => is not properly aligned on line 626 For an even faster feedback loop than running specs, all Puppet dev environments automatically get setup with a pre-commit hook that checks for syntax errors and ensures your changes conļ¬rm to the Puppet Style guide. This has proved amazingly useful for Puppet novices and experts alike, novices ļ¬nding it helps them understand language conventions quickly and guides them towards solutions, and experts using it to catch typos and help them not look like novices.
  • 37. ļ€ rodjek / puppet-lint puppet-lint, thatā€™s four, btw.
  • 38. specs run on each push auto deploy on CI pass rspec-puppet and puppet-lint are automatically run by CI on every commit on every branch pushed to our Puppet repo. Once master passes CI, puppet is automatically deployed
  • 39. As you can see, Hubot automates a lot of the process of rolling out Puppet That example covered pushing changes to master, but what about a Pull-Request based workļ¬‚ow?
  • 40. Say we have a pull request for a branch we want to merge, and that weā€™ve reviewed the code and it all looks good.
  • 41. branches == environments On each deploy, we turn all git branches into puppet environments.
  • 42. This combined with heaven, our capistrano-powered deployment API we interact with via Hubot, enables us to experiment with unmerged Puppet branches in a powerful way
  • 43. So, to safely merge this pull request...
  • 44. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github You might ask Hubot to conļ¬rm its build status
  • 45. Build #108816 (5fe75932f26ea62cb5fc5e3d0cb302cc2461d11e) of puppet/git-gh13 was successful(421s) github/ puppet@567ea48...5fe7593 Yup, looks good.
  • 46. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Then roll the branch out to a staging box to make everything applies cleanly there.
  • 47. ** [out :: REDACTED ] Bootstrapping... ** [out :: REDACTED ] Gem environment up-to-date. ** [out :: REDACTED ] Running librarian-puppet... ** [out :: REDACTED ] Generating puppet environments... ** [out :: REDACTED ] Cleaning up deleted branches... ** [out :: REDACTED ] Done! ** [out :: REDACTED ] Sending 'restart' command ** [out :: REDACTED ] The following watches were affected: ** [out :: REDACTED ] puppetmaster_unicorn ** [out :: fs1a.stg.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs1a.stg.github.com] notice: /Stage[main] Github::Common_packages/Package[git]/ensure: ensure changed '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ... Yup, looks good.
  • 48. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Then, if you wanted an extra layer of conļ¬dence, you could noop the branch against a production node
  • 49. ** [out :: REDACTED ] Bootstrapping... ** [out :: REDACTED ] Gem environment up-to-date. ** [out :: REDACTED ] Running librarian-puppet... ** [out :: REDACTED ] Generating puppet environments... ** [out :: REDACTED ] Cleaning up deleted branches... ** [out :: REDACTED ] Done! ** [out :: REDACTED ] Sending 'restart' command ** [out :: REDACTED ] The following watches were affected: ** [out :: REDACTED ] puppetmaster_unicorn ** [out :: fs1a.rs.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs1a.rs.github.com] notice: /Stage[main]/ Github::Common_packages/Package[git]/ensure: would have changed from '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ... Yup, looks good
  • 50. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Next, youā€™d merge the pull request. If you stopped here, the code would gradually roll out to all affected nodes over the next hour.
  • 51. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github If you wanted the rollout to happen faster than that, you could force a puppet run on the affected class of nodes
  • 52. ** [out :: REDACTED ] Bootstrapping... ** [out :: REDACTED ] Gem environment up-to-date. ** [out :: REDACTED ] Running librarian-puppet... ** [out :: REDACTED ] Generating puppet environments... ** [out :: REDACTED ] Cleaning up deleted branches... ** [out :: REDACTED ] Done! ** [out :: REDACTED ] Sending 'restart' command ** [out :: REDACTED ] The following watches were affected: ** [out :: REDACTED ] puppetmaster_unicorn ** [out :: fs1a.rs.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs7b.rs.github.com] info: Applying configuration version '8fb1a2716d5f950b836e511471a2bdac3ed27090' ** [out :: fs1a.rs.github.com] notice: /Stage[main]/ Github::Common_packages/Package[git]/ensure: ensure changed '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ** [out :: fs7b.rs.github.com] notice: /Stage[main]/ Github::Common_packages/Package[git]/ensure: ensure changed '1:1.7.10-1+github12' to '1:1.7.10-1+github13' ... Yup, that looks good.
  • 53. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Then youā€™d probably want to check out load to make sure nothing went crazy
  • 55. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github ...and maybe check some logs or other related metrics to conļ¬rm your change didnā€™t break something
  • 57. ChatOps How we interact with Puppet via Hubot is a great example of a core principal of how we do ops at GitHub. Weā€™ve been calling it ChatOps recently.
  • 58. Essentially, ChatOps is the result of Hubot becoming sentient, and decreeing, among other things, that we now address him as ā€œSupreme Leaderā€ and communicate with our infrastructure though his secure channels alone. We occasionally observe him speaking in tongues that sound eerily like YouTube comments.
  • 59. ļ€Ŗ Hubot Actually, thatā€™s not it at all. Hubot is the star of our Ops team.
  • 60. heaven shell Hubot janky graphme We use hubot day in day out to interact with other simple tools weā€™ve written over JSON apis.
  • 61. ALL OF hubotshell heaven janky THE APIS graphme Hubot interacts nicely with tons of external APIs too. If you have a JSON API, making your service work with Hubot is a piece of cake.
  • 62. Why is this stupid chat bot so important to Ops? But why do we obsess about Hubot so much? Itā€™s just a chat bot, right? There are some distinct upsides to this approach weā€™ve notices as our use of Hubot in Ops has grown
  • 63. hubot ci status puppet/git-gh13 deploy:apply puppet/git-gh13 staging/fs1 deploy:noop puppet/git-gh13 prod/fs1 # merge pull request hubot deploy:apply puppet to prod/fs graph me -1h @collectd.load(fs*) log me hooks github/github Remember the ļ¬‚ow I just showed you for rolling out puppet changes to our infrastructure?
  • 64. Everyone sees all of that happen on their first day Everyone sees all of this happen from the minute they join GitHub. Itā€™s right there, in the Ops room, right in the middle of the conversation in campļ¬re.
  • 65. You donā€™t just see how to roll out puppet, you see how to...
  • 66. hubot ci status github/smoke-perf check the status of branchā€™s last build
  • 67. hubot deploy github/smoke-perf to prod/fe1 deploy a any branch of any github app to any server
  • 68. hubot graph me -10min @app-perf get graphs of the appā€™s recent performance
  • 69. hubot procs unicorn check the status of unicorns across all frontends
  • 70. hubot resque critical check the status of the resque critical queue
  • 71. hubot graph me -10min @collectd.load(fe*) check load on the frontends
  • 72. hubot conns fe1 check current connections to a frontend that you suspect has a problem
  • 73. hubot log me smoke fe1 grab smoke logs for that frontend and realize that you did, in fact, break it
  • 74. hubot lbctl disable fe1 take it out of the load balancer
  • 75. hubot status yellow Bad deploy. Reverting now. update the status blog
  • 76. hubot whoā€™s on call determine who is currently on call so you can apologize to them
  • 77. hubot pingdom checks check pingdom to make sure you havenā€™t broken everything
  • 78. hubot upset me chill yourself out really quick
  • 79. hubot deploy github to prod/fe1 revert back to master on the busted frontend
  • 80. hubot log me smoke fe1 verify things have returned to normal
  • 81. hubot air drum me get pumped up because you ļ¬xed it
  • 82. hubot lbctl enable fe1 bring the ļ¬xed frontend back into the rotation
  • 83. hubot status green All systems go. clear alerts on the status page
  • 84. hubot whois 4.9.23.22 Once the outage has been resolved, you might see how to grab whois information for an IP that exhibited suspicious activity in the logs you saw
  • 85. hubot khanify spammers and how to hit meme generator to make a joke when you realize that IP is a spammer
  • 86. hubot play in the air tonight then someone would queue up the song that popped into their head when they thought about drums and gorillas at the same time
  • 87. hubot tweet@github PuppetConf Drinkup Friday night at 8:30 at Zekeā€™s (3rd & Brannan) and then ļ¬nish it all off with a tweet about the Drinkup weā€™re throwing friday night
  • 88. ChatOps ChatOps means building tools that make it easier to operate your infrastructure via Hubot than via Terminal or Chrome
  • 89. By placing tools directly in the middle of the conversation Because...
  • 90. Everyone is pairing all of the time This is the core concept behind ChatOps.
  • 91. Teaching by doing Teaching by doing is awesome
  • 92. This was always my main motivation with hubot - teaching by doing by making things visible. It's an extremely powerful teaching technique - @rtomayko Ryan Tomayko had this in mind from the very ļ¬rst commits to hubot, which just presented a simple wrapper around a repository of shell scripts we use for management and monitoring our infrastructure.
  • 93. This is how I respond to ā€œhow to I do Xā€ questions in Campļ¬re now. If thereā€™s not yet Hubot functionality to do a thing, we try to write it.
  • 94. Communicate by doing Placing tools in the middle of the conversation also means you get communication of your work for free. If youā€™re doing something in a shell or on a website, you have to do it, then tell people about it. If you do it with hubot, that comes free.
  • 95. THINGS I HAVENā€™T ASKED RECENTLY For example, here are a few things I havenā€™t asked recently because Hubot has told me the answer
  • 96. THINGS I HAVENā€™T ASKED howā€™s that deploy going? RECENTLY
  • 97. THINGS I are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? RECENTLY
  • 98. THINGS I are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY
  • 99. THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY
  • 100. THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY how does load look?
  • 101. did anyone update the status page? THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY how does load look?
  • 102. did anyone update the status page? THINGS I is that branch green? are you deploying that or should i? HAVENā€™T ASKED howā€™s that deploy going? is anyone responding to that nagios alert? RECENTLY how does load look? did that deploy finish?
  • 103. Free communication is especially crucial in a distributed environment.
  • 104. Our Ops team is entirely remote, so Campļ¬re is our default means of communication.
  • 105. http://www.flickr.com/photos/7997249@N06/6061305639/ This is extremely helpful during outages or other situations that require tactical response. You donā€™t have to SAY that youā€™re spraying water on the ļ¬re, people SEE you doing it.
  • 106. Hide the ugly Another awesome beneļ¬t of ChatOps-ing all of the things is that you can hide ugly interfaces and design exactly the interaction you want with some simple porcelain commands
  • 107. My favorite example of this is ugliest of the ugly, Nagios.
  • 108. [nines] hubot opened issue #4263: Nagios (229906) - fs3b/syslog - Tue Sept 25 23:40:18 PDT 2012. github/nines#4263 Hubot politely delivers nagios alerts directly into chat
  • 109. hubot nagios ack fs3b/syslog # fix stuff nagios check fs3b/syslog nagios status fs3b/syslog hubot nagios downtime fs3b/syslog 90 nagios mute fs3b/syslog nagios unmute fs3b/syslog Which we can interact with without any unnecessary eye bleeding. Making this easy means developers and other ops engineers actually mute or schedule downtime when theyā€™re testing things.
  • 110. Mobile FTW Yet another awesome beneļ¬t of ChatOps is that you get mobile support for free
  • 111. Well, that is, if you have a team of awesome iOS developers that have built an actually functioning Campļ¬re client for the iPhone This lets you do anything hubot can do from your phone. Which means from your couch. Or your bed. Or a beach in Hawaii. Which means you can ļ¬x a lot of things without pulling your laptop out of your bag.
  • 112. ChatOps Thatā€™s ChatOps at its ļ¬nest.
  • 113. And now for something completely different While Iā€™m showing off mobile stuff, I thought Iā€™d slip in a demo of something else weā€™ve done to make Ops more mobile friendly.
  • 114. Weā€™ve hacked together support for PagerDuty alerts via Apple Push Notiļ¬cations. When you swipe on the alert, you go directly to the PagerDuty mobile UI for an incident
  • 115. Which lets you ack an alert
  • 117. or on the couch.
  • 118. Boom I canā€™t even begin to tell you how happy this makes me, and how less shitty it makes being on-call
  • 119. So, who better to summarize all of this than Hubot himself. I asked him what he thought about ChatOps. Hereā€™s what he said:
  • 120. ChatOps all the things. Listen to what Hubot said. Youā€™ll love it. Your ops team will love it. And youā€™ll help other developers learn how to interact with ops tools without any additional work. Thatā€™s awesome.
  • 121. Work at GitHub jesse@github.com If you canā€™t ChatOps all the things at your gig now, you could always just come work with me at GitHub. Shoot me an email if youā€™re interested.
  • 122. Thanks! Thatā€™s all I have. Thanks for listening! any questions?
  • 123. Tomorrow @ 8:30 PM Zekeā€™s 3rd & Brannan While I still have everyoneā€™s attention, I wanted to mention the GitHub Drinkup weā€™re throwing for Puppetconf again. Itā€™s tomorrow night at 8:30pm at Zekeā€™s, which is on the corner of 3rd and Brannan, everyoneā€™s invited. Iā€™ll see you there. Thanks again!