-
Masterless Puppet in AWSby Daniel Thornton (relud)
-
AWS ResourcesEC2 instanceEC2 user-dataIAM roleS3 bucket
-
Other ResourcesGithubPuppet ForgeHiera
-
Git RepoModules and non-secret hiera data
Installed to /etc/puppet
List forge modules in hiera
-
SecretsStored in S3 bucket
IAM role for access
-
DeploymentWrite userdata
Assign role with Facter external fact
Launch EC2 instance with userdata
-
Live Demohttps://github.com/relud/puppet-demo
-
Improvements Bundle /etc/puppet (except secrets) Store secrets in git and automatically sync
-
Pros Deploy any code version Simple puppet forge integration Scalable No manual approval of servers Puppet only runs once
-
Cons Puppet only runs once Puppetdb and dashboards (like
TheForeman) dont work well Doesnt translate well outside AWS
-
Questions?