The "infrastructure as code" mantra is followed by countless sysadmins around the world. The choice of words implies that practices from the development world should be adopted by sysadmins, yet one would be overjoyed to be able to implement the basics. Functionalities taken as granted for developers, such as easily debugging a configuration or writing complex tests, have currently no real equivalent in the devops world.
This talk will start by an overview of common practices developed around the Puppet tool, such as following development conventions, unit-testing modules, using vagrant setups to test changes, and using a good IDE. It will be followed by a rant about how these practices and tools are either a far cry from what is sorely needed, or in some cases entirely unusable. It will then describe a common anti-pattern that derives from these limitations.
The presentation will then switch to a long demonstration, highlighting functionalities of the language-puppet library and associated tools. The following subjects will be demonstrated:
If time permits, a few words on the important of performance in such tools will be given. The talk will then conclude with a preview of future features of the library, and a good dose of Haskell proselytism.
Simon Marechal has been working as an information security consultant for the private sector, and then as a security inspector for the ANSSI.
During that time, he nurtured a taste for effective and secure practices that is now put at use in his current sysadmin position.
He is now pursuing ways to achieve greater levels of effectiveness in his day to day practice, and is very fond of programming language flame wars.