CFL-7434 Puppet + containers = multi-tenancy | Voxxed Days

Voxxed Days CERN 2019
on Wednesday 1 May

   Puppet + containers = multi-tenancy


Methodology & Culture
Intermediate level
Council Chamber Wednesday from 12:25 til 12:40

The CERN IT infrastructure consists of more than 40000 Puppet-managed virtual and physical machines located in two data centres. All the Puppet catalogs are served by a shared pool of almost 200 Puppet Servers regardless of the organisational unit from which the requests come. This deployment might lead to security risks as the number of nodes and personnel writing Puppet code increases.

The Configuration Team, as part of the IT department at CERN, is exploring ways to configure a multi-tenancy enabled Puppet Server deployment minimising the performance impact for users and the resource usage.

This talk will go over the different alternatives the team has considered and the results obtained so far.

David Moreno  Garcia
Software Engineer at the Computing and Monitoring group at CERN

