I previously wrote about Choria Playbooks – a reminder they are playbooks written in YAML format and can orchestrate many different kinds of tasks, data, inputs and discovery systems – not exclusively ones from MCollective. It integrates with tools like terraform, consul, etcd, Slack, Graphite, Webhooks, Shell scripts, Puppet PQL and of course MCollective.
I mentioned in that blog post that I did not think a YAML based playbook is the way to go.
I am very pleased to announce that with the release of Choria 0.6.0 playbooks can now be written with the Puppet DSL. I am so pleased with this that effectively immediately the YAML DSL is deprecated and set for a rather short life time.
A basic example can be seen here, it will:
- Reuse a company specific playbook and notify Slack of the action about to be taken
- Discover nodes using PQL in a specified cluster and verify they are using a compatible Puppet Agent
- Obtain a lock in Consul ensuring only 1 member in the team perform critical tasks related to the life cycle of the Puppet Agent at a time
- Disable Puppet on the discovered nodes
- Wait for up to 200 seconds for the nodes to become idle
- Release the lock
- Notify Slack that the task completed
# Disables Puppet and Wait for all in-progress catalog compiles to end plan acme::disable_puppet_and_wait ( Enum[alpha, bravo] $cluster ) { choria::run_playbook(acme::slack_notify, message => "Disabling Puppet in cluster ${cluster}") $puppet_agents = choria::discover("mcollective", discovery_method => "choria", agents => ["puppet"], facts => ["cluster=${cluster}"], uses => { puppet => ">= 1.13.1" } ) $ds = { "type" => "consul", "timeout" => 120, "ttl" => 60 } choria::lock("locks/puppet.critical", $ds) || { choria::task( "action" => "puppet.disable", "nodes" => $puppet_agents, "fail_ok" => true, "silent" => true, "properties" => {"message" => "restarting puppet server"} ) choria::task( "action" => "puppet.status", "nodes" => $puppet_agents, "assert" => "idling=true", "tries" => 10, "silent" => true, "try_sleep" => 20, ) } choria::run_playbook(acme::slack_notify, message => sprintf("Puppet disabled on %d nodes in cluster %s", $puppet_agents.count, $cluster) ) } |
As you can see we can re-use playbooks and build up a nice cache of utilities that the entire team can use, the support for locks and data sharing ensures safe and coordinated use of this style of system.
You can get this today if you use Puppet 5.4.0 and Choria 0.6.0. Refer to the Playbook Docs for more details, especially the Tips and Patterns section.
Why Puppet based DSL?
The Plan DSL as you’ll see in the Background and History part later in this post is something I have wanted a long time. I think the current generation Puppet DSL is fantastic and really suited to this problem. Of course having this in the Plan DSL I can now also create Ruby versions of this and I might well do that.
The Plan DSL though have many advantages:
- Many of us already know the DSL
- There are vast amounts of documentation and examples of Puppet code, you can get trained to use it.
- The other tools in the Puppet stable support plans – you can use puppet strings to document your Playbooks
- The community around the Puppet DSL is very strong, I imagine soon rspec-puppet might support testing Plans and so by extension Playbooks. This appears to be already possible but not quite as easy as it could be.
- We have a capable and widely used way of sharing these between us in the Puppet Forge
I could not compete with this in any language I might want to support.
Future of Choria Playbooks
As I mentioned the YAML playbooks are not long for this world. I think they were an awesome experiment and I learned a ton from them, but these Plan based Playbooks are such a massive step forward that I just can’t see the YAML ones serving any purpose what so ever.
This release supports both YAML and Plan based Playbooks, the next release will ditch the YAML ones.
At that time a LOT of code will be removed from the repositories and I will be able to very significantly simplify the supporting code. My goal is to make it possible to add new task types, data sources, discovery sources etc really easily, perhaps even via Puppet modules so the eco system around these will grow.
I will be doing a bunch of work on the Choria Plugins (agent, server, puppet etc) and these might start shipping small Playbooks that you can use in your own Playbooks. The one that started this blog post would be a great candidate to supply as part of the Choria suite and I’d like to do that for this and many other plugins.
Background and History
For many years I have wanted Puppet to move in a direction that might one day support scripts – perhaps even become a good candidate for shell scripts, not at the expense of the CM DSL but as a way to reward people for knowing the Puppet Language. I wanted this for many reasons but a major one was because I wanted to use it as a DSL to write orchestration scripts for MCollective.
I did some proof of concepts of this late in 2012, you can see the fruits of this POC here, it allowed one to orchestrate MCollective tasks using Puppet DSL and a Ruby DSL. This was interesting but the DSL as it was then was no good for this.
I also made a pure YAML Puppet DSL that deeply incorporated Hiera and remained compatible with the Puppet DSL. This too was interesting and in hindsight given the popularity of YAML I think I should have given this a lot more attention than I did.
Neither of these really worked for what I needed. Around the time Henrik Lindberg started talking about massive changes to the Puppet DSL and I think our first ever conversation covered this very topic – this must have been back in 2012 as well.
More recently I worked on YAML based playbooks for Choria, a sample can be seen in the old Choria docs, this is about the closest I got to something workable, we have users in the wild using it and having success with these. As a exploration they were super handy and taught me loads.
Fast forward to Puppet Conf 2017 and Puppet Inc announced something called Puppet Plans, these are basically script like, uncompiled (kind of), top-down executed and aimed at use within your CLI much like you would a script. This was fantastic news, unfortunately the reality ended up with these locked up inside their new SSH based orchestrator called Bolt. Due to some very unfortunate technical direction and decision making Plans are entirely unusable by Puppet users without Bolt. Bolt vendors it’s own Puppet and Facter and so it’s unaware of the AIO Puppet.
Ideally I would want to use Plans as maintained by Puppet Inc for my Playbooks but the current status of things are that the team just is not interested in moving in that direction. Thus in the latest version of Choria I have implemented my own runner, result types, error types and everything needed to write Choria Playbooks using the Puppet DSL.
Conclusion
I am really pleased with how these playbooks turned out and am excited for what I can provide to the community in the future. There are no doubt some rough edges today in the implementation and documentation, your continued feedback and engagement in the Choria community around these would ensure that in time we will have THE Playbook system in the Puppet Eco system.