Puppet
If you can't read please download the document
-
Upload
lukasz-jagiello -
Category
Technology
-
view
1.713 -
download
0
Transcript of Puppet
Puppet system do zarzdzania systemami
ukasz Jagieo [email protected]
http://images.businessweek.com/cms/2011-09-01/tech__puppet37__01__600.jpg
Agenda
Kilka sw o sobie
Puppet
Przyklady co i jak zrobi
Prezentacja LIVE
Mozliwoci co moemy osign
Pytania ?
Co mamy na rynku
Autorskie skrypty (tar, rsync itd.)
Etckeeper
bcfg2
CFEngine
Puppet
Chef
itd.
Puppet
http://puppetlabs.com/ http://projects.puppetlabs.com/
open source (Apache 2.0)
dostpny w wielu dystrybucjach out-of-box
gotowe obrazy Amazon EC2
projekt istnieje od dawna
due community
wersja enterprice
Puppet
Struktura katalogw:/manifest (nodes.pp, site.pp)/modules/name (np. nginx, webpage, snmp ...)/files (nginx.conf, infoshare.conf ...)/manifests (init.pp, config.pp, install.pp ...)/template (index.html.erb ...)
/rack ( passenger + nginx)/lib ( dodatkowe biblioteki np. facter)
Puppet
File - plik, katalog, symlink (lokalny fs)
Package yum,gem,pkg,apt,pip,ports...
Service systemd,upstart,init,daemontools...
Notify
Exec commandline + creates,onlyif,cwd,user..
Cron, user, group itd...
http://docs.puppetlabs.com/references/latest/type.html
Przykady
node 'www.testing.com' {include commoninclude apache, squid
}node /^(foo|bar)\.testing\.com$/ {include common
}
case $hostname {'jack','jill': { include hill } # apply the hill class'humpty','dumpty': { include wall } # apply the wall classdefault: { include generic } # apply the generic class
}
Przykady
file { '/etc/passwd':owner => 'root',group => 'root',mode => '0644'}
define cfg {file { "/etc/sec/$name.sec":owner => root,content => template("sec/$name.sec.erb"),notify => Service['sec'],require => File["/etc/sec"],
}}
@sec::cfg { ["webpage1","webpage2"] }if $config_www_webpage1 == 1 { realize(Sec::Cfg["webpage1"])}if $config_www_webpage2 == 1 { realize(Sec::Cfg["webpage2"])}
Przykady
package { 'openssh-server': ensure => installed }file { '/etc/ssh/sshd_config':source => 'puppet:///modules/sshd/sshd_config',owner => 'root',group => 'root',mode => '640',notify => Service['sshd'], # sshd will restart whenever you edit this file.require => Package['openssh-server'],
}service { 'sshd':ensure => running,enable => true,hasstatus => true,hasrestart => true,
}
Przykady
package { "rubygems": ensure => present }package { "xmpp4r": ensure => "0.5", provider => gem }package { "xmpp4r-simple": ensure => "0.8.8", provider => gem }
python::pip::install{"Paste": package => 'Paste==1.7.5.1', venv => '/usr', ensure => 'present' }python::pip::install{"PasteDeploy": package => 'PasteDeploy==1.5.0', venv => '/usr', ensure => 'present' }
if $ensure == 'present' {exec { "pip install $name":command => "$venv/bin/pip-python install $package",unless => "$venv/bin/pip-python freeze | grep -e $grep_regex",require => [ Package[python-pip], Package[libxml2-devel], Package[libxslt-devel], Package[gcc], Package[python-devel] ],
}
Facter
facter is an independent !
cross-platform Ruby library
collect information about the hardware and operating system
operating system names, hardware characteristics, IP addresses, MAC addresses, and SSH keys.
Facter
[lcf@p0x ~]$ facterarchitecture => x86_64facterversion => 1.6.6hostname => p0xid => lcfinterfaces => lo,p6p1,virbr0,virbr0_nic,wlan0ipaddress => 192.168.10.100is_virtual => falsekernel => Linuxkernelmajversion => 3.3kernelrelease => 3.3.1-5.fc16.x86_64kernelversion => 3.3.1lsbdistcodename => Vernelsbdistdescription => Fedora release 16 (Verne)
Przykady
case $operatingsystem { 'CentOS': { include centos } 'MacOS': { include mac }}
case $operatingsystemrelease {/^5/: { service { "anacron": ensure => stopped, enable => false } }
}
pre-LIVE
OS: CentOS 6.2Repo: CentOS + EPEL
Minimal install + selinux disables + iptables disables + puppet/puppet-server install
192.168.122.10 puppetmaster192.168.122.20 www1192.168.122.21 www2
LIVE
Amazon EC2
AMI
Puppetmaster (HA?)
Amazon ELB
Amazon Auto Scaling
Efekt:
W peni automatycznie skalowalne rodowisko !
Plusy
Konfiguracja w jednym miescu
atwa kontrola wersji (svn,git,hg...)oraz kontrola nad zmianami na produkcji
Wygodne propagowanie zmian
Powtarzalno
Byskawicznie dokadanie gotowych funkcjonalnoci
Minus
Wydajno (da si co z tym zrobi)
Losowo
Dziaa tak dobrze, jak dobrze si w nim pisze
SSL -> klucze -> hostname (uniq ?!)
Kwiatki w skadni
Przydatne linki
http://puppetlabs.com/
http://docs.puppetlabs.com/
http://puppetlabs.com/puppet/related-projects/facter/
https://github.com/example42/
https://github.com/puppet-modules
Pytania ?
