Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita

フレームワークでシステム管理アプリケーションプログラミングをもっと簡単に

About me
Gosuke Miyashita
mizzy.org
Working at paperboy&co.
Recently, released the photo album service “30days album” (http://30d.jp/)
Total technical design, storage api programming, server settings
I love Dr.Pepper

With lots of Dr.Peppers

System Admin Application Framework?
A framework for system admin app
WAF for sysadmin
Func (Fedora Unified Network Controller) is a kind of it
Although Func deoesn’t describe itself a framework
I’m devloping Punc, a perl colne of Func.

System Admin Application?
Basically “Exec some operations for multiple hosts”
Easy to say, but ...
How to select target hosts?
How to connect to target hosts?
How about security?
How about getting results and parsing them
How to reuse codes?

Framework?
Hide the issues on previous page and you can concentrate for your really job
Selecting target hosts?
$punc = Punc::Client->new( ‘*’ );
$punc = Punc::Client->new( ‘www*’ );
Connect to target hosts and security
$res = $punc-> service -> status ({ service => ‘httpd’ });
You can get the status of httpd of all taget hosts.
Behind it, JSON-RPC over HTTPS + SSLv3 Auth

Framework? (cont.)
Getting results and parse them
Scalar, hash or array via JSON-RPC
Reusability of code
Punc consists of small modules.
$punc-> service -> status ();
Programming with combination of small modules

Framework!
use Punc::Client;
my $punc = Punc::Client->new( '*' );
my $res = $punc-> service -> status ({
service => 'httpd'
});
while ( my $r = $res->next ) {
Punc::Client->new( $r->host )
-> service -> start ({
service => 'httpd'
}) if $r->result;
}

Punc
A perl clone of Func
Why I’m developing Punc?
Func only works on RedHat linux
Func does not have abstract layer of different environments
I LOVE Perl!

Architecture of Punc get a result call a module exec a module exec a module exec a module JSON-RPC over HTTPS + SSLv3 auth Manage target hosts Manage SSL certs master (puncmasterd) slave (puncd) slave (puncd) slave (puncd)

See http://coderepos.org/share/wiki/Punc

Checkout Punc
$ svn co http://svn.coderepos.org/share/lang/perl/Punc/trunk Punc
$ cd Punc

Start puncmasterd
; Create self-signed cert
; automatically and start with https
$ ./bin/puncmasterd
Please contact me at: <URL:https://host.example.com:7081/>

Start puncd
$ ./bin/puncd
(Request a CSR to puncmaster and waiting it signed)

Sign to the CSR
$ ./bin/puncmaster-ca --list
host.example.com
$ ./bin/puncmaster-ca --sign host.example.com

Now puncd working!
$ ./bin/puncd
Please contact me at: <URL:https://host.example.com:7080/>

Use Punc with punc command
$ ./bin/punc "*" call service description
NAME
Punc::Slave::Module::Service - Punc module for service control.
SYNOPSIS
# with punc command
$ sudo punc "*" call service status --service=httpd
# with Punc::Client module
my $punc = Punc::Client->new($target);
my $res = $punc->service->status({ service => 'httpd' });
...

Use Punc with Punc::Client
use Punc::Client;
my $res = $punc-> service -> status ({
service => 'httpd‘
});
Punc->new($r->host)- >service
-> start ({ service => 'httpd' })
if $r->result;
}

virt module(not yet exist)
my $res = $punc-> virt -> state ;
next if $r->error;
for my $vm ( @{ $r->vms } ) {
if ( $vm->{state} eq 'shutdown' ) {
Punc->new($r->host)-> virt
-> create ($vm->{domain})
}
}
}

smart module(not yet exist)
my $result = $punc-> smart -> info ;
while ( my $r = $result->next ) {
unless ( $r->code ) {
print "$r->host has error: ";
print $r->detail . " ";
}
}

Punc module
Module is distributed and executed on each targeted hosts
Master host calls modules on targeted hosts via punc command or Punc::Client

Architecture of Punc(again) get a result call a module exec a module exec a module exec a module JSON-RPC over HTTPS + SSLv3 auth Manage target hosts Manage SSL certs master (puncmasterd) slave (puncd) slave (puncd) slave (puncd)

file module
package Punc::Slave::Module::File;
use Path::Class qw( dir file );
use Punc::Slave::Module {
operatingsystem => [ qw/ .* / ]
};
sub md5sum {
my ( $self, $args ) = @_;
return `md5sum $args->{file}`;
}
sub copy {
...

service module(for Red Hat)
package Punc::Slave::Module::Service::RedHat;
use Punc::Slave::Module::Service {
operatingsystem => [ qw / redhat centos fedora / ]
};
use Moose;
with 'Punc::Slave::Module::Service::Role';
sub status {
return $self->_command($args->{service}, 'status');
}

service module(for Debian)
package Punc::Slave::Module::Service::Debian;
use Punc::Slave::Module::Service {
operatingsystem => [ qw / debian ubuntu / ]
};
use Moose;
with 'Punc::Slave::Module::Service::Role';
sub status {
return $self->_command($args->{service}, 'status');
}

Abstraction layer with Pfacter
Automatically detect a targeted host’s environmant and execute a adequate module
Punc uses Pfacter for this purpose
Pfacter is a perl clone of Facter by Ruby
Facter is used with Puppet

Return values of a module
# return scalar, hash ref, or array ref on success
return $result;
# return an error using Class::ErrorHandler
return $self->error(‘error message’);

Module sync
Mosules must be distributed to slaves
Punc has punc-modulesync command
punc-modulesync made with file module

Summary
Punc is a framework for sysatem admin app programming
Modules are executed on each slave node
Master calls modules via JSON-RPC over HTTPS
Programming with Punc is a combination of module calls
Caller programs could be written by langauages other than Perl

Development in progress
Code repository is in CodeRepos
http://coderepos.org/share/
http://svn.coderepos.org/share/lang/perl/Punc/trunk
Feel free to commit to trunk or make your branch!
Please ask yappo if you don’t have a commit bit of CodeRepos
#coderepos@freenode or #assurer@freenode

Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita

by Gosuke Miyashita on May 15, 2008

Accessibility

Categories

Tags

Upload Details

Usage Rights

2 Embeds 89

Statistics

Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita — Presentation Transcript

http://coderwall.com	87
http://www.slideshare.net	2