Puppet Camp 2012

From zero to Puppethttp://www.rankpop.com/you-need-to-start-structuring-your-blog-posts-asap/

+15TB / mth+1bn docs /mth2-5k inserts/s @ 3ms10K RPM @ 140ms

ServersHTTP Load Balancer – 5xApache - 14xBuild - 2xMongoDB - 19x data, 13x routing, 6x configuration, 6x arbiter,

HTTP Load Balancer$globalIPs_array = split($globalIPs, ,)<% globalIPs_array.each do |globalIP| %>ListenHTTP # primary public IP address Address <%= globalIP %> Port 80

Apache

Apachefile{ vhost: path => "/etc/apache2/sitesenabled/${::siteDomain}", ensure => file, content => template(apachephp/vhost.erb), notify => Service[apache2],}

Apache<VirtualHost *:80>ServerName <%= siteDomain %>DocumentRoot <%= documentRoot %>... ErrorLog /var/log/apache2/error<%= siteDomain %>.log<% if @requestLogging and requestLogging == "yes" %> CustomLog /var/log/apache2/access<%= siteDomain %>.log vhost_combined<% end %><% if enableSSL == "yes" %><VirtualHost *:443> SSLEngine OnSSLCertificateFile /var/www/ssl/<%= siteDomain %>.crtSSLCertificateKeyFile /var/www/ssl/<%= siteDomain %>.key...

$excess_bagage = [ "ppp", "bind9host", "laptopdetect", "openiscsi", "libnss3:i386" ]package{ $excess_bagage: ensure => purged,}

exec{ ufw allow is1: command => /usr/sbin/ufw allow from 184.173.178.67, unless => /usr/sbin/ufw status verbose | grep "184.173.178.67",}exec{ ufw enable: command => /usr/sbin/ufw enable, unless => /usr/sbin/ufw status | grep "Status: active", Require => [Exec[ufw allow is1]], notify => Exec[ufw reload],}exec{ ufw reload: command => /usr/sbin/ufw reload, require => Exec[ufw enable], refreshonly => true,}

SSHfile{ sshd_config: path => /etc/ssh/sshd_config, ensure => file, content => template(sshd/sshd_config.erb),}Port 22Protocol 2AllowUsers david pessoa chris rob wesCompression yes...<% if @duoSecKey and @duoIntKey and @duoHost %> ForceCommand /usr/sbin/login_duo PermitTunnel no AllowTcpForwarding no<% end %>

System updatesCANARIES=" awsprodapacsingaporeexma1 a2.wdc.sl exm1.wdc.sl mtxweb1.wdc.sl sdappweb1.wdc.sl sdapiweb1.wdc.sl "function canaries { echo "REMOVE *web1.wdc.sl FROM ROTATION!" echo "press ENTER" read echo "have you REALLY removed *web1.wdc.sl from rotation?" echo "press ENTER" read for i in $CANARIES do echo $i mco rpc puppetral I $i create type=exec title="/bin/bash c aptget distupgrade y" done}

System updatesfunction reboot_canaries { echo "REMOVE *web1.wdc.sl FROM ROTATION!" echo "press ENTER" read echo "have you REALLY removed *web1.wdc.sl from rotation?" echo "press ENTER" read for i in $CANARIES do echo $i mco rpc puppetral I $i create type=exec title="/bin/bash c reboot" echo "" done}

What to Rebootmco rpc puppetral create type=exec title="/bin/bash c ls /var/run/rebootrequired" | grep B 1 "Resource was created" | grep ".sl" exm1.wdc.sl Status: change from notrun to 0 failed: /bin/bash c ls /var/run/rebootrequired returned 2 instead of one of [0] exmmd1a.wdc.sl Status: Resource was created Resource: {"tags"=>["exec"], "title"=>"/bin/bash c ls /var/run/rebootrequired", "type"=>"Exec", "parameters"=>{:returns=>:notrun}, "exported"=>false}

Live Management - Emergency# Metrics<%= metricsIP %> metricssvc# Infrastructure services184.173.178.66 puppet...

Live Management - Emergency

Pedro Pessoapessoa@serverdensity.comwww.serverdensity.com

Puppet Camp 2012

by Server Density on Jan 31, 2013

Accessibility

Upload Details

Usage Rights

1 Embed 18

Statistics

Puppet Camp 2012 Presentation Transcript