Puppet Camp 2012
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Puppet Camp 2012

on

  • 983 views

Going from zero to Puppet by Pedro Pessoa, Operations Engineer at Server Density. ...

Going from zero to Puppet by Pedro Pessoa, Operations Engineer at Server Density.

Abstract: Using out-of-the-box Puppet for non-sysadmin work - steps from going from no config management to managing 100 nodes and allowing non-sysadmin tasks to be performed.

Speaker Bio: Linux admin for 10+ years. Java/Python/C developer 12+ years. Ops engineer at http://www.serverdensity.com - a hosted server and website monitoring service. Currently processing 12TB+ per month into MongoDB running on dedicated and virtual instances.

www.serverdensity.com/puppetcamp/

Statistics

Views

Total Views
983
Views on SlideShare
947
Embed Views
36

Actions

Likes
0
Downloads
5
Comments
0

1 Embed 36

http://lanyrd.com 36

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Puppet Camp 2012 Presentation Transcript

  • 1. From zero to Puppethttp://www.rankpop.com/you-need-to-start-structuring-your-blog-posts-asap/
  • 2. +15TB / mth+1bn docs /mth2-5k inserts/s @ 3ms10K RPM @ 140ms
  • 3. ServersHTTP Load Balancer – 5xApache - 14xBuild - 2xMongoDB - 19x data, 13x routing, 6x configuration, 6x arbiter,
  • 4. HTTP Load Balancer$globalIPs_array = split($globalIPs, ,)<% globalIPs_array.each do |globalIP| ­%>ListenHTTP        # primary public IP address        Address <%= globalIP %>        Port    80
  • 5. Apache
  • 6. Apachefile{ vhost:  path    =>  "/etc/apache2/sites­enabled/${::siteDomain}",  ensure  => file,  content => template(apache­php/vhost.erb),  notify  => Service[apache2],}
  • 7. Apache<VirtualHost *:80>ServerName <%= siteDomain %>DocumentRoot <%= documentRoot %>...        ErrorLog /var/log/apache2/error­<%= siteDomain %>.log<% if @requestLogging and requestLogging == "yes" %> CustomLog /var/log/apache2/access­<%= siteDomain %>.log vhost_combined<% end %><% if enableSSL == "yes" %><VirtualHost *:443>   SSLEngine OnSSLCertificateFile /var/www/ssl/<%= siteDomain %>.crtSSLCertificateKeyFile /var/www/ssl/<%= siteDomain %>.key...
  • 8. $excess_bagage = [                    "ppp",                    "bind9­host",                    "laptop­detect",                    "open­iscsi",                    "libnss3:i386"                  ]package{ $excess_bagage: ensure => purged,}
  • 9. exec{ ufw allow is­1:   command     => /usr/sbin/ufw allow from 184.173.178.67,   unless      => /usr/sbin/ufw status verbose | grep "184.173.178.67",}exec{ ufw enable:   command     => /usr/sbin/ufw enable,   unless      => /usr/sbin/ufw status | grep "Status: active",   Require     => [Exec[ufw allow is­1]],   notify      => Exec[ufw reload],}exec{ ufw reload:   command     => /usr/sbin/ufw reload,   require     => Exec[ufw enable],   refreshonly => true,}
  • 10. SSHfile{ sshd_config:   path    => /etc/ssh/sshd_config,   ensure  => file,   content  => template(sshd/sshd_config.erb),}Port 22Protocol 2AllowUsers david pessoa chris rob wesCompression yes...<% if @duoSecKey and @duoIntKey and @duoHost %> ForceCommand /usr/sbin/login_duo PermitTunnel no AllowTcpForwarding no<% end %>
  • 11. System updatesCANARIES="  aws­prod­apac­singapore­exm­a1  a2.wdc.sl  exm1.wdc.sl  mtx­web1.wdc.sl  sdapp­web1.wdc.sl  sdapi­web1.wdc.sl  "function canaries { echo "REMOVE *­web1.wdc.sl FROM ROTATION!" echo "press ENTER" read echo "have you REALLY removed *­web1.wdc.sl from rotation?" echo "press ENTER" read for i in $CANARIES do echo $i mco rpc puppetral ­I $i create type=exec                        title="/bin/bash ­c apt­get dist­upgrade ­y" done}
  • 12. System updatesfunction reboot_canaries { echo "REMOVE *­web1.wdc.sl FROM ROTATION!" echo "press ENTER" read echo "have you REALLY removed *­web1.wdc.sl from rotation?" echo "press ENTER" read for i in $CANARIES do echo $i mco rpc puppetral ­I $i create type=exec                        title="/bin/bash ­c reboot" echo "­­­­­­­­­­­­­­" done}
  • 13. What to Rebootmco rpc puppetral create type=exec    title="/bin/bash ­c ls /var/run/reboot­required"    | grep ­B 1  "Resource was created"    | grep ".sl" exm1.wdc.sl                                  Status: change from notrun to 0 failed:     /bin/bash ­c ls /var/run/reboot­required     returned 2 instead of one of [0] exm­md1a.wdc.sl                                Status: Resource was created    Resource: {"tags"=>["exec"],               "title"=>"/bin/bash ­c ls /var/run/reboot­required",               "type"=>"Exec",               "parameters"=>{:returns=>:notrun},               "exported"=>false}
  • 14. Live Management - Emergency# Metrics<%= metricsIP %> metrics­svc# Infrastructure services184.173.178.66  puppet...
  • 15. Live Management - Emergency
  • 16. Live Management - Emergency
  • 17. Live Management - Emergency
  • 18. Live Management - Emergency
  • 19. Pedro Pessoapessoa@serverdensity.comwww.serverdensity.com