Puppet Camp 2012
Upcoming SlideShare
Loading in...5
×
 

Puppet Camp 2012

on

  • 901 views

Going from zero to Puppet by Pedro Pessoa, Operations Engineer at Server Density. ...

Going from zero to Puppet by Pedro Pessoa, Operations Engineer at Server Density.

Abstract: Using out-of-the-box Puppet for non-sysadmin work - steps from going from no config management to managing 100 nodes and allowing non-sysadmin tasks to be performed.

Speaker Bio: Linux admin for 10+ years. Java/Python/C developer 12+ years. Ops engineer at http://www.serverdensity.com - a hosted server and website monitoring service. Currently processing 12TB+ per month into MongoDB running on dedicated and virtual instances.

www.serverdensity.com/puppetcamp/

Statistics

Views

Total Views
901
Views on SlideShare
866
Embed Views
35

Actions

Likes
0
Downloads
5
Comments
0

1 Embed 35

http://lanyrd.com 35

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Puppet Camp 2012 Puppet Camp 2012 Presentation Transcript

  • From zero to Puppethttp://www.rankpop.com/you-need-to-start-structuring-your-blog-posts-asap/
  • +15TB / mth+1bn docs /mth2-5k inserts/s @ 3ms10K RPM @ 140ms
  • ServersHTTP Load Balancer – 5xApache - 14xBuild - 2xMongoDB - 19x data, 13x routing, 6x configuration, 6x arbiter,
  • HTTP Load Balancer$globalIPs_array = split($globalIPs, ,)<% globalIPs_array.each do |globalIP| ­%>ListenHTTP        # primary public IP address        Address <%= globalIP %>        Port    80
  • Apache
  • Apachefile{ vhost:  path    =>  "/etc/apache2/sites­enabled/${::siteDomain}",  ensure  => file,  content => template(apache­php/vhost.erb),  notify  => Service[apache2],}
  • Apache<VirtualHost *:80>ServerName <%= siteDomain %>DocumentRoot <%= documentRoot %>...        ErrorLog /var/log/apache2/error­<%= siteDomain %>.log<% if @requestLogging and requestLogging == "yes" %> CustomLog /var/log/apache2/access­<%= siteDomain %>.log vhost_combined<% end %><% if enableSSL == "yes" %><VirtualHost *:443>   SSLEngine OnSSLCertificateFile /var/www/ssl/<%= siteDomain %>.crtSSLCertificateKeyFile /var/www/ssl/<%= siteDomain %>.key...
  • $excess_bagage = [                    "ppp",                    "bind9­host",                    "laptop­detect",                    "open­iscsi",                    "libnss3:i386"                  ]package{ $excess_bagage: ensure => purged,}
  • exec{ ufw allow is­1:   command     => /usr/sbin/ufw allow from 184.173.178.67,   unless      => /usr/sbin/ufw status verbose | grep "184.173.178.67",}exec{ ufw enable:   command     => /usr/sbin/ufw enable,   unless      => /usr/sbin/ufw status | grep "Status: active",   Require     => [Exec[ufw allow is­1]],   notify      => Exec[ufw reload],}exec{ ufw reload:   command     => /usr/sbin/ufw reload,   require     => Exec[ufw enable],   refreshonly => true,}
  • SSHfile{ sshd_config:   path    => /etc/ssh/sshd_config,   ensure  => file,   content  => template(sshd/sshd_config.erb),}Port 22Protocol 2AllowUsers david pessoa chris rob wesCompression yes...<% if @duoSecKey and @duoIntKey and @duoHost %> ForceCommand /usr/sbin/login_duo PermitTunnel no AllowTcpForwarding no<% end %>
  • System updatesCANARIES="  aws­prod­apac­singapore­exm­a1  a2.wdc.sl  exm1.wdc.sl  mtx­web1.wdc.sl  sdapp­web1.wdc.sl  sdapi­web1.wdc.sl  "function canaries { echo "REMOVE *­web1.wdc.sl FROM ROTATION!" echo "press ENTER" read echo "have you REALLY removed *­web1.wdc.sl from rotation?" echo "press ENTER" read for i in $CANARIES do echo $i mco rpc puppetral ­I $i create type=exec                        title="/bin/bash ­c apt­get dist­upgrade ­y" done}
  • System updatesfunction reboot_canaries { echo "REMOVE *­web1.wdc.sl FROM ROTATION!" echo "press ENTER" read echo "have you REALLY removed *­web1.wdc.sl from rotation?" echo "press ENTER" read for i in $CANARIES do echo $i mco rpc puppetral ­I $i create type=exec                        title="/bin/bash ­c reboot" echo "­­­­­­­­­­­­­­" done}
  • What to Rebootmco rpc puppetral create type=exec    title="/bin/bash ­c ls /var/run/reboot­required"    | grep ­B 1  "Resource was created"    | grep ".sl" exm1.wdc.sl                                  Status: change from notrun to 0 failed:     /bin/bash ­c ls /var/run/reboot­required     returned 2 instead of one of [0] exm­md1a.wdc.sl                                Status: Resource was created    Resource: {"tags"=>["exec"],               "title"=>"/bin/bash ­c ls /var/run/reboot­required",               "type"=>"Exec",               "parameters"=>{:returns=>:notrun},               "exported"=>false}
  • Live Management - Emergency# Metrics<%= metricsIP %> metrics­svc# Infrastructure services184.173.178.66  puppet...
  • Live Management - Emergency
  • Live Management - Emergency
  • Live Management - Emergency
  • Live Management - Emergency
  • Pedro Pessoapessoa@serverdensity.comwww.serverdensity.com