Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Luc Suryo - Puppet on EC2

8,317 views

Published on

Published in: Technology
  • Be the first to comment

Luc Suryo - Puppet on EC2

  1. 1. Puppet in EC2An implementation By Luc Suryo February 8, 2011
  2. 2. About Me• An Unix and Operation guy since ’77• Been doing Linux since ’92• Been doing Puppet since Nov ’10 (pretty newbie)• contact luc@suryo.com• Works at http://friend.ly
  3. 3. Goal• Able to launch and maintain an instance with minimal effort• Better and centralized change control
  4. 4. Choice• Puppet, it’s mature and past experience• Build and maintenance AMI with predefines and preinstalled software to minimize Puppet’s run time• Security using EC2 and allowing auto signing
  5. 5. AMI & Puppet• AMI has all software installed but not activated nor configured• Puppet controls what piece of software is activated and how it is to configured
  6. 6. Puppet Class the Idea• Each package is split into 4 parts• Software• Services• Control and Configure• Monitor (if applicable)
  7. 7. Class package• Make sure the software is installed• Does not define nor controls the service class ntp::package { $ntp_uid_gid = "ntp" case $operatingsystem { "centos" : { $packages_list = [ "ntp" ] } "ubuntu" : { $packages_list = [ "ntp", "ntpdate" ] } } package { $packages_list : ensure => "installed", } }
  8. 8. Class Service• Controls service, make sure the service is in the correct state class ntp::service { service { "ntp::service" : name => $operatingsystem ? { "centos" => "ntpd", "ubuntu" => "ntp", }, enable => "true", ensure => "running", } }
  9. 9. Control and Configure • Controls, restart • Configures, configures files define ntp::ntp_conf ( $network = , $ntpservers ) { file { "/etc/ntp.conf" : mode => 0444, owner => root, group => root, content => template ("ntp/etc/ntp.conf.erb"), } } define ntp::restart () { Exec { logoutput => "on_failure", path => [ "/bin", "/usr/bin", "/sbin", "/usr/sbin", "/usr/local/bin", "/usr/local/sbin" ], } exec { "ntp_restart" : command => $operatingsystem ? { "centos" => "/etc/init.d/ntpd restart", "ubuntu" => "/etc/init.d/ntp restart", }, subscribe => File [ "/etc/ntp.conf" ], refreshonly => "true", } }
  10. 10. Monitor • Nagios or/and Munin to monitor serviceclass ntp::munin { enable_munin_plugin { [ “ntp_kernel_err”, “ntp_kernel_pll_freq”, “ ntp_kernel_pll_off”,“ntp_offset” ] : }}class ntp::nagios { enable_nagios_service { “ntp” : }}
  11. 11. class fly::ntp { include ntp::package include ntp::munin include ntp::nagios case $hostname { # NTP Server "puppet", : { $ntpservers => "us.pool.ntp.org" } # NTP Client default : { $ntpservers => [ "10.168.101.111" ] } } ntp::ntp_conf { "fly-ntp" : $ntpservers => $ntpservers } case $hostname { "base" : { service { "ntp" : name => $operatingsystem ? { "centos" => "ntpd", "ubuntu" => "ntp", }, enable => "false", ensure => "stopped", } } default : { include ntp::service ntp::restart { "fly-ntp" : } } }}
  12. 12. • Know and accepted issues and risk• = package update ; amount and time• Always can be improved... and thanks for coming

×