SlideShare uma empresa Scribd logo

Using puppet

Transferir como PPTX, PDF
Alex Su
Alex Su
Tecnologia
1 de 30
Using Puppet Alex Su 2011/12/26 Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 1
What is a system admin? Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Don‟t look at me... I wasn‟t the last one to touch it... Trend Micro Copyright 2009 Trend Micro Inc. Confidential
One Goal: Revolutionize System Administration Trend Micro Copyright 2009 Trend Micro Inc. Confidential
An Analogy Programming SysAdmin Low-level, Assembly commands non-portable and files Abstract, Java / Python / Ruby Resources portable Trend Micro Copyright 2009 Trend Micro Inc. Confidential
This apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Becomes package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd } service { sshd: ensure => running, } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Puppet Quick Overview • Stop administrating your environment and start developing it... • Re-usable code for managing your software & configurations • Provides a Domain Specific Language (DSL) to script with – Classes, conditionals, selectors, variables, basic math, etc. • Supports Linux, Solaris, BSD, OS X; Windows in process! Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Puppet Module Structure Trend Micro Copyright 2009 Trend Micro Inc. Confidential
A Partial List of Puppet types Packages • Supports 30 different package providers • Abstracted for your OS automatically • Specify „installed‟, „absent‟, or „latest‟ for desired state • Change from „installed‟ to „latest‟ and deploy for quick Upgrade Services • Supports 10 different „init‟ frameworks • Control whether a service starts on boot or is required to be running always • A service can be notified to restart if a configuration file has been changed Files/Directories • Specify ownership & permissions • Load content from „files/‟, „templates/‟ or custom strings • Create symlinks • Supports 5 types to verify a file checksum • Purge a directory of files not „maintained‟ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Nagios ‘Type’ Support Nagios Service @@nagios_service { "load_check_${hostname}": service_description => "Load Averages", check_command => "load_check!3!5", host_name => "$fqdn", use => "generic-service"; } Nagios Service @@nagios_servicegroup { Group "apache_servers": alias => "Apache Servers"; } Nagios Host @@nagios_host { $fqdn: ensure => present, hostgroups => "ldap", use => "generic-host"; } Nagios Host @@nagios_hostgroup { Group "load_balancers": alias => "Load Balancers"; } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Sample site.pp import "environment" import "util" import "constants" import "bases" import "nodes" # global defaults Exec { path => "/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbi n:/usr/bin:/root/bin" } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Classes vs. Modules • Why use the classes directory and the modules directory? • Classes are more global and usually contain many different modules • Modules are the smallest unit of measure that Puppet builds from Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Sample hadoop master class class hadoop-master { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } class pig { # install packages $packagelist = ["hadoop-pig"] # install packages package { 'base_pig_rpms': ensure => installed, name => $packagelist, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Sample module init.pp class resolv { file { "resolv.conf": path => "/etc/resolv.conf", content => template("resolv/conf/resolv.conf.erb"), owner => root, group => root, mode => 644, ensure => file, } file { "hosts": path => "/etc/hosts", content => template("resolv/conf/hosts.erb"), owner => root, group => root, mode => 644, ensure => file, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Configuration should get modified after Package package installation Service should restart when configuration changes Configuration Service Trend Micro Copyright 2009 Trend Micro Inc. Confidential
package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd, after => Package[ssh] } service { sshd: ensure => running, subscribe => [Package[ssh], File[sshd_config]] } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
What is a template? • Puppet templates are flat files containing Embedded Ruby (ERB) variables • hadoop/conf/hadoop-metrics.properties.erb <% if ganglia_hosts.length > 0 %> dfs.class=org.apache.hadoop.metrics.ganglia.GangliaContext31 dfs.period=10 dfs.servers=<% ganglia_hosts.each do |host| -%><%= host %> <% end -%> <% end %> • resolv/conf/hosts.erb <% ip_host_map.each do |ip,hosts| -%> <%= ip %> <%= hosts %> <% end -%> Trend Micro Copyright 2009 Trend Micro Inc. Confidential
What is a node? • Node definitions look just like classes, including supporting inheritance, but they are special in that when a node (a managed computer running the Puppet client) connects to the Puppet master daemon. • nodes.pp node 'tm5-master.client.tw.trendnet.org' inherits hadoop_master {} or node 'tm5-master.client.tw.trendnet.org' { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Puppet Network Overview • Configuration allows for manual synchronizations or a set increment • Client or server initiated synchronizations • Client/Server configuration leverages a Certificate Authority (CA) on the • Puppet Master to sign client certificates to verify authenticity • Transmissions of all data between a master & client are encrypted Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Every Client: • Retrieve resource catalog from central server • Determine resource order • Check each resource in turn, fixing if necessary • Rinse and repeat, every 30 minutes Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Every Resource: • Retrieve current state (e.g., by querying dpkg db or doing a stat) • Compare to desired state • Fix, if necessary (or just log) Trend Micro Copyright 2009 Trend Micro Inc. Confidential
tail –f /var/log/message Trend Micro Copyright 2009 Trend Micro Inc. Confidential
TM-Puppet /etc/puppet auth.conf files/ manifests/ modules/ autosign.conf byhost/ bases.pp hadoop/ puppet.conf host1/ nodes.pp manifests/ init.pp host2/ site.pp host3/ util.pp templates/ hbase/ pig/ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Reference • Deployment Tools • ERB - Ruby Templating Trend Micro Copyright 2009 Trend Micro Inc. Confidential
Questions? Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 29
THANK YOU! Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 30

Recomendados

Puppet and the Model-Driven Infrastructure
Puppet and the Model-Driven InfrastructurePuppet and the Model-Driven Infrastructure
Puppet and the Model-Driven Infrastructure
lkanies
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw
garrett honeycutt
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
Carlos Sanchez
 
Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012
Carlos Sanchez
 
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Carlos Sanchez
 
One click deployment
One click deploymentOne click deployment
One click deployment
Alex Su
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
grim_radical
 
Puppet_training
Puppet_trainingPuppet_training
Puppet_training
Afroz Hussain
 

Recomendados

Puppet and the Model-Driven Infrastructure
Puppet and the Model-Driven InfrastructurePuppet and the Model-Driven Infrastructure
Puppet and the Model-Driven Infrastructure
lkanies
 
20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw20100425 Configuration Management With Puppet Lfnw
20100425 Configuration Management With Puppet Lfnw
garrett honeycutt
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
Carlos Sanchez
 
Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012
Carlos Sanchez
 
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Continuous Delivery with Maven, Puppet and Tomcat - ApacheCon NA 2013
Carlos Sanchez
 
One click deployment
One click deploymentOne click deployment
One click deployment
Alex Su
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
grim_radical
 
Puppet_training
Puppet_trainingPuppet_training
Puppet_training
Afroz Hussain
 
From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012
Carlos Sanchez
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe Book
Tim Riley
 
From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011
Carlos Sanchez
 
From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011
Carlos Sanchez
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnApp
Walter Heck
 
From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012
Carlos Sanchez
 
How to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysisHow to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysis
Tiago Simões
 
ARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CIARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CI
Cosmin Poieana
 
How to create a secured cloudera cluster
How to create a secured cloudera clusterHow to create a secured cloudera cluster
How to create a secured cloudera cluster
Tiago Simões
 
10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS
Paolo Tonin
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with Augeas
Puppet
 
Raj apache
Raj apacheRaj apache
Raj apache
firstplanet
 
Utosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptUtosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.ppt
webhostingguy
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production Overview
Delve Labs
 
How to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelinHow to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelin
Tiago Simões
 
Ansible ex407 and EX 294
Ansible ex407 and EX 294Ansible ex407 and EX 294
Ansible ex407 and EX 294
IkiArif1
 
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixProvisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
David Bosschaert
 
OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)
David Bosschaert
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next Frontier
Carlos Sanchez
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
adrian_nye
 
Puppet Deployment at OnApp
Puppet Deployment at OnApp Puppet Deployment at OnApp
Puppet Deployment at OnApp
Puppet
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnApp
OlinData
 

Mais conteúdo relacionado

Mais procurados

From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012
Carlos Sanchez
 
From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011
Carlos Sanchez
 
From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011
Carlos Sanchez
 
From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012
Carlos Sanchez
 
Utosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptUtosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.ppt
webhostingguy
 
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixProvisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
David Bosschaert
 

Mais procurados (19)

From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012From Dev to DevOps - FOSDEM 2012
From Dev to DevOps - FOSDEM 2012
 
Making Your Capistrano Recipe Book
Making Your Capistrano Recipe BookMaking Your Capistrano Recipe Book
Making Your Capistrano Recipe Book
 
From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011From Dev to DevOps - Apache Barcamp Spain 2011
From Dev to DevOps - Apache Barcamp Spain 2011
 
From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011From Dev to DevOps - ApacheCON NA 2011
From Dev to DevOps - ApacheCON NA 2011
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnApp
 
From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012From Dev to DevOps - Codemotion ES 2012
From Dev to DevOps - Codemotion ES 2012
 
How to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysisHow to create a multi tenancy for an interactive data analysis
How to create a multi tenancy for an interactive data analysis
 
ARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CIARGUS - THE OMNISCIENT CI
ARGUS - THE OMNISCIENT CI
 
How to create a secured cloudera cluster
How to create a secured cloudera clusterHow to create a secured cloudera cluster
How to create a secured cloudera cluster
 
10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS
 
Configuration Surgery with Augeas
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with Augeas
 
Raj apache
Raj apacheRaj apache
Raj apache
 
Utosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.pptUtosc2007_Apache_Configuration.ppt
Utosc2007_Apache_Configuration.ppt
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production Overview
 
How to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelinHow to configure a hive high availability connection with zeppelin
How to configure a hive high availability connection with zeppelin
 
Ansible ex407 and EX 294
Ansible ex407 and EX 294Ansible ex407 and EX 294
Ansible ex407 and EX 294
 
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and FelixProvisioning with OSGi Subsystems and Repository using Apache Aries and Felix
Provisioning with OSGi Subsystems and Repository using Apache Aries and Felix
 
OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)OSGi Cloud Ecosystems (EclipseCon 2013)
OSGi Cloud Ecosystems (EclipseCon 2013)
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next Frontier
 

Semelhante a Using puppet

Provisioning with Puppet
Provisioning with PuppetProvisioning with Puppet
Provisioning with Puppet
Joe Ray
 
V mware
V mwareV mware
V mware
dvmug1
 
PuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into OperationsPuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into Operations
grim_radical
 
20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag
garrett honeycutt
 
[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure
Perforce
 

Semelhante a Using puppet (20)

A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
Puppet Deployment at OnApp
Puppet Deployment at OnApp Puppet Deployment at OnApp
Puppet Deployment at OnApp
 
PuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnAppPuppetCamp SEA 1 - Puppet Deployment at OnApp
PuppetCamp SEA 1 - Puppet Deployment at OnApp
 
Symfony finally swiped right on envvars
Symfony finally swiped right on envvarsSymfony finally swiped right on envvars
Symfony finally swiped right on envvars
 
Developing IT infrastructures with Puppet
Developing IT infrastructures with PuppetDeveloping IT infrastructures with Puppet
Developing IT infrastructures with Puppet
 
Provisioning with Puppet
Provisioning with PuppetProvisioning with Puppet
Provisioning with Puppet
 
Writing & Sharing Great Modules - Puppet Camp Boston
Writing & Sharing Great Modules - Puppet Camp BostonWriting & Sharing Great Modules - Puppet Camp Boston
Writing & Sharing Great Modules - Puppet Camp Boston
 
V mware
V mwareV mware
V mware
 
Puppet Primer, Robbie Jerrom, Solution Architect VMware
Puppet Primer, Robbie Jerrom, Solution Architect VMwarePuppet Primer, Robbie Jerrom, Solution Architect VMware
Puppet Primer, Robbie Jerrom, Solution Architect VMware
 
PuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into OperationsPuppetDB: Sneaking Clojure into Operations
PuppetDB: Sneaking Clojure into Operations
 
BuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopBuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec Workshop
 
Puppet for Developers
Puppet for DevelopersPuppet for Developers
Puppet for Developers
 
So you want to be a security expert
So you want to be a security expertSo you want to be a security expert
So you want to be a security expert
 
From Dev to DevOps
From Dev to DevOpsFrom Dev to DevOps
From Dev to DevOps
 
Linux Desktop Automation
Linux Desktop AutomationLinux Desktop Automation
Linux Desktop Automation
 
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platform
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platformDrupal camp South Florida 2011 - Introduction to the Aegir hosting platform
Drupal camp South Florida 2011 - Introduction to the Aegir hosting platform
 
Belvedere
BelvedereBelvedere
Belvedere
 
Getting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated VersionGetting Started With CFEngine - Updated Version
Getting Started With CFEngine - Updated Version
 
20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag20090514 Introducing Puppet To Sasag
20090514 Introducing Puppet To Sasag
 
[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure
 

Mais de Alex Su

Node js introduction
Node js introductionNode js introduction
Node js introduction
Alex Su
 
Scrum Introduction
Scrum IntroductionScrum Introduction
Scrum Introduction
Alex Su
 
Redis Introduction
Redis IntroductionRedis Introduction
Redis Introduction
Alex Su
 
Python decorators
Python decoratorsPython decorators
Python decorators
Alex Su
 
JMS Introduction
JMS IntroductionJMS Introduction
JMS Introduction
Alex Su
 
Spring Framework Introduction
Spring Framework IntroductionSpring Framework Introduction
Spring Framework Introduction
Alex Su
 
Java Unit Test and Coverage Introduction
Java Unit Test and Coverage IntroductionJava Unit Test and Coverage Introduction
Java Unit Test and Coverage Introduction
Alex Su
 

Mais de Alex Su (8)

Node js introduction
Node js introductionNode js introduction
Node js introduction
 
Scrum Introduction
Scrum IntroductionScrum Introduction
Scrum Introduction
 
Redis Introduction
Redis IntroductionRedis Introduction
Redis Introduction
 
Python decorators
Python decoratorsPython decorators
Python decorators
 
JMS Introduction
JMS IntroductionJMS Introduction
JMS Introduction
 
Spring Framework Introduction
Spring Framework IntroductionSpring Framework Introduction
Spring Framework Introduction
 
Java Unit Test and Coverage Introduction
Java Unit Test and Coverage IntroductionJava Unit Test and Coverage Introduction
Java Unit Test and Coverage Introduction
 
Cascading introduction
Cascading introductionCascading introduction
Cascading introduction
 

Último

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Último (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

Using puppet

  • 1. Using Puppet Alex Su 2011/12/26 Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 1
  • 2. What is a system admin? Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 3. Don‟t look at me... I wasn‟t the last one to touch it... Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 4. One Goal: Revolutionize System Administration Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 5. An Analogy Programming SysAdmin Low-level, Assembly commands non-portable and files Abstract, Java / Python / Ruby Resources portable Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 6. This apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Becomes package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd } service { sshd: ensure => running, } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 7. Puppet Quick Overview • Stop administrating your environment and start developing it... • Re-usable code for managing your software & configurations • Provides a Domain Specific Language (DSL) to script with – Classes, conditionals, selectors, variables, basic math, etc. • Supports Linux, Solaris, BSD, OS X; Windows in process! Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 8. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 9. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 10. Puppet Module Structure Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 11. A Partial List of Puppet types Packages • Supports 30 different package providers • Abstracted for your OS automatically • Specify „installed‟, „absent‟, or „latest‟ for desired state • Change from „installed‟ to „latest‟ and deploy for quick Upgrade Services • Supports 10 different „init‟ frameworks • Control whether a service starts on boot or is required to be running always • A service can be notified to restart if a configuration file has been changed Files/Directories • Specify ownership & permissions • Load content from „files/‟, „templates/‟ or custom strings • Create symlinks • Supports 5 types to verify a file checksum • Purge a directory of files not „maintained‟ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 12. Nagios ‘Type’ Support Nagios Service @@nagios_service { "load_check_${hostname}": service_description => "Load Averages", check_command => "load_check!3!5", host_name => "$fqdn", use => "generic-service"; } Nagios Service @@nagios_servicegroup { Group "apache_servers": alias => "Apache Servers"; } Nagios Host @@nagios_host { $fqdn: ensure => present, hostgroups => "ldap", use => "generic-host"; } Nagios Host @@nagios_hostgroup { Group "load_balancers": alias => "Load Balancers"; } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 13. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 14. Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 15. Sample site.pp import "environment" import "util" import "constants" import "bases" import "nodes" # global defaults Exec { path => "/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbi n:/usr/bin:/root/bin" } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 16. Classes vs. Modules • Why use the classes directory and the modules directory? • Classes are more global and usually contain many different modules • Modules are the smallest unit of measure that Puppet builds from Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 17. Sample hadoop master class class hadoop-master { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } class pig { # install packages $packagelist = ["hadoop-pig"] # install packages package { 'base_pig_rpms': ensure => installed, name => $packagelist, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 18. Sample module init.pp class resolv { file { "resolv.conf": path => "/etc/resolv.conf", content => template("resolv/conf/resolv.conf.erb"), owner => root, group => root, mode => 644, ensure => file, } file { "hosts": path => "/etc/hosts", content => template("resolv/conf/hosts.erb"), owner => root, group => root, mode => 644, ensure => file, } } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 19. apt-get install openssh-server vi /etc/ssh/sshd_config /etc/init.d/ssh start Configuration should get modified after Package package installation Service should restart when configuration changes Configuration Service Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 20. package { ssh: ensure => installed } file { sshd_config: name => “/etc/ssh/sshd_config”, source => “puppet://server/apps/ssh/sshd, after => Package[ssh] } service { sshd: ensure => running, subscribe => [Package[ssh], File[sshd_config]] } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 21. What is a template? • Puppet templates are flat files containing Embedded Ruby (ERB) variables • hadoop/conf/hadoop-metrics.properties.erb <% if ganglia_hosts.length > 0 %> dfs.class=org.apache.hadoop.metrics.ganglia.GangliaContext31 dfs.period=10 dfs.servers=<% ganglia_hosts.each do |host| -%><%= host %> <% end -%> <% end %> • resolv/conf/hosts.erb <% ip_host_map.each do |ip,hosts| -%> <%= ip %> <%= hosts %> <% end -%> Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 22. What is a node? • Node definitions look just like classes, including supporting inheritance, but they are special in that when a node (a managed computer running the Puppet client) connects to the Puppet master daemon. • nodes.pp node 'tm5-master.client.tw.trendnet.org' inherits hadoop_master {} or node 'tm5-master.client.tw.trendnet.org' { include kerberoskdc include authclient include ldapserver include hadoop include hbase include pig } Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 23. Puppet Network Overview • Configuration allows for manual synchronizations or a set increment • Client or server initiated synchronizations • Client/Server configuration leverages a Certificate Authority (CA) on the • Puppet Master to sign client certificates to verify authenticity • Transmissions of all data between a master & client are encrypted Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 24. Every Client: • Retrieve resource catalog from central server • Determine resource order • Check each resource in turn, fixing if necessary • Rinse and repeat, every 30 minutes Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 25. Every Resource: • Retrieve current state (e.g., by querying dpkg db or doing a stat) • Compare to desired state • Fix, if necessary (or just log) Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 26. tail –f /var/log/message Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 27. TM-Puppet /etc/puppet auth.conf files/ manifests/ modules/ autosign.conf byhost/ bases.pp hadoop/ puppet.conf host1/ nodes.pp manifests/ init.pp host2/ site.pp host3/ util.pp templates/ hbase/ pig/ Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 28. Reference • Deployment Tools • ERB - Ruby Templating Trend Micro Copyright 2009 Trend Micro Inc. Confidential
  • 29. Questions? Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 29
  • 30. THANK YOU! Classification 2012/4/3 Copyright 2009 Trend Micro Inc. 30