$30 off During Our Annual Pro Sale. View Details »

What is your configuration management doing?

Bernd Ahlers
April 22, 2015
0
55

What is your configuration management doing?

How to integrate Chef and Graylog. OSDC 2015

Bernd Ahlers

April 22, 2015
Tweet

More Decks by Bernd Ahlers

See All by Bernd Ahlers
Structured Logging & Introduction to Graylog Collector
bernd
0
410
Zentrales Log-Management mit Graylog (german)
bernd
0
500
Get the best out of Graylog2 & Icinga 2
bernd
0
710
fpm-cookery RUGHH Oct 2011
bernd
0
67

Featured

See All Featured
Typedesign – Prime Four
hannesfritz
35
1.8k
Embracing the Ebb and Flow
colly
77
3.8k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
239
1.2M
What's new in Ruby 2.0
geeforr
336
30k
Scaling GitHub
holman
455
140k
Into the Great Unknown - MozCon
thekraken
7
650
Documentation Writing (for coders)
carmenintech
55
3.4k
Ruby is Unlike a Banana
tanoku
93
10k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
33
8.6k
Facilitating Awesome Meetings
lara
37
5.2k
Building Your Own Lightsaber
phodgson
97
5.4k

Transcript

  1. Bernd Ahlers – Graylog, Inc. [email protected]
    What is your configuration
    management doing?
    Bernd Ahlers
    Graylog, Inc.

    View Slide

  2. Bernd Ahlers – Graylog, Inc. [email protected]

    About me

    Introduction

    Tools

    Getting events from Chef into Graylog

    Demo

    QA
    Agenda

    View Slide

  3. Bernd Ahlers – Graylog, Inc. [email protected]

    Bernd Ahlers

    Working as engineer at Graylog, Inc. in
    Hamburg/Germany

    [email protected]

    twitter.com/berndahlers

    github.com/bernd
    About me

    View Slide

  4. Bernd Ahlers – Graylog, Inc. [email protected]
    Configuration management tools like
    Puppet or Chef enable us to manage our
    computing resources in an effective and
    consistent way
    Introduction

    View Slide

  5. Bernd Ahlers – Graylog, Inc. [email protected]
    They make it easy to run hundreds or
    thousands of machines without having to
    manually execute the same tasks over and
    over again
    Introduction

    View Slide

  6. Bernd Ahlers – Graylog, Inc. [email protected]
    By using shared modules/cookbooks it is
    pretty easy to end up with hundreds of
    managed resources like files, packages
    and services per node
    Introduction

    View Slide

  7. Bernd Ahlers – Graylog, Inc. [email protected]
    Nodes can be configured to run at a
    regular interval to check for updates and to
    apply new changes automatically
    Introduction

    View Slide

  8. Bernd Ahlers – Graylog, Inc. [email protected]
    This allows us to roll out changes to lots of
    nodes very easily but also makes it
    possible to quickly break our infrastructure
    resulting in outages that might affect our
    business
    Introduction

    View Slide

  9. Bernd Ahlers – Graylog, Inc. [email protected]
    Being able to collect, analyze, and monitor
    all events that happen during a Chef or
    Puppet run sounds like a good thing to me
    Introduction

    View Slide

  10. Bernd Ahlers – Graylog, Inc. [email protected]
    It would make it possible to quickly analyze
    if an incident has been caused by changes
    to the configuration management system
    Introduction

    View Slide

  11. Bernd Ahlers – Graylog, Inc. [email protected]
    Having the exceptions thrown during a
    configuration management run available in
    a central place can help debugging
    problems
    Introduction

    View Slide

  12. Bernd Ahlers – Graylog, Inc. [email protected]
    Or just graphing the duration of Puppet or
    Chef runs could help finding unusual
    behavior
    Introduction

    View Slide

  13. Bernd Ahlers – Graylog, Inc. [email protected]
    Do you know what your configuration
    management is doing?
    Introduction

    View Slide

  14. Bernd Ahlers – Graylog, Inc. [email protected]
    Building an example implementation with
    Chef, Icinga2, Graylog
    Introduction

    View Slide

  15. Bernd Ahlers – Graylog, Inc. [email protected]
    Chef
    (logo)
    www.getchef.com
    Tools: Chef

    View Slide

  16. Bernd Ahlers – Graylog, Inc. [email protected]
    Popular open source configuration
    management tool that uses Ruby to
    provide a powerful DSL for defining and
    managing resources
    Tools: Chef

    View Slide

  17. Bernd Ahlers – Graylog, Inc. [email protected]
    Backed by Chef, Inc. which has several
    commercial offerings available
    Tools: Chef

    View Slide

  18. Bernd Ahlers – Graylog, Inc. [email protected]
    Icinga2
    (logo)
    www.icinga2.org
    Tools: Icinga2

    View Slide

  19. Bernd Ahlers – Graylog, Inc. [email protected]
    Free and open source monitoring tool
    Use it, it is good
    Tools: Icinga2

    View Slide

  20. Bernd Ahlers – Graylog, Inc. [email protected]
    Graylog
    (logo)
    www.graylog.org
    Tools: Graylog

    View Slide

  21. Bernd Ahlers – Graylog, Inc. [email protected]
    Free and open source tool for centralized
    log/event management and analysis
    Tools: Graylog

    View Slide

  22. Bernd Ahlers – Graylog, Inc. [email protected]

    Started by Lennart Koopmann in his free time in
    2010 (Graylog2 at that time)

    TORCH GmbH founded as company behind
    Graylog in late 2012

    Big rewrite that got released as 0.20 in Feb
    2014
    Tools: Graylog

    View Slide

  23. Bernd Ahlers – Graylog, Inc. [email protected]

    New US based company Graylog, Inc. founded
    in Jan 2015

    Renamed from Graylog2 to Graylog

    Graylog 1.0 release in Feb 2015
    Tools: Graylog

    View Slide

  24. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Getting events from Chef into Graylog

    View Slide

  25. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Building a consumer for the internal event
    bus
    More than 60 event callbacks available

    View Slide

  26. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    run_start run_started run_completed run_failed ohai_completed
    skipping_registration registration_start registration_completed
    registration_failed node_load_start node_load_failed run_list_expand_failed
    node_load_completed cookbook_resolution_start cookbook_resolution_failed
    cookbook_resolution_complete cookbook_clean_start removed_cookbook_file
    cookbook_clean_complete cookbook_sync_start synchronized_cookbook
    updated_cookbook_file cookbook_sync_failed cookbook_sync_complete
    library_load_start library_file_loaded library_file_load_failed
    library_load_complete lwrp_load_start lwrp_file_loaded
    lwrp_file_load_failed lwrp_load_complete attribute_load_start
    attribute_file_loaded attribute_file_load_failed attribute_load_complete
    definition_load_start definition_file_loaded definition_file_load_failed
    definition_load_complete recipe_load_start recipe_file_loaded
    recipe_file_load_failed recipe_not_found recipe_load_complete
    converge_start converge_complete resource_action_start
    resource_failed_retriable resource_failed resource_skipped
    resource_completed resource_current_state_loaded
    resource_current_state_load_bypassed resource_bypassed resource_up_to_date
    resource_update_applied resource_updated stream_opened stream_closed
    stream_output handlers_start handler_executed handlers_completed
    provider_requirement_failed whyrun_assumption msg

    View Slide

  27. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Output show during a Chef run is also
    based on that

    View Slide

  28. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    (paste snippet of chef-client output here)

    View Slide

  29. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Consuming Chef events requires a Start
    Handler that listens for events

    View Slide

  30. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Implement all the callbacks?

    View Slide

  31. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Too noisy – for now only
    Success
    Failure
    Resource modification

    View Slide

  32. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Sending Chef events as GELF messages
    over HTTP

    View Slide

  33. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    GELF
    JSON based format to send structured
    events to a Graylog server

    View Slide

  34. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Callbacks have access to lots of details
    about the Chef run
    Will be added to the events

    View Slide

  35. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    (add GELF JSON for success)

    View Slide

  36. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    (add GELF JSON for failure)

    View Slide

  37. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    (add GELF JSON for resource updated)

    View Slide

  38. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    GELF HTTP input in Graylog to receive
    events via HTTP

    View Slide

  39. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Using HTTP makes it easy to implement
    the same for other configuration
    management systems

    View Slide

  40. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Install gem and configure Start Handler in
    chef-client configuration file
    /etc/chef/client.rb

    View Slide

  41. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    begin
    require 'chef/handler/graylog/gelf_start_handler'
    # IP address and port of the GELF HTTP input on
    # your Graylog server.
    graylog_server_url = 'http://10.0.2.2:12201/gelf'
    options = {}
    start_handlers <<
    Chef::Handler::Graylog::GelfStartHandler.new(
    graylog_server_url, options)
    rescue Object => e
    Chef::Log.error(
    "Loading Graylog start handler failed: #{e.message}")
    end

    View Slide

  42. Bernd Ahlers – Graylog, Inc. [email protected]
    Getting events from Chef into Graylog
    Chef now sends events as GELF over
    HTTP to Graylog

    View Slide

  43. Bernd Ahlers – Graylog, Inc. [email protected]
    DEMO
    DEMO

    View Slide

  44. Bernd Ahlers – Graylog, Inc. [email protected]
    Finish
    Source code for the event handler and the
    demo setup available on GitHub
    https://github.com/Graylog2/chef-handler-graylog
    https://github.com/Graylog2/osdc-2015-demo
    Contributions welcome!

    View Slide

  45. Bernd Ahlers – Graylog, Inc. [email protected]
    Thank you!
    Thank you for your attention!

    View Slide

  46. Bernd Ahlers – Graylog, Inc. [email protected]
    QA
    QA
    Ask me anything!
    [email protected]
    @berndahlers

    View Slide