Chef - Automated Configuration Management

Transcript

1. Chef. Automated Configuration Management (ࣗಈతͳίϯϑΟΪϡϨʔγϣϯϚωʔδϝϯτ) Philipp Wollermann [email protected] 2012-05-22

2. Chefͱݴ͑͹ʁ υΠπޠɿϘεɺ্࢘ ӳޠɿௐཧࢣ

3. Chef ... • Ϩγϐʔʢ= ஌ࣝʣΛ͍࣋ͬͯΔਓɻ • ϨγϐʔͲ͓Γʹ࡞ͬͯΔ͔Ͳ͏͔ɺνΣοΫ͢Δਓɻ • ࠔͬͨ࣌ʹ૬ஊ͢Δ΂͖ਓɻ ͖ͪ͠

4. αʔϏεͷࡐྉ • ίϯϑΟΪϡϨʔγϣϯ • ΞϓϦέʔγϣϯσʔλ • αʔόʔϋʔυ΢ΣΞ

5. αʔϏεͷࡐྉ • ίϯϑΟΪϡϨʔγϣϯ • ΞϓϦέʔγϣϯσʔλ • αʔόʔϋʔυ΢ΣΞ Chef͸͜ΕͰ͢ʂ

6. ίϯϑΟΪϡϨʔγϣϯʁ • Packages: apt-get install apache2 • Files: /etc/apache2/httpd.conf •

   Services: service start apache2

7. ίϯϑΟΪϡϨʔγϣϯͬͯ…Ͳ͜ʁ • Wiki? Redmine? • Mailing list? Blogs? • Source

   code? README file? • Knowledge base? FAQ? • ... ಉ྅ʁʮଞͷαʔόʔ͔Βίϐʔͯ͠Ͷʯʁ

8. ೔ৗతͳϝʔϧ ͳͥӳޠʢʼʻʣ ͳʹ͜Εʁ WTF? WHY~!?? υϥΠόʔ ϑΝΠϧͲ͜ʁʁ

9. ී௨͸Shell scriptͰ͠ΐ͏ # Setup a simple apache2 apt-get install apache2

   cp /root/templates/httpd.conf /etc/apache2/httpd.conf apache2ctl restart

10. ී௨͸Shell scriptͰ͠ΐ͏ # Setup a simple apache2 apt-get install apache2

    cp /root/templates/httpd.conf /etc/apache2/httpd.conf apache2ctl restart ඞཁͳ͍৔߹Ͱ΋apt-get install͢Δ ඞཁͳ͍৔߹Ͱ΋ApacheΛϦελʔτ͢Δ

11. ී௨͸Shell scriptͰ͠ΐ͏ # Setup a simple apache2 aptitude search apache2

    | grep -P '^i\s+apache2\s+-\s' || apt-get install apache2 cd /etc/apache2 cp /root/templates/httpd.conf httpd.conf.new sed -i "s/KeepAlive.*/KeepAlive Off/g" httpd.conf.new sed -i "s/MaxClients.*/MaxClients 50/g" httpd.conf.new diff httpd.conf httpd.conf.new || (mv httpd.conf.new httpd.conf; apache2ctl restart)

12. ී௨͸Shell scriptͰ͠ΐ͏ # Setup a simple apache2 aptitude search apache2

    | grep -P '^i\s+apache2\s+-\s' || apt-get install apache2 cd /etc/apache2 cp /root/templates/httpd.conf httpd.conf.new sed -i "s/KeepAlive.*/KeepAlive Off/g" httpd.conf.new sed -i "s/MaxClients.*/MaxClients 50/g" httpd.conf.new diff httpd.conf httpd.conf.new || (mv httpd.conf.new httpd.conf; apache2ctl restart) ࣮͸ɺRAMʹΑͬͯҧ͍·͢Ͷ… ΞϓϦέʔγϣϯαʔόʔ͚ͩͰ͢ΑͶ regex ftw!

13. ී௨͸Shell scriptͰ͠ΐ͏ # Setup a simple apache2 aptitude search apache2

    | grep -P '^i\s+apache2\s+-\s' || apt-get install apache2 # Just a guess, should be fine RAM_PER_CLIENT=8192 RAM_KB=`cat /proc/meminfo | egrep '^MemTotal' | cut -d':' -f2 | tr -d ' kB'` MAXCLIENTS=$(($RAM_KB / $RAM_PER_CLIENT)) cd /etc/apache2 cp /root/templates/httpd.conf httpd.conf.new sed -i "s/KeepAlive.*/KeepAlive Off/g" httpd.conf.new sed -i "s/MaxClients.*/MaxClients $MAXCLIENTS/g" httpd.conf.new diff httpd.conf httpd.conf.new || (mv httpd.conf.new httpd.conf; apache2ctl restart) chown root:root /etc/httpd.conf chmod 0644 /etc/httpd.conf wtf ??

14. ͋ɺͰ͖·ͨ͠ʂ • ޙͰWikiʹυΩϡϝϯςʔγϣϯΛॻ͖·͠ΐ͏: • ΈΜͳ͞Μɺapache2ΛΠϯετʔϧ͔ͨͬͨ͠Βɺͥͻ͜ͷshell scriptΛ࢖ͬͯԼ͍͞ʂhttp:// 123.51.200.50/files/apache2.sh • ΋͠php͕࢖͍͔ͨͬͨΒɺ͜ͷshell script͸·ͩ࢖͑·ͤΜɻ

    • ஫ҙɿUbuntu 12.04ͷApache͸ଞͷϑΝΠϧ͕ඞཁͰ͢ͷͰɺPhilippʹฉ͍ͯԼ͍͞ɻ

15. ΍Ί͍ͯͩ͘͞ ><

16. Chefͷ৔߹ • Ruby • Resources: Package, Template, Service, ... •

    Conditions: Only change configuration if necessary • Subscriptions: If configuration file X changed, restart service Y

17. # apache2/recipes/default.rb package "apache2" do action :install end template "/etc/apache2/httpd.conf"

    do owner "root" group "root" mode "0644" source "httpd.conf.erb" end service "apache2" do action [ :enable, :start ] end Recipe

18. # apache2/recipes/default.rb package "apache2" do action :install end template "/etc/apache2/httpd.conf"

    do owner "root" group "root" mode "0644" source "httpd.conf.erb" notifies :restart, "service[apache2]" end service "apache2" do action [ :enable, :start ] end Recipe

19. # apache2/recipes/default.rb package "apache2" do action :install end template "/etc/apache2/httpd.conf"

    do owner "root" group "root" mode "0644" source "httpd.conf.erb" notifies :restart, "service[apache2]" variables ( :keep_alive => node['apache2']['keep_alive'] ) end service "apache2" do action [ :enable, :start ] end Recipe

20. package "apache2" do action :install end if node['apache2']['max_clients'] == nil

    memory = node['memory']['total'] max_clients = Integer(/\d+/.match(memory)[0]) / 8192 else max_clients = node['apache2']['max_clients'] end template "/etc/apache2/httpd.conf" do owner "root" group "root" mode "0644" source "httpd.conf.erb" notifies :restart, "service[apache2]" variables( :keep_alive => node['apache2']['keep_alive'], :max_clients => max_clients ) end service "apache2" do action [ :enable, :start ] end Recipe

21. # apache2/templates/default/httpd.conf.erb # # This is the Apache 2 configuration

    file # KeepAlive <%= @keep_alive %> MaxClients <%= @max_clients %> Template

22. # apache2/attributes/default.rb default['apache2']['keep_alive'] = "On" default['apache2']['max_clients'] = nil Attributes

23. Files in a cookbook cookbooks/ apache2/ attributes/ default.rb recipes/ default.rb

    templates/ default/ httpd.conf.erb templates/ default/ ports.conf.erb templates/ default/ ...

24. Install Chef apt-get install ruby1.9.1-dev build-essential gem install chef --no-ri

    --no-rdoc

25. Chef Solo solo.json { "apache2": { "max_clients": 50 }, "run_list":

    [ "recipe[apache2::default]" ] } solo.rb root = File.absolute_path(File.dirname(__FILE__)) file_cache_path root cookbook_path root + '/cookbooks' verbose_logging false # chef-solo -c solo.rb -j solo.json cookbooks/ apache2/ attributes/default.rb recipes/default.rb

26. ͭ·ΓɺԿ͕ҧ͏ʁ shell script tell the computer how to do something.

    chef / puppet / cfengine tell the computer what you want.

27. ͭ·ΓɺԿ͕ҧ͏ʁ wiki / blog / documentation small bits of knowledge.

    no standard form. actual configuration may differ. chef / puppet / cfengine contains all knowledge about the system. is “the truth”.

28. Thanks! • Recommendations: • Chef Solo tutorial http://www.opinionatedprogrammer.com/2011/06/chef-solo- tutorial-managing-a-single-server-with-chef/ •

    “Executable Documentation” by Michael O’Brien http://speakerdeck.com/u/notbrien/p/executable-documentation