Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up
for free
Infrastructure as Code & Monitoring
portertech
September 16, 2015
Programming
6
1.6k
Infrastructure as Code & Monitoring
Automacon 2015 talk: Infrastructure as Code & monitoring, sharing the same development workflow.
portertech
September 16, 2015
Tweet
Share
More Decks by portertech
See All by portertech
portertech
0
71
portertech
0
53
portertech
0
69
portertech
1
30
portertech
2
290
portertech
1
69
portertech
0
65
portertech
1
66
portertech
0
200
Other Decks in Programming
See All in Programming
dulltz
0
520
inoue2002
0
270
e10dokup
0
450
horie1024
1
380
atskimura
0
300
masayaaoyama
4
540
ippey
0
180
ken3ypa
0
160
takaram
1
1.2k
tommykw
1
340
nbkouhou
9
4.7k
xrdnk
0
130
Featured
See All Featured
myddelton
109
11k
searls
204
35k
jasonvnalue
82
8.1k
moore
125
21k
colly
66
3k
roundedbygravity
84
7.8k
smashingmag
283
47k
skipperchong
7
670
keavy
106
14k
chrislema
173
14k
holman
288
130k
smashingmag
229
18k
Transcript
Infrastructure as Code & Monitoring Sharing the same development workflow.
Sean Porter @PorterTech
FOCUS • The Sensu origin story - where it came
from • What makes Sensu different • IaC development workflows • Testing & monitoring in an IaC workflow • Chef & Sensu in practice
None
THE SENSU ORIGIN STORY • I started at Sonian ~
2010 ◦ Chef 0.7 with AWS #YOLO infrastructure ◦ Several traditional monitoring tools: Nagios, Ganglia, Collectd, & Graphite
~ 50 alerts a day Mostly noise.
THE SENSU ORIGIN STORY Triggered @lusis to write: “Why Monitoring
Sucks”
Wanted MOAR!
Build it. Automatic (de)registration Config Management friendly Secure connectivity REST
API Elastic scalability UNIX
July 11th, 2011
What makes Sensu different? What makes it better for CM
driven environments?
None
JSON CONFIGURATION { "checks": { "mysql_replication": { "command": "check-mysql-replication.rb", "subscribers":
["mysql"], "interval": 30, "playbook": "http://wiki.example.com/mysql-replication-playbook" } } }
CHECK EXECUTION METHODS • Pub/Sub (central orchestration) ◦ e.g. execute
http check on all API nodes • Standalone ◦ Define checks while provisioning node(s) ◦ Scheduled by the local Sensu client
LOCAL CLIENT SOCKET echo '{ \ "name": "mysql_backup", \ "output":
"could not connect to mysql", \ "status": 2, \ "ttl": 90000 }' | nc localhost 3030
None
Let’s talk about IaC workflows “The sequence of processes through
which a piece of work passes from initiation to completion” - Google.
BASIC IaC WORKFLOW “It’s all software.”
BASIC IaC WORKFLOW
BASIC IaC WORKFLOW “It’s all software.”
BASIC IaC WORKFLOW Use tests. Still need to review tests
& code quality.
BASIC IaC WORKFLOW TEST ≈ MONITOR
BASIC IaC WORKFLOW Shorten the feedback loop.
Writing IaC tests “A procedure intended to establish the quality,
performance, or reliability of something, especially before it is taken into widespread use” - Google.
TESTING TOOLS • Serverspec ◦ RSpec tests for your servers
◦ serverspec.org • Bats ◦ Bash Automated Testing System ◦ Bash script with special syntax for defining test cases
SERVERSPEC require 'spec_helper' describe service('httpd'), :if => os[:family] == 'redhat'
do it { should be_enabled } it { should be_running } end describe port(80) do it { should be_listening } end
BATS #!/usr/bin/env bats @test "httpd should be running" { run
service httpd status [ "$status" -eq 0 ] } @test "httpd should be listening for connections" { [ "$(netstat -plant | grep httpd)" ] }
RUNNING TESTS • Test Kitchen ◦ kitchen.ci • Vagrant plugins
◦ github.com/jvoorhis/vagrant-serverspec • Serverspec SSH • … choose your own adventure!
RUNNING TESTS AS SENSU CHECKS • Use the Sensu Serverspec
check plugin ◦ gem install sensu-plugins-serverspec check-serverspec.rb \ -d /etc/sensu/serverspec -t '*_spec.rb' • Run Bats scripts
Chef & Sensu In practice.
SENSU CHEF COOKBOOK supermarket.chef.io/cookbooks/sensu • Recipes to install & manage
services • LWRPs for configuring handlers, checks, etc. • Intended to be used by wrapper cookbook ◦ e.g. recipe['monitor::haproxy']
EXAMPLE CHEF RESOURCES sensu_handler 'default' do # recipe['monitor::_handlers'] type 'pipe'
command 'pagerduty.rb' end sensu_check 'redis_process' do # recipe['monitor::redis'] command 'check-procs.rb -p redis-server -w 2 -c 3 -C 1' standalone true interval 30 end
USING DATA BAGS # recipe['monitor::pubsub'] data_bag('sensu_checks').each do |data_bag_item| check =
data_bag_item('sensu_checks', data_bag_item) sensu_check check['id'] do check.each do |key, value| send(key.to_sym, value) if respond_to?(key.to_sym) end end end
SENSU SERVERSPEC CHECKS # recipe['monitor::serverspec'] sensu_gem 'sensu-plugins-serverspec' sensu_check 'serverspec' do
command 'check-serverspec.rb -d /etc/sensu/serverspec -t \*_spec.rb ' standalone true interval 30 end # e.g. CheckServerspec CRITICAL: 12 examples, 2 failures
BASIC IaC WORKFLOW TEST ≈ MONITOR
Questions? Sean Porter (@PorterTech) sensuapp.org