Exported Configs == Better Puppet

Stephen Johnson – PSE ([email protected]) Exported Resource = Better Puppet
Monday, 8 April 13

About Me • Employed by Puppetlabs for One Year •
Im Stephen (www.thatbytes.co.uk) • Using Puppet since 2007 • Deploy other peoples infrastructures for fun and Puppetlabs profit. Monday, 8 April 13

What i hate • Manual Deploys • Complex Deploys •
Failures • To much typing • Not knowing about things Monday, 8 April 13

New Machine Processes • Gather new machine requirements • Machine
built manually • Manually add the service • Manually add the monitoring Monday, 8 April 13

The new process • Automatic Build • PXE • Kickstart
• Automatic Deployment of Application • Puppet • Mcollective • Manually add the monitoring checks • Manual Process ????????????? Monday, 8 April 13

Error Prone Process • Automatic Build the machine • Deploys
everything using Puppet • Forget add the monitoring • Because someone else did it, didn’t they? • Machine fills up the disk • Kills the database • No alert was ever sent out Monday, 8 April 13

If its not monitored • Then it never failed •
Until you get a call from the customer Monday, 8 April 13

Implement a process • Add a list requirements for monitoring
• Qa the requirements • Forget a requirement • Or the requirements change Monday, 8 April 13

Inconsistent • Forget to monitor all the services on the
machine • Easy to make mistakes • No base level of monitoring • Have to update all your old machines Monday, 8 April 13

Use a robot • People are flawed • Machines are
good at remembering to do things • Are good at doing this over and over • With out making mistakes Monday, 8 April 13

How do we fix this • Take humans out of
the equation • Don’t let them touch the monitoring system • Unless they really really really have to • Use Puppet / Puppetdb • Don't use the naginator type • Sorry luke Monday, 8 April 13

Goals • Standard base monitoring • Monitoring should be added
automatically (not out of sync) • Do this configuration in the same place (obvious) • Should hide the implementation • Use configuration data fro monitoring config Monday, 8 April 13

Why Puppet • It knows about out services • As
it configured them • Can generate config and share config out of the box (with Puppetdb) using Stored Configs Monday, 8 April 13

What are Stored Configs • The client exports the config
to the puppetmaster • Its stored in Puppetdb • Later puppet runs on other machines can use this resources Monday, 8 April 13

Example client check • class webserver {
@@file { "/etc/nagios/conf.d/$::fqdn.apachecheck.conf": content => "nagios check stuff \n", tag => "nagioscheck", } #Install all our webserver stuff as well } Monday, 8 April 13

Explanation • This resource isn’t realized on the current machine
running puppet • Stored on the masted for use on other puppet runs • Tagged so we can search Monday, 8 April 13

Example server • class nagios::server {
File <<| tag == 'nagioscheck' |>> } Monday, 8 April 13

Explanation • Every exported resource that is of type file
and tag nagioscheck is created on the current machine • Configuration retrieved from the database (Puppetdb) Monday, 8 April 13

This gives us • Repeatable monitoring of services • Automated
• Standardized base Nagios configuration • Automated • Add service checks to be added • Automated Monday, 8 April 13

Demo • Another way to watch me FAIL! Monday, 8
April 13

Query Puppetdb • We can do this another way •
Query Puppetdb for the information • Using that to generated config Monday, 8 April 13

Example • $hosts = query_nodes(dc=uk and Class[Apache]') • Get all
the hosts with a class of Apache with a model of 17* and are in the dc uk • Uses facts • file (‘ukmonitoringapache’: • ensure=>present, content=>(‘template/apachecheck.erb’) path => ‘/etc/nagios.d/check/apache.conf‘) Monday, 8 April 13

Exported Configs == Better Puppet

Exported Configs == Better Puppet

Stephen Johnson

More Decks by Stephen Johnson

Other Decks in Technology

Featured

Transcript

Stephen Johnson – PSE ([email protected]) Exported Resource = Better Puppet

About Me • Employed by Puppetlabs for One Year •

What i hate • Manual Deploys • Complex Deploys •

New Machine Processes • Gather new machine requirements • Machine

The new process • Automatic Build • PXE • Kickstart

Error Prone Process • Automatic Build the machine • Deploys

If its not monitored • Then it never failed •

Implement a process • Add a list requirements for monitoring

Inconsistent • Forget to monitor all the services on the

Use a robot • People are flawed • Machines are

How do we fix this • Take humans out of

Goals • Standard base monitoring • Monitoring should be added

Why Puppet • It knows about out services • As

What are Stored Configs • The client exports the config

Example client check • class webserver {

Explanation • This resource isn’t realized on the current machine

Example server • class nagios::server {

Explanation • Every exported resource that is of type file

This gives us • Repeatable monitoring of services • Automated

Demo • Another way to watch me FAIL! Monday, 8

Query Puppetdb • We can do this another way •

Example • $hosts = query_nodes(dc=uk and Class[Apache]') • Get all