Contenu connexe Similaire à Puppet on AWS Similaire à Puppet on AWS (20) Plus de Sugawara Genki (20) Puppet on AWS13. リポジトリ構成
infra/
├── bin
├── capvars
├── config
│ └── deploy
├── ec2-init
│ ├── bin
│ ├── repos
│ │ └── centos6
│ │ └── rpmbuild
│ │ └── RPMS -> ../../../../rpm/RPMS
│ └── scripts
├── fluentd-proxy
├── haproxy
├── maintenance
├── nagios
├── page-cache
├── page-cache-misc
├── puppet
│ ├── bin
│ ├── lib
│ ├── manifests
│ ├── modules
│ ├── roles
│ └── types
├── rpm
│ ├── RPMS
│ │ ├── noarch
│ │ └── x86_64
│ ├── SPECS
│ └── SRPMS
├── rproxy
└── search-cache
14. リポジトリ構成
infra/
├── bin
├── capvars
├── config
│ └── deploy
├── ec2-init
│ ├── bin
│ ├── repos
│ │ └── centos6
│ │ └── rpmbuild
│ │ └── RPMS -> ../../../../rpm/RPMS
│ └── scripts
├── fluentd-proxy
├── haproxy
├── maintenance
├── nagios
├── page-cache
├── page-cache-misc
├── puppet
│ ├── bin
│ ├── lib
│ ├── manifests
│ ├── modules
│ ├── roles
│ └── types
├── rpm
│ ├── RPMS
│ │ ├── noarch
│ │ └── x86_64
│ ├── SPECS
│ └── SRPMS
├── rproxy
└── search-cache
15. リポジトリ構成
puppet/
├── bin
├── lib
├── manifests
│ └── site.pp
├── modules
│ ├...
│ ├── nginx
│ │ └── manifests
│ │ └── init.pp
│ ...
├── roles
│ ├── dns_internal
│ │ ├── files
│ │ │ └── etc
│ │ │ └── pdns
│ │ │ ├── ...
│ │ │ ├── named.ca
│ │ │ └── named.conf
│ │ ├── manifests
│ │ │ └── init.pp
│ │ └── templates
│ │ ├── ...
│ │ └── usr
│ │ └── local
│ │ └── sbin
│ │ ├── update-dns-rev
│ ... ...
└── types
├── gem.pp
├── sources.pp
├── template.pp
...
31. Puppet
マニフェスト
modules/
├─ maatkit
│ └── manifests
│ └── init.pp
├─ mysql55
...
roles/
├─ db_server
│ ├── files/usr/bin
│ │ └── summary-mysqldump..
│ ├── manifests
│ │ └── init.pp
│ └── templates
│ └── etc
│ └── my.cnf
├── app_server
├── git_server
...
class db_server {
include mysql55
include mysql55_server
include maatkit
include innotop
user_and_home { 'yamada':
uid => '10001',
authorized_keys => '...'',
}
template { '/etc/my.cnf':
owner => 'root', mode => '644',
}
source { '/usr/bin/summary-mysqldumpslow':
onwer => 'root', mode => '700',
}
cron { 'summary-slow-log':
command => '/usr/bin/summary-mysqldumpslow',
user => 'root', minute => '*/5',
}
32. Puppet
テンプレート
# my.cnf
[client]
port = <%= port %>
socket = /var/lib/mysql/mysql.sock
default-character-set = utf8
# The MySQL server
[mysqld]
max_connect_errors = 999999999
port = <%= port %>
socket = /var/lib/mysql/mysql.sock
log-error = /var/lib/mysql/mysqld.err
pid-file = /var/lib/mysql/mysqld.pid
<% if role =~ /slave/ %>
replicate-ignore-table
<% end %>
...
40. Puppet
設計・運用方針
どーしてもPuppetで管理できないときは…
● manifestにコメントを書く
● puppet実行時にメッセージを出す
shell> sudo puppet-apply
info: Caching catalog for my-server-001.vpc.ap-northeast-1.compute.internal
info: Applying configuration version '1368608841'
...
notice: /Stage[main]/Ruby_notify/Exec[ruby19_notify]/returns: Please update ruby-1.9.3 (run
'yum clean all; yum update ruby-1.9.3.p392-3ckpd')
...
template { '/etc/my.cnf':
owner => '...', mode => '...,
}
# XXXを手動でインストールすること!
...
41. Puppet
その他Tips的なこと
● Custom Typeの活用
○ http://docs.puppetlabs.com/guides/custom_types.html
define template($mode, $owner, $group = $owner, $source = $name) {
file { "$name":
ensure => 'present',
mode => "$mode", owner => "$owner", group => "$group",
content => template("${module_name}$source"),
}
}
...
template { 'my.cnf':
owner => '...',
mode => '...',
}
42. Puppet
その他Tips的なこと
● Parameterized Classesの活用
○ http://docs.puppetlabs.com/guides/parameterized_classes.html
class mysql_server($include_my_cnf = true) {
if $include_my_cnf {
source { "/etc/my.cnf":
owner => '...', mode => '...',
}
}
...
class db {
# include mysql_server
class { 'mysql_server':
include_my_cnf => false,
}
43. Puppet
その他Tips的なこと
● Custom Functionsの活用
○ http://docs.puppetlabs.com/guides/custom_functions.html
newfunction(:mysql_server_id, :type => :rvalue) do |args|
ip_addr = lookupvar('ipaddress')
ip_addr = IPAddr.new(ip_addr)
# IPアドレスは下位16ビットを整数値として使う
ip_addr = (ip_addr.to_i & 0xFFFF)
server_id = '%02d%03d%05d' % [
0, # 0〜41の連番
392, # 国コード(http://ja.wikipedia.org/wiki/ISO_3166-1_numeric)
ip_addr,
]
# 先頭の0は削除
server_id.sub!(/A0+/, '')
return server_id
end
# my.cnf
server-id = <%= scope.function_mysql_server_id %>
44. Puppet
その他Tips的なこと
● Puppetの適用はログインしてコマンド実行する
か、capistranoを使用
○ capistranoはAWSからサーバ情報を取得
shell> cap puppet noop ROLES=any_role
triggering load callbacks
executing `puppet'
triggering start callbacks for `noop'
executing `multistage:ensure'
executing `noop'
executing "sudo -p 'sudo password: ' /usr/sbin/puppet-noop"
servers: server-001..004, db-001..003
Password:
[server-001] info: Caching catalog for server-001
[server-003] info: Caching catalog for server-003
[server-001] info: Applying configuration version '1368614218'
48. Puppet
ドキュメント
● Type Reference
○ http://docs.puppetlabs.com/references/latest/type.html
● Style Guide
○ http://docs.puppetlabs.com/guides/style_guide.html
● Best practices
○ http://docs.puppetlabs.com/guides/best_practices.html
● Wiki
○ http://projects.puppetlabs.com/projects/puppet/wiki/
● Puppet Forge
○ https://forge.puppetlabs.com/
53. Puppet以外
Tips的なもの
● Multistage Extension
○ https://github.com/capistrano/capistrano/wiki/2.x-Multistage-Extension
shell> cap haproxy deploy configtest ROLES=foo-balancer
config/
├── deploy
│ ├── app.rb
│ ├── autoscale.rb
│ ├── cache.rb
│ ├── dns.rb
│ ├── ec2-init.rb
│ ├── haproxy.rb
│ ├── help.rb
│ ├── nagios.rb
│ ...
└── deploy.rb
55. Puppet以外
Tips的なもの
● ERB: デプロイ時にERBを展開
task :make_haproxy_cfg do
run %!ruby -rerb -e 'puts ERB.new(ARGF.read, nil, "-").result' #{current_release}/haproxy.cfg.erb > #
{current_release}/haproxy.cfg!
end
end
namespace :deploy do
task :finalize_update do
make_haproxy_cfg
diff_previous
end
...
# haproxy.cfg.erb
...
<%- hosts = {'db-001' => 100, ... } -%
listen db
bind :3306
mode tcp
<%- hosts.each do |host, weight| -%>
server <%= host %> <%= host %>:3306 check port 3306 inter 5s fall 3 weight <%= weight %>
<%- end -%>
...