SlideShare une entreprise Scribd logo

Integrating icinga2 and the HashiCorp suite

Bram Vogelaar
Bram Vogelaar

This document discusses integrating various HashiCorp tools like Packer, Vagrant, Terraform, Consul, and Vault with Icinga monitoring. Packer is used to build machine images while Vagrant provisions virtual machines. Terraform models infrastructure as code and can integrate with Icinga to provision hosts, checks, and notifications. Consul provides service discovery and can trigger Icinga config deployment. Vault manages secrets and certificates that could be used for authentication in Icinga. The presenter demonstrates using these tools together for infrastructure as code and monitoring workflows.

Technologie
1  sur  46
Télécharger pour lire hors ligne
Integrating icinga2 and the HashiCorp suite Bram Vogelaar
~$ whoami~$ whoami ● I used to be a Molecular Biologist,I used to be a Molecular Biologist, ● Then became a Dev,Then became a Dev, ● Now an Ops.Now an Ops. ● Open Source Consultant @Open Source Consultant @inuits.euinuits.eu
PackerPacker ● Open Source tool to make OS imagesOpen Source tool to make OS images ● Supports Cloud Providers, Docker, Vbox, …Supports Cloud Providers, Docker, Vbox, … (builders)(builders) ● Has hooks to provision the base imagesHas hooks to provision the base images (provisioners)(provisioners) ● Create artifacts (Post-Processors)Create artifacts (Post-Processors)
PackerPacker {{ "builders": ["builders": [ {{ "type": "azure-arm","type": "azure-arm", ...... }} ],], "provisioners": ["provisioners": [ {{ "scripts": ["scripts": [ "scripts/common/consul_install.sh","scripts/common/consul_install.sh", "scripts/common/puppet_install.sh","scripts/common/puppet_install.sh", "scripts/common/puppet_icinga.sh""scripts/common/puppet_icinga.sh" ],], "type": "shell","type": "shell", }} ]] }} $ packer build template.json$ packer build template.json
VagrantVagrant ● Open Source tool to bootstrap vmsOpen Source tool to bootstrap vms ● Supports many vm Providers, Docker, Vbox, …Supports many vm Providers, Docker, Vbox, … ● Has hooks to provision the base imagesHas hooks to provision the base images (provisioners), Puppet, Chef, Ansible(provisioners), Puppet, Chef, Ansible
VagrantfileVagrantfile # -*- mode: ruby -*-# -*- mode: ruby -*- # vi: set ft=ruby :# vi: set ft=ruby : Vagrant.configure("2") do |config|Vagrant.configure("2") do |config| config.vm.box = "base"config.vm.box = "base" # config.vm.box_check_update = false# config.vm.box_check_update = false # config.vm.network "forwarded_port", guest: 80, host: 8080# config.vm.network "forwarded_port", guest: 80, host: 8080 # config.vm.network "private_network", ip: "192.168.33.10"# config.vm.network "private_network", ip: "192.168.33.10" # config.vm.network "public_network"# config.vm.network "public_network" # config.vm.synced_folder "../data", "/vagrant_data"# config.vm.synced_folder "../data", "/vagrant_data" # config.vm.provider "virtualbox" do |vb|# config.vm.provider "virtualbox" do |vb| # vb.gui = true# vb.gui = true # vb.memory = "1024"# vb.memory = "1024" # end# end # config.vm.provision "shell", inline: <<-SHELL# config.vm.provision "shell", inline: <<-SHELL # apt-get update# apt-get update # apt-get install -y apache2# apt-get install -y apache2 # SHELL# SHELL endend
Try Icinga Yourself!Try Icinga Yourself! https://github.com/Icinga/icinga-vagranthttps://github.com/Icinga/icinga-vagrant
By Icinga, for IcingaBy Icinga, for Icinga ● StandaloneStandalone ● DistributedDistributed ● InfluxDBInfluxDB ● ElasticElastic ● GraylogGraylog
Docs for all!Docs for all!
Puppet WorkflowPuppet Workflow
Exported ResourcesExported Resources
TerraformTerraform ● Open Source Automation ToolOpen Source Automation Tool ● ““cloud” orientedcloud” oriented ● Cloud are API’sCloud are API’s ● API’s orientedAPI’s oriented Terraform is an open source automation toolTerraform is an open source automation tool which can deal with any kind of CRUD api’s –which can deal with any kind of CRUD api’s – including major cloud providersincluding major cloud providers
The Terraform modelThe Terraform model ● You model your infrastructureYou model your infrastructure ● You make a planYou make a plan ● If ok, you apply that planIf ok, you apply that plan ● Current state is saved for future changesCurrent state is saved for future changes
HCLHCL ● Hashicorp Configuration LanguageHashicorp Configuration Language ● Yet another cfgmgmt DSLYet another cfgmgmt DSL ● Desired stateDesired state ● Used by multiple hashicorp tools but also 3rdUsed by multiple hashicorp tools but also 3rd party toolsparty tools
Icinga ProviderIcinga Provider providerprovider "icinga2" {"icinga2" { api_url = "https://icinga.alerting.vagrant:5665/v1"api_url = "https://icinga.alerting.vagrant:5665/v1" api_user = "root"api_user = "root" api_password = "icinga"api_password = "icinga" insecure_skip_tls_verify =insecure_skip_tls_verify = truetrue }}
Icinga HostIcinga Host resourceresource "icinga2_host" "node1" {"icinga2_host" "node1" { hostname = "node1.alerting.vagrant"hostname = "node1.alerting.vagrant" address = "192.168.47.51"address = "192.168.47.51" check_command = "hostalive"check_command = "hostalive" varsvars {{ os = "linux"os = "linux" }} }} resourceresource "icinga2_hostgroup" "linux-nodes" {"icinga2_hostgroup" "linux-nodes" { name = "linux-nodes"name = "linux-nodes" display_name = "All linux nodes"display_name = "All linux nodes" }}
Fast FeedbackFast Feedback resource "aws_instance" "node1" {resource "aws_instance" "node1" { ami = "${var.ami_id}"ami = "${var.ami_id}" instance_type = "${var.ami_size}"instance_type = "${var.ami_size}" key_name = "${var.key_pair_name}"key_name = "${var.key_pair_name}" subnet_id = "${var.private_subnet}"subnet_id = "${var.private_subnet}" vpc_security_group_ids = ["${var.security_group_id}"]vpc_security_group_ids = ["${var.security_group_id}"] }} resourceresource "icinga2_host" "node1" {"icinga2_host" "node1" { hostname = "hostname = "node1"node1" address = "address = "${aws_instance.instance.private_ip}${aws_instance.instance.private_ip}"" check_command = "hostalive"check_command = "hostalive" varsvars {{ os = "linux"os = "linux" }} }}
Check CommandCheck Command resourceresource "icinga2_checkcommand" "apache_status" {"icinga2_checkcommand" "apache_status" { name = "apache_status"name = "apache_status" templates = ["apache-status", "plugin-check-command",templates = ["apache-status", "plugin-check-command", "plugin-check-command", "ipv4-or-ipv6"]"plugin-check-command", "ipv4-or-ipv6"] command =command = "/usr/lib64/nagios/plugins/check_apache_status.pl""/usr/lib64/nagios/plugins/check_apache_status.pl" arguments = {arguments = { "-H" = "$apache_status_address$""-H" = "$apache_status_address$" "-c" = "$apache_status_critical$""-c" = "$apache_status_critical$" "-p" = "$apache_status_port$""-p" = "$apache_status_port$" }} }} resourceresource "icinga2_service" "my-service" {"icinga2_service" "my-service" { name = "ssh"name = "ssh" hostname = "c1-mysql-1"hostname = "c1-mysql-1" check_command = "ssh"check_command = "ssh" }}
NotificationsNotifications resource "icinga2_user" "user" {resource "icinga2_user" "user" { name = "terraform"name = "terraform" email = "terraform@dev.null"email = "terraform@dev.null" }} resourceresource "icinga2_notification" "host-notification" {"icinga2_notification" "host-notification" { hostname = "docker-icinga2"hostname = "docker-icinga2" command = "mail-host-notification"command = "mail-host-notification" users = ["user"]users = ["user"] }} resourceresource "icinga2_notification" "ping-service-notification" {"icinga2_notification" "ping-service-notification" { hostname = "docker-icinga2"hostname = "docker-icinga2" command = "mail-service-notification"command = "mail-service-notification" users = ["user"]users = ["user"] servicename = "ping"servicename = "ping" }}
Other ResourcesOther Resources resourceresource "icinga2_checkcommand" "apache_status" {"icinga2_checkcommand" "apache_status" { name = "apache_status"name = "apache_status" templates = ["apache-status", "plugin-check-command",templates = ["apache-status", "plugin-check-command", "plugin-check-command", "ipv4-or-ipv6"]"plugin-check-command", "ipv4-or-ipv6"] command =command = "/usr/lib64/nagios/plugins/check_apache_status.pl""/usr/lib64/nagios/plugins/check_apache_status.pl" arguments = {arguments = { "-H" = "$apache_status_address$""-H" = "$apache_status_address$" "-c" = "$apache_status_critical$""-c" = "$apache_status_critical$" "-p" = "$apache_status_port$""-p" = "$apache_status_port$" }} }}
DEMO TIMEDEMO TIME
ConsulConsul ● Open Source Service Discovery ToolOpen Source Service Discovery Tool • dig @127.0.0.1 -p 8600 puppetmaster.service.consul ANYdig @127.0.0.1 -p 8600 puppetmaster.service.consul ANY ● Build-in KV storeBuild-in KV store ● Service Mesh toolService Mesh tool
ConsulConsul ::consul::service { 'puppetmaster':::consul::service { 'puppetmaster': port => 8140,port => 8140, }} ::consul::check { 'puppetmaster_tcp':::consul::check { 'puppetmaster_tcp': interval => '60s',interval => '60s', tcp => 'localhost:8140',tcp => 'localhost:8140', notes => 'Puppetmasters listen on port 8140',notes => 'Puppetmasters listen on port 8140', service_id => 'puppetmaster',service_id => 'puppetmaster', }}
Consul~Icinga Exit CodesConsul~Icinga Exit Codes ::consul::service { 'pgsql':::consul::service { 'pgsql': checks => [checks => [ {{ script => '/usr/lib64/nagios/plugins/check_pgsql',script => '/usr/lib64/nagios/plugins/check_pgsql', interval => '10s'interval => '10s' }} ],], port => 5432,port => 5432, }}
New Import SourceNew Import Source
Module.infoModule.info Name: ConsulName: Consul Version: 1.0.0Version: 1.0.0 Depends: directorDepends: director Description: Consul module for Icinga Web 2Description: Consul module for Icinga Web 2 This module provides a Consul import source for Icinga DirectorThis module provides a Consul import source for Icinga Director
run.phprun.php <?php<?php useuse IcingaApplicationIcinga;IcingaApplicationIcinga; $this->provideHook('director/ImportSource');$this->provideHook('director/ImportSource');
library/Consul/ProvidedHook/Director/ImportSource.phplibrary/Consul/ProvidedHook/Director/ImportSource.php <?php<?php namespacenamespace IcingaModuleConsulProvidedHookDirector;IcingaModuleConsulProvidedHookDirector; useuse IcingaModuleDirectorHookImportSourceHook;IcingaModuleDirectorHookImportSourceHook; useuse IcingaModuleDirectorWebFormQuickForm;IcingaModuleDirectorWebFormQuickForm; classclass ImportSourceImportSource extendsextends ImportSourceHookImportSourceHook {{ public functionpublic function getName()getName() {{ returnreturn 'HashiCorp Consul';'HashiCorp Consul'; }} public functionpublic function fetchData() {}fetchData() {} public functionpublic function listColumns() {}listColumns() {} public static functionpublic static function getDefaultKeyColumnName() {}getDefaultKeyColumnName() {} }}
Little bit of ConfigLittle bit of Config public static function getDefaultKeyColumnName()public static function getDefaultKeyColumnName() {{ return 'Node';return 'Node'; }} public static function addSettingsFormFields(QuickForm $form)public static function addSettingsFormFields(QuickForm $form) {{ $form->addElement('text', 'consul_url', array($form->addElement('text', 'consul_url', array( 'label' => 'HTTP API URL','label' => 'HTTP API URL', 'required' => true,'required' => true, 'value' => 'http://127.0.0.1:8500','value' => 'http://127.0.0.1:8500', ));)); return;return; }}
We are not cave men!We are not cave men! composer require sensiolabs/consul-php-sdkcomposer require sensiolabs/consul-php-sdk <?php<?php useuse IcingaApplicationIcinga;IcingaApplicationIcinga; require_oncerequire_once __DIR____DIR__ . '/vendor/autoload.php';. '/vendor/autoload.php'; $this->provideHook('director/ImportSource');$this->provideHook('director/ImportSource');
Query ConsulQuery Consul use SensioLabsConsulServiceFactory;use SensioLabsConsulServiceFactory; public functionpublic function fetchData()fetchData() {{ $sf = new ServiceFactory($sf = new ServiceFactory( arrayarray('base_uri' => $this->getSetting('consul_url'))('base_uri' => $this->getSetting('consul_url')) );); $agent = $sf->get('catalog');$agent = $sf->get('catalog'); return json_decode($agent->nodes()->getBody());return json_decode($agent->nodes()->getBody()); }} public functionpublic function listColumns()listColumns() {{ return array_keys((array) current($this->fetchData()));return array_keys((array) current($this->fetchData())); }}
Adding a sync sourceAdding a sync source
Adding a sync ruleAdding a sync rule
Add sync propertiesAdd sync properties
Plumbing it togetherPlumbing it together
Manual is for AnimalsManual is for Animals [Unit][Unit] Description=Director Job runnerDescription=Director Job runner [Service][Service] Type=simpleType=simple ExecStart=/usr/bin/icingacli director jobs run foreverExecStart=/usr/bin/icingacli director jobs run forever Restart=on-successRestart=on-success
Fast FeedbackFast Feedback ::consul::watch { 'director_import':::consul::watch { 'director_import': type => 'service',type => 'service', handler => '/usr/local/bin/director_sync_deploy.sh',handler => '/usr/local/bin/director_sync_deploy.sh', service => 'node_exporter',service => 'node_exporter', passingonly =>passingonly => truetrue,, require => File['Director Sync and Deploy'],require => File['Director Sync and Deploy'], }}
director_sync_deploy.shdirector_sync_deploy.sh #!/usr/bin/env bash#!/usr/bin/env bash setset -x-x icingacliicingacli director importsource run --id 1director importsource run --id 1 icingacliicingacli director syncrule run --id 1director syncrule run --id 1 icingacliicingacli director config deploydirector config deploy
DEMO TIMEDEMO TIME
Github.comGithub.com attachmentgenie/icingaweb2-module-consul.gitattachmentgenie/icingaweb2-module-consul.git attachmentgenie/vagrant-alerting.gitattachmentgenie/vagrant-alerting.git
VaultVault ● Open Source tool to do secrets managementOpen Source tool to do secrets management ● Secure, store and tightly control access toSecure, store and tightly control access to tokens, passwords, certificates, encryption keystokens, passwords, certificates, encryption keys for protecting secrets and other sensitive datafor protecting secrets and other sensitive data using a UI, CLI, or HTTP API.using a UI, CLI, or HTTP API. ● Certificate managementCertificate management ● Password rotatationPassword rotatation
Pesky PasswordsPesky Passwords $ vault unseal$ vault unseal $ vault write kv/my-secret value="s3c(eT"$ vault write kv/my-secret value="s3c(eT" $ vault read kv/mysecret$ vault read kv/mysecret Key ValueKey Value --- -------- ----- refresh_interval 768hrefresh_interval 768h mysecret s3c(eTmysecret s3c(eT https://forge.puppet.com/jsok/vaulthttps://forge.puppet.com/jsok/vault
NomadNomad ● Open Source tool to do dynamic workloadOpen Source tool to do dynamic workload schedulingscheduling ● Batch, containerized, and non-containerizedBatch, containerized, and non-containerized applications.applications. ● Has native Consul and Vault integrations.Has native Consul and Vault integrations.
Monitoring Nomad with Prometheus andMonitoring Nomad with Prometheus and IcingaIcinga OSMC, Nuremberg, 6th nov 2019OSMC, Nuremberg, 6th nov 2019
ContactContact Bram VogelaarBram Vogelaar +31 6 46 62 60 78+31 6 46 62 60 78 bram.vogelaar@inuits.eubram.vogelaar@inuits.eu @attachmentgenie@attachmentgenie Github.com/attachmentgenieGithub.com/attachmentgenie Inuits BEInuits BE Essensteenweg 31Essensteenweg 31 2930 Brasschaat2930 Brasschaat BelgiumBelgium Inuits NLInuits NL Maashaven Zuidzijde 2Maashaven Zuidzijde 2 3081 AE Rotterdam3081 AE Rotterdam NetherlandsNetherlands

Recommandé

Minio Cloud Storage
Minio Cloud StorageMinio Cloud Storage
Minio Cloud StorageMinio
 
Fluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at ScaleFluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at ScaleEduardo Silva Pereira
 
Introduction to Kafka Cruise Control
Introduction to Kafka Cruise ControlIntroduction to Kafka Cruise Control
Introduction to Kafka Cruise ControlJiangjie Qin
 
Vyatta 改造入門
Vyatta 改造入門Vyatta 改造入門
Vyatta 改造入門Masakazu Asama
 
Blazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBlazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBrendan Gregg
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...GetInData
 
Introduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSIntroduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSJoel W. King
 
Cruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersCruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersPrateek Maheshwari
 

Recommandé

Minio Cloud Storage
Minio Cloud StorageMinio Cloud Storage
Minio Cloud StorageMinio
 
Fluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at ScaleFluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at ScaleEduardo Silva Pereira
 
Introduction to Kafka Cruise Control
Introduction to Kafka Cruise ControlIntroduction to Kafka Cruise Control
Introduction to Kafka Cruise ControlJiangjie Qin
 
Vyatta 改造入門
Vyatta 改造入門Vyatta 改造入門
Vyatta 改造入門Masakazu Asama
 
Blazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBlazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBrendan Gregg
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...GetInData
 
Introduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSIntroduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSJoel W. King
 
Cruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersCruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersPrateek Maheshwari
 
Pegasus In Depth (2018/10)
Pegasus In Depth (2018/10)Pegasus In Depth (2018/10)
Pegasus In Depth (2018/10)涛 吴
 
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022HostedbyConfluent
 
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...confluent
 
Heroku 101 py con 2015 - David Gouldin
Heroku 101 py con 2015 - David GouldinHeroku 101 py con 2015 - David Gouldin
Heroku 101 py con 2015 - David GouldinHeroku
 
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin Kata Container - The Security of VM and The Speed of Container | Yuntong Jin
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin Vietnam Open Infrastructure User Group
 
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안SANG WON PARK
 
Kafka Tutorial - introduction to the Kafka streaming platform
Kafka Tutorial - introduction to the Kafka streaming platformKafka Tutorial - introduction to the Kafka streaming platform
Kafka Tutorial - introduction to the Kafka streaming platformJean-Paul Azar
 
Real time replication using Kafka Connect
Real time replication using Kafka ConnectReal time replication using Kafka Connect
Real time replication using Kafka Connectconfluent
 
Apache kafka performance(throughput) - without data loss and guaranteeing dat...
Apache kafka performance(throughput) - without data loss and guaranteeing dat...Apache kafka performance(throughput) - without data loss and guaranteeing dat...
Apache kafka performance(throughput) - without data loss and guaranteeing dat...SANG WON PARK
 
SR-IOV ixgbe Driver Limitations and Improvement
SR-IOV ixgbe Driver Limitations and ImprovementSR-IOV ixgbe Driver Limitations and Improvement
SR-IOV ixgbe Driver Limitations and ImprovementLF Events
 
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...Flink Forward
 
Writing the Container Network Interface(CNI) plugin in golang
Writing the Container Network Interface(CNI) plugin in golangWriting the Container Network Interface(CNI) plugin in golang
Writing the Container Network Interface(CNI) plugin in golangHungWei Chiu
 
MariaDB MaxScale
MariaDB MaxScaleMariaDB MaxScale
MariaDB MaxScaleMariaDB plc
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
How to Lock Down Apache Kafka and Keep Your Streams Safe
How to Lock Down Apache Kafka and Keep Your Streams SafeHow to Lock Down Apache Kafka and Keep Your Streams Safe
How to Lock Down Apache Kafka and Keep Your Streams Safeconfluent
 
Practical Partitioning in Production with Postgres
Practical Partitioning in Production with PostgresPractical Partitioning in Production with Postgres
Practical Partitioning in Production with PostgresEDB
 
Minio ♥ Go
Minio ♥ GoMinio ♥ Go
Minio ♥ GoMinio
 
Apache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals ExplainedApache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals Explainedconfluent
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx InternalsJoshua Zhu
 
Deploying Confluent Platform for Production
Deploying Confluent Platform for ProductionDeploying Confluent Platform for Production
Deploying Confluent Platform for Productionconfluent
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteBram Vogelaar
 
Puppet and the HashiCorp Suite
Puppet and the HashiCorp SuitePuppet and the HashiCorp Suite
Puppet and the HashiCorp SuiteBram Vogelaar
 

Contenu connexe

Tendances

Pegasus In Depth (2018/10)
Pegasus In Depth (2018/10)Pegasus In Depth (2018/10)
Pegasus In Depth (2018/10)涛 吴
 
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022HostedbyConfluent
 
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...confluent
 
Heroku 101 py con 2015 - David Gouldin
Heroku 101 py con 2015 - David GouldinHeroku 101 py con 2015 - David Gouldin
Heroku 101 py con 2015 - David GouldinHeroku
 
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin Kata Container - The Security of VM and The Speed of Container | Yuntong Jin
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin Vietnam Open Infrastructure User Group
 
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안SANG WON PARK
 
Kafka Tutorial - introduction to the Kafka streaming platform
Kafka Tutorial - introduction to the Kafka streaming platformKafka Tutorial - introduction to the Kafka streaming platform
Kafka Tutorial - introduction to the Kafka streaming platformJean-Paul Azar
 
Real time replication using Kafka Connect
Real time replication using Kafka ConnectReal time replication using Kafka Connect
Real time replication using Kafka Connectconfluent
 
Apache kafka performance(throughput) - without data loss and guaranteeing dat...
Apache kafka performance(throughput) - without data loss and guaranteeing dat...Apache kafka performance(throughput) - without data loss and guaranteeing dat...
Apache kafka performance(throughput) - without data loss and guaranteeing dat...SANG WON PARK
 
SR-IOV ixgbe Driver Limitations and Improvement
SR-IOV ixgbe Driver Limitations and ImprovementSR-IOV ixgbe Driver Limitations and Improvement
SR-IOV ixgbe Driver Limitations and ImprovementLF Events
 
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...Flink Forward
 
Writing the Container Network Interface(CNI) plugin in golang
Writing the Container Network Interface(CNI) plugin in golangWriting the Container Network Interface(CNI) plugin in golang
Writing the Container Network Interface(CNI) plugin in golangHungWei Chiu
 
MariaDB MaxScale
MariaDB MaxScaleMariaDB MaxScale
MariaDB MaxScaleMariaDB plc
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
How to Lock Down Apache Kafka and Keep Your Streams Safe
How to Lock Down Apache Kafka and Keep Your Streams SafeHow to Lock Down Apache Kafka and Keep Your Streams Safe
How to Lock Down Apache Kafka and Keep Your Streams Safeconfluent
 
Practical Partitioning in Production with Postgres
Practical Partitioning in Production with PostgresPractical Partitioning in Production with Postgres
Practical Partitioning in Production with PostgresEDB
 
Minio ♥ Go
Minio ♥ GoMinio ♥ Go
Minio ♥ GoMinio
 
Apache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals ExplainedApache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals Explainedconfluent
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx InternalsJoshua Zhu
 
Deploying Confluent Platform for Production
Deploying Confluent Platform for ProductionDeploying Confluent Platform for Production
Deploying Confluent Platform for Productionconfluent
 

Tendances (20)

Pegasus In Depth (2018/10)
Pegasus In Depth (2018/10)Pegasus In Depth (2018/10)
Pegasus In Depth (2018/10)
 
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022
Schema Registry 101 with Bill Bejeck | Kafka Summit London 2022
 
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
 
Heroku 101 py con 2015 - David Gouldin
Heroku 101 py con 2015 - David GouldinHeroku 101 py con 2015 - David Gouldin
Heroku 101 py con 2015 - David Gouldin
 
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin Kata Container - The Security of VM and The Speed of Container | Yuntong Jin
Kata Container - The Security of VM and The Speed of Container | Yuntong Jin
 
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
 
Kafka Tutorial - introduction to the Kafka streaming platform
Kafka Tutorial - introduction to the Kafka streaming platformKafka Tutorial - introduction to the Kafka streaming platform
Kafka Tutorial - introduction to the Kafka streaming platform
 
Real time replication using Kafka Connect
Real time replication using Kafka ConnectReal time replication using Kafka Connect
Real time replication using Kafka Connect
 
Apache kafka performance(throughput) - without data loss and guaranteeing dat...
Apache kafka performance(throughput) - without data loss and guaranteeing dat...Apache kafka performance(throughput) - without data loss and guaranteeing dat...
Apache kafka performance(throughput) - without data loss and guaranteeing dat...
 
SR-IOV ixgbe Driver Limitations and Improvement
SR-IOV ixgbe Driver Limitations and ImprovementSR-IOV ixgbe Driver Limitations and Improvement
SR-IOV ixgbe Driver Limitations and Improvement
 
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...
“Alexa, be quiet!”: End-to-end near-real time model building and evaluation i...
 
Writing the Container Network Interface(CNI) plugin in golang
Writing the Container Network Interface(CNI) plugin in golangWriting the Container Network Interface(CNI) plugin in golang
Writing the Container Network Interface(CNI) plugin in golang
 
MariaDB MaxScale
MariaDB MaxScaleMariaDB MaxScale
MariaDB MaxScale
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
 
How to Lock Down Apache Kafka and Keep Your Streams Safe
How to Lock Down Apache Kafka and Keep Your Streams SafeHow to Lock Down Apache Kafka and Keep Your Streams Safe
How to Lock Down Apache Kafka and Keep Your Streams Safe
 
Practical Partitioning in Production with Postgres
Practical Partitioning in Production with PostgresPractical Partitioning in Production with Postgres
Practical Partitioning in Production with Postgres
 
Minio ♥ Go
Minio ♥ GoMinio ♥ Go
Minio ♥ Go
 
Apache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals ExplainedApache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals Explained
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx Internals
 
Deploying Confluent Platform for Production
Deploying Confluent Platform for ProductionDeploying Confluent Platform for Production
Deploying Confluent Platform for Production
 

Similaire à Integrating icinga2 and the HashiCorp suite

Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteBram Vogelaar
 
Puppet and the HashiCorp Suite
Puppet and the HashiCorp SuitePuppet and the HashiCorp Suite
Puppet and the HashiCorp SuiteBram Vogelaar
 
Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariAlejandro Fernandez
 
Bootstrap your Cloud Infrastructure using puppet and hashicorp stack
Bootstrap your Cloud Infrastructure using puppet and hashicorp stackBootstrap your Cloud Infrastructure using puppet and hashicorp stack
Bootstrap your Cloud Infrastructure using puppet and hashicorp stackBram Vogelaar
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesLindsay Holmwood
 
Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2
Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2
Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2Yros
 
Why favour Icinga over Nagios @ FrOSCon 2015
Why favour Icinga over Nagios @ FrOSCon 2015Why favour Icinga over Nagios @ FrOSCon 2015
Why favour Icinga over Nagios @ FrOSCon 2015Icinga
 
NetDevOps Developer Environments with Vagrant @ SCALE16x
NetDevOps Developer Environments with Vagrant @ SCALE16xNetDevOps Developer Environments with Vagrant @ SCALE16x
NetDevOps Developer Environments with Vagrant @ SCALE16xHank Preston
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Prajal Kulkarni
 
Practical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppPractical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppSmartLogic
 
Icinga2 Hacking Session 2014-10-10
Icinga2 Hacking Session 2014-10-10Icinga2 Hacking Session 2014-10-10
Icinga2 Hacking Session 2014-10-10Icinga
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsMykyta Protsenko
 
Postgres the hardway
Postgres the hardwayPostgres the hardway
Postgres the hardwayDave Pitts
 
Automating complex infrastructures with Puppet
Automating complex infrastructures with PuppetAutomating complex infrastructures with Puppet
Automating complex infrastructures with PuppetKris Buytaert
 
Vagrant for real
Vagrant for realVagrant for real
Vagrant for realCodemotion
 
Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)Michele Orselli
 
EC2 AMI Factory with Chef, Berkshelf, and Packer
EC2 AMI Factory with Chef, Berkshelf, and PackerEC2 AMI Factory with Chef, Berkshelf, and Packer
EC2 AMI Factory with Chef, Berkshelf, and PackerGeorge Miranda
 
ELK: a log management framework
ELK: a log management frameworkELK: a log management framework
ELK: a log management frameworkGiovanni Bechis
 
PuppetDB: A Single Source for Storing Your Puppet Data - PUG NY
PuppetDB: A Single Source for Storing Your Puppet Data - PUG NYPuppetDB: A Single Source for Storing Your Puppet Data - PUG NY
PuppetDB: A Single Source for Storing Your Puppet Data - PUG NYPuppet
 

Similaire à Integrating icinga2 and the HashiCorp suite (20)

Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suite
 
Puppet and the HashiCorp Suite
Puppet and the HashiCorp SuitePuppet and the HashiCorp Suite
Puppet and the HashiCorp Suite
 
Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache Ambari
 
Bootstrap your Cloud Infrastructure using puppet and hashicorp stack
Bootstrap your Cloud Infrastructure using puppet and hashicorp stackBootstrap your Cloud Infrastructure using puppet and hashicorp stack
Bootstrap your Cloud Infrastructure using puppet and hashicorp stack
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
 
Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2
Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2
Dev ninja -> vagrant + virtualbox + chef-solo + git + ec2
 
Why favour Icinga over Nagios @ FrOSCon 2015
Why favour Icinga over Nagios @ FrOSCon 2015Why favour Icinga over Nagios @ FrOSCon 2015
Why favour Icinga over Nagios @ FrOSCon 2015
 
NetDevOps Developer Environments with Vagrant @ SCALE16x
NetDevOps Developer Environments with Vagrant @ SCALE16xNetDevOps Developer Environments with Vagrant @ SCALE16x
NetDevOps Developer Environments with Vagrant @ SCALE16x
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.
 
Practical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails AppPractical Chef and Capistrano for Your Rails App
Practical Chef and Capistrano for Your Rails App
 
Icinga2 Hacking Session 2014-10-10
Icinga2 Hacking Session 2014-10-10Icinga2 Hacking Session 2014-10-10
Icinga2 Hacking Session 2014-10-10
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and Ops
 
Postgres the hardway
Postgres the hardwayPostgres the hardway
Postgres the hardway
 
Automating complex infrastructures with Puppet
Automating complex infrastructures with PuppetAutomating complex infrastructures with Puppet
Automating complex infrastructures with Puppet
 
Vagrant for real
Vagrant for realVagrant for real
Vagrant for real
 
Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)
 
EC2 AMI Factory with Chef, Berkshelf, and Packer
EC2 AMI Factory with Chef, Berkshelf, and PackerEC2 AMI Factory with Chef, Berkshelf, and Packer
EC2 AMI Factory with Chef, Berkshelf, and Packer
 
infra-as-code
infra-as-codeinfra-as-code
infra-as-code
 
ELK: a log management framework
ELK: a log management frameworkELK: a log management framework
ELK: a log management framework
 
PuppetDB: A Single Source for Storing Your Puppet Data - PUG NY
PuppetDB: A Single Source for Storing Your Puppet Data - PUG NYPuppetDB: A Single Source for Storing Your Puppet Data - PUG NY
PuppetDB: A Single Source for Storing Your Puppet Data - PUG NY
 

Plus de Bram Vogelaar

Cost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB worldCost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB worldBram Vogelaar
 
Self scaling Multi cloud nomad workloads
Self scaling Multi cloud nomad workloadsSelf scaling Multi cloud nomad workloads
Self scaling Multi cloud nomad workloadsBram Vogelaar
 
Scraping metrics for fun and profit
Scraping metrics for fun and profitScraping metrics for fun and profit
Scraping metrics for fun and profitBram Vogelaar
 
10 things i learned building nomad-packs
10 things i learned building nomad-packs10 things i learned building nomad-packs
10 things i learned building nomad-packsBram Vogelaar
 
10 things I learned building Nomad packs
10 things I learned building Nomad packs10 things I learned building Nomad packs
10 things I learned building Nomad packsBram Vogelaar
 
Easy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with NomadEasy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with NomadBram Vogelaar
 
Observability; a gentle introduction
Observability; a gentle introductionObservability; a gentle introduction
Observability; a gentle introductionBram Vogelaar
 
Running Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and WaypointRunning Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and WaypointBram Vogelaar
 
Easy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp NomadEasy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp NomadBram Vogelaar
 
Securing Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp VaultSecuring Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp VaultBram Vogelaar
 
CICD using jenkins and Nomad
CICD using jenkins and NomadCICD using jenkins and Nomad
CICD using jenkins and NomadBram Vogelaar
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stackBram Vogelaar
 
Running trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and WaypointRunning trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and WaypointBram Vogelaar
 
Gamification of Chaos Testing
Gamification of Chaos TestingGamification of Chaos Testing
Gamification of Chaos TestingBram Vogelaar
 
Puppet and the HashiStack
Puppet and the HashiStackPuppet and the HashiStack
Puppet and the HashiStackBram Vogelaar
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stackBram Vogelaar
 
Creating Reusable Puppet Profiles
Creating Reusable Puppet ProfilesCreating Reusable Puppet Profiles
Creating Reusable Puppet ProfilesBram Vogelaar
 
Gamification of Chaos Testing
Gamification of Chaos TestingGamification of Chaos Testing
Gamification of Chaos TestingBram Vogelaar
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadBram Vogelaar
 

Plus de Bram Vogelaar (20)

Cost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB worldCost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB world
 
Self scaling Multi cloud nomad workloads
Self scaling Multi cloud nomad workloadsSelf scaling Multi cloud nomad workloads
Self scaling Multi cloud nomad workloads
 
Scraping metrics for fun and profit
Scraping metrics for fun and profitScraping metrics for fun and profit
Scraping metrics for fun and profit
 
10 things i learned building nomad-packs
10 things i learned building nomad-packs10 things i learned building nomad-packs
10 things i learned building nomad-packs
 
10 things I learned building Nomad packs
10 things I learned building Nomad packs10 things I learned building Nomad packs
10 things I learned building Nomad packs
 
Easy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with NomadEasy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with Nomad
 
Uncomplicated Nomad
Uncomplicated NomadUncomplicated Nomad
Uncomplicated Nomad
 
Observability; a gentle introduction
Observability; a gentle introductionObservability; a gentle introduction
Observability; a gentle introduction
 
Running Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and WaypointRunning Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and Waypoint
 
Easy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp NomadEasy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp Nomad
 
Securing Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp VaultSecuring Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp Vault
 
CICD using jenkins and Nomad
CICD using jenkins and NomadCICD using jenkins and Nomad
CICD using jenkins and Nomad
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stack
 
Running trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and WaypointRunning trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and Waypoint
 
Gamification of Chaos Testing
Gamification of Chaos TestingGamification of Chaos Testing
Gamification of Chaos Testing
 
Puppet and the HashiStack
Puppet and the HashiStackPuppet and the HashiStack
Puppet and the HashiStack
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stack
 
Creating Reusable Puppet Profiles
Creating Reusable Puppet ProfilesCreating Reusable Puppet Profiles
Creating Reusable Puppet Profiles
 
Gamification of Chaos Testing
Gamification of Chaos TestingGamification of Chaos Testing
Gamification of Chaos Testing
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomad
 

Dernier

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Dernier (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Integrating icinga2 and the HashiCorp suite

  • 1. Integrating icinga2 and the HashiCorp suite Bram Vogelaar
  • 2. ~$ whoami~$ whoami ● I used to be a Molecular Biologist,I used to be a Molecular Biologist, ● Then became a Dev,Then became a Dev, ● Now an Ops.Now an Ops. ● Open Source Consultant @Open Source Consultant @inuits.euinuits.eu
  • 3.
  • 4. PackerPacker ● Open Source tool to make OS imagesOpen Source tool to make OS images ● Supports Cloud Providers, Docker, Vbox, …Supports Cloud Providers, Docker, Vbox, … (builders)(builders) ● Has hooks to provision the base imagesHas hooks to provision the base images (provisioners)(provisioners) ● Create artifacts (Post-Processors)Create artifacts (Post-Processors)
  • 5. PackerPacker {{ "builders": ["builders": [ {{ "type": "azure-arm","type": "azure-arm", ...... }} ],], "provisioners": ["provisioners": [ {{ "scripts": ["scripts": [ "scripts/common/consul_install.sh","scripts/common/consul_install.sh", "scripts/common/puppet_install.sh","scripts/common/puppet_install.sh", "scripts/common/puppet_icinga.sh""scripts/common/puppet_icinga.sh" ],], "type": "shell","type": "shell", }} ]] }} $ packer build template.json$ packer build template.json
  • 6. VagrantVagrant ● Open Source tool to bootstrap vmsOpen Source tool to bootstrap vms ● Supports many vm Providers, Docker, Vbox, …Supports many vm Providers, Docker, Vbox, … ● Has hooks to provision the base imagesHas hooks to provision the base images (provisioners), Puppet, Chef, Ansible(provisioners), Puppet, Chef, Ansible
  • 7. VagrantfileVagrantfile # -*- mode: ruby -*-# -*- mode: ruby -*- # vi: set ft=ruby :# vi: set ft=ruby : Vagrant.configure("2") do |config|Vagrant.configure("2") do |config| config.vm.box = "base"config.vm.box = "base" # config.vm.box_check_update = false# config.vm.box_check_update = false # config.vm.network "forwarded_port", guest: 80, host: 8080# config.vm.network "forwarded_port", guest: 80, host: 8080 # config.vm.network "private_network", ip: "192.168.33.10"# config.vm.network "private_network", ip: "192.168.33.10" # config.vm.network "public_network"# config.vm.network "public_network" # config.vm.synced_folder "../data", "/vagrant_data"# config.vm.synced_folder "../data", "/vagrant_data" # config.vm.provider "virtualbox" do |vb|# config.vm.provider "virtualbox" do |vb| # vb.gui = true# vb.gui = true # vb.memory = "1024"# vb.memory = "1024" # end# end # config.vm.provision "shell", inline: <<-SHELL# config.vm.provision "shell", inline: <<-SHELL # apt-get update# apt-get update # apt-get install -y apache2# apt-get install -y apache2 # SHELL# SHELL endend
  • 8. Try Icinga Yourself!Try Icinga Yourself! https://github.com/Icinga/icinga-vagranthttps://github.com/Icinga/icinga-vagrant
  • 9. By Icinga, for IcingaBy Icinga, for Icinga ● StandaloneStandalone ● DistributedDistributed ● InfluxDBInfluxDB ● ElasticElastic ● GraylogGraylog
  • 10. Docs for all!Docs for all!
  • 13. TerraformTerraform ● Open Source Automation ToolOpen Source Automation Tool ● ““cloud” orientedcloud” oriented ● Cloud are API’sCloud are API’s ● API’s orientedAPI’s oriented Terraform is an open source automation toolTerraform is an open source automation tool which can deal with any kind of CRUD api’s –which can deal with any kind of CRUD api’s – including major cloud providersincluding major cloud providers
  • 14. The Terraform modelThe Terraform model ● You model your infrastructureYou model your infrastructure ● You make a planYou make a plan ● If ok, you apply that planIf ok, you apply that plan ● Current state is saved for future changesCurrent state is saved for future changes
  • 15. HCLHCL ● Hashicorp Configuration LanguageHashicorp Configuration Language ● Yet another cfgmgmt DSLYet another cfgmgmt DSL ● Desired stateDesired state ● Used by multiple hashicorp tools but also 3rdUsed by multiple hashicorp tools but also 3rd party toolsparty tools
  • 16. Icinga ProviderIcinga Provider providerprovider "icinga2" {"icinga2" { api_url = "https://icinga.alerting.vagrant:5665/v1"api_url = "https://icinga.alerting.vagrant:5665/v1" api_user = "root"api_user = "root" api_password = "icinga"api_password = "icinga" insecure_skip_tls_verify =insecure_skip_tls_verify = truetrue }}
  • 17. Icinga HostIcinga Host resourceresource "icinga2_host" "node1" {"icinga2_host" "node1" { hostname = "node1.alerting.vagrant"hostname = "node1.alerting.vagrant" address = "192.168.47.51"address = "192.168.47.51" check_command = "hostalive"check_command = "hostalive" varsvars {{ os = "linux"os = "linux" }} }} resourceresource "icinga2_hostgroup" "linux-nodes" {"icinga2_hostgroup" "linux-nodes" { name = "linux-nodes"name = "linux-nodes" display_name = "All linux nodes"display_name = "All linux nodes" }}
  • 18. Fast FeedbackFast Feedback resource "aws_instance" "node1" {resource "aws_instance" "node1" { ami = "${var.ami_id}"ami = "${var.ami_id}" instance_type = "${var.ami_size}"instance_type = "${var.ami_size}" key_name = "${var.key_pair_name}"key_name = "${var.key_pair_name}" subnet_id = "${var.private_subnet}"subnet_id = "${var.private_subnet}" vpc_security_group_ids = ["${var.security_group_id}"]vpc_security_group_ids = ["${var.security_group_id}"] }} resourceresource "icinga2_host" "node1" {"icinga2_host" "node1" { hostname = "hostname = "node1"node1" address = "address = "${aws_instance.instance.private_ip}${aws_instance.instance.private_ip}"" check_command = "hostalive"check_command = "hostalive" varsvars {{ os = "linux"os = "linux" }} }}
  • 19. Check CommandCheck Command resourceresource "icinga2_checkcommand" "apache_status" {"icinga2_checkcommand" "apache_status" { name = "apache_status"name = "apache_status" templates = ["apache-status", "plugin-check-command",templates = ["apache-status", "plugin-check-command", "plugin-check-command", "ipv4-or-ipv6"]"plugin-check-command", "ipv4-or-ipv6"] command =command = "/usr/lib64/nagios/plugins/check_apache_status.pl""/usr/lib64/nagios/plugins/check_apache_status.pl" arguments = {arguments = { "-H" = "$apache_status_address$""-H" = "$apache_status_address$" "-c" = "$apache_status_critical$""-c" = "$apache_status_critical$" "-p" = "$apache_status_port$""-p" = "$apache_status_port$" }} }} resourceresource "icinga2_service" "my-service" {"icinga2_service" "my-service" { name = "ssh"name = "ssh" hostname = "c1-mysql-1"hostname = "c1-mysql-1" check_command = "ssh"check_command = "ssh" }}
  • 20. NotificationsNotifications resource "icinga2_user" "user" {resource "icinga2_user" "user" { name = "terraform"name = "terraform" email = "terraform@dev.null"email = "terraform@dev.null" }} resourceresource "icinga2_notification" "host-notification" {"icinga2_notification" "host-notification" { hostname = "docker-icinga2"hostname = "docker-icinga2" command = "mail-host-notification"command = "mail-host-notification" users = ["user"]users = ["user"] }} resourceresource "icinga2_notification" "ping-service-notification" {"icinga2_notification" "ping-service-notification" { hostname = "docker-icinga2"hostname = "docker-icinga2" command = "mail-service-notification"command = "mail-service-notification" users = ["user"]users = ["user"] servicename = "ping"servicename = "ping" }}
  • 21. Other ResourcesOther Resources resourceresource "icinga2_checkcommand" "apache_status" {"icinga2_checkcommand" "apache_status" { name = "apache_status"name = "apache_status" templates = ["apache-status", "plugin-check-command",templates = ["apache-status", "plugin-check-command", "plugin-check-command", "ipv4-or-ipv6"]"plugin-check-command", "ipv4-or-ipv6"] command =command = "/usr/lib64/nagios/plugins/check_apache_status.pl""/usr/lib64/nagios/plugins/check_apache_status.pl" arguments = {arguments = { "-H" = "$apache_status_address$""-H" = "$apache_status_address$" "-c" = "$apache_status_critical$""-c" = "$apache_status_critical$" "-p" = "$apache_status_port$""-p" = "$apache_status_port$" }} }}
  • 23. ConsulConsul ● Open Source Service Discovery ToolOpen Source Service Discovery Tool • dig @127.0.0.1 -p 8600 puppetmaster.service.consul ANYdig @127.0.0.1 -p 8600 puppetmaster.service.consul ANY ● Build-in KV storeBuild-in KV store ● Service Mesh toolService Mesh tool
  • 24. ConsulConsul ::consul::service { 'puppetmaster':::consul::service { 'puppetmaster': port => 8140,port => 8140, }} ::consul::check { 'puppetmaster_tcp':::consul::check { 'puppetmaster_tcp': interval => '60s',interval => '60s', tcp => 'localhost:8140',tcp => 'localhost:8140', notes => 'Puppetmasters listen on port 8140',notes => 'Puppetmasters listen on port 8140', service_id => 'puppetmaster',service_id => 'puppetmaster', }}
  • 25. Consul~Icinga Exit CodesConsul~Icinga Exit Codes ::consul::service { 'pgsql':::consul::service { 'pgsql': checks => [checks => [ {{ script => '/usr/lib64/nagios/plugins/check_pgsql',script => '/usr/lib64/nagios/plugins/check_pgsql', interval => '10s'interval => '10s' }} ],], port => 5432,port => 5432, }}
  • 26. New Import SourceNew Import Source
  • 27. Module.infoModule.info Name: ConsulName: Consul Version: 1.0.0Version: 1.0.0 Depends: directorDepends: director Description: Consul module for Icinga Web 2Description: Consul module for Icinga Web 2 This module provides a Consul import source for Icinga DirectorThis module provides a Consul import source for Icinga Director
  • 29. library/Consul/ProvidedHook/Director/ImportSource.phplibrary/Consul/ProvidedHook/Director/ImportSource.php <?php<?php namespacenamespace IcingaModuleConsulProvidedHookDirector;IcingaModuleConsulProvidedHookDirector; useuse IcingaModuleDirectorHookImportSourceHook;IcingaModuleDirectorHookImportSourceHook; useuse IcingaModuleDirectorWebFormQuickForm;IcingaModuleDirectorWebFormQuickForm; classclass ImportSourceImportSource extendsextends ImportSourceHookImportSourceHook {{ public functionpublic function getName()getName() {{ returnreturn 'HashiCorp Consul';'HashiCorp Consul'; }} public functionpublic function fetchData() {}fetchData() {} public functionpublic function listColumns() {}listColumns() {} public static functionpublic static function getDefaultKeyColumnName() {}getDefaultKeyColumnName() {} }}
  • 30. Little bit of ConfigLittle bit of Config public static function getDefaultKeyColumnName()public static function getDefaultKeyColumnName() {{ return 'Node';return 'Node'; }} public static function addSettingsFormFields(QuickForm $form)public static function addSettingsFormFields(QuickForm $form) {{ $form->addElement('text', 'consul_url', array($form->addElement('text', 'consul_url', array( 'label' => 'HTTP API URL','label' => 'HTTP API URL', 'required' => true,'required' => true, 'value' => 'http://127.0.0.1:8500','value' => 'http://127.0.0.1:8500', ));)); return;return; }}
  • 31. We are not cave men!We are not cave men! composer require sensiolabs/consul-php-sdkcomposer require sensiolabs/consul-php-sdk <?php<?php useuse IcingaApplicationIcinga;IcingaApplicationIcinga; require_oncerequire_once __DIR____DIR__ . '/vendor/autoload.php';. '/vendor/autoload.php'; $this->provideHook('director/ImportSource');$this->provideHook('director/ImportSource');
  • 32. Query ConsulQuery Consul use SensioLabsConsulServiceFactory;use SensioLabsConsulServiceFactory; public functionpublic function fetchData()fetchData() {{ $sf = new ServiceFactory($sf = new ServiceFactory( arrayarray('base_uri' => $this->getSetting('consul_url'))('base_uri' => $this->getSetting('consul_url')) );); $agent = $sf->get('catalog');$agent = $sf->get('catalog'); return json_decode($agent->nodes()->getBody());return json_decode($agent->nodes()->getBody()); }} public functionpublic function listColumns()listColumns() {{ return array_keys((array) current($this->fetchData()));return array_keys((array) current($this->fetchData())); }}
  • 33. Adding a sync sourceAdding a sync source
  • 34. Adding a sync ruleAdding a sync rule
  • 35. Add sync propertiesAdd sync properties
  • 37. Manual is for AnimalsManual is for Animals [Unit][Unit] Description=Director Job runnerDescription=Director Job runner [Service][Service] Type=simpleType=simple ExecStart=/usr/bin/icingacli director jobs run foreverExecStart=/usr/bin/icingacli director jobs run forever Restart=on-successRestart=on-success
  • 38. Fast FeedbackFast Feedback ::consul::watch { 'director_import':::consul::watch { 'director_import': type => 'service',type => 'service', handler => '/usr/local/bin/director_sync_deploy.sh',handler => '/usr/local/bin/director_sync_deploy.sh', service => 'node_exporter',service => 'node_exporter', passingonly =>passingonly => truetrue,, require => File['Director Sync and Deploy'],require => File['Director Sync and Deploy'], }}
  • 39. director_sync_deploy.shdirector_sync_deploy.sh #!/usr/bin/env bash#!/usr/bin/env bash setset -x-x icingacliicingacli director importsource run --id 1director importsource run --id 1 icingacliicingacli director syncrule run --id 1director syncrule run --id 1 icingacliicingacli director config deploydirector config deploy
  • 42. VaultVault ● Open Source tool to do secrets managementOpen Source tool to do secrets management ● Secure, store and tightly control access toSecure, store and tightly control access to tokens, passwords, certificates, encryption keystokens, passwords, certificates, encryption keys for protecting secrets and other sensitive datafor protecting secrets and other sensitive data using a UI, CLI, or HTTP API.using a UI, CLI, or HTTP API. ● Certificate managementCertificate management ● Password rotatationPassword rotatation
  • 43. Pesky PasswordsPesky Passwords $ vault unseal$ vault unseal $ vault write kv/my-secret value="s3c(eT"$ vault write kv/my-secret value="s3c(eT" $ vault read kv/mysecret$ vault read kv/mysecret Key ValueKey Value --- -------- ----- refresh_interval 768hrefresh_interval 768h mysecret s3c(eTmysecret s3c(eT https://forge.puppet.com/jsok/vaulthttps://forge.puppet.com/jsok/vault
  • 44. NomadNomad ● Open Source tool to do dynamic workloadOpen Source tool to do dynamic workload schedulingscheduling ● Batch, containerized, and non-containerizedBatch, containerized, and non-containerized applications.applications. ● Has native Consul and Vault integrations.Has native Consul and Vault integrations.
  • 45. Monitoring Nomad with Prometheus andMonitoring Nomad with Prometheus and IcingaIcinga OSMC, Nuremberg, 6th nov 2019OSMC, Nuremberg, 6th nov 2019
  • 46. ContactContact Bram VogelaarBram Vogelaar +31 6 46 62 60 78+31 6 46 62 60 78 bram.vogelaar@inuits.eubram.vogelaar@inuits.eu @attachmentgenie@attachmentgenie Github.com/attachmentgenieGithub.com/attachmentgenie Inuits BEInuits BE Essensteenweg 31Essensteenweg 31 2930 Brasschaat2930 Brasschaat BelgiumBelgium Inuits NLInuits NL Maashaven Zuidzijde 2Maashaven Zuidzijde 2 3081 AE Rotterdam3081 AE Rotterdam NetherlandsNetherlands