Puppet at MWT2 Sarah Williams Indiana University.

Slides:



Advertisements
Similar presentations
About Me CTO, Individual Digital, Inc. (Startup) Author of ext/tidy, PHP 5 Unleashed, Zend Ent. PHP Patterns
Advertisements

Puppet for GENI Experiments
Computer Software 3 Section A Software Basics CHAPTER PARSONS/OJA
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.
14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Optinuity Confidential. All rights reserved. C2O Configuration Requirements.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
Low level CASE: Source Code Management. Source Code Management  Also known as Configuration Management  Source Code Managers are tools that: –Archive.
Cambodia-India Entrepreneurship Development Centre - : :.... :-:-
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
CVMFS: Software Access Anywhere Dan Bradley Any data, Any time, Anywhere Project.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
Windows Server MIS 424 Professor Sandvig. Overview Role of servers Performance Requirements Server Hardware Software Windows Server IIS.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Va-scanCopyright 2002, Marchany Securing Solaris Servers Randy Marchany.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
Hands-On Microsoft Windows Server 2008
Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.
Partner Logo German Cancio – WP4-install LCFG HOW-TO - n° 1 WP4 hands-on workshop: EDG LCFGng exercises
SCRAM Software Configuration, Release And Management Background SCRAM has been developed to enable large, geographically dispersed and autonomous groups.
Module 13: Configuring Availability of Network Resources and Content.
Oracle10g RAC Service Architecture Overview of Real Application Cluster Ready Services, Nodeapps, and User Defined Services.
Week #7 Objectives: Secure Windows 7 Desktop
Home Media Network Hard Drive Training for Update to 2.0 By Erik Collett Revised for Firmware Update.
Puppetize It! An Introduction to Puppet Mike Seda CEO, Seda Systems, Inc.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 5 Windows XP Professional McGraw-Hill.
Chapter 8 Implementing Disaster Recovery and High Availability Hands-On Virtual Computing.
Weekly Report By: Devin Trejo Week of May 30, > June 5, 2015.
EDG LCFGng: concepts Fabric Management Tutorial - n° 2 LCFG (Local ConFiGuration system)  LCFG is originally developed by the.
MSc. Miriel Martín Mesa, DIC, UCLV. The idea Installing a High Performance Cluster in the UCLV, using professional servers with open source operating.
October, Scientific Linux INFN/Trieste B.Gobbo – Compass R.Gomezel - T.Macorini - L.Strizzolo INFN - Trieste.
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
What is Driving the Virtual Desktop? VMware View 4: Built for Desktops VMware View 4: Deployment References…Q&A Agenda.
Step By Step Windows Server 2003 Installation Guide Step By Step Windows Server 2003 Installation Guide.
The Art and Zen of Managing Nagios with Puppet Michael Merideth - VictorOps
Contents 1.Introduction, architecture 2.Live demonstration 3.Extensibility.
1 Chapter Overview Publishing Resources in Active Directory Service Redirecting Folders Using Group Policies Deploying Applications Using Group Policies.
Configuration Management with Cobbler and Puppet Kashif Mohammad University of Oxford.
DireXions – Your Tool Box just got Bigger PxPlus Version Control System Using TortoiseSVN Presented by: Jane Raymond.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
1 Week #10Business Continuity Backing Up Data Configuring Shadow Copies Providing Server and Service Availability.
Support in setting up a non-grid Atlas Tier 3 Doug Benjamin Duke University.
Quattor-for-Castor Jan van Eldik Sept 7, Outline Overview of CERN –Central bits CDB template structure SWREP –Local bits Updating profiles.
CCNA4 v3 Module 6 v3 CCNA 4 Module 6 JEOPARDY K. Martin.
Virtual Machines Created within the Virtualization layer, such as a hypervisor Shares the physical computer's CPU, hard disk, memory, and network interfaces.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
System Center Lesson 4: Overview of System Center 2012 Components System Center 2012 Private Cloud Components VMM Overview App Controller Overview.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Linux Operations and Administration
Tier3 monitoring. Initial issues. Danila Oleynik. Artem Petrosyan. JINR.
Pavel Nevski DDM Workshop BNL, September 27, 2006 JOB DEFINITION as a part of Production.
T3g software services Outline of the T3g Components R. Yoshida (ANL)
Disk Server Deployment at RAL Castor F2F RAL - Feb 2009 Martin Bly.
VMware Certified Professional 6-Data Center Virtualization Beta 2V0-621Exam.
Cloud Installation & Configuration Management. Outline  Definitions  Tools, “Comparison”  References.
Platform & Engineering Services CERN IT Department CH-1211 Geneva 23 Switzerland t PES Agile Infrastructure Project Overview : Status and.
MCSA Windows Server 2012 Pass Upgrading Your Skills to MCSA Windows Server 2012 Exam By The Help Of Exams4Sure Get Complete File From
1 Policy Based Systems Management with Puppet Sean Dague
1 Remote Installation Service Windows 2003 Server Prof. Abdul Hameed.
SharePoint 101 – An Overview of SharePoint 2010, 2013 and Office 365
Packaging and Deploying Windows Applications
SmartCenter for Pointsec - MI
Deploying and Configuring SSIS Packages
Distributed System Structures 16: Distributed Structures
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
SAP R/3 Installation on WIN NT-ORACLE
Fundamentals of a Task Sequence
Presentation transcript:

Puppet at MWT2 Sarah Williams Indiana University

Puppet Overview “Puppet is an open-source next-generation server automation tool. It is composed of a declarative language for expressing system configuration, a client and server for distributing it, and a library for realizing the configuration.” –PuppetLabs Puppet FAQ Requires an already built node – does not handle OS install USATLAS Meeting on Virtual Machines and Configuration Management at BNL 26/15/11

Why Puppet Consistent file and data integrity monitoring across the cluster, including change alerts Ability to keep revisioned and backed up configuration files in a central repository Simplified deployment of new nodes and services Role-based configuration profiles Ability to share configuration components ( “modules” ) with other sites Integration with provisioning system (Cobbler) and virtual machine creation (KVM) USATLAS Meeting on Virtual Machines and Configuration Management at BNL 36/15/11

How it works Two components: client & server – Server can run as daemon: (Puppetmasterd), or within an existing web application as a rack application (apache+passenger). MWT2 uses a rack application install, which is more complex to set up, but more stable. Puppetmasterd has a memory leak issue, so if using it is recommended to restart it daily. – Client runs on the node to be configured – Clients and server have SSL certificates for authentication, and to encrypt communications Server stores configurations in files on the server, provides them to client when requested Puppet client requires an already-built node (prebuilt with cobbler/rocks/etc or custom installed by hand) – Basic requirements must be fulfilled: Network Access, Ruby, Facter Client confirms each part of its configuration every time it runs, fixing those pieces which are out of sync – Client will not change anything which is not explicitly defined in its configuration – Can run as daemon or cron, but daemon has same memory leak issue as puppetmasterd. Cron strongly recommended. – Too many clients running at once can overwhelm the server. We stagger the updates across an hour window 9-10am, every weekday. USATLAS Meeting on Virtual Machines and Configuration Management at BNL 46/15/11

Configuration All configurations are defined on the server It is highly recommended to keep the whole puppet tree in a version control system such as CVS or SubversionCVS Puppet config files are called ‘manifests’ and end in.pp The puppet config language is declarative and based on Ruby When a client checks in, the server matches the client to a node definition and passes that information to the client. The client then executes the objects associated with that node definition. Objects are not guaranteed to be executed in a linear fashion. Use require to ensure necessary steps occur in the correct order, but beware creating loops. USATLAS Meeting on Virtual Machines and Configuration Management at BNL 56/15/11

Manifests Object types include nodes (servers), cron, users, groups, services, packages, and files Special objects exec and notify Generic object class USATLAS Meeting on Virtual Machines and Configuration Management at BNL 6 service { 'cvmfs': enable => true, ensure => true, hasstatus => true, hasrestart => true, require => [ Package['cvmfs '], Package['cvmfs-init-scripts'], Package['cvmfs-keys-1.1-2'], Package['fuse.x86_64'], Service['autofs'], File['/etc/cvmfs/default.local'], File['/etc/auto.master'], File['/etc/fuse.conf'] ] } service { 'cvmfs': enable => true, ensure => true, hasstatus => true, hasrestart => true, require => [ Package['cvmfs '], Package['cvmfs-init-scripts'], Package['cvmfs-keys-1.1-2'], Package['fuse.x86_64'], Service['autofs'], File['/etc/cvmfs/default.local'], File['/etc/auto.master'], File['/etc/fuse.conf'] ] } 6/15/11

Modules Re-usable components, defined by combining manifests, and files Many modules for standard services available in Puppet Forge /etc/puppet/modules sendmail/ files/ sendmail.mc submit.cf manifests/ init.pp /etc/puppet/modules sendmail/ files/ sendmail.mc submit.cf manifests/ init.pp USATLAS Meeting on Virtual Machines and Configuration Management at BNL 76/15/11

MWT2 Setup – Organization /etc/puppet/manifests/ – sites.pp: First manifest loaded. All other maniests are loaded form this file. – templates.pp: Collection of configurations commonly grouped together (i.e. a worker-node config, a storage-node template) – nodes.pp: Defines each client host and assigns them templates USATLAS Meeting on Virtual Machines and Configuration Management at BNL 8 class iu::snode { include yum::mwt2::repo include baseclass include user::osgvo include sendmail::x86_64::mwt2 include snmpd::iu include dcache::logrotate include rsync::dcachemeta include puppet::daily::cron } class iu::snode { include yum::mwt2::repo include baseclass include user::osgvo include sendmail::x86_64::mwt2 include snmpd::iu include dcache::logrotate include rsync::dcachemeta include puppet::daily::cron } node 'iut2-s3' { include iu::snode include dell::delldset } node 'iut2-s3' { include iu::snode include dell::delldset } import nodes.pp import templates.pp import nodes.pp import templates.pp 6/15/11

MWT2 Setup /etc/puppet/modules/ – Directories are the names of the modules USATLAS Meeting on Virtual Machines and Configuration Management at BNL 9 class sendmail::x86_64::mwt2 { package { 'sendmail.x86_64': ensure => present } package { 'sendmail.i386': ensure => absent } service { "sendmail": enable => false, ensure => stopped, require => Package["sendmail.x86_64"] } file { "/etc/mail/submit.cf": source => "puppet:///modules/sendmail/submit.cf", owner => root, group => root } } class sendmail::x86_64::mwt2 { package { 'sendmail.x86_64': ensure => present } package { 'sendmail.i386': ensure => absent } service { "sendmail": enable => false, ensure => stopped, require => Package["sendmail.x86_64"] } file { "/etc/mail/submit.cf": source => "puppet:///modules/sendmail/submit.cf", owner => root, group => root } } 6/15/11

MWT2 Setup (cont.) A more complex module example: Most of our system configuration happens in Puppet. Cobbler provisions nodes with a minimum set of RPMs, including the puppet client, which auto-runs after install. We could do more configuration in Cobbler ( RedHat kickstart files ), but find it easier to maintain just one set of config files. All servers ( worker and head node ) are configured via Puppet. Some server software and configuration for head nodes is done by hand. We are working towards full automation. We have not tried automating a Pacman install. It is helpful to keep track of and limit the layers of abstraction built into the configuration. Too many layers of abstraction make the configuration difficult to understand & update. We are currently over-abstracted, working on combining redundant system classes. One way to accomplish this is using ‘define’. USATLAS Meeting on Virtual Machines and Configuration Management at BNL 106/15/11

Define Statements The CVMFS module is a good example of a define which takes variables, assigns defaults and deploys a set of configuration statements related to a single topic. This one line configures all of CVMFS for a worker node. – cvmfs::mount { cvmfsuc: cvmfs_http_proxy=>" grid1.iu.edu:3128;DIRECT" } grid1.iu.edu:3128;DIRECT Then the cvmfs::mount is as follows: Note that the above example only overrides the cvmfs_http_proxy field, but leaves the rest of the fields alone. Another node or template might choose to override a different setting, or not override any of the defaults. 6/15/11 USATLAS Meeting on Virtual Machines and Configuration Management at BNL 11 define cvmfs::mount( $cvmfs_http_proxy=" $cvmfs_quota_limit=25000, $cvmfs_repositories='atlas', $cvmfs_cache_base='/scratch/cvmfs') } define cvmfs::mount( $cvmfs_http_proxy=" $cvmfs_quota_limit=25000, $cvmfs_repositories='atlas', $cvmfs_cache_base='/scratch/cvmfs') }

Common tasks Add a new server: – Add host definition and assign templates in nodes.pp OR – Define in Cobbler and use the Management Classes field to assign templates. Remove a server from puppet control: – In nodes.pp, comment out the templates assigned to the host. Test configuration changes: – Time the test to not coincide with daily Puppet client run window – Apply changes to code, test synax with puppet –parseonly – Run on a test workernode with puppetd –test Force immediate update of client hosts – Use SSH to run puppetd –test on all nodes – Verify no errors by looking at SSH output or logs on syslog collector USATLAS Meeting on Virtual Machines and Configuration Management at BNL 126/15/11

Encryption The first run of puppet will generate the client certificate. If client certificate is lost, it must be deleted from the server side with ‘puppetca –clean ’ for a new one to be generated – When reloading a node, we usually delete and regenerate the cert rather than try to preserve it – If the cert on the server isn’t cleaned before reload, the new cert will be rejected. To recover, clear the cert on the server, delete /var/lib/puppet on the client, and re-run the puppet client. We have autosign turned on for the domains we control. Otherwise you must sign each worker’s cert on the server side. If you turn on autosign, make sure you define the domain to be only those machines you control. USATLAS Meeting on Virtual Machines and Configuration Management at BNL 136/15/11

Services Currently Configured Atlas WN Requirements (Compilers, libraries) Hardware monitoring with Ganglia, Dellsrvadmin, Smartd, Lmsensors, customized for each hardware configuration Hardware optimization with hdparm, blockdev, kernel & ext4 tunings Database & system disk backups CVMFS dCache Ldap Nagios probes NFS PBS Condor Sendmail Snmpd Ssh Syslog Xrootd Yum 6/15/11 USATLAS Meeting on Virtual Machines and Configuration Management at BNL 14

Future Plans Integration with Cobbler, DNS and DHCP via the External Nodes feature in puppet, would allow us to define a node in Cobbler and have DNS, DHCP and Puppet automatically configured. Move the above management services to single KVM Generate daily report from Syslog-ng collector on how many nodes updated vs failed to update, with errors 6/15/11 USATLAS Meeting on Virtual Machines and Configuration Management at BNL 15

References Puppet style guide de de Puppet best practices ki/Puppet_Best_Practice ki/Puppet_Best_Practice USATLAS Meeting on Virtual Machines and Configuration Management at BNL 166/15/11

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.