With the rapid development of the IT industry, the traditional operation and maintenance methods rely on a large number of labor, the rapid development of automated operation and maintenance in recent years, has been a lot of it operation of the people's favor, a complete automated operation and maintenance of the system including systems installation, configuration management, service monitoring three aspects. So let's all take a look at the case of puppet actual operation in today. For reference only, you are welcome to put more opinions!
First, the application background
A company's new to 500 servers, the need to install Linux systems, and deployment of the online and later management configuration. For system installation, this time certainly must adopt the batch installment, the common batch installs the way to have everybody well-known kickstart and cobbler, the concrete configuration method, the on-line also has many good articles, here skipped.
Tip: If automatic installation, we can automatically initialize the system, the kernel simple optimization, and common services, software client installation. Of course puppet clients can also be installed and configured in Kickstart.
When the system is running stably, now we need to adjust and manage some of the servers, such as to modify the system parameters of 100 servers, remote command, and so on, how to operate? We might think of a script, a good idea, if you have to manually go to 100 servers to execute the same script, or modify a certain configuration, is not also a waste of time, the use of puppet can be in a few minutes, or even a few seconds to complete.
Second, the actual case configuration
Now there is a need to modify the Crontab NTP time server address on 100 Linux servers, the original server crontab NTP configuration segment is:
0 0 * * */usr/sbin/ntpdate pool.ntp.org >>/data/logs/crontab/ntpdate.log 2>&1
Now you need to adjust the 10.1.1.21 for the internal self-built server address and modify the synchronization time as follows:
0 */5 * * */usr/sbin/ntpdate 10.1.1.21 >>/data/logs/crontab/ntpdate.log 2>&1
To write the puppet NTP module:
VI/ETC/PUPPET/MODULES/NTP/MANIFESTS/INIT.PP
class NTP {
Exec {path =>]/bin:/sbin:/bin/sh:/usr/bin:/usr/ Sbin:/usr/local/bin:/usr/local/sbin "}
exec {
" auto change crontab NTP config ":
command =>" Sed-i-E "/ Ntpdate/s/0/*/5/2′-e ' s/pool.ntp.org/10.1.1.21/'/var/spool/cron/root ',
}
}
Annotation of this code: Create NTP module, use exec resource to execute a command remotely, also can extrapolate, other modification and configuration can refer to this method. Where Exec path means defining the global path. If not defined, each exec resource is defined with a path path.
Second, the actual case configuration
When we have a large-scale cluster, all servers require consistent data, you can use rsync synchronization, configure the rsync server side, the client executes script commands. You can also use the puppet+ script to sync, so it is quicker, of course, you can use the puppet rsync module. Rsync configuration is ignored here, directly on the puppet code:
# #定义www模块
Class WWW {
# #定义全局path
Exec {path => "/bin:/sbin:/bin/sh:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"}
# #推送sh脚本到客户端, 192-9-117-162-tdt.com for service end
file {
"/data/sh/rsync_www_client.sh":
source => "Puppet://192-9-117-162-tdt.com/files/www/rsync_www_ Client.sh ",
owner =>" Root ",
group =>" root ",
mode =>" 755″,
} "
# #推送密钥文件到客户端, permissions set to 600
file {
"/etc/rsync.pas":
source => "Puppet://192-9-117-162-tdt.com/files/www/rsync.pas",
owner = > "root",
group => "root",
mode => "600″,
}"
# #远程执行命令, back up the original program and determine if the Rsync client script is modified and, if so, executed.
exec {
"Auto backup www data":
command => "mkdir-p/data/backup/' date +%y%m%d"; mv/data/index/data/backup/ www/' Date +%y%m%d '; /bin/sh/data/sh/rsync_www_client.sh ",
user =>" root ",
subscribe =>file["/data/sh/rsync_bus_ Client.sh "],
refreshonly =>" true ", }
}
Third, test puppet
Note * Here if you want to use the Puppetrun (Puppet kick) push function, you need to configure the client in advance, and the client authorization allows the server to send signals, the specific configuration article can be viewed:
Execute on server side:
Puppet kick–d–host ' Cat Puppet.txt '
Cat Puppet.txt content is the host name of the client that needs to be synchronized:
192-9-117-163-tdt.com
192-9-117-164-tdt.com
192-9-117-165-tdt.com
Iv. Summary of Puppet
This article is for reference only, through understanding and learning, we can more in-depth understanding of puppet working principles and in-depth configuration, extrapolate:
1. How to group clients on the master side? What else can you use besides the regular?
2, when the number of servers continues to increase, a puppe tmaster must be very laborious, how to expand? How to better maintain and unify the management of puppet node configuration?
3, how to submit the code with SVN directly? And so on.