using nagios with chef
TRANSCRIPT
Configuring Nagios with ChefBryan McLellanTechnical Program Manager, Open [email protected] / @btmspox
Overview
•Who am I?
•Why automation
• Introduction to Chef
•Nagios Demo
•Questions
Who am I?
• ChefEarly developer, user, pundit
• 10+ years in Systems AdministrationComputer repair, ISPs, Corporate IT,Web operations
• Event Logistics VolunteerTraffic Control, Parking, Communications, Networking, Emergency Management
• Hacker-Operator
How did we get here?
Bare Metal Deployment
How did we get here?
Bare Metal Deployment
• Purchasing
How did we get here?
Bare Metal Deployment
• Purchasing
• Vendor build
How did we get here?
Bare Metal Deployment
• Purchasing
• Vendor build
• Delivery
How did we get here?
Bare Metal Deployment
• Purchasing
• Vendor build
• Delivery
• Installation
How did we get here?
Bare Metal Deployment
• Purchasing
• Vendor build
• Delivery
• Installation
• OS deployment
How did we get here?
Bare Metal Deployment
• Purchasing
• Vendor build
• Delivery
• Installation
• OS deployment
• Application deployment
How did we get here?
Bare Metal Deployment
• Purchasing
• Vendor build
• Delivery
• Installation
• OS deployment
• Application deployment
Weeks?
How did we get here?
Cloud or Virtual Deployment
• Purchasing
• Vendor build
• Delivery
• Installation
• OS deployment
• Application deployment
Nearly immediate
How did we get here?
Cloud or Virtual Deployment
• Purchasing
• Vendor build
• Delivery
• Installation
• OS deployment
• Application deployment
Nearly immediate
Must be fast
Why automate?
Good Reasons:
• More agility and faster scalability
• Improved infrastructure documentation
• Better disaster recovery
Why automate?
Good Reasons:
• More agility and faster scalability
• Improved infrastructure documentation
• Better disaster recovery
Really Good Reasons:
• Spend less time on monotonous tasks
• Spend more time solving interesting problems
Why automate?
Operations is responsible for two things:
Why automate?
Operations is responsible for two things:
1. Availability
Why automate?
Operations is responsible for two things:
1. Availability
2. Efficiency
What is Chef?
•Configuration management language
• Systems integration framework
•API for your infrastructure
http://www.flickr.com/photos/morville/3220961040/
Chef Principles
Chef Principles
•Idempotent
Chef Principles
•Idempotent
•Reasonable
Chef Principles
•Idempotent
•Reasonable
•Primitives
Chef Principles
•Idempotent
•Reasonable
•Primitives
•Scalable
Chef Principles
•Idempotent
•Reasonable
•Primitives
•Scalable
•Hackable
Chef Principles
•Idempotent
•Reasonable
•Primitives
•Scalable
•Hackable
•Shareable
Chef Basics
Chef manages Nodes
Chef Basics
Chef manages Nodes Nodes have Attributes
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as Clients
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as ClientsCookbooks contain Recipes
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as ClientsCookbooks contain RecipesEach node has a Run List
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as ClientsCookbooks contain RecipesEach node has a Run ListA Run List is a list of Recipes to run
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as ClientsCookbooks contain RecipesEach node has a Run ListA Run List is a list of Recipes to runA Role also has a Run List
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as ClientsCookbooks contain RecipesEach node has a Run ListA Run List is a list of Recipes to runA Role also has a Run ListRoles can also be added to a Node’s Run List
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as ClientsCookbooks contain RecipesEach node has a Run ListA Run List is a list of Recipes to runA Role also has a Run ListRoles can also be added to a Node’s Run ListNodes can be in Environments
Chef Basics
Chef manages Nodes Nodes have AttributesUsers and Nodes authenticate as ClientsCookbooks contain RecipesEach node has a Run ListA Run List is a list of Recipes to runA Role also has a Run ListRoles can also be added to a Node’s Run ListNodes can be in EnvironmentsData bags are... bags of data.
Chef Basics Visualized
node: srv03run_list: “role[db_server]”
role: web_serverrun_list: [“recipe[apache2]”, “recipe[php]” ]
role: db_serverrun_list: [ “recipe[mysql]”, “recipe[nfs]” ]
node: srv01run_list: “role[web_server]”
node: srv02run_list: “role[web_server]”
client: srv03client: srv01 client: srv02
Application Programming Interface
Give me an API or give me death.-- Andrew Clay Shafer (@littleidea)
The Meatcloud Manifesto
chef-shellknife
Chef Stacks
chef-client
Open Source Hosted Chef Private Chef
API
chef-solo
Chef 10 Open Source Architecture
Chef Expander
Resources
• A Resource is something you manageservice, package, file, user, execute, git
Resources
• A Resource is something you manageservice, package, file, user, execute, git
• Resources have actionsstart, install, create, deploy
• Resources can notify of other resources
Resources
• A Resource is something you manageservice, package, file, user, execute, git
• Resources have actionsstart, install, create, deploy
• Resources can notify of other resources
cookbook_file “/etc/apache2/apache2.conf” do source “apache2.conf” owner “root” group “root” mode 0644 notifies :restart, “service[apache2]”end
Providers
• A Provider performs the actions specified by the resource
Providers
• A Provider performs the actions specified by the resource
• Each Resource can have multiple providerspackage: apt, yum, macports...service: upstart, windows, systemd...
Providers
• A Provider performs the actions specified by the resource
• Each Resource can have multiple providerspackage: apt, yum, macports...service: upstart, windows, systemd...
• Each platform (OS) has default Providers that can be
package “sudo” do provider Chef::Provider::Package::Yum action :installend
A basic recipe
package “apache2” do action :installend
A basic recipe
package “apache2” do action :installend
service “apache2” do action :enableend
A basic recipe
package “apache2” do action :installend
service “apache2” do action :enableend
cookbook_file “/etc/apache2/apache2.conf” do source “apache2.conf” owner “root” group “root” mode 0644end
A basic recipe
package “apache2” do action :installend
service “apache2” do action :enableend
cookbook_file “/etc/apache2/apache2.conf” do source “apache2.conf” owner “root” group “root” mode 0644end
service “apache2” do action :startend
A basic recipe
package “apache2” do action :installend
service “apache2” do action :enable supports [ :restart, :reload, :status ]end
cookbook_file “/etc/apache2/apache2.conf” do source “apache2.conf” owner “root” group “root” mode 0644 notifies :restart, “service[apache2]”end
service “apache2” do action :startend
Search
# Find all nodes in production that are tagged ‘group_d’search(:node, “tags:group_d AND chef_environment:prod”)
# Find the mail server in this environmentsearch (:node, “role:mail_server AND chef_environment:corp”)
# Find all my nodes that run on HP hardwarenodes = search(:node, “dmi_systems_manufacturer:HP”)
# Dynamically create a config in a template<% nodes.each do |node| -%>server <%= node[‘hostname’] %><% end -%>
Search is a first class citizen
Search and Ruby are powerful allies
Nagios Demo•Download nagios server
cookbooks•Install nagios server•Create fake nodes
knife cookbook site install nagiosknife cookbook upload -acd chef-repoknife role from file monitoring.jsonknife data bag create usersknife data bag from file users btm.jsonknife node run list add chef-demo-server role[monitoring]sudo chef-client
http://chef-demo-server/nagios3/
for n in {1..5} ; do knife node from file fake${n}.json ; donesudo chef-client
knife data bag create nagios_hostgroupsknife data bag from file nagios_hostgroups hp_systems.jsonsudo chef-client
Questions?
There is lots more to learn about Chef at
http://