"Puppet"의 두 판 사이의 차이
잔글 |
잔글 |
||
(같은 사용자의 중간 판 59개는 보이지 않습니다) | |||
1번째 줄: | 1번째 줄: | ||
배포 자동화 솔루션인 puppet를 정리 합니다. | 배포 자동화 솔루션인 puppet를 정리 합니다. | ||
− | *홈페이지 : http://www.puppetlabs.com/, http://puppetlabs.com/puppet/puppet-open-source/, https://github.com/puppetlabs, http://forge.puppetlabs.com/ | + | *홈페이지 : [http://www.puppetlabs.com/ http://www.puppetlabs.com/], [http://puppetlabs.com/puppet/puppet-open-source/ http://puppetlabs.com/puppet/puppet-open-source/], [https://github.com/puppetlabs https://github.com/puppetlabs], [http://forge.puppetlabs.com/ http://forge.puppetlabs.com/] |
− | *다운로드 : | + | **[https://puppetlabs.com/puppet/open-source-projects https://puppetlabs.com/puppet/open-source-projects] |
− | *라이선스 : [[Apache 2.0]] | + | **[https://docs.puppetlabs.com/puppet/latest/reference/function.html Function Reference] |
− | *플랫폼 : Ruby | + | **https://docs.puppetlabs.com/puppet/latest/reference/type.html |
+ | *다운로드 : | ||
+ | *라이선스 : [[Apache 2.0|Apache 2.0]] | ||
+ | *플랫폼 : [[Ruby|Ruby]] | ||
+ | |||
+ | == Puppet 개요 == | ||
− | |||
http://beyondj2ee.pbworks.com/f/1331172025/puppet-%EC%84%A4%EC%B9%981.png | http://beyondj2ee.pbworks.com/f/1331172025/puppet-%EC%84%A4%EC%B9%981.png | ||
− | ==참고 문헌== | + | <span style="color:#008000;"><span style="font-size:larger;">'''Puppet 용어'''</span></span> |
− | *[[ | + | |
− | *[[ | + | {| cellspacing="0" cellpadding="2" border="1" width="100%" bgcolor="#FFFFFF" align="center" style="line-height: 20.7999992370605px;" |
+ | |- | ||
+ | | width="25%" align="center" valign="middle" style="background-color: rgb(238, 238, 238);" | 용어 | ||
+ | | width="75%" align="center" valign="middle" style="background-color: rgb(238, 238, 238);" | 상세 | ||
+ | |- | ||
+ | | align="center" valign="middle" style="background-color: rgb(238, 238, 238);" | Manifest | ||
+ | | 환경 설정 정보 파일<br/>vim /etc/puppet/environments/production/manifests/~.pp<pre>node "~" { | ||
+ | Resource { "~": | ||
+ | attr => value, | ||
+ | } | ||
+ | } | ||
+ | </pre> | ||
+ | *Resource : File, Service, Package, User 등 | ||
+ | *Class : Resource의 집합으로 modules 폴더 아래에 ~.pp 형태로 저장 | ||
+ | |||
+ | puppet apply ~.pp #--- local machine에서 실행, node 부분이 없음<br/>puppet agent --test #--- agent에서 실행 | ||
+ | |||
+ | |- | ||
+ | | align="center" valign="middle" style="background-color: rgb(238, 238, 238);" | Catalog | ||
+ | | Manifest가 컴파일되어 Puppet Agent에서 전달되는 정보 | ||
+ | |- | ||
+ | | align="center" valign="middle" style="background-color: rgb(238, 238, 238);" | puppetmasterd | ||
+ | | 관리 서버에서 실행되는 데몬 | ||
+ | |- | ||
+ | | align="center" valign="middle" style="background-color: rgb(238, 238, 238);" | puppetd | ||
+ | | 각 서버에서 실행되는 데몬 | ||
+ | |} | ||
+ | |||
+ | == Puppet 설치 == | ||
+ | |||
+ | === Puppet Server 설치 === | ||
+ | |||
+ | yum install puppet-server | ||
+ | |||
+ | vi /etc/puppet/puppet.conf | ||
+ | <pre>module=/etc/puppet/modules | ||
+ | certname=puppetserver.jopenbusiness.com</pre> | ||
+ | puppet resource package puppet-server ensure=latest | ||
+ | |||
+ | /etc/init.d/puppetmaster start | ||
+ | |||
+ | netstat -antp | grep LISTEN | grep 8140 | ||
+ | |||
+ | <span style="color:#006400;">'''Puppet Agent 인증'''</span> | ||
+ | |||
+ | puppet cert --sign --list #--- + 도메인은 인증이 완료된 Puppet Agent | ||
+ | |||
+ | puppet cert puppetagent001.jopenbusiness.com | ||
+ | |||
+ | puppet cert --sign --all --list | ||
+ | |||
+ | === Puppet Agent 설치 === | ||
+ | |||
+ | yum install puppet | ||
+ | |||
+ | vi /etc/puppet/puppet.conf | ||
+ | <pre>certname=puppetagent001.jopenbusiness.com | ||
+ | runinterval=60 #--- 초단위</pre> | ||
+ | vi /etc/sysconfig/puppet | ||
+ | |||
+ | PUPPET_SERVER=puppetserver.jopenbusiness.com<br/>PUPPET_LOG=/var/log/puppet/puppet.log | ||
+ | |||
+ | /etc/init.d/puppet start | ||
+ | |||
+ | ps -ef | grep puppet | ||
+ | |||
+ | === auth.conf === | ||
+ | |||
+ | 참고 문헌 | ||
+ | |||
+ | *auth.conf | ||
+ | |||
+ | === hiera.yaml === | ||
+ | |||
+ | Puppet에서 사용하는 변수=값 을 설정 파일로 지정 | ||
+ | |||
+ | 참고 문헌 | ||
+ | |||
+ | *[https://docs.puppetlabs.com/hiera/3.0/puppet.html https://docs.puppetlabs.com/hiera/3.0/puppet.html] | ||
+ | *[http://www.unixmen.com/install-puppet-server-centos-7/ http://www.unixmen.com/install-puppet-server-centos-7/] | ||
+ | |||
+ | == Puppet 구성 == | ||
+ | |||
+ | === 실행 및 검사 === | ||
+ | |||
+ | puppet --version | ||
+ | |||
+ | puppet apply /etc/puppet/manifests/site.pp | ||
+ | |||
+ | puppet apply /etc/puppet/manifests/site.pp --modulepath=/etc/puppet/modules | ||
+ | |||
+ | puppet parser validate nodes.pp #--- 구문 오류 검사 | ||
+ | |||
+ | <span style="color:#006400;">'''[https://forge.puppetlabs.com/ https://forge.puppetlabs.com/] 모듈 사용 '''</span> | ||
+ | <pre>puppet module search httpd #--- 모듈 검색 | ||
+ | puppet module install puppetlabs-apache #--- 검색된 모듈 설치 | ||
+ | </pre> | ||
+ | === Folder 구조 === | ||
+ | |||
+ | /etc/puppet/ | ||
+ | |||
+ | *manifest/ | ||
+ | **site.pp (이름 변경 가능)<br/>import 'nodes.pp' | ||
+ | **nodes.pp (이름 변경 가능)<br/>node '~' {<br/> include 모듈명<br/> #--- Class, Resource, Variabled 등 포함<br/>} | ||
+ | *modules/모듈명/ | ||
+ | **manifest/init.pp<br/>class 모듈명 {<br/> #--- files, settings, modules, scripts 등 포함<br/>} | ||
+ | |||
+ | === package === | ||
+ | <pre>package { 'nginx': | ||
+ | ensure => installed, #--- installed. 설치, absent. 삭제, latest. 업데이트, '버전명'. 해당 버전 설치 | ||
+ | }</pre> | ||
+ | === file === | ||
+ | <pre>file { '/tmp/nginx.conf': | ||
+ | #--- nginx(모듈명)/files/default.conf 파일 사용 | ||
+ | source => 'puppet:///modules/nginx/default.conf', | ||
+ | notify => Service['nginx'], #--- 다른 자원 호출 | ||
+ | content => '~\n", | ||
+ | ensure => file, | ||
+ | mode => '06400', | ||
+ | owner => root, | ||
+ | group => root, | ||
+ | }</pre> | ||
+ | === service === | ||
+ | <pre>service {'nginx': | ||
+ | ensure => running, | ||
+ | require => Package['nginx'], #--- 먼저 필요한 자원 | ||
+ | hasrestart => true, | ||
+ | hasstatus => true, | ||
+ | subscribe = file ["nginx.conf"], | ||
+ | }</pre> | ||
+ | === exec === | ||
+ | <pre>exec { 'Run my arbitray command': | ||
+ | command => '/bin/echo I ran this command on `/bin/date` > /tmp/command.output.txt', | ||
+ | creates => '/tmp/command.output.txt', | ||
+ | #unless => '/usr/bin/test -f /tmp/command.output.txt', | ||
+ | #onlyif => '/usr/bin/test -f /tmp/command.output.txt', | ||
+ | #path => ['bin','/usr/bin'], | ||
+ | }</pre> | ||
+ | === cron === | ||
+ | <pre>cron { 'test cron': | ||
+ | command => 'touch /tmp/testcron', | ||
+ | hour => '04', | ||
+ | minute => '00', | ||
+ | }</pre> | ||
+ | === template === | ||
+ | |||
+ | Template 파일은 Ruby로 작성되어 있기 때문에 <%= @변수명 %>을 사용합니다. | ||
+ | |||
+ | Puppet에선s $변수명 을 사용 합니다. | ||
+ | |||
+ | vi <span style="color: rgb(0, 0, 0); font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; line-height: 20px; white-space: pre-wrap;">apache/templates/vhost.conf.erb</span> | ||
+ | <pre>Listen <%= @vhost_port %> | ||
+ | <VirtualHost *:<%= @vhost_port %>> | ||
+ | DocumentRoot /var/www/html | ||
+ | ServerName <%= @site_name %> | ||
+ | </VirtualHost> | ||
+ | </pre> | ||
+ | vi apache/manifests/init.pp | ||
+ | <pre>$vhost_port = "8080" | ||
+ | $site_name = 'example.com' | ||
+ | file { '/etc/httpd/conf.d/example.com.conf': | ||
+ | content => template('apache/vhost.conf.erb'), | ||
+ | notify => Service['httpd'], | ||
+ | }</pre> | ||
+ | === define === | ||
+ | |||
+ | Resource를 그룹하여 사용 | ||
+ | |||
+ | vi modules/base/manifests/script_job.pp | ||
+ | <pre>define base::script_job ( $hour = '00' ) { | ||
+ | include base | ||
+ | file { "/usr/local/bin/${name}": | ||
+ | source => "puppet:///modules/base/${name}", | ||
+ | mode => '0755', | ||
+ | } | ||
+ | cron { "Run ${name}": | ||
+ | command => "/usr/local/bin/${name}", | ||
+ | hour => $hour, | ||
+ | minute => '00', | ||
+ | user => 'vagrant', | ||
+ | } | ||
+ | }</pre> | ||
+ | vi manifests/nodes.pp | ||
+ | <pre>node 'vagrant-centos64.vagrantup.com' { | ||
+ | include base | ||
+ | base::script_job { 'backup_database1': | ||
+ | hour => '05', | ||
+ | } | ||
+ | }</pre> | ||
+ | === class === | ||
+ | <pre>class appserver($domain, $database) { | ||
+ | }</pre> | ||
+ | === user === | ||
+ | <pre>user { 'user01': | ||
+ | ensuer => present, | ||
+ | comment => '~', | ||
+ | home => '/home/user01', | ||
+ | managehome => true, | ||
+ | }</pre> | ||
+ | === ssh_authorized_key === | ||
+ | <pre>ssh_authorized_key { 'user001_ssh': | ||
+ | user => 'user01', | ||
+ | type => 'rsa', | ||
+ | key => '~', | ||
+ | }</pre> | ||
+ | == 참고 문헌 == | ||
− | *https://puppetlabs.com/puppet/ | + | *Puppet IDE : [https://puppetlabs.github.io/geppetto/download.html https://puppetlabs.github.io/geppetto/download.html] |
− | *http:// | + | *Puppet |
+ | **Custom provider : https://docs.puppetlabs.com/guides/plugins_in_modules.html | ||
+ | **Custom function : https://docs.puppetlabs.com/guides/custom_functions.html | ||
+ | **Custom type : https://docs.puppetlabs.com/guides/custom_types.html | ||
+ | *[http://wiki.tunelinux.pe.kr/pages/viewpage.action?pageId=2588702#Puppetbeginnerguide(korean)-패키지,파일,서비스 http://wiki.tunelinux.pe.kr/pages/viewpage.action?pageId=2588702#Puppetbeginnerguide(korean)-패키지,파일,서비스] | ||
+ | *[https://forge.puppetlabs.com/puppetlabs/mysql https://forge.puppetlabs.com/puppetlabs/mysql] | ||
+ | *[https://www.digitalocean.com/community/tutorials/how-to-install-puppet-to-manage-your-server-infrastructure https://www.digitalocean.com/community/tutorials/how-to-install-puppet-to-manage-your-server-infrastructure] | ||
+ | *[https://www.linode.com/docs/applications/puppet/set-up-puppet-master-agent https://www.linode.com/docs/applications/puppet/set-up-puppet-master-agent] | ||
+ | *[http://wiki.tunelinux.pe.kr/pages/viewpage.action?pageId=2588702 http://wiki.tunelinux.pe.kr/pages/viewpage.action?pageId=2588702] | ||
+ | *[http://theplmingspace.tistory.com/791 http://theplmingspace.tistory.com/791] | ||
+ | *[[Chef|Chef]] : [http://www.opscode.com/chef/ http://www.opscode.com/chef/] | ||
+ | *[[Capistrano|Capistrano]] : [https://github.com/capistrano/capistrano/wiki https://github.com/capistrano/capistrano/wiki] | ||
− | * | + | *[https://puppetlabs.com/puppet/what-is-puppet/ https://puppetlabs.com/puppet/what-is-puppet/] |
− | *http:// | + | *[http://beyondj2ee.pbworks.com/w/page/51641649/BeyondJ2EE-Puppet%20%EC%84%A4%EC%B9%98 http://beyondj2ee.pbworks.com/w/page/51641649/BeyondJ2EE-Puppet%20%EC%84%A4%EC%B9%98] |
− | [[Category:DevOps]] | + | *[http://en.wikipedia.org/wiki/Puppet_(software) http://en.wikipedia.org/wiki/Puppet_(software)] |
+ | *[http://en.wikipedia.org/wiki/Puppet_Labs http://en.wikipedia.org/wiki/Puppet_Labs] | ||
+ | *[http://www.programkr.com/blog/MEDMyEDMwYTw.html http://www.programkr.com/blog/MEDMyEDMwYTw.html] | ||
+ | *[http://igoni.kr/?p=884 http://igoni.kr/?p=884] | ||
+ | [[Category:DevOps|Category:DevOps]] |
2016년 4월 6일 (수) 11:07 기준 최신판
배포 자동화 솔루션인 puppet를 정리 합니다.
- 홈페이지 : http://www.puppetlabs.com/, http://puppetlabs.com/puppet/puppet-open-source/, https://github.com/puppetlabs, http://forge.puppetlabs.com/
- 다운로드 :
- 라이선스 : Apache 2.0
- 플랫폼 : Ruby
목차
Puppet 개요
Puppet 용어
용어 | 상세 |
Manifest | 환경 설정 정보 파일 vim /etc/puppet/environments/production/manifests/~.pp node "~" { Resource { "~": attr => value, } }
puppet apply ~.pp #--- local machine에서 실행, node 부분이 없음 |
Catalog | Manifest가 컴파일되어 Puppet Agent에서 전달되는 정보 |
puppetmasterd | 관리 서버에서 실행되는 데몬 |
puppetd | 각 서버에서 실행되는 데몬 |
Puppet 설치
Puppet Server 설치
yum install puppet-server
vi /etc/puppet/puppet.conf
module=/etc/puppet/modules certname=puppetserver.jopenbusiness.com
puppet resource package puppet-server ensure=latest
/etc/init.d/puppetmaster start
netstat -antp | grep LISTEN | grep 8140
Puppet Agent 인증
puppet cert --sign --list #--- + 도메인은 인증이 완료된 Puppet Agent
puppet cert puppetagent001.jopenbusiness.com
puppet cert --sign --all --list
Puppet Agent 설치
yum install puppet
vi /etc/puppet/puppet.conf
certname=puppetagent001.jopenbusiness.com runinterval=60 #--- 초단위
vi /etc/sysconfig/puppet
PUPPET_SERVER=puppetserver.jopenbusiness.com
PUPPET_LOG=/var/log/puppet/puppet.log
/etc/init.d/puppet start
ps -ef | grep puppet
auth.conf
참고 문헌
- auth.conf
hiera.yaml
Puppet에서 사용하는 변수=값 을 설정 파일로 지정
참고 문헌
- https://docs.puppetlabs.com/hiera/3.0/puppet.html
- http://www.unixmen.com/install-puppet-server-centos-7/
Puppet 구성
실행 및 검사
puppet --version
puppet apply /etc/puppet/manifests/site.pp
puppet apply /etc/puppet/manifests/site.pp --modulepath=/etc/puppet/modules
puppet parser validate nodes.pp #--- 구문 오류 검사
https://forge.puppetlabs.com/ 모듈 사용
puppet module search httpd #--- 모듈 검색 puppet module install puppetlabs-apache #--- 검색된 모듈 설치
Folder 구조
/etc/puppet/
- manifest/
- site.pp (이름 변경 가능)
import 'nodes.pp' - nodes.pp (이름 변경 가능)
node '~' {
include 모듈명
#--- Class, Resource, Variabled 등 포함
}
- site.pp (이름 변경 가능)
- modules/모듈명/
- manifest/init.pp
class 모듈명 {
#--- files, settings, modules, scripts 등 포함
}
- manifest/init.pp
package
package { 'nginx': ensure => installed, #--- installed. 설치, absent. 삭제, latest. 업데이트, '버전명'. 해당 버전 설치 }
file
file { '/tmp/nginx.conf': #--- nginx(모듈명)/files/default.conf 파일 사용 source => 'puppet:///modules/nginx/default.conf', notify => Service['nginx'], #--- 다른 자원 호출 content => '~\n", ensure => file, mode => '06400', owner => root, group => root, }
service
service {'nginx': ensure => running, require => Package['nginx'], #--- 먼저 필요한 자원 hasrestart => true, hasstatus => true, subscribe = file ["nginx.conf"], }
exec
exec { 'Run my arbitray command': command => '/bin/echo I ran this command on `/bin/date` > /tmp/command.output.txt', creates => '/tmp/command.output.txt', #unless => '/usr/bin/test -f /tmp/command.output.txt', #onlyif => '/usr/bin/test -f /tmp/command.output.txt', #path => ['bin','/usr/bin'], }
cron
cron { 'test cron': command => 'touch /tmp/testcron', hour => '04', minute => '00', }
template
Template 파일은 Ruby로 작성되어 있기 때문에 <%= @변수명 %>을 사용합니다.
Puppet에선s $변수명 을 사용 합니다.
vi apache/templates/vhost.conf.erb
Listen <%= @vhost_port %> <VirtualHost *:<%= @vhost_port %>> DocumentRoot /var/www/html ServerName <%= @site_name %> </VirtualHost>
vi apache/manifests/init.pp
$vhost_port = "8080" $site_name = 'example.com' file { '/etc/httpd/conf.d/example.com.conf': content => template('apache/vhost.conf.erb'), notify => Service['httpd'], }
define
Resource를 그룹하여 사용
vi modules/base/manifests/script_job.pp
define base::script_job ( $hour = '00' ) { include base file { "/usr/local/bin/${name}": source => "puppet:///modules/base/${name}", mode => '0755', } cron { "Run ${name}": command => "/usr/local/bin/${name}", hour => $hour, minute => '00', user => 'vagrant', } }
vi manifests/nodes.pp
node 'vagrant-centos64.vagrantup.com' { include base base::script_job { 'backup_database1': hour => '05', } }
class
class appserver($domain, $database) { }
user
user { 'user01': ensuer => present, comment => '~', home => '/home/user01', managehome => true, }
ssh_authorized_key
ssh_authorized_key { 'user001_ssh': user => 'user01', type => 'rsa', key => '~', }
참고 문헌
- Puppet IDE : https://puppetlabs.github.io/geppetto/download.html
- Puppet
- Custom provider : https://docs.puppetlabs.com/guides/plugins_in_modules.html
- Custom function : https://docs.puppetlabs.com/guides/custom_functions.html
- Custom type : https://docs.puppetlabs.com/guides/custom_types.html
- http://wiki.tunelinux.pe.kr/pages/viewpage.action?pageId=2588702#Puppetbeginnerguide(korean)-패키지,파일,서비스
- https://forge.puppetlabs.com/puppetlabs/mysql
- https://www.digitalocean.com/community/tutorials/how-to-install-puppet-to-manage-your-server-infrastructure
- https://www.linode.com/docs/applications/puppet/set-up-puppet-master-agent
- http://wiki.tunelinux.pe.kr/pages/viewpage.action?pageId=2588702
- http://theplmingspace.tistory.com/791
- Chef : http://www.opscode.com/chef/
- Capistrano : https://github.com/capistrano/capistrano/wiki