Sistem Yönetim Araçları Arşivleri |

Browsing posts in: Sistem Yönetim Araçları

Kas 16, 2016 |

Kubernetes Cluster Kurulumu: Admin Node Yapılandırma

Kubernetes containerized uygulamaların dağıtımını,düzenlenmesini, ölçeklendirme ve yönetimini otomatikleştirmek için kullanılan açık kaynak bir sistemidir.

Anlatmaya çalışacağım Kubernets cluster yapısı bir Admin Node iki 2 Container Node şeklinde bir yapı olacak.

                       +-------------------------+
                       |      [Admin Node]       |
                       |kubernetes.omeroner.com  |
                       |                         |
                       +-----------+-------------+
                                   |
+-----------------------+          |          +----------------------+
|     [Node01]          |10.0.0.30 | 10.0.0.31|      [Node02]        |
|node01.omeroner.com    +----------+————-----—+ node02.omeroner.com  |
|                       |                     |                      |
+-----------------------+                     +----------------------+

+-------------------------+

| [Admin Node] |

|kubernetes.omeroner.com |

| |

+-----------+-------------+

+-----------------------+ | +----------------------+

| [Node01] |10.0.0.30 | 10.0.0.31| [Node02] |

|node01.omeroner.com +----------+————-----—+ node02.omeroner.com |

| | | |

+-----------------------+ +----------------------+

Bu bölümde admin node’u yapılandırılalım başka bir yazıda node’ların yapılandırılmasından bahsedeceğim.

Kubernetes architecture diyagramı aşağıdaki gibidir.

[1] Gerekli paketleri yükleyin

[root@kubernetes ~]# yum -y install kubernetes etcd flannel

1	[root@kubernetes ~]# yum -y install kubernetes etcd flannel

[2] Kubernetes yapılandırın. Aşağıdaki eklemeleri ve değişiklikleri config dosyasında yapalım.

# generate RSA key
[root@kubernetes ~]# openssl genrsa -out /etc/kubernetes/service.key 2048

[root@kubernetes ~]# vi /etc/kubernetes/controller-manager
# line 7: add
KUBE_CONTROLLER_MANAGER_ARGS="--service_account_private_key_file=/etc/kubernetes/service.key"

[root@kubernetes ~]# vi /etc/kubernetes/apiserver
# line 8: change
KUBE_API_ADDRESS="--address=0.0.0.0"
# line 17: change to Admin Node's hostname or IP address
KUBE_ETCD_SERVERS="--etcd_servers=http://dlp.srv.world:2379"
# line 20: IP range for Kubernetes service (change it if need)
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# line 26: add
KUBE_API_ARGS="--service_account_key_file=/etc/kubernetes/service.key"

# generate RSA key

[root@kubernetes ~]# openssl genrsa -out /etc/kubernetes/service.key 2048

[root@kubernetes ~]# vi /etc/kubernetes/controller-manager

# line 7: add

KUBE_CONTROLLER_MANAGER_ARGS="--service_account_private_key_file=/etc/kubernetes/service.key"

[root@kubernetes ~]# vi /etc/kubernetes/apiserver

# line 8: change

KUBE_API_ADDRESS="--address=0.0.0.0"

# line 17: change to Admin Node's hostname or IP address

KUBE_ETCD_SERVERS="--etcd_servers=http://dlp.srv.world:2379"

# line 20: IP range for Kubernetes service (change it if need)

KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# line 26: add

KUBE_API_ARGS="--service_account_key_file=/etc/kubernetes/service.key"

[root@kubernetes ~]# vi /etc/etcd/etcd.conf
# line 7: uncomment
ETCD_LISTEN_PEER_URLS="http://localhost:2380"
# line 8: add etcd Host's hostname or IP address
ETCD_LISTEN_CLIENT_URLS="http://kubernetes.omeroner.com:2379,http://localhost:2379"

[root@kubernetes ~]# vi /etc/etcd/etcd.conf

# line 7: uncomment

ETCD_LISTEN_PEER_URLS="http://localhost:2380"

# line 8: add etcd Host's hostname or IP address

ETCD_LISTEN_CLIENT_URLS="http://kubernetes.omeroner.com:2379,http://localhost:2379"

[root@kubernetes ~]# vi /etc/kubernetes/config
# line 22: change to Admin Node's hostname or IP address
KUBE_MASTER="--master=http://kubernetes.omeroner.com:8080"

[root@kubernetes ~]# vi /etc/kubernetes/config

# line 22: change to Admin Node's hostname or IP address

KUBE_MASTER="--master=http://kubernetes.omeroner.com:8080"

Servisler çalıştıralım ve başlangıça ekleyelim.

[root@kubernetes ~]# systemctl start etcd kube-apiserver kube-controller-manager kube-scheduler 
[root@kubernetes ~]# systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler

1 2	[root@kubernetes ~]# systemctl start etcd kube-apiserver kube-controller-manager kube-scheduler [root@kubernetes ~]# systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler

[3] Flannel Ağ yapılandırma.

Konteyner Düğümler içinde kullanılacak istediğiniz ağ aralığı belirtin

[root@kubernetes ~]# vi flannel-config.json
{
"Network":"172.16.0.0/16",
"SubnetLen":24,
"Backend":{
"Type":"vxlan",
"VNI":1
}
}

[root@kubernetes ~]# vi flannel-config.json

{

"Network":"172.16.0.0/16",

"SubnetLen":24,

"Backend":{

"Type":"vxlan",

"VNI":1

}

[root@kubernetes ~]# vi /etc/sysconfig/flanneld
# line 4: change to Flannel Host's hostname or IP address
FLANNEL_ETCD="http://kubernetes.omeroner.com:2379"
# line 8: confirm the parameter
FLANNEL_ETCD_KEY="/atomic.io/network"
[root@kubernetes ~]# etcdctl set atomic.io/network/config < flannel-config.json 
[root@kubernetes ~]# systemctl start flanneld 
[root@kubernetes ~]# systemctl enable flanneld

[root@kubernetes ~]# vi /etc/sysconfig/flanneld

# line 4: change to Flannel Host's hostname or IP address

FLANNEL_ETCD="http://kubernetes.omeroner.com:2379"

# line 8: confirm the parameter

FLANNEL_ETCD_KEY="/atomic.io/network"

[root@kubernetes ~]# etcdctl set atomic.io/network/config < flannel-config.json

[root@kubernetes ~]# systemctl start flanneld

[root@kubernetes ~]# systemctl enable flanneld

[4] Eğer tüm yapılandırmalar doğru bir şekilde uygulandı ise aşağıdaki şekilde bir ekran çıktısı görmemiz gerekiyor.

[root@kubernetes ~]# kubectl cluster-info 
Kubernetes master is running at http://localhost:8080

1 2	[root@kubernetes ~]# kubectl cluster-info Kubernetes master is running at http://localhost:8080

docker kubernetes

Kas 16, 2016 |

0 comments

Centos 7 Üzerine Cockpit Kurulumu

Cockpit ile kolayca web tarayıcısı üzerinden GNU/Linux sunucularını yönetebilirsiniz. Docker sistem kullanıyorsanız docker sistemlerinizide cockpit üzerinden kolayca yönetebilirsiniz.

Centos 7 Üzerine Cockpit Kurulumu

[1] Cockpit Kurulumu

[root@cockpit ~]# yum -y install cockpit
[root@cockpit ~]# systemctl start cockpit
[root@cockpit ~]# systemctl enable cockpit.socket

[root@cockpit ~]# yum -y install cockpit

[root@cockpit ~]# systemctl start cockpit

[root@cockpit ~]# systemctl enable cockpit.socket

[2] Web tarayıcısı ile “https: //(Sunucunun adı veya IP adresi):9090/” , daha sonra cockpit giriş formu görüntülenir.Aşağıdaki gibi mevcutda kullanılan bir kullanıcı ile oturum açın.Bu örnek root kullanıcı ile gösterir

[3] Cockpit ana sayfası. Bu ekran üzerinden sistemi yönetmek mümkündür.

[4] Sol menüdeki “Services” bölümünden, Sistem hizmetlerini yönetmek mümkündür.

[5] Sol menüdeki “Containers” bölümünden, Docker container’ları yönetmek mümkündür.

[6] Sol menüdeki “Log” bölümünden, Sistem günlüklerini(loglarını) yönetmeniz mümkündür.

[7] Sol menüdeki “Networking” bölümünden, Ağ ayarlarını ve yapılandırmalarını yönetmeniz mümkündür.

[8]Sol menüdeki “Storage” bölümünden, Depolama ayarlarını ve yapılandırmalarını yönetmeniz mümkündür.

[9]Sol menüdeki “Tools-Accounts” bölümünden, Kullanıcı hesaplarını yönetmek mümkündür.

[10] Sol menüdeki “Terminal” bölümünden, doğrudan komutlar ile sistemi yönetmek mümkündür.

cockpit

Eki 25, 2016 |

0 comments

Terraform Nedir? Nasıl Kurulur?

Terraform nedir?

Terraform, sistem altyapınızı(infrastructure) inşa etmek, değiştirmek ve versiyonlamak için kullanılan geliştirilmeye hızla devam edilen güvenli ve verimli bir araçtır. Ayrıntılı bilgi ve gelişimi için bu sayfayı inceleyebilirsiniz.

Özellikle cloud provider’lardan aws kullanıyorsanız neredeyse tüm resource’ları (Infrastructure as Code) mantığı ile yönetebiliyorsunuz. Bunun yanında fiziksel makineleri,VM,network switchleri ve container’larıda yönetebilirsiniz. Ayrıca örnek vermem gerekirse CloudFlare,Atlas,DigitalOcean,Docker,Google Cloud,VMware vSphere,Azure,DNS gibi birçok provider ve in-house sistemleri yönetebilirsiniz. Tüm liste için bu sayfayı inceleyebilirsiniz.

Terraform Nasıl Kurulur?

Terraform şuan Mac OS X,FreeBSD,Linux,OpenBSD,Solaris,Windows sistemlerde kullanılabiliyor.Linux ve FreeBSD’de Arm işlemci desteğide var.

Ben kurulumu centos sistem üzerinde gerçekleştirdim fakat siz bu sistemlerden herhangi birinde kurulumu gerçekleştirebilirsiniz.

Bu sayfadan istediğimiz platform için kaynak dosyayı indirmemiz ve PATH ayarı yapmamız yeterli oluyor.

mkdir -p /usr/local/terraform/bin

1	mkdir -p /usr/local/terraform/bin

cd /usr/local/terraform/bin;wget https://releases.hashicorp.com/terraform/0.7.7/terraform_0.7.7_linux_amd64.zip

1	cd /usr/local/terraform/bin;wget https://releases.hashicorp.com/terraform/0.7.7/terraform_0.7.7_linux_amd64.zip

Linux/Mac için örnek PATH düzenlemesi.

PATH=/usr/local/terraform/bin:/home/your-user-name/terraform:$PATH

1	PATH=/usr/local/terraform/bin:/home/your-user-name/terraform:$PATH

daha sonrasında kurulumu verify edebiliriz bunun için konsol’da

$ terraform
usage: terraform [--version] [--help] &lt;command&gt; [&lt;args&gt;]

Available commands are:
    apply       Builds or changes infrastructure
    destroy     Destroy Terraform-managed infrastructure
    get         Download and install modules for the configuration
    graph       Create a visual graph of Terraform resources
    init        Initializes Terraform configuration from a module
    output      Read an output from a state file
    plan        Generate and show an execution plan
    push        Upload this Terraform module to Atlas to run
    refresh     Update local state file against real resources
    remote      Configure remote state storage
    show        Inspect Terraform state or plan
    taint       Manually mark a resource for recreation
    validate    Validates the Terraform files
    version     Prints the Terraform version

$ terraform

usage: terraform [--version] [--help] <command> [<args>]

Available commands are:

apply Builds or changes infrastructure

destroy Destroy Terraform-managed infrastructure

get Download and install modules for the configuration

graph Create a visual graph of Terraform resources

init Initializes Terraform configuration from a module

output Read an output from a state file

plan Generate and show an execution plan

push Upload this Terraform module to Atlas to run

refresh Update local state file against real resources

remote Configure remote state storage

show Inspect Terraform state or plan

taint Manually mark a resource for recreation

validate Validates the Terraform files

version Prints the Terraform version

ekranını görüyorsak kurulum problemsiz tamamlanmıştır.

Örnek yapılandırma:

aws üzerinde instance oluşturmak.(Bunun için amazon hesabınızın olduğunu kabul ediyorum. Hesabınız yok ise bu adresten free tier hesap açabilirsiniz.)

provider "aws" {
  access_key = "ACCESS_KEY_HERE"
  secret_key = "SECRET_KEY_HERE"
  region     = "us-east-1"
}

resource "aws_instance" "example" {
  ami           = "ami-0d729a60"
  instance_type = "t2.micro"
}

provider "aws" {

access_key = "ACCESS_KEY_HERE"

secret_key = "SECRET_KEY_HERE"

region = "us-east-1"

}

resource "aws_instance" "example" {

ami = "ami-0d729a60"

instance_type = "t2.micro"

}

tüm resource yönetimi için bu sayfayı inceleyebilirsiniz.

terraform

Ağu 25, 2016 |

0 comments

Puppet ile Mysql Kurulumu ve Yönetimi

Puppet ile mysql kurulumu ve yönetimi için kullandığım tercih ettiğim modül puppet tarafından supported olan bir modül aşağıdaki linkten erişebilrisiniz.

https://forge.puppet.com/puppetlabs/mysql/2.2.3

Mysql kurulumu ve yönetilmesi için oluşturduğum örnek puppet script’i aşağıdaki gibi

## module url :https://github.com/puppetlabs/puppetlabs-mysql #################


node 'puppetagent.domain.local'{

## Mysql Repo Install ##########################################################
yumrepo { 'mysql56-community':
descr => 'CentOS $releasever - mysql56-community',
baseurl => 'http://repo.mysql.com/yum/mysql-5.6-community/el/6/$basearch/',
gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql',
enabled => 1,
gpgcheck => 1,
}->
file { '/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql':
owner => 'root',
group => 'root',
mode => '600',
content => template("mysql/RPM-GPG-KEY-mysql"),
}

## Mysql Server Install ########################################################
class {'mysql::server':
package_name => 'mysql-community-server',
package_ensure => '5.6.32-2.el6',
service_name => 'mysqld',
config_file => '/etc/my.cnf',
restart => false,
service_enabled => true,
service_manage => true,
includedir => '/etc/my.cnf.d',
create_root_user => true,
create_root_my_cnf => true,
root_password => 'reload1',
remove_default_accounts => true,
override_options => {
client => {
port => '3306',
socket => '/var/lib/mysql/mysql.sock'
},
mysqld => {
## General #########################################################
user => 'mysql',
port => '3306',
socket => '/var/lib/mysql/mysql.sock',
pid-file => '/var/run/mysqld/mysqld.pid', 
default-storage-engine => 'InnoDB',
character-set-server => 'latin5',
server-id => '1',

## Loging ##########################################################
log_warnings => '1',
log-error => '/var/lib/mysql/error.log',
general_log => '0',
general_log_file => '/var/lib/mysql/general.log',

## Safety ########################################################## 
max_allowed_packet => '2MB',
old_passwords => '1',
symbolic-links => '0' ,
explicit_defaults_for_timestamp => '',
skip-name-resolve => '',

## Data & Tmp Directory #############################################
datadir => '/var/lib/mysql/',
tmpdir => '/var/lib/mysql/',

## Connection and Thread variables ##################################
max_connections => '25',
back_log => '110',
thread_cache_size => '10',

## Query Cache #######################################################
query_cache_type => '1',
query_cache_size => '8MB',
query_cache_limit => '8MB', 

## Session & Memory Variables #########################################
sort_buffer_size => '2MB',
tmp_table_size => '16MB',
max_heap_table_size => '16MB',
read_buffer_size => '131072',
read_rnd_buffer_size => '262144',

## Other Buffers and Caches ###########################################
table_definition_cache => '656',
table_open_cache => '512',
join_buffer_size => '256K',

## Slow Log ##########################################################
log-queries-not-using-indexes => '0',
slow_query_log => '1',
long_query_time => '3',
slow-query-log-file => '/var/lib/mysql/logs/slow.log',

## INNODB #############################################################
innodb_data_home_dir => '/var/lib/mysql/',
innodb_log_files_in_group => '2',
innodb_log_group_home_dir => '/var/lib/mysql/',
innodb-log-file-size => '128M',
innodb_log_buffer_size => '8M',
innodb-buffer-pool-size => '1456MB',
innodb-buffer-pool-instances => '4',
innodb-read-io-threads => '8',
innodb-write-io-threads => '8',
innodb-file-per-table => '1',
innodb_additional_mem_pool_size => '8MB',
innodb_file_per_table => '1',
innodb_flush_method => 'O_DIRECT',

## Myisam #############################################################
myisam_sort_buffer_size => '32MB',
key_buffer_size => '64MB',
myisam-recover => 'FORCE,BACKUP',

## Master Replication #################################################
#log_bin => '/var/lib/mysql/mysql-bin',
#expire_logs_days => '7',
#sync_binlog => '1',
#binlog_format => 'MIXED',
#binlog-ignore-db => 'mysql',
#binlog-ignore-db => 'information_schema',
#binlog-ignore-db => 'performance_schema',
#binlog-ignore-db => 'backup',
#binlog-ignore-db => 'test',
#master_info_repository => 'TABLE',
#relay_log_info_repository => 'TABLE',

## Slave Replication ###################################################
#relay_log => '/var/lib/mysql/mysql-relay-bin',
#slave_net_timeout => '60',
#read_only => '1',
#master_info_repository = TABLE,
#relay_log_info_repository = TABLE,
#replicate-ignore-table => 'dbname.tablename',
},

mysqldump => {
max_allowed_packet => '16MB',
},

mysqld_safe => {
log-error => '/var/lib/mysql/error.log',
pid-file => '/var/lib/mysql/mysqld.pid',
socket => '/var/lib/mysql/mysql.sock',
},

}
}


## Mysql Backup Job Create ###################################################
class { 'mysql::server::backup':
ensure => 'present',
backupuser => 'backupuser',
backuppassword => 'reload',
backupdir => '/data/mysql_backup',
backupdirmode => '700',
backupdirowner => 'root',
backupdirgroup => 'root',
backupdatabases => ['mysql', 'test'],
backuprotate => 7,
backupcompress => true,
file_per_database => true,
time => ['3', '45'],
}


## Mysql Tuning Script Create 'perl /usr/local/bin/mysqltuner' ##############
class { 'mysql::server::mysqltuner':
ensure => 'present',
version => 'master',
}


## Mysql Monitor User Create ################################################
class { 'mysql::server::monitor':
mysql_monitor_username => 'monitoruser',
mysql_monitor_password => 'reload',
mysql_monitor_hostname => '192.168.177.158',
}

## Dependencies definition ################################################
Yumrepo['mysql56-community']->
Class['mysql::server']

}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

## module url :https://github.com/puppetlabs/puppetlabs-mysql #################

node 'puppetagent.domain.local'{

## Mysql Repo Install ##########################################################

yumrepo { 'mysql56-community':

descr => 'CentOS $releasever - mysql56-community',

baseurl => 'http://repo.mysql.com/yum/mysql-5.6-community/el/6/$basearch/',

gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql',

enabled => 1,

gpgcheck => 1,

}->

file { '/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql':

owner => 'root',

group => 'root',

mode => '600',

content => template("mysql/RPM-GPG-KEY-mysql"),

}

## Mysql Server Install ########################################################

class {'mysql::server':

package_name => 'mysql-community-server',

package_ensure => '5.6.32-2.el6',

service_name => 'mysqld',

config_file => '/etc/my.cnf',

restart => false,

service_enabled => true,

service_manage => true,

includedir => '/etc/my.cnf.d',

create_root_user => true,

create_root_my_cnf => true,

root_password => 'reload1',

remove_default_accounts => true,

override_options => {

client => {

port => '3306',

socket => '/var/lib/mysql/mysql.sock'

mysqld => {

## General #########################################################

user => 'mysql',

port => '3306',

socket => '/var/lib/mysql/mysql.sock',

pid-file => '/var/run/mysqld/mysqld.pid',

default-storage-engine => 'InnoDB',

character-set-server => 'latin5',

server-id => '1',

## Loging ##########################################################

log_warnings => '1',

log-error => '/var/lib/mysql/error.log',

general_log => '0',

general_log_file => '/var/lib/mysql/general.log',

## Safety ##########################################################

max_allowed_packet => '2MB',

old_passwords => '1',

symbolic-links => '0' ,

explicit_defaults_for_timestamp => '',

skip-name-resolve => '',

## Data & Tmp Directory #############################################

datadir => '/var/lib/mysql/',

tmpdir => '/var/lib/mysql/',

## Connection and Thread variables ##################################

max_connections => '25',

back_log => '110',

thread_cache_size => '10',

## Query Cache #######################################################

query_cache_type => '1',

query_cache_size => '8MB',

query_cache_limit => '8MB',

## Session & Memory Variables #########################################

sort_buffer_size => '2MB',

tmp_table_size => '16MB',

max_heap_table_size => '16MB',

read_buffer_size => '131072',

read_rnd_buffer_size => '262144',

## Other Buffers and Caches ###########################################

table_definition_cache => '656',

table_open_cache => '512',

join_buffer_size => '256K',

## Slow Log ##########################################################

log-queries-not-using-indexes => '0',

slow_query_log => '1',

long_query_time => '3',

slow-query-log-file => '/var/lib/mysql/logs/slow.log',

## INNODB #############################################################

innodb_data_home_dir => '/var/lib/mysql/',

innodb_log_files_in_group => '2',

innodb_log_group_home_dir => '/var/lib/mysql/',

innodb-log-file-size => '128M',

innodb_log_buffer_size => '8M',

innodb-buffer-pool-size => '1456MB',

innodb-buffer-pool-instances => '4',

innodb-read-io-threads => '8',

innodb-write-io-threads => '8',

innodb-file-per-table => '1',

innodb_additional_mem_pool_size => '8MB',

innodb_file_per_table => '1',

innodb_flush_method => 'O_DIRECT',

## Myisam #############################################################

myisam_sort_buffer_size => '32MB',

key_buffer_size => '64MB',

myisam-recover => 'FORCE,BACKUP',

## Master Replication #################################################

#log_bin => '/var/lib/mysql/mysql-bin',

#expire_logs_days => '7',

#sync_binlog => '1',

#binlog_format => 'MIXED',

#binlog-ignore-db => 'mysql',

#binlog-ignore-db => 'information_schema',

#binlog-ignore-db => 'performance_schema',

#binlog-ignore-db => 'backup',

#binlog-ignore-db => 'test',

#master_info_repository => 'TABLE',

#relay_log_info_repository => 'TABLE',

## Slave Replication ###################################################

#relay_log => '/var/lib/mysql/mysql-relay-bin',

#slave_net_timeout => '60',

#read_only => '1',

#master_info_repository = TABLE,

#relay_log_info_repository = TABLE,

#replicate-ignore-table => 'dbname.tablename',

mysqldump => {

max_allowed_packet => '16MB',

mysqld_safe => {

log-error => '/var/lib/mysql/error.log',

pid-file => '/var/lib/mysql/mysqld.pid',

socket => '/var/lib/mysql/mysql.sock',

}

## Mysql Backup Job Create ###################################################

class { 'mysql::server::backup':

ensure => 'present',

backupuser => 'backupuser',

backuppassword => 'reload',

backupdir => '/data/mysql_backup',

backupdirmode => '700',

backupdirowner => 'root',

backupdirgroup => 'root',

backupdatabases => ['mysql', 'test'],

backuprotate => 7,

backupcompress => true,

file_per_database => true,

time => ['3', '45'],

}

## Mysql Tuning Script Create 'perl /usr/local/bin/mysqltuner' ##############

class { 'mysql::server::mysqltuner':

ensure => 'present',

version => 'master',

}

## Mysql Monitor User Create ################################################

class { 'mysql::server::monitor':

mysql_monitor_username => 'monitoruser',

mysql_monitor_password => 'reload',

mysql_monitor_hostname => '192.168.177.158',

}

## Dependencies definition ################################################

Yumrepo['mysql56-community']->

Class['mysql::server']

}

mysql puppet

Ağu 25, 2016 |

0 comments

Puppet Master ve Agent Kurulumu

Puppet Nedir?

Puppet Master ve Agent Kurulumu geçmeden önce Puppet, açık kaynak kodlu Server/Client mimarisine sahip bir Configuration Management tool’dur. Kendine ait DSL (Domain Spesifik Language) vardır. Karmaşık ve büyük sistem alt yapılarını yönetmek için kullanılabilecek araçların başında gelir.

Bu yazıda master/client kurulumu,yapılandırılması ve bir kaç örmek vermeye çalışacağım.

Server Tarafı

Sunucu üzerinde tarih ve saat bilgilerinin güncel olması için bir defaya mahsus güncelleyip ardından ntpd servisini başlatıyoruz.

 # sudo ntpdate pool.ntp.org
 # service ntpd start
 # chkconfig ntpd on

# sudo ntpdate pool.ntp.org

# service ntpd start

# chkconfig ntpd on

Puppet repo’sunu yüklüyoruz.

# yum -y install http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-12.noarch.rpm
# sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo

1 2	# yum -y install http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-12.noarch.rpm # sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo

Puppet server kurulumunu yapıyoruz.

# yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet-server

1	# yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet-server

Kurulum ardından versiyon kontrol ediyoruz.

# puppet help | tail -n 1
veya
# puppet --version

# puppet help | tail -n 1

veya

# puppet --version

Puppet ayar dosyasında aşağıdaki ayarları kendi bilgileriniz doğrultusunda yapıyoruz.

# vim /etc/sysconfig/puppetmaster
# line 2: uncomment
PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp
# line 6: uncomment
PUPPETMASTER_LOG=syslog

# vim /etc/sysconfig/puppetmaster

# line 2: uncomment

PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp

# line 6: uncomment

PUPPETMASTER_LOG=syslog

# create an empty manifest and start
# touch /etc/puppet/manifests/site.pp

1 2	# create an empty manifest and start # touch /etc/puppet/manifests/site.pp

# /etc/rc.d/init.d/puppetmaster start 
# chkconfig puppetmaster on

1 2	# /etc/rc.d/init.d/puppetmaster start # chkconfig puppetmaster on

Puupet pp uzantılı puppet scirptleri diye ifade edilen dosyaylar ile yönetilir. Yukarda varsayılan olarak manifest dosyasının site.pp olduğunu belirttik.

Agent Tarafı

# yum -y install http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-12.noarch.rpm
# sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo
#  yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet

# yum -y install http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-12.noarch.rpm

# sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo

# yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet

# vim /etc/sysconfig/puppet

# line 2: uncomment and change to Puppet server
PUPPET_SERVER=dpuppet.tazedirekt.local
# line 8: uncomment
PUPPET_LOG=/var/log/puppet/puppet.log

# vim /etc/sysconfig/puppet

# line 2: uncomment and change to Puppet server

PUPPET_SERVER=dpuppet.tazedirekt.local

# line 8: uncomment

PUPPET_LOG=/var/log/puppet/puppet.log

# /etc/rc.d/init.d/puppet start 
Starting puppet agent: [ OK ]
# chkconfig puppet on

# /etc/rc.d/init.d/puppet start

Starting puppet agent: [ OK ]

# chkconfig puppet on

Master üzerinde sertifika onaylama

#  puppet cert list
  "puppetagent.domain.local" (SHA256) 98:7F:92:58:EA:47:D4:AE:90:F4:8B:5E:3E:85:2E:90:FC:53:4E:6B:7B:1B:AA:96:A6:86:97:25:D5:66:C8:41

# puppet cert sign puppetagent.domain.local
Notice: Signed certificate request for puppetagent.localdomain
Notice: Removing file Puppet::SSL::CertificateRequest puppetagent.localdomain at '/var/lib/puppet/ssl/ca/requests/puppetagent.localdomain.pem'

# puppet cert list

"puppetagent.domain.local" (SHA256) 98:7F:92:58:EA:47:D4:AE:90:F4:8B:5E:3E:85:2E:90:FC:53:4E:6B:7B:1B:AA:96:A6:86:97:25:D5:66:C8:41

# puppet cert sign puppetagent.domain.local

Notice: Signed certificate request for puppetagent.localdomain

Notice: Removing file Puppet::SSL::CertificateRequest puppetagent.localdomain at '/var/lib/puppet/ssl/ca/requests/puppetagent.localdomain.pem'

Master üzerinde sertifika silme

# puppet cert clean puppetagent.domain.local

1	# puppet cert clean puppetagent.domain.local

Test Etme

puppet master üzerinde site.pp dosyası’na, client sunucusunda tmp dizini altında example-ip isminde 644 izni ile bir dosya oluşturarak içeriğini IP Address: xxxx şeklinde oluşturan ufak bir puppet script yazdık.

# vim /etc/puppet/manifests/site.pp
file {'/tmp/example-ip':                                                                        
  ensure  => present,                                                                               
  mode    => 0644,                                                                                   
  content => "IP Address: ${ipaddress_eth1}.\n",  
}

# vim /etc/puppet/manifests/site.pp

file {'/tmp/example-ip':

ensure => present,

mode => 0644,

content => "IP Address: ${ipaddress_eth1}.\n",

}

Clinet sunucuda;

# puppet agent --test

1	# puppet agent --test

dediğimizde tmp altında bu dosyanın oluşmuş olması gerekiyor.

puppet

Haz 18, 2016 |

0 comments

Strace Nedir? Strace Kullanımı

Linux/Unix’te bir sürecin (process) yaptığı sistem çağrılarını(syscall) izlemek için kullanabileceğiniz bir araçtır. Ayrıca ptrace, ltrace komutlarını inceleyebilirsiniz.

Sürecin çıktılarını stdout’a, kendi çıktılarını stderr’e yazar. more ile sayfa sayfa görmek istiyorsanız. en basit (primitive) kullanımı aşağıdaki gibidir.

# strace <süreç> 2>&1 | more

1	# strace <süreç> 2>&1 \| more

Strace Parametreleri:

-e parametresi ile sadece bir fonksiyon için çıktı üretebiliriz.

[root@omeroner ~]# strace -e "open" cd /tmp
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
open("/dev/tty", O_RDWR|O_NONBLOCK) = 3
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3
open("/usr/bin/cd", O_RDONLY) = 3
+++ exited with 0 +++
[root@omeroner ~]#

[root@omeroner ~]# strace -e "open" cd /tmp

open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3

open("/lib64/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3

open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3

open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3

open("/dev/tty", O_RDWR|O_NONBLOCK) = 3

open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3

open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3

open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3

open("/usr/bin/cd", O_RDONLY) = 3

+++ exited with 0 +++

[root@omeroner ~]#

-o parametresi ile aşina olduğumuz üzere çıktıları bir dosyaya yönlendirebiliriz.

[root@omeroner ~]# strace -e "open" -o /tmp/strace cd /tmp
[root@omeroner ~]# more /tmp/strace
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
open("/dev/tty", O_RDWR|O_NONBLOCK) = 3
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3
open("/usr/bin/cd", O_RDONLY) = 3
+++ exited with 0 +++
[root@omeroner ~]#

[root@omeroner ~]# strace -e "open" -o /tmp/strace cd /tmp

[root@omeroner ~]# more /tmp/strace

open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3

open("/lib64/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3

open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3

open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3

open("/dev/tty", O_RDWR|O_NONBLOCK) = 3

open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3

open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3

open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3

open("/usr/bin/cd", O_RDONLY) = 3

+++ exited with 0 +++

[root@omeroner ~]#

-t parametresi ile zamansal olarak sistem fonksiyonlarının çalışma dilimlerini gösterir.

[root@omeroner ~]# strace -t -e "open" cd /tmp
03:31:06 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
03:31:06 open("/lib64/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3
03:31:06 open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
03:31:06 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
03:31:06 open("/dev/tty", O_RDWR|O_NONBLOCK) = 3
03:31:06 open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
03:31:06 open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3
03:31:06 open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3
03:31:06 open("/usr/bin/cd", O_RDONLY) = 3
03:31:06 +++ exited with 0 +++
[root@omeroner ~]#

[root@omeroner ~]# strace -t -e "open" cd /tmp

03:31:06 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3

03:31:06 open("/lib64/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3

03:31:06 open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3

03:31:06 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3

03:31:06 open("/dev/tty", O_RDWR|O_NONBLOCK) = 3

03:31:06 open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3

03:31:06 open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3

03:31:06 open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3

03:31:06 open("/usr/bin/cd", O_RDONLY) = 3

03:31:06 +++ exited with 0 +++

[root@omeroner ~]#

-c ise raporsal bir çağrı çıktısı üretir.

[root@omeroner ~]# strace -c -t -e "open" cd /tmp
% time seconds     usecs/call  calls     errors    syscall
------ ----------- ----------- --------- --------- ----------------
100.00 0.000048              5                   9             open
------ ----------- ----------- --------- --------- ----------------
100.00 0.000048 9                                             total

[root@omeroner ~]# strace -c -t -e "open" cd /tmp

% time seconds usecs/call calls errors syscall

------ ----------- ----------- --------- --------- ----------------

100.00 0.000048 5 9 open

------ ----------- ----------- --------- --------- ----------------

100.00 0.000048 9 total

-p herhangi bir çalışan uygulamayı <PID> değerini vermek suretiyle trace edebiliriz.

# strace -f -c -p $(pidof mysqld)

1	# strace -f -c -p $(pidof mysqld)

linux strace