Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita
-
Upload
gosuke-miyashita -
Category
Technology
-
view
5.290 -
download
0
description
Transcript of Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita
![Page 1: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/1.jpg)
フレームワークでシステム管理アプリケーションプログラミングをもっと簡単に
![Page 2: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/2.jpg)
About me
Gosuke Miyashitamizzy.org
Working at paperboy&co. Recently, released the photo album
service “30days album” (http://30d.jp/)Total technical design, storage api
programming, server settings
I love Dr.Pepper
![Page 3: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/3.jpg)
With lots of Dr.Peppers
![Page 4: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/4.jpg)
![Page 5: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/5.jpg)
System Admin Application Framework? A framework for system admin app
WAF for sysadmin
Func (Fedora Unified Network Controller) is a kind of itAlthough Func deoesn’t describe itself a
frameworkI’m devloping Punc, a perl colne of Func.
![Page 6: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/6.jpg)
System Admin Application? Basically “Exec some operations for
multiple hosts” Easy to say, but ...
How to select target hosts?How to connect to target hosts?How about security?How about getting results and parsing themHow to reuse codes?
![Page 7: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/7.jpg)
Framework? Hide the issues on previous page and you
can concentrate for your really job Selecting target hosts?
$punc = Punc::Client->new(‘*’);$punc = Punc::Client->new(‘www*’);
Connect to target hosts and security$res = $punc->service->status({ service => ‘httpd’
});You can get the status of httpd of all taget hosts.Behind it, JSON-RPC over HTTPS + SSLv3 Auth
![Page 8: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/8.jpg)
Framework? (cont.)
Getting results and parse themScalar, hash or array via JSON-RPC
Reusability of codePunc consists of small modules.$punc->service->status();Programming with combination of small
modules
![Page 9: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/9.jpg)
Framework!
use Punc::Client;
my $punc = Punc::Client->new('*');
my $res = $punc->service->status({
service => 'httpd'
});
while ( my $r = $res->next ) {
Punc::Client->new($r->host)
->service->start({
service => 'httpd'
}) if $r->result;
}
![Page 10: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/10.jpg)
![Page 11: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/11.jpg)
Punc
A perl clone of Func Why I’m developing Punc?
Func only works on RedHat linuxFunc does not have abstract layer of
different environmentsI LOVE Perl!
![Page 12: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/12.jpg)
Architecture of Punc
master(puncmasterd)
slave(puncd)
slave(puncd)
slave(puncd)
get a result
call a module
exec a module exec a module exec a module
JSON-RPC over HTTPS+
SSLv3 auth
Manage target hostsManage SSL certs
![Page 13: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/13.jpg)
See http://coderepos.org/share/wiki/Punc
![Page 14: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/14.jpg)
Checkout Punc
$ svn co http://svn.coderepos.org/share/lang/perl/Punc/trunk Punc
$ cd Punc
![Page 15: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/15.jpg)
Start puncmasterd
; Create self-signed cert
; automatically and start with https
$ ./bin/puncmasterd
Please contact me at: <URL:https://host.example.com:7081/>
![Page 16: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/16.jpg)
Start puncd
$ ./bin/puncd
(Request a CSR to puncmaster and waiting it signed)
![Page 17: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/17.jpg)
Sign to the CSR
$ ./bin/puncmaster-ca --list
host.example.com
$ ./bin/puncmaster-ca --sign host.example.com
![Page 18: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/18.jpg)
Now puncd working!
$ ./bin/puncd
Please contact me at: <URL:https://host.example.com:7080/>
![Page 19: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/19.jpg)
Use Punc with punc command$ ./bin/punc "*" call service descriptionNAME Punc::Slave::Module::Service - Punc module for service
control.
SYNOPSIS # with punc command $ sudo punc "*" call service status --service=httpd # with Punc::Client module my $punc = Punc::Client->new($target); my $res = $punc->service->status({ service => 'httpd' }); ...
![Page 20: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/20.jpg)
Use Punc with Punc::Client
use Punc::Client;my $punc = Punc::Client->new('*');my $res = $punc->service->status({ service => 'httpd‘});while ( my $r = $res->next ) { Punc->new($r->host)->service ->start({ service => 'httpd' }) if $r->result;}
![Page 21: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/21.jpg)
![Page 22: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/22.jpg)
virt module(not yet exist)
my $punc = Punc::Client->new('*');my $res = $punc->virt->state;
while ( my $r = $res->next ) { next if $r->error; for my $vm ( @{ $r->vms } ) { if ( $vm->{state} eq 'shutdown' ) { Punc->new($r->host)->virt ->create($vm->{domain}) } }}
![Page 23: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/23.jpg)
smart module(not yet exist)
my $punc = Punc::Client->new('*');my $result = $punc->smart->info;
while ( my $r = $result->next ) { unless ( $r->code ) { print "$r->host has error: "; print $r->detail . "\n"; }}
![Page 24: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/24.jpg)
![Page 25: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/25.jpg)
Punc module
Module is distributed and executed on each targeted hosts
Master host calls modules on targeted hosts via punc command or Punc::Client
![Page 26: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/26.jpg)
Architecture of Punc(again)
master(puncmasterd)
slave(puncd)
slave(puncd)
slave(puncd)
get a result
call a module
exec a module exec a module exec a module
JSON-RPC over HTTPS+
SSLv3 auth
Manage target hostsManage SSL certs
![Page 27: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/27.jpg)
file modulepackage Punc::Slave::Module::File;use Path::Class qw( dir file );use Punc::Slave::Module { operatingsystem => [ qw/ .* / ]};
sub md5sum { my ( $self, $args ) = @_; return `md5sum $args->{file}`;}
sub copy {...
![Page 28: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/28.jpg)
service module(for Red Hat)
package Punc::Slave::Module::Service::RedHat;use Punc::Slave::Module::Service { operatingsystem => [ qw / redhat centos fedora / ]};
use Moose;with 'Punc::Slave::Module::Service::Role';
sub status { my ( $self, $args ) = @_; return $self->_command($args->{service}, 'status'); }
![Page 29: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/29.jpg)
service module(for Debian)
package Punc::Slave::Module::Service::Debian;use Punc::Slave::Module::Service { operatingsystem => [ qw / debian ubuntu / ]};
use Moose;with 'Punc::Slave::Module::Service::Role';
sub status { my ( $self, $args ) = @_; return $self->_command($args->{service}, 'status'); }
![Page 30: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/30.jpg)
Abstraction layer with Pfacter Automatically detect a targeted host’s
environmant and execute a adequate module
Punc uses Pfacter for this purpose Pfacter is a perl clone of Facter by Ruby Facter is used with Puppet
![Page 31: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/31.jpg)
Return values of a module# return scalar, hash ref, or array ref on
success
return $result;
# return an error using Class::ErrorHandler
return $self->error(‘error message’);
![Page 32: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/32.jpg)
Module sync
Mosules must be distributed to slaves Punc has punc-modulesync command punc-modulesync made with file module
![Page 33: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/33.jpg)
Summary Punc is a framework for sysatem admin
app programming Modules are executed on each slave node Master calls modules via JSON-RPC over
HTTPS Programming with Punc is a combination of
module calls Caller programs could be written by
langauages other than Perl
![Page 34: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/34.jpg)
Development in progress Code repository is in CodeRepos
http://coderepos.org/share/http://svn.coderepos.org/share/lang/perl/
Punc/trunk Feel free to commit to trunk or make
your branch! Please ask yappo if you don’t have a
commit bit of CodeRepos #coderepos@freenode or
#assurer@freenode
![Page 35: Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita](https://reader033.fdocuments.net/reader033/viewer/2022042713/548c47b2b479590f0d8b6267/html5/thumbnails/35.jpg)