#### Puppet擴展篇8-Puppet dashboard的部署及測試 Puppet Dasshboard是由支持Puppet開發的公司Puppetlabs創建的，是Ruby on Rails程序。可以作為一個ENC（外部節點分類器）以及一個報告工具，并且正在逐漸成為一個包含許多Puppet新功能的集成界面，例如審計和資源管理功能。Puppet Dashboard是一個Ruby on Rails程序，用于顯示Puppet master和agent的相關信息。它允許你查看從一個或多個Puppet master匯總的圖形和報告數據。它同時從一個或者多個Puppet master上收集來自于Puppet agent的資產數據（主機的Fact和其他信息）。最后，它能作為一個ENC來配置Puppet節點，并指定這些節點上的類和參數。 ### 1 前期準備工作 Puppet Dashboard（1.2.3）程序目前版本只能安裝在Ruby 1.8.x（Dashboard還不能工作在1.9.x下或者更新的版本下），只支持MySQL作為數據庫后端。 ~~~ Rake version 0.8.3 or newer MySQL database server version 5.x Ruby-MySQL bindings version 2.7.x or 2.8.x ~~~ **備注**：更多詳細信息請參考：[http://docs.puppetlabs.com/dashboard/](http://docs.puppetlabs.com/dashboard/) ### 2 安裝相關軟件包 ~~~ [root@puppetserver nodes]# yum install ruby-mysql mysql-server puppet-dashboard ~~~ ### 3 配置Dashboard（包括與數據庫的結合部分） **3.1 創建管理Dashboard的MySQL數據庫賬號并授權** ~~~ [root@puppetserver rpms]# /etc/rc.d/init.d/mysqld restart [root@puppetserver ~]# chkconfig mysqld on [root@puppetserver rpms]# mysqladmin -uroot password 123.com [root@puppetserver rpms]# mysql –p123.com mysql> create database dashboard character set utf8; mysql> grant all on dashboard.* to 'dashboard'@'localhost' identified by "123.com"; mysql> flush privileges; [root@puppetserver rpms]# mysql -udashboard -p123.com #測試賬號是否創建成功 … Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> ~~~ **3.2 優化數據庫配置文件my.cnf** ~~~ [root@puppetserver rpms]# vim /etc/my.cnf [mysqld] # Allowing 32MB allows an occasional 17MB row with plenty of spare room max_allowed_packet = 32M … [root@puppetserver rpms]# /etc/rc.d/init.d/mysqld restart #重啟MySQL生效 Stopping mysqld: [ OK ] Starting mysqld: [ OK ] ~~~ **3.3 編輯dashboard YAML配置文件（`database.yml`）來指定數據庫** ~~~ [root@puppetserver rpms]# vim /usr/share/puppet-dashboard/config/database.yml production: database: dashboard username: dashboard password: 123.com encoding: utf8 adapter: mysql … ~~~ **3.4 填充數據庫** ~~~ [root@puppetserver ~]# cd /usr/share/puppet-dashboard/ [root@puppetserver puppet-dashboard]# rake gems:refresh_specs [root@puppetserver puppet-dashboard]# rake RAILS_ENV=production db:migrate #環境變量RAILS_ENV=production告訴Ruby on Rails我們工作在生產環境。每次你運行一個rake命令都需要使用合適的環境值來設置RAILS_ENV環境變量 ~~~ **3.5 查看是否導入成功** ~~~ [root@puppetserver puppet-dashboard]# mysql -udashboard -p123.com Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 5 Server version: 5.1.66 Source distribution Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> use dashboard; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +------------------------------+ | Tables_in_dashboard | +------------------------------+ | delayed_job_failures | | delayed_jobs | | metrics | | node_class_memberships | | node_classes | | node_group_class_memberships | | node_group_edges | | node_group_memberships | | node_groups | | nodes | | old_reports | | parameters | | report_logs | | reports | | resource_events | | resource_statuses | | schema_migrations | | timeline_events | +------------------------------+ 18 rows in set (0.00 sec) ~~~ ### 4 啟動并運行Dashboard（WEBrick方式） WEBrick有助于快速使用Dashboard，不過它不能很好地進行擴展，并且當有許多Puppet agent向Dashboard進行報告時，它的性能會非常差，因此不推薦使用。 **4.1 關閉httpd服務** ~~~ [root@puppetserver puppet-dashboard]# /etc/rc.d/init.d/httpd stop #之前配置過使用httpd運行puppetmaster，需要關閉 Stopping httpd: [ OK ] ~~~ **4.2 啟動puppetmaster服務** ~~~ [root@puppetserver puppet-dashboard]# /etc/rc.d/init.d/puppetmaster start Starting puppetmaster: [ OK ] ~~~ **4.3 啟動puppet-dashboard服務** ~~~ [root@puppetserver puppet-dashboard]# /etc/rc.d/init.d/puppet-dashboard start #啟動dashboard Starting Puppet Dashboard: => Booting WEBrick => Rails 2.3.17 application starting on http://0.0.0.0:3000 [ OK ] ~~~ **4.4 通過瀏覽器訪問[http://192.168.100.110:3000](http://192.168.100.110:3000)** ### 5 啟動并運行Dashboard（Passenger方式） **5.1 使用Ruby Gem安裝Passenger** ~~~ [root@puppetserver etc]# yum install ruby-devel ruby-libs rubygems libcurl-devel [root@puppetserver etc]# yum install httpd httpd-devel apr-util-devel apr-devel mod_ssl [root@puppetserver repos]# gem install --local passenger-4.0.19.gem #自動解決依賴關系，進入gem包目錄進行安裝 Building native extensions. This could take a while... Successfully installed rake-10.0.1 Successfully installed daemon_controller-1.1.5 Successfully installed rack-1.5.2 Successfully installed passenger-4.0.19 ~~~ **5.2 配置虛擬主機和passenger** ~~~ [root@puppetserver puppet-dashboard]# vim /etc/httpd/conf.d/passenger.conf LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-4.0.19/buildout/apache2/mod_passenger.so <IfModule mod_passenger.c> PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.19 PassengerRuby /usr/bin/ruby PassengerHighPerformance on PassengerMaxPoolSize 12 PassengerPoolIdleTime 1500 PassengerStatThrottleRate 120 # RailsAutoDetect On </IfModule> Listen 8141 <VirtualHost *:8141> DocumentRoot "/usr/share/puppet-dashboard/public/" <Directory "/usr/share/puppet-dashboard/public/"> Options None AllowOverride AuthConfig Order allow,deny allow from all </Directory> ErrorLog /var/log/httpd/dashboard.error.log LogLevel warn CustomLog /var/log/httpd/dashboard.access.log combined </VirtualHost> ~~~ **5.3 啟動相關服務** ~~~ [root@puppetserver ~]# /etc/rc.d/init.d/puppetmaster stop #停掉puppetmaster服務 Stopping puppetmaster: [ OK ] [root@puppetserver ~]# /etc/rc.d/init.d/httpd restart ~~~ **5.4 通過瀏覽器訪問測試** [http://192.168.100.110:8141/](http://192.168.100.110:8141/) ### 6 集成Puppet Dashboard **6.1 手工導入現有的報告（方式一）** ~~~ [root@puppetserver ~]# cd /usr/share/puppet-dashboard/ [root@puppetserver puppet-dashboard]# rake RAILS_ENV=production reports:import #導入已經存在的報告 Importing 39 reports from /var/lib/puppet/reports in the background Importing: 100% |###################################################################################| Time: 00:00:00 39 of 39 reports queued ~~~ **備注：**默認節點報告會在`/var/lib/puppet/reports/` 產生，如果路徑發生變化，導入報告時需要在后面加上`“REPORT_DIR=report路徑”`，reports更改路徑可在`puppet.conf`中設置參數“reportdir = 新路徑”，這種方式不夠實時。 **6.2 配置實施匯總puppet報告（方式二）** ~~~ [root@agent1 ~]# vim /etc/puppet/puppet.conf #配置agent節點自動發送報告 [agent] report = true #從2.7.0版本開始，報告系統會默認開啟，不需要配置 … [root@puppetserver puppet-dashboard]# vim /etc/puppet/puppet.conf [main] reports = http #定義為http報告處理器，除此之外還有store，log，tagmail，rrdgraph等報告處理器 reporturl = http://172.16.200.100:8141/reports #http報告處理器將puppet報告發送到一個HTTP URL和端口（Dashboard位置）。Puppet報告以被轉儲為HTTP Poort形式的YAML格式進行發送。 … [root@puppetserver public]# /etc/rc.d/init.d/httpd restart ~~~ **6.3 開啟后臺處理報告進程** ~~~ [root@puppetserver puppet-dashboard]# rake RAILS_ENV=production jobs:work & #運行“Delayed Job Workers”，使其在后臺為我們處理報告日志 [1] 28651 [root@puppetserver puppet-dashboard]# [Worker(host:puppetserver.kisspuppet.com pid:28651)] Starting job worker [Worker(host:puppetserver.kisspuppet.com pid:28651)] Report.create_from_yaml_file completed after 0.2674 [Worker(host:puppetserver.kisspuppet.com pid:28651)] Report.create_from_yaml_file completed after 0.1725 [Worker(host:puppetserver.kisspuppet.com pid:28651)] Report.create_from_yaml_file completed after 0.1345 [Worker(host:puppetserver.kisspuppet.com pid:28651)] Report.create_from_yaml_file completed after 0.1772 [Worker(host:puppetserver.kisspuppet.com pid:28651)] Report.create_from_yaml_file completed after 0.1397 … [Worker(host:puppetserver.kisspuppet.com pid:28651)] 42 jobs processed at 5.9487 j/s, 0 failed ... ~~~ **6.4 修改dashboard時區** Dashboard默認時區為UTC格式，我們這里需要更改為`CST（Asia/Shanghai`）格式 ~~~ [root@puppetserver ~]# vim /usr/share/puppet-dashboard/config/settings.yml time_zone: 'Asia/Shanghai' … **備注**：設置的settings.yml會覆蓋掉config/environment.rb中對應的配置項（config.time_zone = 'UTC'） ~~~ **6.5 顯示報告** 通過[http://192.168.100.110:8141/](http://192.168.100.110:8141/) 及時查看節點更新的報告信息，可以看到兩個節點agent1和agent2，默認顯示時間為CST格式，除此之外還可以看到某一個節點在某一個時刻的更新報告和運行曲線圖。 **6.6 刪除報告** 刪除一個前的報告 ~~~ [root@dashboard puppet-dashboard]# rake RAILS_ENV=production reports:prune upto=1 unit=mon (in /usr/share/puppet-dashboard) Deleting reports before 2014-03-18 09:23 UTC... Deleted 142 reports. ~~~ 刪除一天前的報告 ~~~ [root@dashboard puppet-dashboard]# rake RAILS_ENV=production reports:prune upto=1 unit=day (in /usr/share/puppet-dashboard) Deleting reports before 2014-04-16 09:24 UTC... Deleted 592 reports. ~~~ 刪除效果如下： ### 7 自定義報告 **7.1 編寫外部報告處理器** 使用現有的被存儲的報告，就是那些yaml文件，可以通過設置`puppet.conf`中`reports = store`進行收集。然后編寫一個外部的處理器來處理這些信息，例如繪圖或者將他們存儲在外部數據庫。這也是Puppet Dashboard中的報告輸入進程的工作原理。這些外部的報告處理器可以很簡單地使用Ruby進行編寫，以便使用Ruby反序列化YAML文件的能力以及使用生成的對象。你可以使用任何支持導入第三方ymal數據的工具。 **7.2 編寫內部報告處理器** 編寫自定義報告處理器并將它添加到Puppet。和fact、函數、類型及提供者的插件不同，Puppet沒有提供一個自動分發自定義報告的方法。 **7.2.1 現有報告處理器信息** ~~~ [root@puppetserver ~] # ls /usr/lib/ruby/site_ruby/1.8/puppet/reports http.rb log.rb rrdgraph.rb store.rb tagmail.rb [root@puppetserver reports]# cat http.rb #查看http報告處理器內容 require 'puppet' require 'net/http' require 'uri' Puppet::Reports.register_report(:http) do desc <<-DESC Send report information via HTTP to the `reporturl`. Each host sends its report as a YAML dump and this sends this YAML to a client via HTTP POST. The YAML is the body of the request. DESC def process url = URI.parse(Puppet[:reporturl]) req = Net::HTTP::Post.new(url.path) req.body = self.to_yaml req.content_type = "application/x-yaml" Net::HTTP.new(url.host, url.port).start {|http| response = http.request(req) unless response.kind_of?(Net::HTTPSuccess) Puppet.err "Unable to submit report to #{Puppet[:reporturl].to_s} [#{response.code}] #{response.msg}" end } end end ~~~ **7.2.2 自定義摘要報告處理器** **7.2.2.1 進入reports目錄編寫自定義summary.rb報告處理器** ~~~ [root@puppetserver ~]# cd /usr/lib/ruby/site_ruby/1.8/puppet/reports [root@puppetserver reports]# vim summary.rb require 'puppet' Puppet::Reports.register_report(:summary) do desc <<-DESC Send summary report information to the report directory. DESC def process client = self.host summary = self.summary dir = File.join(Puppet[:reportdir],client) client = self.host file = "summary.txt" destination = File.join(dir,file) File.open(destination,"w") do |f| f.write(summary) end end end ~~~ **7.2.2.2 將報告處理器的名字加入puppet.conf中，并重新啟動httpd服務** ~~~ [root@puppetserver ~]# vim /etc/puppet/puppet.conf [main] reports = http,summary … [root@puppetserver ~]# /etc/rc.d/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] ~~~ **7.2.2.3 使用mco命令觸發更新節點agent1** ~~~ [root@puppetserver ~]# mco puppet -v runonce mco facts -v --with-fact hostname='agent1' Discovering hosts using the mc method for 2 second(s) .... 1 * [ ============================================================> ] 1 / 1 agent1.kisspuppet.com : OK {:summary=> "Started a background Puppet run using the 'puppet agent --onetime --daemonize --color=false --splay --splaylimit 30' command"} ---- rpc stats ---- Nodes: 1 / 1 Pass / Fail: 1 / 0 Start Time: Fri Oct 04 12:54:50 +0800 2013 Discovery Time: 2005.27ms Agent Time: 1118.41ms Total Time: 3123.68ms ~~~ **7.2.2.4 查看新生成的報告信息** ~~~ [root@puppetserver ~]# cd /var/lib/puppet/reports/agent1.kisspuppet.com/ [root@puppetserver agent1.kisspuppet.com]# cat summary.txt Changes: Total: 1 Events: Total: 1 Success: 1 Resources: Out of sync: 1 Changed: 1 Total: 15 Skipped: 6 Time: Filebucket: 0.00 Package: 0.00 File: 0.11 Service: 0.12 Config retrieval: 1.29 Total: 1.52 Last run: 1380861882 Version: Config: 1380861878 Puppet: 2.7.23 ~~~ 在整個報告處理器中，我們定義了一個叫做process的方法來承載處理器的核心邏輯。我們從報告中提取了一些信息：使用`self.host`方式提取了主機名，使用summary方式提取了變更的摘要。還可以使用`self.logs`和`self.metrics`方式來訪問報告中的日子以及度量值。我們同時還將報告的摘要輸出了報告目錄下對應的以Puppet agent主機名命名的目錄中，報告目錄的位置是由reportdir配置的值來指定的，默認在/var/lib/puppet/reports/目錄下。 **備注**：更多報告處理器信息請訪問 ~~~ 現有報告處理器https://github.com/puppetlabs/puppet/tree/master/lib/puppet/reports 報告參考 http://docs.puppetlabs.com/references/latest/report.html#http 報告及報告系統 http://docs.puppetlabs.com/guides/reporting.html ~~~