Automating and deploying new linux servers

Question

I'm in the process of developing a method to automate new virtual machines into my environment. 90% of our machines are virtual but the process is similar for both physical and vmware based images. What I do now is I use cobbler to install the base OS. The kickstart script has post hooks to modify the yum repo and installs puppet and func. Once the servers are running, I manually add them into nagios and sign the certificate via the puppetmaster. I've since migrated most of the resources to use mysql as the backend.

I wanted to see what others are doing and my goal for 2011 is to have puppet inventory the hardware into mysql, and somehow i'll script a python script to have nagios grab the info and automatically add it for monitoring purposes. It's kind of tedious to have to add each new server into nagios, puppet's dashboard, munin, etc...

@Ignacio - "I wanted to see what others are doing " is, I presume, the request. Which isn't well suited to this site; maybe the chat? Or the OP could make this a community wiki? — mfinni, Feb 08 '11 at 23:22

score 2 · Answer 1 · answered Feb 08 '11 at 23:24

2

Why are you not using the Nagios functionality built into Puppet? http://blog.gurski.org/index.php/2010/01/28/automatic-monitoring-with-puppet-and-nagios/

answered Feb 08 '11 at 23:24

slillibri

1,643
1
9
8

Not Now · Answer 2 · 2011-02-09T05:55:59.830

2

Cobbler is convoluted IMO. You could have used the Foreman to do automate most of this for you. (Including puppet cert signing). It can also do the inventory and Puppet report monitoring part. All Features:

Foreman is a Rails app so it is easily extensible. You can add code to include a post-create/destroy hook to add/remove servers in Nagios. Or simply read the Foreman hosts Db to supply lists of hosts to Nagios. The API could be helpful here.

edited Feb 09 '11 at 05:55

answered Feb 09 '11 at 05:08

Not Now

3,552
18
19

I tried running Foreman but the GUI is horrible. Also, the GUI isn't all that intuitive, that kills it for me. – sdot257 May 19 '11 at 00:54
@luckytaxi You don't need to use the GUI at all, except perhaps to view the dashboard and let junior staff follow procedure. 90% of the important stuff can be automated from the JSON Api: http://theforeman.org/projects/foreman/wiki/API . ie, You can completely script Foreman. – Not Now May 22 '11 at 01:13
Thx, I'll take a look at it. Puppet's dashboard shows me more info, however it's so god damn slow. – sdot257 May 22 '11 at 13:10

score 0 · Answer 3 · answered Feb 08 '11 at 23:23

0

I'm in almost the exact same situation. Right now the biggest pain point is func and puppet certificates, both on new builds but most often on a re-build of an existing server. That and ssh keys. So what you should do next, and then post about so I can steal from, is figure out how to get func, puppet, and ssh to sort out their keys crap themselves so I don't have to think about it.

answered Feb 08 '11 at 23:23

cagenut

4,848
2
24
29

For func, I actually have the certmaster autosign the certs. For puppet, yea it's freaking annoying. We clone a lot with vmware so the keys don't work as expected once we bring up the new clone. I have to manually delete the old keys and re-generate and sign them via the puppetmaster. I'll msg you once I figure out how I'll handle all this. – sdot257 Feb 08 '11 at 23:37

score 0 · Answer 4 · edited Apr 13 '17 at 12:14

In regards to adding to Nagios, if you are just modifying the config files yourself, I'd suggest taking a look at NConf http://www.nconf.org/dokuwiki/doku.php

Also see another question I answered referring to NConf here Monitor status of VPN clients

It doesn't automate, but it does have a clone feature, which makes it easy to clone a similar piece of hardware, update the network address and then run a script to update the nagios configs.

score 0 · Answer 5 · answered Feb 08 '11 at 23:40

This is annoying me as well, mostly to add every new server to nagios. To make it easier to add new server to nagios I started using web based administration tool NagiosQL http://www.nagiosql.org.

I tried few administration tools for nagios and I can say that this is the best I found and it's pretty easy to set up and work with it. I am using it for a few months and I think it's faster to set up new server using this tool than configure new server manually in configuration files.

score 0 · Answer 6 · answered Feb 09 '11 at 00:15

We use statellite

For nagios we have config/software channels with an activation key to register the host against the channels and load the correct packages. We also use pre and post scripts for some stuff. We manually add the servers to nagios, but there is no reason why we could not script it - except we're lazy. We do have an asset db other than satellite (as it needs to track hosts of many OS's not just red hat) which we add the servers to manually. We have not scripted the update of the assetdb, but we intend to using the XML-RPC interface into satellite.

We also use the XML-RPC interface into satellite with another script that also talks to talk to ESXi to work out if we have machines in satellite that no longer exist as VMs and can therefore be culled, and to make sure that all the machines on ESX are in an appropriate satellite group to make sure they get patched we patch via satellite - and batch the patching via satellite system groups.

I'm not sure about the puppet cert aspect as I've never set up puppet so am not sure what is involved.

Automating and deploying new linux servers

6 Answers6