(R)?ex - A framework to simplify system administration

for s in $(cat $HOME/myserver.lst); do ssh root@$s useradd -m myuser scp files/zabbix_agentd.conf root@$s:/etc/zabbixdone

Hosted

Cloud Services

Configuration Management

(R)?ex - Remote Execution

CentOS, Debian, Fedora, Gentoo, Mageia, OpenSuSE, Ubuntu, ...

FreeBSD, NetBSD, OpenBSD

Solaris 10/11

CPAN

Wie funktionierts?

Ganz grob, so was hnliches wie Make

Es gibt ein Rexfile

Ein normales Perl Script

Userverwaltung

Paketverwaltung

Dienstverwaltung

Konfigurationsverwaltung

Filterregeln (iptables)

Configmanagement

Usermanagement

task create_user, sub { create_user myuser => { groups => [wheel, users], password => foobar, ssh_key => ssh-rsa AAAAB3NzaC1yc2EAAAADAQ..., };};

bash# rex -H server[1..9] create_user

Paketverwaltung

task install_packages, sub { install package => [ sudo, apache2, php5, ... ];};

bash# rex -H server[1..9] install_packages

Dienstverwaltung

task start_services, sub { service apache2 => start; service mysql => start;

service apache2 => ensure, started;};

bash# rex -H server[1..9] start_services

Konfiguration

task configure_monitoring, sub { file /etc/zabbix/zabbix_agentd.conf, source => files/etc/zabbix/zabbix_agentd.conf, owner => root,

group => root,

mode => 640, on_change => sub {

service zabbix-agentd => restart; },

};

bash# rex -H server[1..9] configure_monitoring

Konfiguration

# Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses.#Listen :80

Listen :443

Einfache Filterregeln

task configure_iptables, sub { open_port [22, 80]; close_port all;};

bash# rex -H server[1..9] configure_iptables

Alles aufeinmal

task prepare, sub { create_user(); install_packages(); start_services(); configure_monitoring(); configure_iptables();};

bash# rex -H server[1..9] prepare

Deployments

Freitag Nachmittags?

Rollback Szenario?

(R)?ex Module

Rex::Apache::Deploy

Nachvollziehbare Deployments

Testen des Deployments mglich

Rollbacks sind schnell gemacht

Wenn man will auch automatisch wenn Tests fehlschlagen.

use Rex::Apache::Deploy "Symlink";

user "deploy";public_key "/home/deploy/.ssh/id_rsa.pub";private_key "/home/deploy/.ssh/id_rsa";

group "php" => "php[01..04]";

deploy_to "/var/www";document_root "/var/www/html";

desc "Deploy Application";task "deploy", group => "php", sub {

deploy "myapp-1.0.0.tar.gz"; };

Apache, lighttpd, ...

use Rex::Apache::Deploy "Tomcat";

user "deploy";public_key "/home/deploy/.ssh/id_rsa.pub";private_key "/home/deploy/.ssh/id_rsa";

group "tomcat" => "tomcat[01..04]";

context_path "/myapp";

desc "Deploy Application";task "deploy", group => "tomcat", sub {

deploy "myapp-1.0.0.war", username => "manager-user", password => "manager-password", port => 8080; };

Tomcat

Danke fr die Aufmerksamkeit.

http://rexify.org/

@jfried83