おつかれさまです。小宮です。
前回に引き続き、munin,zabbixの手順のレシピをご紹介します。レシピはこの記事でおしまいです。
記事の最後にはレシピの適用方法を記載します。
・muninのレシピ
# cd /opt/src/rpms
# mkdir -p /root/chef-repo/site-cookbooks/munin/files/default/rpms
# mkdir -p /root/chef-repo/site-cookbooks/munin/files/default/var/www/html/munin
# mkdir /root/chef-repo/site-cookbooks/munin/files/default/etc/munin/plugin-conf.d
# cp -p /etc/munin/munin.conf /root/chef-repo/site-cookbooks/munin/files/default/etc/munin/
# scp -Cp xxx-web01:/etc/munin/munin-node.conf /root/chef-repo/site-cookbooks/munin/files/default/etc/munin/
# cp -p /var/www/html/munin/.htaccess /root/chef-repo/site-cookbooks/munin/files/default/var/www/html/munin/
# cp -p /etc/munin/plugin-conf.d/munin-node /root/chef-repo/site-cookbooks/munin/files/default/etc/munin/plugin-conf.d/
# tar cf /root/chef-repo/site-cookbooks/munin/files/default/rpms/munin-node-rpm.tar ./munin-node-rpm/
# tar tf /root/chef-repo/site-cookbooks/munin/files/default/rpms/munin-node-rpm.tar ./munin-node-rpm/
# tar cf /root/chef-repo/site-cookbooks/munin/files/default/rpms/munin-serv-rpm.tar ./munin-serv-rpm/
# tar tf /root/chef-repo/site-cookbooks/munin/files/default/rpms/munin-serv-rpm.tar ./munin-serv-rpm/
# cd /root/chef-repo/site-cookbooks/munin/recipes
# touch munin-node.rb munin-server.rb munin-node-db.rb munin-node-web.rb
# vi munin-node.rb
filename = "munin-node-rpm.tar"
cookbook_file "/tmp/#{filename}" do
source "rpms/#{filename}"
mode 0644
end
package "perl-DBI" do
not_if "rpm -qa|grep perl-DBI"
action :install
end
script "install_munin-node" do
not_if 'ls /etc/munin/munin-node.conf'
interpreter "bash"
user "root"
code <<-EOL
cd /tmp
tar xf /tmp/#{filename}
rpm -i /tmp/munin-node-rpm/perl-Dig*
rpm -i /tmp/munin-node-rpm/perl-{C*,H*,I*,L*,N*,X*,li*}
rpm -i /tmp/munin-node-rpm/perl-DBD-Pg*
rpm -i /tmp/munin-node-rpm/munin-*
cp -p /etc/munin/munin-node.conf{,.org}
EOL
end
cookbook_file "/etc/munin/munin-node.conf" do
source "etc/munin/munin-node.conf"
mode 0644
end
script "link_plugins" do
not_if 'ls /etc/munin/plugins/tcp'
interpreter "bash"
user "root"
code <<-EOL
rm -f /etc/munin/plugins/*
ln -s /usr/share/munin/plugins/cpu /etc/munin/plugins/cpu
ln -s /usr/share/munin/plugins/if_err_ /etc/munin/plugins/if_err_eth0
ln -s /usr/share/munin/plugins/if_ /etc/munin/plugins/if_eth0
ln -s /usr/share/munin/plugins/iostat /etc/munin/plugins/iostat
ln -s /usr/share/munin/plugins/load /etc/munin/plugins/load
ln -s /usr/share/munin/plugins/memory /etc/munin/plugins/memory
ln -s /usr/share/munin/plugins/tcp /etc/munin/plugins/tcp
ln -s /usr/share/munin/plugins/df /etc/munin/plugins/df
EOL
end
service "munin-node" do
supports :status => true, :restart => true
action [ :enable, :start ]
end
# vi munin-server.rb
filename = "munin-serv-rpm.tar"
cookbook_file "/tmp/#{filename}" do
source "rpms/#{filename}"
mode 0644
end
script "install_munin-serv" do
not_if 'ls /etc/munin/munin.conf'
interpreter "bash"
user "root"
code <<-EOL
tar xf /tmp/#{filename}
rpm -i /tmp/munin-serv-rpm/*
cp -p /etc/munin/munin.conf{,.org}
EOL
end
cookbook_file "/etc/munin/munin.conf" do
source "etc/munin/munin.conf"
mode 0644
end
service "munin-node" do
supports :status => true, :restart => true
action [ :enable, :start ]
end
cookbook_file "/var/www/html/munin/.htaccess" do
source "var/www/html/munin/.htaccess"
mode 0644
end
# vi munin-node-web.rb
script "link_plugins_web" do
not_if 'ls /etc/munin/plugins/apache_accesses'
interpreter "bash"
user "root"
code <<-EOL
ln -s /usr/share/munin/plugins/apache_accesses /etc/munin/plugins/apache_accesses
ln -s /usr/share/munin/plugins/apache_processes /etc/munin/plugins/apache_processes
EOL
end
service "munin-node" do
supports :status => true, :restart => true
action [ :enable, :restart ]
end
# vi munin-node-db.rb
script "link_plugins_db" do
not_if 'ls /etc/munin/plugins/mysql_threads'
interpreter "bash"
user "root"
code <<-EOL
ln -s /usr/share/munin/plugins/mysql_queries /etc/munin/plugins/mysql_queries
ln -s /usr/share/munin/plugins/mysql_slowqueries /etc/munin/plugins/mysql_slowqueries
ln -s /usr/share/munin/plugins/mysql_threads /etc/munin/plugins/mysql_threads
EOL
end
cookbook_file "/etc/munin/plugin-conf.d/munin-node" do
source "etc/munin/plugin-conf.d/munin-node"
mode 0644
end
service "munin-node" do
supports :status => true, :restart => true
action [ :enable, :restart ]
end
role毎にちがうコマンド実行するとかひとつのレシピ内でやる方法ってあるのかが気になります。ifとかでできるんでしょうか。
今回はそんな方法はわからなかったので、webとdbそれぞれ用のレシピを分けて作りました。
roleに適用する順序は、munin-node.rbを最初にしないとプラグインが最初全部消される仕様です。(レシピは上から順に実行されます)
zabbixのレシピ
・zabbix-agent
# mkdir -p /root/chef-repo/site-cookbooks/zabbix/files/default/opt/bin
# mkdir -p /root/chef-repo/site-cookbooks/zabbix/templates/default/etc/zabbix
# mkdir -p /root/chef-repo/site-cookbooks/zabbix/files/default/{etc,rpms}
# cd /opt/src/rpms
# tar cf /root/chef-repo/site-cookbooks/zabbix/files/default/rpms/zabbix-rpm.tar ./zabbix-rpm/
# tar tf /root/chef-repo/site-cookbooks/zabbix/files/default/rpms/zabbix-rpm.tar ./zabbix-rpm/
# scp -Cp xxx-web01:/etc/zabbix/zabbix_agentd.conf /root/chef-repo/site-cookbooks/zabbix/templates/default/etc/zabbix/
# cp -p /opt/bin/mem_monitor.sh /root/chef-repo/site-cookbooks/zabbix/files/default/opt/bin/
# cd /root/chef-repo/site-cookbooks/zabbix/recipes
# touch zabbix-agent.rb zabbix-proxy.rb
# vi zabbix-agent.rb
filename = "zabbix-rpm.tar"
cookbook_file "/tmp/#{filename}" do
source "rpms/#{filename}"
mode 0644
end
script "install_zabbix_agent" do
not_if 'ls /etc/zabbix/zabbix_agentd.conf'
interpreter "bash"
user "root"
code <<-EOL
tar xf /tmp/#{filename}
rpm -i /tmp/zabbix-rpm/repo-rpm/*.rpm
ln -sf /usr/share/zabbix-jp-release/zabbix-jp-1.8.repo /etc/alternatives/zabbix-jp-release
rpm -i /tmp/zabbix-rpm/*.rpm
cp -p /etc/zabbix/zabbix_agentd.conf{,.org}
EOL
end
template '/etc/zabbix/zabbix_agentd.conf' do
owner 'root'
group 'root'
source 'etc/zabbix/zabbix_agentd.conf'
end
service "zabbix-agent" do
supports :status => true, :restart => true, :reload => true
action [ :enable, :start ]
end
cookbook_file "/opt/bin/mem_monitor.sh" do
source "opt/bin/mem_monitor.sh"
mode 0755
end
zabbix_agentd.confはホスト名とかIPアドレスを書く箇所があるのでtemplateに置いてohaiでnodeの値を入れるようにしました。
ohaiで値がとれることを確認しておく
# ohai ipaddress
[
"10.0.0.93"
]
# ohai hostname
[
"xxx-stg01"
]
# vi /root/chef-repo/site-cookbooks/zabbix/templates/default/etc/zabbix/zabbix_agentd.conf
# diff /etc/zabbix/zabbix_agentd.conf.org /root/chef-repo/site-cookbooks/zabbix/templates/default/etc/zabbix/zabbix_agentd.conf
63c63
< # EnableRemoteCommands=0
---
> EnableRemoteCommands=1
86c86
< Server=127.0.0.1
---
> Server=<%= node['ipaddress'] %>
109c109
< Hostname=Zabbix server
---
> Hostname=<%= node['hostname'] %>
134c134
< ListenIP=127.0.0.1
---
> ListenIP=0.0.0.0
265a266,268
>
> ##memory
> UserParameter=mem.puse,/opt/bin/mem_monitor.sh
・zabbix-proxy
zabbix用のmysqlを4406で別途動かす
# mkdir -p /root/chef-repo/site-cookbooks/zabbix/files/default/etc/init.d
# cp -p /etc/init.d/mysqld_4406 /root/chef-repo/site-cookbooks/zabbix/files/default/etc/init.d/
# cp -p /etc/my_4406.cnf /root/chef-repo/site-cookbooks/zabbix/files/default/etc/
# mkdir -p /root/chef-repo/site-cookbooks/zabbix/files/default/etc/zabbix
# cp -p /etc/zabbix/zabbix_proxy.conf /root/chef-repo/site-cookbooks/zabbix/files/default/etc/zabbix/
# vi zabbix-proxy.rb
cookbook_file "/etc/init.d/mysqld_4406" do
source "etc/init.d/mysqld_4406"
mode 0755
end
directory '/var/lib/mysql_4406/' do
owner 'mysql'
group 'mysql'
mode '0755'
action :create
end
cookbook_file "/etc/my_4406.cnf" do
source "etc/my_4406.cnf"
mode 0644
end
service "mysqld_4406" do
supports :status => true, :restart => true, :reload => :true
action [ :enable, :start ]
end
data_bag1 = Chef::EncryptedDataBagItem.load('mysqluser','root')
data_bag2 = Chef::EncryptedDataBagItem.load('mysqluser','zabbix')
ROOT_PASSWORD = data_bag1['pass']
ZABBIX_PASSWORD = data_bag2['pass']
socket='--socket=/var/lib/mysql_4406/mysql.sock'
filename=zabbix-jp-release-5-6.noarch.rpm
script "install_zabbix-proxy" do
not_if 'ls /etc/init.d/zabbix-proxy'
interpreter "bash"
user "root"
code <<-EOL
wget http://www.zabbix.jp/binaries/relatedpkgs/rhel5/x86_64/#{filename}
rpm -Uvh #{filename}
yum -y install --enablerepo=zabbix-jp zabbix-proxy zabbix-proxy-mysql
/usr/bin/mysqladmin -u root #{socket} password #{ROOT_PASSWORD}
mysql -u root #{socket} -p#{ROOT_PASSWORD} -e "drop database test;"
mysql -u root #{socket} -p#{ROOT_PASSWORD} -e "create database zabbix_proxy;"
mysql -u root #{socket} -p#{ROOT_PASSWORD} -e "grant all privileges on zabbix_proxy.* to zabbix@localhost identified by "#{ZABBIX_PASSWORD}";"
mysql -u root #{socket} -p#{ROOT_PASSWORD} -e "DELETE FROM mysql.user WHERE password='';"
mysql -u root #{socket} -p#{ROOT_PASSWORD} -e "flush privileges;"
mysql -u zabbix #{socket} -p#{ZABBIX_PASSWORD} zabbix_proxy < /usr/share/doc/zabbix-proxy-1.8.16/schema/mysql.sql
mysql -u zabbix #{socket} -p#{ZABBIX_PASSWORD} zabbix_proxy < /usr/share/doc/zabbix-proxy-1.8.16/data/data.sql
mysql -u zabbix #{socket} -p#{ZABBIX_PASSWORD} zabbix_proxy < /usr/share/doc/zabbix-proxy-1.8.16/data/images_mysql.sql
EOL
end
service "zabbix-proxy" do
supports :status => true, :restart => true, :reload => :true
action [ :enable, :start ]
end
cookbook_file "/etc/zabbix/zabbix_proxy.conf" do
source "etc/zabbix/zabbix_proxy.conf"
mode 0644
notifies :reload, 'service[zabbix-proxy]'
end
クックブックのシンタックステスト
# knife cookbook test zabbix
# knife cookbook test munin
・レシピの適用方法について
1つのノードに必要なレシピをまるごと割り当てる場合(事前に定義しておいたnodeとroleからレシピが適用されていきます)
# knife solo cook 10.0.0.240
個別にテストしたい場合(部分的に修正したあと手っ取り早く確認したい時などに)
# knife solo cook 10.0.0.240 -o base_setting::sysctl,httpd::httpd-server
vagrant使う場合は、Vagrantfileのある場所でvagrant provisionとうつとprovision(レシピ適用)されます。
chef-soloの場合、knifeコマンドでレシピを適用するのは並列実行ができないようで、必要ならforでぐるぐる回して順に実行させる感じです。
今回作成したレシピの適用にかかった時間はwebserverが2分、dbserverが5分程度でした。serverspecでのテストは30秒でした。(t1.microインスタンスです)
次回は最後にserverspecでのテストをご紹介です。
お楽しみに。
