Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita

フレームワークでシステム管理アプリケーションプログラミングをもっと簡単に

About me Gosuke Miyashita mizzy.org Working at paperboy&co. Recently, released the photo album service “30days album” (http://30d.jp/) Total technical design, storage api programming, server settings I love Dr.Pepper

System Admin Application Framework? A framework for system admin app WAF for sysadmin Func (Fedora Unified Network Controller) is a kind of it Although Func deoesn’t describe itself a framework I’m devloping Punc, a perl colne of Func.

System Admin Application? Basically “Exec some operations for multiple hosts” Easy to say, but ... How to select target hosts? How to connect to target hosts? How about security? How about getting results and parsing them How to reuse codes?

Framework? Hide the issues on previous page and you can concentrate for your really job Selecting target hosts? $punc = Punc::Client->new( ‘*’ ); $punc = Punc::Client->new( ‘www*’ ); Connect to target hosts and security $res = $punc-> service -> status ({ service => ‘httpd’ }); You can get the status of httpd of all taget hosts. Behind it, JSON-RPC over HTTPS + SSLv3 Auth

Framework? (cont.) Getting results and parse them Scalar, hash or array via JSON-RPC Reusability of code Punc consists of small modules. $punc-> service -> status (); Programming with combination of small modules

Framework! use Punc::Client; my $punc = Punc::Client->new( '*' ); my $res = $punc-> service -> status ({ service => 'httpd' }); while ( my $r = $res->next ) { Punc::Client->new( $r->host ) -> service -> start ({ service => 'httpd' }) if $r->result; }

Punc A perl clone of Func Why I’m developing Punc? Func only works on RedHat linux Func does not have abstract layer of different environments I LOVE Perl!

Architecture of Punc get a result call a module exec a module exec a module exec a module JSON-RPC over HTTPS + SSLv3 auth Manage target hosts Manage SSL certs master (puncmasterd) slave (puncd) slave (puncd) slave (puncd)

See http://coderepos.org/share/wiki/Punc

Checkout Punc $ svn co http://svn.coderepos.org/share/lang/perl/Punc/trunk Punc $ cd Punc

Start puncmasterd ; Create self-signed cert ; automatically and start with https $ ./bin/puncmasterd Please contact me at: <URL:https://host.example.com:7081/>

Start puncd $ ./bin/puncd (Request a CSR to puncmaster and waiting it signed)

Sign to the CSR $ ./bin/puncmaster-ca --list host.example.com $ ./bin/puncmaster-ca --sign host.example.com

Now puncd working! $ ./bin/puncd Please contact me at: <URL:https://host.example.com:7080/>

Use Punc with punc command $ ./bin/punc "*" call service description NAME Punc::Slave::Module::Service - Punc module for service control. SYNOPSIS # with punc command $ sudo punc "*" call service status --service=httpd # with Punc::Client module my $punc = Punc::Client->new($target); my $res = $punc->service->status({ service => 'httpd' }); ...

Use Punc with Punc::Client use Punc::Client; my $punc = Punc::Client->new( '*' ); my $res = $punc-> service -> status ({ service => 'httpd‘ }); while ( my $r = $res->next ) { Punc->new($r->host)- >service -> start ({ service => 'httpd' }) if $r->result; }

virt module(not yet exist) my $punc = Punc::Client->new( '*' ); my $res = $punc-> virt -> state ; while ( my $r = $res->next ) { next if $r->error; for my $vm ( @{ $r->vms } ) { if ( $vm->{state} eq 'shutdown' ) { Punc->new($r->host)-> virt -> create ($vm->{domain}) } } }

smart module(not yet exist) my $punc = Punc::Client->new( '*' ); my $result = $punc-> smart -> info ; while ( my $r = $result->next ) { unless ( $r->code ) { print "$r->host has error: "; print $r->detail . "\n"; } }

Punc module Module is distributed and executed on each targeted hosts Master host calls modules on targeted hosts via punc command or Punc::Client

Architecture of Punc(again) get a result call a module exec a module exec a module exec a module JSON-RPC over HTTPS + SSLv3 auth Manage target hosts Manage SSL certs master (puncmasterd) slave (puncd) slave (puncd) slave (puncd)

file module package Punc::Slave::Module::File; use Path::Class qw( dir file ); use Punc::Slave::Module { operatingsystem => [ qw/ .* / ] }; sub md5sum { my ( $self, $args ) = @_; return `md5sum $args->{file}`; } sub copy { ...

service module(for Red Hat) package Punc::Slave::Module::Service::RedHat; use Punc::Slave::Module::Service { operatingsystem => [ qw / redhat centos fedora / ] }; use Moose; with 'Punc::Slave::Module::Service::Role'; sub status { my ( $self, $args ) = @_; return $self->_command($args->{service}, 'status'); }

service module(for Debian) package Punc::Slave::Module::Service::Debian; use Punc::Slave::Module::Service { operatingsystem => [ qw / debian ubuntu / ] }; use Moose; with 'Punc::Slave::Module::Service::Role'; sub status { my ( $self, $args ) = @_; return $self->_command($args->{service}, 'status'); }

Abstraction layer with Pfacter Automatically detect a targeted host’s environmant and execute a adequate module Punc uses Pfacter for this purpose Pfacter is a perl clone of Facter by Ruby Facter is used with Puppet

Return values of a module # return scalar, hash ref, or array ref on success return $result; # return an error using Class::ErrorHandler return $self->error(‘error message’);

Module sync Mosules must be distributed to slaves Punc has punc-modulesync command punc-modulesync made with file module

Summary Punc is a framework for sysatem admin app programming Modules are executed on each slave node Master calls modules via JSON-RPC over HTTPS Programming with Punc is a combination of module calls Caller programs could be written by langauages other than Perl

Development in progress Code repository is in CodeRepos http://coderepos.org/share/ http://svn.coderepos.org/share/lang/perl/Punc/trunk Feel free to commit to trunk or make your branch! Please ask yappo if you don’t have a commit bit of CodeRepos #coderepos@freenode or #assurer@freenode

Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita

More Related Content

What's hot (20)

Viewers also liked (7)

Similar to Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita (16)

More from Gosuke Miyashita (20)

Recently uploaded (20)

Yapc::Asia 2008 Tokyo - Easy system administration programming with a framework by Gosuke Miyashita