Проект

Общее

Профиль

SCI services management » История » Версия 6

Версия 5 (Владимир Ипатов, 09.11.2012 16:45) → Версия 6/15 (Владимир Ипатов, 09.11.2012 16:45)

{{toc}}

h1. SCI services management

h2. PUPPET

Puppet http://www.puppetlabs.com/) is the open source platform for enterprise systems management.
Puppet is used to deploy the configuration to the cluster instances.
Documentation can be found at http://docs.puppetlabs.com/

Puppet master is installed on the instance 'sci'.

By default you have several modules in puppet:
* Apt config(approx)
* DNS config(bind9)
* DHCP config(dhcpd)
* locale config(locale)
* timezone config(timezone).

Classes pick and providing parameters for it made by /etc/puppet/manifests/nodes.pp:
<pre>
node 'default' {
class { sources_list_local: stage => pre0, }
class { common_profile: stage => pre1, }
class { timezone: zone => "Europe/Moscow", stage => main, }
class { locale: def_locale => "ru_RU.UTF-8", stage => main, }
}

node 'sci' {
class { approx_local: stage => pre0, }
class { sources_list_local: stage => pre0, }
class { common_profile: stage => pre1, }
class { bind9_sci: stage => main, }
class { timezone: zone => "Europe/Moscow", stage => main, }
class { locale: def_locale => "ru_RU.UTF-8", stage => main, }
class { dhcpd: enabled => no, stage => post1, }
}
</pre>
If you don't specify node, default classes will be accepted for this node.

h2. Apt

Apt is configured on the instance 'sci' via puppet.

h3. sources.list

Global distributed sources.list template is resided in @/etc/puppet/modules/approx/templates/sources.list.erb@

h3. Approx

Approx is configured in @/etc/puppet/modules/approx/templates/approx.conf.erb@
To apply your changes quickly you should issue
<pre>
/etc/init.d/puppet restart
</pre>

h2. DNS

DNS is configured on the instance 'sci' via puppet.

The forward zone file is stored as a template at @/etc/puppet/modules/bind9/templates/sci/zone.erb@
in system it will be at @/etc/bind/master/$domain@
The reverse zone file is stored as a template at @/etc/puppet/modules/bind9/templates/sci/in-addr.erb@
in system it will be at @/etc/bind/master/in-addr@
On each update you should set new (growing) zone serial number, initially
<pre>
0000000001 ; Serial
</pre>
to the new growing value. YYYYMMDDNN is recommended (NN - is the change number in one day).
Feel free to modify it to adjust your system.

New names should be placed below the string
<pre>
; here you can put any other records
</pre>

To apply your changes quickly you should issue
<pre>
/etc/init.d/bind9 reload
</pre>

Note that if you using dynamic updates(e.g. from dhcp-server) you must before editing file:
<pre>rndc freeze your.domain</pre>
for forward zone or
<pre>rndc freeze 168.192.in-addr.arpa</pre>
for reverse zone.
And after editing the zone you must:
<pre>rndc unfreeze your.domain</pre>
or
<pre>rndc unfreeze 168.192.in-addr.arpa</pre>

h2. H2. DHCP

isc-dhcp-server is configured on instance sci via puppet, but disabled by default.
Default setup looks like this:
If you have LAN segment in yous setup, it will be configured on it, else it will be configured on ganeti bridge.
dynamic dns updates configured by default.
<pre>
ddns-update-style interim;
ddns-updates on;
allow-unknown-clients;
autoritative;
ddns-domainname "your.domain";
update-static-leases on;
allow client-updates;

key DHCP_UPDATE {
algorithm HMAC-MD5;
secret secret-generated-md5;
};

subnet 192.168.5.0 netmask 255.255.255.0 {
authoritative;
ddns-updates on;
range 192.168.5.11 192.168.5.254;
option routers 192.168.5.35;
option domain-name-servers 192.168.5.35;
option domain-name "your.domain";
default-lease-time 604800;
max-lease-time 2592000;
}

zone your.domain. {
primary 127.0.0.1;
key DHCP_UPDATE;
}

zone 168.192.in-addr.arpa. {
primary 127.0.0.1;
key DHCP_UPDATE;
}
</pre>