MCollective架构篇4-MCollective各种插件的部署及测试

MCollective只是一个框架,如果需要在上面发挥各种作用,那就需要各种插件的支持。官方提供了很多这方面的插件,除此之外,还有第三方的插件,比如shell插件等,下面会介绍各种插件的安装,以及插件之间如何组合进行使用。

1、在mcollective client端和server端安装各种官网plugins

首先去官网下载各个插件 http://yum.puppetlabs.com

1.1 下载collective-client端

  1. [root@linuxmaster1poc ~]# rpm -qa | grep mco
  2. mcollective-service-common-3.1.2-1.noarch
  3. mcollective-client-2.2.4-1.el6.noarch
  4. mcollective-service-client-3.1.2-1.noarch
  5. mcollective-common-2.2.4-1.el6.noarch
  6. mcollective-iptables-common-3.0.1-1.noarch
  7. mcollective-filemgr-client-1.0.1-1.noarch
  8. mcollective-nrpe-client-3.0.2-1.noarch
  9. mcollective-puppet-client-1.6.0-1.noarch
  10. mcollective-nrpe-common-3.0.2-1.noarch
  11. mcollective-filemgr-common-1.0.1-1.noarch
  12. mcollective-iptables-client-3.0.1-1.noarch
  13. mcollective-puppet-common-1.6.0-1.noarch
  14. mcollective-facter-facts-1.0.0-1.noarch
  15. mcollective-package-client-4.2.0-1.noarch
  16. mcollective-package-common-4.2.0-1.noarch

1.2 下载mcollecitve-server端

  1. [root@linux57poc ~]# rpm -qa | grep mco
  2. mcollective-nrpe-common-3.0.2-1
  3. mcollective-puppet-common-1.6.0-1
  4. mcollective-iptables-common-3.0.1-1
  5. mcollective-iptables-agent-3.0.1-1
  6. mcollective-2.2.4-1.el5
  7. mcollective-package-common-4.2.0-1
  8. mcollective-service-common-3.1.2-1
  9. mcollective-service-agent-3.1.2-1
  10. mcollective-puppet-agent-1.6.0-1
  11. mcollective-package-agent-4.2.0-1
  12. mcollective-filemgr-common-1.0.1-1
  13. mcollective-common-2.2.4-1.el5
  14. mcollective-facter-facts-1.0.0-1
  15. mcollective-filemgr-agent-1.0.1-1
  16. mcollective-nrpe-agent-3.0.2-1

以上安装可写个package模块执行,以下只针对mcollective server端,安装完成之后记得重启服务,如果写了service模块可以自动刷新

1.3 编写plugins.pp

  1. class mcollective::plugins{
  2.   include mcollective::plugins_puppet,
  3.     mcollective::plugins_facter,
  4.     mcollective::plugins_filemgr,
  5.     mcollective::plugins_iptables,
  6. #   mcollective::plugins_nettest, #这个安装需要依赖包 ruby-net-ping,没找到
  7.     mcollective::plugins_nrpe,
  8.     mcollective::plugins_package,
  9.     mcollective::plugins_service
  10. }
  12. #mco-client need install mcollective-puppet-client and mcollective-puppet-common
  13. class mcollective::plugins_puppet{
  14.   package { ['mcollective-puppet-agent','mcollective-puppet-common']:
  15.     ensure  => installed,
  16.     require => Class["mcollective::install"]
  17.   }
  18. }
  21. #mco-client need install mcollective-facter-facts
  22. class mcollective::plugins_facter{
  23.   package { 'mcollective-facter-facts':
  24.     ensure  => installed,
  25.     require => Class["mcollective::install"]
  26.   }
  27. }
  29. #mco-client need install mcollective-filemgr-client and mcollective-filemgr-common
  30. class mcollective::plugins_filemgr{
  31.   package { ['mcollective-filemgr-agent','mcollective-filemgr-common']:
  32.     ensure  => installed,
  33.     require => Class["mcollective::install"]
  34.   }
  35. }
  38. #mco-client need install mcollective-iptables-client and mcollective-iptables-common
  39. class mcollective::plugins_iptables{
  40.   package { ['mcollective-iptables-agent','mcollective-iptables-common']:
  41.     ensure  => installed,
  42.     require => Class["mcollective::install"]
  43.   }
  44. }
  46. #mco-client need install mcollective-nettest-client and mcollective-nettest-common
  47. class mcollective::plugins_nettest{
  48.   package { ['mcollective-nettest-agent','mcollective-nettest-common']:
  49.     ensure  => installed,
  50.     require => Class["mcollective::install"]
  51.   }
  52. }
  54. #mco-client need install mcollective-nrpe-client and mcollective-nrpe-common
  55. class mcollective::plugins_nrpe{
  56.   package { ['mcollective-nrpe-agent','mcollective-nrpe-common']:
  57.     ensure  => installed,
  58.     require => Class["mcollective::install"]
  59.   }
  60. }
  62. #mco-client need install mcollective-package-client and mcollective-package-common
  63. class mcollective::plugins_package{
  64.   package { ['mcollective-package-agent','mcollective-package-common']:
  65.     ensure  => installed,
  66.     require => Class["mcollective::install"]
  67.   }
  68. }
  70. #mco-client need install mcollective-service-client and mcollective-service-common
  71. class mcollective::plugins_service{
  72.   package { ['mcollective-service-agent','mcollective-service-common']:
  73.     ensure  => installed,
  74.     require => Class["mcollective::install"]
  75.   }
  76. }

1.4 编写conf.pp

  1. class mcollective::service{
  2.   service { 'mcollective':
  3.     ensure     => running,
  4.     hasstatus  => true,
  5.     hasrestart => true,
  6.     enable     => true,
  7.     subscribe  => Class['mcollective::config'],
  8.   }
  9. }

1.5 mcollective-client端安装好之后,可通过mco命令查看

  1. [root@linuxmaster1poc ~]# mco 
  2. The Marionette Collective version 2.2.4
  4. usage: /usr/bin/mco command <options>
  6. Known commands:
  8.    completion           facts                filemgr             
  9.    find                 help                 inventory           
  10.    iptables             nrpe                 package             
  11.    ping                 plugin               puppet              
  12.    rpc                  service              shell               
  14. Type '/usr/bin/mco help' for a detailed list of commands and '/usr/bin/mco help command'
  15. to get detailed help for a command

1.6 mcollective-server端安装好之后,可在mco-client端查看

  1. [root@linuxmaster1poc ~]# mco inventory linux57poc
  2. Inventory for linux57poc:
  4.    Server Statistics:
  5.                       Version: 2.2.4
  6.                    Start Time: Fri Dec 13 08:15:46 +0800 2013
  7.                   Config File: /etc/mcollective/server.cfg
  8.                   Collectives: mcollective
  9.               Main Collective: mcollective
  10.                    Process ID: 23268
  11.                Total Messages: 16
  12.       Messages Passed Filters: 16
  13.             Messages Filtered: 0
  14.              Expired Messages: 0
  15.                  Replies Sent: 15
  16.          Total Processor Time: 0.71 seconds
  17.                   System Time: 0.15 seconds
  19.    Agents: #都加载上了
  20.       discovery       filemgr         nrpe           
  21.       package         puppet          rpcutil        
  22.       service         shell                          
  24.    Data Plugins:
  25.       agent           fstat           nrpe           
  26.       puppet          resource        service        
  28.    Configuration Management Classes:
  29.       No classes applied
  31.    Facts:
  32.       architecture => x86_64
  33.       augeasversion => 0.10.0
  34.       bios_release_date => 06/22/2012
  35.       bios_vendor => Phoenix Technologies LTD
  36.       bios_version => 6.00
  37.       blockdevice_fd0_size => 4096
  38.       blockdevice_hdc_size => 3834736640
  39.     。。。

注意: 接下来测试各种命令的操作组合,这里只举一些例子,更多信息可参考—help或者参考官网

2、安装shell插件

插件下载地址:https://github.com/kisspuppet/mcollective-plugins,有github客户端的童鞋可直接clone https://github.com/kisspuppet/mcollective-plugins.git

2.1、下载插件放在对应的目录里即可

  1. mcollective-client
  3. [root@linuxmaster1poc ~]# ll /usr/libexec/mcollective/mcollective/application/ | grep shell
  4. -rw-r--r-- 1 root root  1601 Aug  6 06:36 shell.rb
  5. [root@linuxmaster1poc ~]# ll /usr/libexec/mcollective/mcollective/agent/ | grep shell
  6. -rw-r--r-- 1 root root 1017 Aug  6 06:36 shell.ddl
  7. -rw-r--r-- 1 root root  862 Aug  6 06:36 shell.rb
  9. mcollective-server
  11. [root@linux57poc agent]# ll /usr/libexec/mcollective/mcollective/agent/ | grep shell
  12. -rw-r--r-- 1 root root 1017 Aug  6 06:36 shell.ddl
  13. -rw-r--r-- 1 root root  862 Aug  6 06:36 shell.rb

备注:mcollective-server端部署完成之后,记得重启mcollective服务。

2.2、 查看shell插件是否加载成功

从下面可以看出mcollective-client端shell插件已经有了 

  1. [root@linuxmaster1poc ~]# mco The Marionette Collective version 2.2.4 usage: /usr/bin/mco command Known commands: completion facts find
  2. help inventory ping
  3. plugin puppet rpc
  4. shell #shell插件加载OK
  5. Type '/usr/bin/mco help' for a detailed list of commands and '/usr/bin/mco help command' to get detailed help for a command

从下面可以看出mcollective-server端shell插件也加载了

  1. [root@linuxmaster1poc ~]# mco inventory linux57poc 
  2. Inventory for linux57poc:
  3.    Server Statistics:
  4.                       Version: 2.2.4
  5.                    Start Time: Fri Dec 13 01:14:14 +0800 2013
  6.                   Config File: /etc/mcollective/server.cfg
  7.                   Collectives: mcollective
  8.               Main Collective: mcollective
  9.                    Process ID: 23898
  10.                Total Messages: 10
  11.       Messages Passed Filters: 10
  12.             Messages Filtered: 0
  13.              Expired Messages: 0
  14.                  Replies Sent: 9
  15.          Total Processor Time: 0.73 seconds
  16.                   System Time: 0.17 seconds
  17.    Agents:
  18.       discovery       puppet          rpcutil        
  19.       shell  #shell插件加载OK                                          
  20.    Data Plugins:
  21.       agent           fstat           puppet         
  22.       resource                                       
  23.    Configuration Management Classes:
  24.       No classes applied
  25.    Facts:
  26.       architecture => x86_64
  27.       augeasversion => 0.10.0
  28.       bios_release_date => 06/22/2012
  29.       bios_vendor => Phoenix Technologies LTD
  30.       bios_version => 6.00
  31.       blockdevice_fd0_size => 4096
  32.       blockdevice_hdc_size => 3834736640
  33.       blockdevice_sda_model => Virtual disk
  34.       blockdevice_sda_size => 42949672960
  35.     。。。

2.3、通过shell插件执行shell命令

  1. mco shell帮助信息
  3. [root@linuxmaster1poc ~]# mco shell --help
  4. MCollective Distributed Shell
  5. Usage:   mco shell <CMD>
  6.   The CMD is a string
  7.   EXAMPLES:
  8.     mco shell uptime
  9.         --np, --no-progress          Do not show the progress bar
  10.     -1, --one                        Send request to only one discovered nodes
  11.         --batch SIZE                 Do requests in batches
  12.         --batch-sleep SECONDS        Sleep time between batches
  13.         --limit-seed NUMBER          Seed value for deterministic random batching
  14.         --limit-nodes, --ln, --limit COUNT
  15.                                      Send request to only a subset of nodes, can be a percentage
  16.     -j, --json                       Produce JSON output
  17.         --display MODE               Influence how results are displayed. One of ok, all or failed
  18.     -c, --config FILE                Load configuratuion from file rather than default
  19.     -v, --verbose                    Be verbose
  20.     -h, --help                       Display this screen
  21. Common Options
  22.     -T, --target COLLECTIVE          Target messages to a specific sub collective
  23.         --dt, --discovery-timeout SECONDS
  24.                                      Timeout for doing discovery
  25.     -t, --timeout SECONDS            Timeout for calling remote agents
  26.     -q, --quiet                      Do not be verbose
  27.         --ttl TTL                    Set the message validity period
  28.         --reply-to TARGET            Set a custom target for replies
  29.         --dm, --disc-method METHOD   Which discovery method to use
  30.         --do, --disc-option OPTION   Options to pass to the discovery method
  31.         --nodes FILE                 List of nodes to address
  32. Host Filters
  33.     -W, --with FILTER                Combined classes and facts filter
  34.     -S, --select FILTER              Compound filter combining facts and classes
  35.     -F, --wf, --with-fact fact=val   Match hosts with a certain fact
  36.     -C, --wc, --with-class CLASS     Match hosts with a certain config management class
  37.     -A, --wa, --with-agent AGENT     Match hosts with a certain agent
  38.     -I, --wi, --with-identity IDENT  Match hosts with a certain configured identity
  39. The Marionette Collective 2.2.4

显示对端uptime命令负载情况

  1. [root@linuxmaster1poc ~]# mco shell "uptime" 
  2. Do you really want to send this command unfiltered? (y/n): y
  3. Discovering hosts using the mc method for 2 second(s) .... 3
  4. Host: linux58poc
  5. Statuscode: 0
  6. Output:
  7.  02:45:02 up 21:10,  2 users,  load average: 0.00, 0.00, 0.00
  8. Host: linux64poc
  9. Statuscode: 0
  10. Output:
  11.  02:45:02 up 20:59,  1 user,  load average: 0.00, 0.00, 0.00
  12. Host: linux57poc
  13. Statuscode: 0
  14. Output:
  15.  02:45:02 up 21:04,  3 users,  load average: 0.00, 0.00, 0.00

显示所有节点/etc/password文件中puppet用户哪一行

  1. [root@linuxmaster1poc ~]# mco shell "cat /etc/passwd | grep puppet" 
  2. Do you really want to send this command unfiltered? (y/n): y
  3. Discovering hosts using the mc method for 2 second(s) .... 3
  4. Host: linux58poc
  5. Statuscode: 0
  6. Output:
  7. puppet:x:52:52:Puppet:/var/lib/puppet:/sbin/nologin
  8. Host: linux64poc
  9. Statuscode: 0
  10. Output:
  11. puppet:x:52:52:Puppet:/var/lib/puppet:/sbin/nologin
  12. Host: linux57poc
  13. Statuscode: 0
  14. Output:
  15. puppet:x:52:52:Puppet:/var/lib/puppet:/sbin/nologin

修改其中一台主机的root密码

  1. [root@linuxmaster1poc ~]# mco shell "echo redhat | passwd root --stdin" -I linux57poc 
  2. Host: linux57poc
  3. Statuscode: 0
  4. Output:
  5. Changing password for user root.
  6. passwd: all authentication tokens updated successfully.

备注:更多操作步骤可参考mco shell —help帮助。

警告:基于mcollective的shell插件虽然功能很强大,除了动态显示的命令之外,其它root能操作的,它基本上都能操作。所以操作也非常危险,可根据生产环境实际情况而定。

注意: 接下来测试各种命令的操作组合,这里只举一些例子,更多信息可参考—help或者参考官网

3、组合mcollective各种plugins完成各种任务组合

3.1、停止操作系统为RHEL5.x服务器的crond任务

先查看5.x系统crond的状态,使用插件 service、facts

  1. [root@linuxmaster1poc ~]# mco service crond status -F operatingsystemmajrelease=5
  3.  * [ ============================================================> ] 2 / 2
  5.    linux57poc: running
  6.    linux58poc: running
  8. Summary of Service Status:
  10.    running = 2
  13. Finished processing 2 / 2 hosts in 184.79 ms

然后通过service插件停止服务,使用插件 service、facts

  1. [root@linuxmaster1poc ~]# mco service crond stop -F operatingsystemmajrelease=5
  3.  * [ ============================================================> ] 2 / 2
  6. Summary of Service Status:
  8.    stopped = 2
  11. Finished processing 2 / 2 hosts in 914.76 ms

再次查看过滤的主机crond服务是否被停掉,使用插件 service、facts

  1. [root@linuxmaster1poc ~]# mco service crond status -F operatingsystemmajrelease=5
  3.  * [ ============================================================> ] 2 / 2
  5.    linux57poc: stopped
  6.    linux58poc: stopped
  8. Summary of Service Status:
  10.    stopped = 2
  13. Finished processing 2 / 2 hosts in 125.87 ms

也可以通过shell插件实现,使用到插件为shell、service、facts

  1. [root@linuxmaster1poc ~]# mco shell "service crond status" -F operatingsystemmajrelease=5
  2. Discovering hosts using the mc method for 2 second(s) .... 2
  3. Host: linux57poc
  4. Statuscode: 3
  5. Output:
  6. crond is stopped
  7. Host: linux58poc
  8. Statuscode: 3
  9. Output:
  10. crond is stopped

3.2、使用mco对自定义fact_apply4=app的主机做一次变更,要求环境为testing,模式为noop

首先查看下那些主机具备有这个自定义fact,使用的插件为find、inventory

  1. [root@linuxmaster1poc ~]# for i in `mco find` ; do echo $i; mco inventory $i | grep fact_apply4; done
  2. linux58poc
  3.   fact_apply4 => app
  4. linux57poc
  5. linux64poc
  6.   fact_apply4 => app

其次按要求做变更即可,使用到的插件为puppet,facts

  1. [root@linuxmaster1poc ~]# mco puppet -v runonce --environment=testing --noop -F fact_apply4=app
  2. Discovering hosts using the mc method for 2 second(s) .... 2
  4.  * [ ============================================================> ] 2 / 2
  7. linux64poc                              : OK
  8.     {:summary=>      "Started a background Puppet run using the 'puppet agent --onetime --daemonize --color=false --splay --splaylimit 30 --noop --environment testing' command"}
  10. linux58poc                              : OK
  11.     {:summary=>      "Started a background Puppet run using the 'puppet agent --onetime --daemonize --color=false --splay --splaylimit 30 --noop --environment testing' command"}
  15. ---- rpc stats ----
  16.            Nodes: 2 / 2
  17.      Pass / Fail: 2 / 0
  18.       Start Time: Fri Dec 13 09:10:50 +0800 2013
  19.   Discovery Time: 2003.32ms
  20.       Agent Time: 884.34ms
  21.       Total Time: 2887.67ms

变更完成后,迅速查看节点运行情况,使用到的插件为puppet

  1. [root@linuxmaster1poc ~]# mco puppet status 
  3.  * [ ============================================================> ] 3 / 3
  5.    linux64poc: Currently idling; last completed run 54 seconds ago
  6.    linux58poc: Currently applying a catalog; last completed run 1 minutes 12 seconds ago
  7.    linux57poc: Currently stopped; last completed run 22 minutes 57 seconds ago
  9. Summary of Applying:
  11.    false = 2
  12.     true = 1
  14. Summary of Daemon Running:
  16.    running = 2
  17.    stopped = 1
  19. Summary of Enabled:
  21.    enabled = 3
  23. Summary of Idling:
  25.    false = 2
  26.     true = 1
  28. Summary of Status:
  30.                idling = 1
  31.               stopped = 1
  32.    applying a catalog = 1
  35. Finished processing 3 / 3 hosts in 263.72 ms

3.3、远程改所有系统为RHEL6.4主机root的密码,使用到的插件为shell,facts

  1. [root@linuxmaster1poc ~]# mco shell "echo redhat | passwd root --stdin" -F operatingsystemrelease=6.4
  2. Discovering hosts using the mc method for 2 second(s) .... 1
  3. Host: linux64poc
  4. Statuscode: 0
  5. Output:
  6. Changing password for user root.
  7. passwd: all authentication tokens updated successfully.

3.4、查看所有节点puppet和facter安装包的版本信息,使用到的插件为package

  1. [root@linuxmaster1poc ~]# mco package status puppet
  3.  * [ ============================================================> ] 3 / 3
  5.    linux64poc: puppet-2.7.23-1.el6.noarch
  6.    linux57poc: puppet-2.7.23-1.el5.noarch
  7.    linux58poc: puppet-2.7.23-1.el5.noarch
  9. Summary of Arch:
  11.    noarch = 3
  13. Summary of Ensure:
  15.    2.7.23-1.el5 = 2
  16.    2.7.23-1.el6 = 1
  19. Finished processing 3 / 3 hosts in 635.21 ms
  21. [root@linuxmaster1poc ~]# mco package status facter
  23.  * [ ============================================================> ] 3 / 3
  25.    linux58poc: facter-1.7.3-1.el5.x86_64
  26.    linux64poc: facter-1.7.3-1.el6.x86_64
  27.    linux57poc: facter-1.7.3-1.el5.x86_64
  29. Summary of Arch:
  31.    x86_64 = 3
  33. Summary of Ensure:
  35.    1.7.3-1.el5 = 2
  36.    1.7.3-1.el6 = 1
  39. Finished processing 3 / 3 hosts in 124.99 ms

更多的功能可通过以下方式查看:

  1. [root@linuxmaster1poc ~]# mco puppet -h
  3. Schedule runs, enable, disable and interrogate the Puppet Agent
  5. Usage: mco puppet [OPTIONS] [FILTERS] <ACTION> [CONCURRENCY|MESSAGE]
  6. Usage: mco puppet <count|enable|status|summary>
  7. Usage: mco puppet disable [message]
  8. Usage: mco puppet runonce [PUPPET OPTIONS]
  9. Usage: mco puppet resource type name property1=value property2=value
  10. Usage: mco puppet runall [--rerun SECONDS] [PUPPET OPTIONS]
  12. The ACTION can be one of the following:
  14.     count    - return a total count of running, enabled, and disabled nodes
  15.     enable   - enable the Puppet Agent if it was previously disabled
  16.     disable  - disable the Puppet Agent preventing catalog from being applied
  17.     resource - manage individual resources using the Puppet Type (RAL) system
  18.     runall   - invoke a puppet run on matching nodes, making sure to only run
  19.                CONCURRENCY nodes at a time
  20.     runonce  - invoke a Puppet run on matching nodes
  21.     status   - shows a short summary about each Puppet Agent status
  22.     summary  - shows resource and run time summaries
  24.         --force                      Bypass splay options when running
  25.         --server SERVER              Connect to a specific server or port
  26.         --tags, --tag TAG            Restrict the run to specific tags
  27.         --noop                       Do a noop run
  28.         --no-noop                    Do a run with noop disabled
  29.         --environment ENVIRONMENT    Place the node in a specific environment for this run
  30.         --splay                      Splay the run by up to splaylimit seconds
  31.         --no-splay                   Do a run with splay disabled
  32.         --splaylimit SECONDS         Maximum splay time for this run if splay is set
  33.         --ignoreschedules            Disable schedule processing
  34.         --rerun SECONDS              When performing runall do so repeatedly with a minimum run time of SECONDS
  36.         --np, --no-progress          Do not show the progress bar
  37.     -1, --one                        Send request to only one discovered nodes
  38.         --batch SIZE                 Do requests in batches
  39.         --batch-sleep SECONDS        Sleep time between batches
  40.         --limit-seed NUMBER          Seed value for deterministic random batching
  41.         --limit-nodes, --ln, --limit COUNT
  42.                                      Send request to only a subset of nodes, can be a percentage
  43.     -j, --json                       Produce JSON output
  44.         --display MODE               Influence how results are displayed. One of ok, all or failed
  45.     -c, --config FILE                Load configuratuion from file rather than default
  46.     -v, --verbose                    Be verbose
  47.     -h, --help                       Display this screen
  49. Common Options
  50.     -T, --target COLLECTIVE          Target messages to a specific sub collective
  51.         --dt, --discovery-timeout SECONDS
  52.                                      Timeout for doing discovery
  53.     -t, --timeout SECONDS            Timeout for calling remote agents
  54.     -q, --quiet                      Do not be verbose
  55.         --ttl TTL                    Set the message validity period
  56.         --reply-to TARGET            Set a custom target for replies
  57.         --dm, --disc-method METHOD   Which discovery method to use
  58.         --do, --disc-option OPTION   Options to pass to the discovery method
  59.         --nodes FILE                 List of nodes to address
  61. Host Filters
  62.     -W, --with FILTER                Combined classes and facts filter
  63.     -S, --select FILTER              Compound filter combining facts and classes
  64.     -F, --wf, --with-fact fact=val   Match hosts with a certain fact
  65.     -C, --wc, --with-class CLASS     Match hosts with a certain config management class
  66.     -A, --wa, --with-agent AGENT     Match hosts with a certain agent
  67.     -I, --wi, --with-identity IDENT  Match hosts with a certain configured identity
  69. The Marionette Collective 2.2.4