Monday, July 30, 2012

Puppet Tutorial for Linux (Part 2): Client and Server

Puppet tutorial series

(Linux configuration management)
In Part 1 of this Puppet tutorial we saw how to install Puppet on a Linux machine from source, and create a basic manifest which controls the NTP service. In this episode we’ll cover setting up a Puppet server and then using it to control multiple client machines.

Installing servers with Puppet

In the first part of the tutorial, we installed Puppet directly from the source. This is a great way to learn and experiment, but for production purposes we would like to use a standard package - in this case, an Ubuntu package we can install via apt-get. This way, you can ensure that the same version of Puppet is present on your servers and update it automatically if need be. The Ubuntu package also has a few bonus features that the source package doesn’t.
If you want to follow along with the tutorial using your existing Puppet source install, that’s fine. It’s a good idea to make sure you’re using the same version of Puppet on both client and server, or you may run into obscure and annoying problems, so either install from the same source package on your client machine, or set up two fresh machines with the Ubuntu package as described below.
The version of Puppet in the standard Ubuntu repositories is a little old, so add Mathias Gug’s puppet-backports repository to your machine so that you can get a more recent version:
# add-apt-repository ppa:mathiaz/puppet-backports
# apt-get update
# apt-get install puppet puppetmaster
You can now start the Puppetmaster daemon and make the service persistent:
# update-rc.d puppetmaster defaults
# puppet master --mkusers
If there is a firewall between the Puppetmaster and its clients (eg an iptables firewall on the Puppetmaster server itself) you will need to open TCP port 8140 to the clients.

Create a client manifest

In Part 1 of the Puppet Tutorial we created a file /etc/puppet/manifests/nodes.pp, which lists the nodes (machines) that Puppet knows about, and what configuration they should have. Currently it looks like this:

node myserver {
    include ntp
}
As we’re adding a new node to the system, we need to modify the file so that it reads like this:

node myserver {
    include ntp
}

node myclient {
    include ntp
}

Authorising a client

Puppet uses SSL (Secure Sockets Layer), an encrypted protocol, to communicate between master and clients. This means that only a client with a correctly signed SSL certificate can access the Puppetmaster and receive its configuration. To exchange certificates between the master and client, follow this procedure.

Configuring the client to contact the server

Edit your /etc/puppet/puppet.conf file to tell the client where to find the Puppetmaster:
server = myserver.mydomain.com

Generate a certificate request

On the client, run:
# puppet agent --test
info: Creating a new certificate request for myclient.mydomain.com
info: Creating a new SSL key at /etc/puppet/ssl/private_keys/myclient.mydomain.com.pem
warning: peer certificate won't be verified in this SSL session
notice: Did not receive certificate
notice: Set to run 'one time'; exiting with no certificate

Sign the certificate

On the master:
# puppetca -l
myclient.mydomain.com
There is a certificate request pending for myclient. To sign it, run:
# puppetca -s myclient.mydomain.com
notice: Signed certificate request for myclient.mydomain.com
notice: Removing file Puppet::SSL::CertificateRequest myclient.mydomain.com at 
  '/var/lib/puppet/ssl/ca/requests/myclient.mydomain.com.pem'
If there is no certificate request listed, the client was not able to contact the server for some reason. Check that you have the right server address set in puppet.conf on the client, and that TCP port 8140 is open on both the master and client firewalls. The puppet master daemon also needs to be running on the master.

Run Puppet for the first time

On the client, you should now be able to run:
# puppet agent --test
notice: Got signed certificate
info: Caching catalog at /var/puppet/state/localconfig.yaml
notice: Starting catalog run
notice: //ntp/Service[ntp]/ensure: ensure changed 'stopped' to 'running'
notice: Finished catalog run in 0.92 seconds
Just as on the server in the first part of the tutorial, Puppet is now applying the ntp class to myclient. At the moment all this class does is ensure the ntp service is running, but of course it could do many more interesting things. And that’s what we’ll look at next time in Part 3.

Puppet books

If you’re excited about Puppet and want to learn more, may I modestly recommend the Puppet 2.7 Cookbook? The Puppet 2.7 Cookbook takes you beyond the basics to explore the full power of Puppet, showing you in detail how to tackle a variety of real-world problems and applications. At every step it shows you exactly what commands you need to type, and includes full code samples for every recipe.
Posted by at No comments:

Puppet Tutorial for Linux (Part I): Powering up with Puppet

Puppet tutorial series

(Linux configuration management)

Puppet tutorial part 1: Powering up with Puppet 2.6

This Linux Puppet tutorial will help you install Puppet for the first time and start managing your servers. Server configuration management (CM) is big news in the IT world these days. Rightly so, because Linux automation, devops and CM tools like Puppet and Chef can save you an enormous amount of time and money and help you build a really reliable and automated Linux infrastructure. In this tutorial, I’ll show you how to set up Puppet on Linux.
If you’re a sysadmin, or anyone else who manages a bunch of servers, CM tools can help you create patterns or recipes which you can use to build lots of identical servers, or cloud instances, or re-use in different places and for different applications. Automating Linux servers is a snap with Puppet. Puppet can manage thousands of servers as easily as just one or two - but let’s start with one or two!
If you’re a developer, Linux configuration management lets you write code which describes how servers should be set up - saving you the time and effort of doing it manually, and letting you create large, load-balanced groups of interchangeable servers which are guaranteed to be identically configured.

Installing Puppet

So much for the sales pitch. Let’s take a look at the steps required to get up and running with your first Puppet install (we’ll come to Chef in a later article).

Puppet example

For this Puppet example install, we’re going to assume you’re using an Ubuntu Linux machine. You can use a virtual machine for this, running in VMWare, VirtualBox or Xen if you like, or just a spare Linux box that happens to be lying around the office.
First, we need to install Puppet itself (you’ll need to log in as root or sudo su - on your server):
# apt-get install libopenssl-ruby rdoc libopenssl-ruby1.8 libreadline-ruby1.8 libruby1.8 rdoc1.8 ruby1.8
# wget http://puppetlabs.com/downloads/facter/facter-1.5.8.tar.gz
# wget http://puppetlabs.com/downloads/puppet/puppet-2.6.4.tar.gz
# tar xvzf facter-1.5.8.tar.gz
# cd facter-1.5.8
# ruby install.rb
# cd ..
# tar xvzf puppet-2.6.4.tar.gz
# cd puppet-2.6.4
# ruby install.rb
# puppetd --version
2.6.4
There are gems and packages for Puppet, but for the sake of simplicity we’re installing from source; this also guarantees that you’ll get an up-to-date version, as Puppet is under active development and there are frequent new releases.

Creating a Puppet configuration

Next, we need to give Puppet something to do. The code snippets that tell Puppet how a machine should be configured are called manifests - like a shipping manifest, it tells Puppet what things (packages, users, files and other resources) should be present, and what they should contain.
The first thing to do is create a directory structure to hold your manifests. Puppet itself is not too fussy about how these are laid out, but we’re going to follow the Puppet community’s best practices document and use the recommended layout there. To save time, you can download a (nearly) empty template layout. To use this:
# cd /etc
# wget http://bitfieldconsulting.com/files/powering-up-with-puppet.tar.gz
# tar xvzf powering-up-with-puppet.tar.gz
You should now have an /etc/puppet directory with two subdirectories: modules and manifests. Roughly speaking, modules is where Puppet code lives, and manifests is where we specify which code should be applied to each machine under Puppet’s control.

Starting the Puppetmaster

Puppet comes in two parts: a server (the Puppetmaster) which listens for connections from clients and then tells them what manifest they should have, and a client program, which runs on each machine under Puppet control and connects to the Puppetmaster to get its manifest.
In our example, we’re running the master and client on the same machine, so let’s start the server:
# puppet master --mkusers

Running the Puppet client

With the Puppetmaster running, we can now check that everything is working as it should by running the client:
# puppet agent --test --server=`hostname`
info: Caching catalog for localhost.localdomain
info: Applying configuration version '1256130640'
notice: Finished catalog run in 1.23 seconds

Creating Puppet classes

While technically we have just applied a Puppet manifest to the machine, it’s not a very interesting one, as it does nothing at all. Let’s create a manifest that manages a simple service: NTP (the Network Time Protocol). NTP is a daemon which keeps the machine’s clock synchronised with reference servers on the Internet.
First we’re going to create a class for the NTP service (if you haven’t done any object-oriented programming, a class is just a named chunk of code which we can refer to).
I’ve created a (nearly) empty template for you for the NTP class, so go ahead and edit the file /etc/puppet/modules/ntp/manifests/ntp.pp. Currently it looks like this:
class ntp {
}
Change it to this:
class ntp {

    package { "ntp": 
        ensure => installed 
    }

    service { "ntp":
        ensure => running,
    }
}
And save the file. We’ve now created a Puppet manifest which will manage the NTP daemon (ntp).

Creating Puppet nodes

Because Puppet can manage many machines at once, we still need to tell it to apply the NTP manifest to this machine. To do that, edit the file /etc/puppet/manifests/nodes.pp. You’ll see a template that looks like this:
node myserver {
}
Change it to this:
node myserver {
    include ntp
}
(Replace myserver with the name of your machine - that is, the output of hostname -s.)
When Puppet runs, it looks for a node definition that matches the name of the client machine, and applies all the classes that it finds listed there with include.
You’ve now told Puppet that the server myserver (or whatever your machine is named) should have the NTP manifest applied to it.

Applying changes with Puppet

When you run Puppet again:
# puppet agent --test --server=`hostname`
info: Caching catalog for localhost.localdomain
info: Applying configuration version '1256130643'
notice: //ntp/Service[ntp]/ensure: ensure changed 'stopped' to 'running'
notice: Finished catalog run in 0.94 seconds
What happened here? Puppet looked up the manifest for myserver and found this:
    package { "ntp": 
        ensure => installed 
    }

    service { "ntp":
        ensure => running,
    }
This says that the package ntp should be installed, and the service ntp should be running. Your system may or may not have ntp already installed, but if not, Puppet will install it. Puppet checks to see if the service is started, and if it’s not, it starts the service for you. If you run Puppet again now:
# puppet agent --test --server=`hostname`
info: Caching catalog for localhost.localdomain
info: Applying configuration version '1256130643'
notice: Finished catalog run in 0.66 seconds
you’ll see that Puppet does nothing, because the manifest is satisfied.

Puppet manifests are declarations

Puppet manifests are not a set of instructions, in the way that a shell script or a Ruby program is. They’re a declaration of how the world should be (or that part of it under Puppet’s control, anyway). If reality differs from the manifest, Puppet takes steps to adjust reality.
This means that Puppet isn’t just useful for building machines. It can also check them regularly to make sure that nothing important has changed, and if it has, to correct it. If you stop the NTP service manually and then run Puppet again, you’ll find Puppet restarts it.
Conversely, if you decide you no longer want NTP running on your machines, you can change the word running to stopped, and Puppet will enforce this policy on every machine that includes the NTP manifest (which could be hundreds or even thousands of servers).
Imagine making a change like that to a large production network by logging in to each machine in turn and running the necessary commands manually. Not only would it be tedious and time-consuming, but if you got interrupted halfway through, you might not remember which machines you’d fixed, and your whole network would be in an inconsistent and unknown state.

In our next thrilling episode

You’ve just powered up your system with Puppet! Next time in Puppet Tutorial part 2: Client and Server, we’ll look at how to set up Puppet to control multiple machines. If you’ve got any comments on this Puppet tuto, do let me know!

Puppet links

Puppet books

If you’re excited about Puppet and want to learn more, may I modestly recommend the Puppet 2.7 Cookbook? The Puppet 2.7 Cookbook takes you beyond the basics to explore the full power of Puppet, showing you in detail how to tackle a variety of real-world problems and applications. At every step it shows you exactly what commands you need to type, and includes full code samples for every recipe.
Posted by at No comments:

Regarding Affymetrix

Human Exon 1.0 ST Array - Support Materials

VIGNETTES: Use of APT to Analyze WT Based Exon and Gene Expression Arrays

Posted by at No comments:

Tuesday, July 24, 2012

Use Matlab plotting in commandline mode 

 
ssh -x user@server          # disabled X11 forwarding
unset DISPLAY               # unset DISPLAY variable
matlab -nodisplay           # start MATLAB without the desktop
figure, close                    # must do this first, otherwise plot is empty
plot(1:10)                       # usual plotting
print -dpdf -r600 file.pdf       # save the figure as file.ps
saveas(gcf, 'file.eps', 'eps2c') # saveas aslo works
exit                             # done
 
original discussion
Posted by at No comments:

Monday, July 23, 2012

JEE6 on NetBeans and Eclipse: tutorials II

  1. JSP + Servlets + EJB: Java EE 6 & GlassFish 3 using NetBeans 6.9 (Part 1 of 5)

    This multi-part screencast series shows how NetBeans 6.9 provides comprehensive tooling for Java EE 6 & GlassFish 3. The different parts show: 1 ...
    by arungupta | 2 years ago | 63,626 views
  2. Thumbnail7:33

    Java EE 6 and GlassFish 3 with NetBeans 6.9 (4 of 5) - CDI with JSF 2

    This multi-part screencast series shows how NetBeans 6.9 provides comprehensive tooling for Java EE 6 & GlassFish 3. The different parts show: 1 ...
    by GlassFishVideos | 1 year ago | 16,773 views
  3. ThumbnailThumbnailThumbnailThumbnail

    java

    by adxtr | 12 videos
  4. Thumbnail4:56

    Part II - Deploying a Java EE 6 stateless EJB 3.x to GlassFish using Eclipse

    Deploy a Java stateless bean to GlassFish using Eclipse.
    by tcorey108 | 6 months ago | 498 views
  5. Thumbnail7:56

    Java EE 6 and GlassFish 3 with NetBeans 6.9 (3 of 5) - Facelets and JSF 2

    This multi-part screencast series shows how NetBeans 6.9 provides comprehensive tooling for Java EE 6 & GlassFish 3. The different parts show: 1 ...
    by GlassFishVideos | 1 year ago | 23,596 views
  6. Thumbnail10:39

    Part III - Calling a Java EE 6 stateless EJB 3.x deployed to GlassFish using Eclipse

    Call a stateless bean, from a remote client, deployed to GlassFish, using Eclipse.
    by tcorey108 | 6 months ago | 582 views
  7. Thumbnail2:51

    Part I - Creating a Java EE 6 stateless EJB 3.x for GlassFish using Eclipse

    Create a Java stateless bean for GlassFish in Eclipse.
    by tcorey108 | 6 months ago | 697 views
  8. Thumbnail3:03

    Part IV - Create a Java EE 6 jar file for a GlassFish EJB 3.x client using Eclipse

    Create a jar file for a GlassFish EJB client and run it from the command line.
    by tcorey108 | 6 months ago | 291 views
  9. Thumbnail8:02

    RESTful Web services using JAX-RS: Java EE 6 & GlassFish 3 using NetBeans 6.9 (Part 5 of 5)

    This multi-part screencast series shows how NetBeans 6.9 provides comprehensive tooling for Java EE 6 & GlassFish 3. The different parts show: 1 ...
    by arungupta | 2 years ago | 14,422 views
  10. Thumbnail11:09

    Part VI - Use injection (and Eclipse) to call a Java EE 6 stateless EJB 3.x deployed to GlassFish

    Call a stateless bean, from a remote client, deployed to GlassFish, using injection and Eclipse.
    by tcorey108 | 6 months ago | 244 views
  11. Thumbnail44:03

    Building Web Applications with Java EE 6

    Replay of the "Building Web Applications with Java EE 6" webinar from January 25th 2011
    by GlassFishVideos | 1 year ago | 30,537 views
  12. Thumbnail10:36

    Java EE 6 does Java 7 with GlassFish 3.1.1

    Demo of a Java EE 6 Web Application running on GlassFish 3.1.1 and using JDK 7's new languages features (project Coin)
    by GlassFishVideos | 1 year ago | 5,080 views
  13. Thumbnail36:10

    Java EE 6, Maven, and EJB with GlassFish

    Join engineering for a deep dive into Maven, EJB and Java EE6, and other new capabilities of Oracle GlassFish Server 3.1. Developers, Architects ...
    by GlassFishVideos | 1 year ago | 9,530 views
  14. Thumbnail47:57
    Translate

    Java EE 6 Development with NetBeans and GlassFish

    Java EE 6 Development with NetBeans and GlassFish
    by GlassFishVideos | 1 year ago | 18,241 views
  15. Thumbnail54:31

    Feb 28 GlassFish 3.1 Launch - with Team

    Anil Gaur, VP of Software Development, Java EE & GlassFish covers the two main themes for this major release: Developer Productivity & Enterprise ...
    by GlassFishVideos | 1 year ago | 6,032 views
Posted by at No comments:
Subscribe to: Posts (Atom)