webinar - manage rsyslog with puppet
TRANSCRIPT
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Manage Rsyslog with Puppet
Configuration management with puppet
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Who am I?
• Krishna Prajapati, Systems Engineer at Olindata
http://www.olindata.com/
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Overview• What is puppet (for those not aware)?• What is rsyslog ?• Puppet Module selection for rsyslog• Search and Install puppet module• Rsyslog Client• Rsyslog Server• Logging to Database• Questions
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
What is Puppet and why do we care?• Configuration management software- http://www.olindata.com/blog/2014/08/puppet-master-agent-setup- http://olindata.com/blog/2015/03/setup-puppet-server-centos-70
• Scales very well (from 1 to 200k+ nodes)• Multi-platform (windows, *nix, Mac OS, BSD)• Commercially supported Open Source• Infrastructure as code
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
What is Rsyslog ?• Rsyslog is opensource software utility based on unix • It is used for forwarding log message in an IP network.• Opensource• Implements the basic syslog protocol, extends it with
content-based filtering, rich filtering capabilities, flexible configuration options and adds features such as using TCP for transport.
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
1. Puppet forge https://forge.puppetlabs.com/2. Puppetlabs modules. https://forge.puppetlabs.com/saz/rsyslog3. Supported modules. https://forge.puppetlabs.com/supported
Puppet Module selection?
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Install puppet moduleroot@puppet:/etc/puppet# puppet module search rsyslogNotice: Searching https://forgeapi.puppetlabs.com ...NAME DESCRIPTION AUTHOR KEYWORDS ghoneycutt-rsyslog Manage rsyslog @ghoneycutt logging syslog rsyslog saz-rsyslog Manage rsyslog client and server @saz syslog rsyslog server tcp udp example42-rsyslog Puppet module for rsyslog @example42 rsyslog example42 alkivi-rsyslog Controls rsyslog server @alkivi debian syslog rsyslog dhoppe-rsyslog Rsyslog Module @dhoppe debian ubuntu rsyslog evenup-rsyslog Manages rsyslog. @evenup rsyslog xdrum-rsyslog Rsyslog Module @xdrum debian ubuntu rhel syslog rsyslog puppetlabs-vcli_rsyslog Puppet Enterprise module for saz/rsyslog @puppetlabs rsyslog vcli ….….loggly-loggly Configures various data sources for automatic submission to Loggly @loggly syslog syslog-ng
rsyslog loggly dtamsen-syslog_ng This module manages syslog-ng @dtamsen syslog syslog-ng rsyslog mikegleasonjr-server The Server module serves as a base configuration for all your man... @mikegleasonjr ntp rsyslog
firewall timezone swaproot@puppet:/etc/puppet#
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Install rsyslog puppet moduleroot@puppet:/etc/puppet# puppet module install saz-rsyslogNotice: Preparing to install into /etc/puppet/modules/common ...Notice: Downloading from https://forgeapi.puppetlabs.com ...Notice: Installing -- do not interrupt .../etc/puppet/modules/common└── saz-rsyslog (v3.5.1)root@puppet:/etc/puppet#
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
List Puppet Modulesroot@monit:/etc/puppet# puppet module list/etc/puppet/modules/common
── ├ puppetlabs-apache (v1.0.1)── ├ puppetlabs-apt (v1.3.0)── ├ puppetlabs-mysql (v3.1.0)
….….
── ├ saz-rsyslog (v3.5.1)└── saz-ssh (v2.4.0)/etc/puppet/modules/custom
── ├ profile (???)└── role (???)
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Rsyslog Client
class { 'rsyslog::client': log_local => true, port => '514', server => 'puppet.olindata.com', }
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Rsyslog Server
class { 'rsyslog::server': enable_tcp => true, enable_udp => true, enable_onefile => false, server_dir => '/srv/log/',
}
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Custom logging template• The log_templates parameter can be used to set up custom logging
templates, which can be used for local and/or remote logging
class{'rsyslog::client': log_templates => [ { name => 'RFC3164fmt', template => '<%PRI%>%TIMESTAMP% %HOSTNAME% %syslogtag%%msg%',
}, ]}
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Logging to Multiple Remote Server• The remote_servers parameter can be used to set up logging to
multiple remote servers which are supplied as a list of key value pairs for each remote.
class{'rsyslog::client': remote_servers => [ { host => 'logs.example.org', }, { host => 'logs.somewhere.com', port => '555', pattern => '*.log', protocol => 'tcp', format => 'RFC3164fmt', }, ]}
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Logging to MySQL or PostgreSQL• Events can also be logged to a MySQL or PostgreSQL database. The
database needs to be deployed separately, either locally or remotely.
class { 'rsyslog::database': backend => 'mysql', server => 'localhost', database => 'Syslog', username => 'rsyslog', password => 'secret',}
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Profileroot@puppet:/etc/puppet# cat modules/custom/profile/manifests/rsyslog.pp
class profile::rsyslog {
class { 'rsyslog::client':
log_local => true,
port => '514',
server => 'puppet.olindata.com',
}
class { 'rsyslog::server':
enable_tcp => true,
enable_udp => true,
enable_onefile => false,
server_dir => '/srv/log/',
}
}
root@puppet:/etc/puppet#
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Role
root@puppet:/etc/puppet# cat modules/custom/role/manifests/common.pp
class role::common {
include profile::ssh
include profile::user
…
…
include profile::rsyslog
}
root@puppet:/etc/puppet#
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Rsyslogroot@puppet:/etc/puppet# tree /srv/log/
/srv/log/
├── puppet
│ ├── auth.log
│ ├── cron.log
│ ├── daemon.log
│ ├── kern.log
│ ├── messages
│ └── syslog
└── web
├── auth.log
├── cron.log
├── daemon.log
├── kern.log
├── messages
└── syslog
2 directories, 12 files
root@puppet:/etc/puppet#
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Upcoming trainingVisit the link for full list of trainings: http://olindata.com/training/upcoming
Puppet Fundamentals Training, Bucharest – July 2015
Wednesday, July 8, 2015 - 09:00
Romania
Puppet
Puppet Fundamentals Training, Kuala Lumpur – July 2015
Wednesday, July 8, 2015 - 09:00
Malaysia
Puppet
Puppet Fundamentals Training, Bangalore – July 2015
Monday, July 13, 2015 - 09:00
India
Puppet
Puppet Fundamentals Training, Singapore – July 2015
Monday, July 27, 2015 - 09:00
Singapore
OlinData Webinar 2015 - https://docs.google.com/presentation/d/1R87rdMwZNVWkMSFaMWTV1iddi5xSFhumdsl9DN68buQ/edit?usp=sharing
Previous Webinars
• https://www.youtube.com/results?search_query=olindata
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
We’re hiring!EU and Asia based trainers
OlinData Webinar 2015 - https://docs.google.com/a/olindata.com/presentation/d/1h4UJBL4emM-M-zZui2ImrUdGakdQHR2RZvziE4dVPVY/edit?usp=sharing
Questions?
@krishna / @olindata
http://www.olindata.com
http://github.com/olindata