Beruflich Dokumente
Kultur Dokumente
DevOps Toolchain
for Beginners
eMag Issue 23 - February 2015
ARTICLE
REVIEW
ARTICLE
Orchestrating Your
The LogStash Book,
Getting Started with
Delivery Pipelines
Log Management
Monitoring using
with Jenkins
Made Easy
Graphite
DevOps Toolchain for Beginners // eMag Issue 23 - Feb 2015
1
Introduction to Puppet
FOLLOW US
CONTACT US
GENERAL FEEDBACK feedback@infoq.com
ADVERTISING sales@infoq.com
EDITORIAL editors@infoq.com
facebook.com
/InfoQ
@InfoQ
google.com
/+InfoQ
linkedin.com
company/infoq
Mobile Developers
End-to-end visibility,
24/7 alerting, and
crash analysis.
Front-end Developers
Deep insights into
your browser-side
apps engine.
IT Operations
App Owners
Faster delivery.
Fewer bottlenecks.
More stability.
Track engagement.
Pinpoint issues.
Optimize usability.
MANUEL
PAIS
ANDREW
PHILLIPS
KOHSUKE
KAWAGUCHI
ORCHESTRATING
YOUR DELIVERY
PIPELINES WITH
JENKINS
In a previous article, we covered useful
preparatory steps for implementing
continuous delivery (CD), including
defining pipeline phases, preconditions
and required approvals, owners and
access control requirements, resource
requirements such as number of
concurrent build machines, identifying
which phases can run in parallel, and
more.
Prerequisites
Before diving into Jenkins, we
need to discuss two important
prerequisites. Our pipeline, or at
least the part of the pipeline that
we are looking to implement
here (going all the way to
production may not be the most
sensible initial goal), is:
Predictable
and
standardized, i.e. that the
steps and phases we want to
run each time the pipeline is
triggered are the same.
Largely automated. We will
cover ways to handle manual
approvals to bless a certain
build, but that is about it.
If the current release process
does
not
display
these
characteristics, i.e. every release
ends up a little different or it
still requires many manual steps
(reviewing test plans, preparing
target environments), building a
pipeline via a CI tool or generic
automation orchestrator may
not be the most appropriate step
at this point.
It is probably advisable
to first increase the level of
standardization and automation,
and to look at tools such as
XL Release in the release
coordination or CD release
8
The steps
We will cover the following topics
to build our delivery pipeline:
1. Ensuring
reproducible
builds.
2. Sharing
build
artifacts
throughout the pipeline.
3. Choosing
the
right
granularity for each job.
4. Parallelizing and joining jobs.
5. Gates and approvals.
6. Visualizing the pipeline.
7. Organizing and securing
jobs.
Ensuring reproducible
builds
One of the key principles of our
pipeline is that we produce a
single set of build artifacts to
pass through the various pipeline
stages for testing, verification,
and, ultimately, release. We want
to be sure that this is a reliable
process and that this initial build
is carried out in a reproducible
way that does not somehow
depend on the local dependency
cache of the slave we happen to
be building on, for example. In
our project, weve taken steps to
achieve this:
Use clean repositories local to
the workspace
Weve configured the build
system to use a clean repository
local to the build jobs workspace,
rather than one that is shared
by all builds on that slave. This
ensures that the build does not
happen to succeed because of
an old dependency that is no
Figure 5: Fingerprinting build artifacts using the Copy Artifact plugin and via a post-build action.
Alternatives
We can also use the Delivery
Pipeline plugin (we will meet
it later), which optionally
creates an environment
variable that is available in
all downstream jobs.
11
Figure 8: Triggering Func Tests in our sample pipeline by using the Join plugin to wait for the directly downstream jobs Deploy to Android Func Test Env
and Deploy to iOS Func Test Env to complete.
13
Figure 9: The Basic Build and Package job triggers a production deployment after manual approval by the business owner and confirmation
that all downstream jobs have successfully completed.
14
Figure 10: The Build Pipeline plugins post-build step and manual trigger in the pipeline view.
Figure 11: A standard list view showing active jobs working on different release candidates.
15
Figure 12: Build Pipeline and Delivery Pipeline plugin views of our sample pipeline.
than having to select individual
pipeline jobs for a view.
Configure access control
This approach offers challenges
when we start to implement
access-control policies for our
pipelines. We need to ensure
that different phases of the
pipeline have different accesscontrol policies (in our example,
developers are not authorized
to trigger the QA jobs or the
deployment to production), and
setting these policies on each
16
Alternatives
If you want to apply permissions
based on job name, consider
the Role Strategy plugin, which
allows you to define different
roles for different parts of a
pipeline. One drawback is that
the jobs to which a role definition
applies are determined by a
regular expression. This can
lead to additional complexity
in the job-naming scheme
though (myProject-myVersionowningGroup-pipelinePhase,
anyone?) and may break if jobs
are renamed.
Good practice: Version your
Jenkins configuration
A good Jenkins practice in
pretty much all circumstances
is to assign versions to job
configurations. This allows us
to easily track any changes and
revert to earlier configurations if
necessary. Were using both the
JobConfigHistory plugin (which
provides a nice diff view) and SCM
Sync Configuration plugin (which
stores the configuration off-disk
in a repository). Depending on
your needs, typically one or the
other will suffice.
Conclusion
Setting up secure, efficient CD
pipelines in Jenkins that are
easy to use and manage can
quickly become challenging.
Weve discussed important
prerequisites, made a number
of
recommendations,
and
introduced a set of freely
available plugins that can
make the process a lot easier.
Hopefully, youre now in a better
position to identify whether
Jenkins is the right orchestrator
for your current process, to
painlessly build pipelines, to
make life better for your teams,
and to deliver business value to
your customers.
Figure 13: The CloudBees Folders plugin in action, with folder-level security configured using the
Matrix Authorization Strategy plugin.
Figure 14: The JobConfigHistory plugins diff view and the configuration settings for the SCM Sync Configuration plugin.
17
18
(requires
1GB
of
available memory);
-- ability to bind to specific
ports (binds to port 80
and 443).
For example, consider the
deployment of a relatively simple
application:WordPress. A typical
WordPress installation requires
Apache 2,
PHP 5,
MySQL,
the WordPress source code,
a
WordPress
MySQL
database, with WordPress
configured to use this
database,
Apache should be configured
to load the PHP module,
to enable support for
URL rewriting and .
htaccessfiles,
with the
DocumentRoot
pointing to the WordPress
sources.
While deploying and running a
system like this on your server,
you may run into some problems
and challenges:
1. Isolation: If you are already
hosting an existing site on
this server that runs only
on nginx, youre in a bit of
a pickle. Both nginx and
Apache try to listen on port
80. Running both is possible,
but
requires
tweaking
configurations (changing the
port to listen to), setting up
reverse proxies, etc. Similar
conflicts can occur at the
library level. If you also run an
ancient application that still
depends on PHP 4, you have
a problem since WordPress
no longer supports PHP 4
and its difficult to run PHP
4 and 5 simultaneously.
Since applications running
on the same server are
not isolated (in this case at
the levels of file system and
network), they may conflict.
2. Security:WordPress does not
have the best track record in
security. It would be nice to
sandbox WordPress so that
once hacked, it wont impact
other running applications.
3. Upgrades and downgrades:
Upgrading an application
typically involves overwriting
existing files. What happens
during an upgrade window?
Is the system down? What
if the upgrade fails, or turns
out to be faulty? How do
we roll back to a previous
version quickly?
Virtual machines!
When we decide run each
individual application on a
separate virtual machine (VM),
for instance on Amazon EC2,
most of our problems go away:
1. Isolation:
Install
one
application per VM and
applications are perfectly
isolated, unless they hack
into each others firewall.
2. Security: Since we have
complete isolation, if the
WordPress
server
gets
hacked, the rest of the
infrastructure is not affected
unless you litter SSH keys
or reuse the same passwords
everywhere,
but
you
wouldnt do that, would you?
19
How to use it
Lets assume you have Docker installed. To run Bash
in an Ubuntu container, use:
001 docker run -t -i ubuntu /bin/bash
019
020
021
022
023
root@78b96377e546:/# exit
exit
$ docker run -t -i ubuntu /bin/bash
root@e5e9cde16021:/# hello
bash: hello: command not found
21
FROM ubuntu
RUN apt-get update
RUN apt-get install -y openssh-server
RUN mkdir /var/run/sshd
RUN echo root:root | chpasswd
EXPOSE 22
This
should
be
almost
self-explanatory.
The FROMcommand defines the base image to start
from. This can be one of the official ones, but could
also be the zefhemel/ubuntuthat we just created.
The RUN commands are commands to be run to
configure the image. In this case, were updating
the APT package repository, installing the opensshserver, creating a directory, and then setting a poor
password for our root account. TheEXPOSEcommand
exposes port 22 (the SSH port) to the outside world.
Lets see how to build and instantiate this Dockerfile.
The first step is to build an image. In the
directory containing the Dockerfile, run:
006 $ docker build -t zefhemel/ssh .
COMMAND
/usr/sbin/sshd -D
CREATED
3 seconds ago
STATUS PORTS
Up 2 seconds
49154->22
22
SETTING UP
CONTINUOUS
DELIVERY PIPELINES
IN JENKINS THAT ARE
SECURE, EFFICIENT,
AND EASY TO USE
AND MANAGE CAN
QUICKLY BECOME
CHALLENGING.
Andrew Phillips
Conclusion
While you could do everything
described in this article before
Docker with raw LXC, cgroups,
and aufs, it was never this easy
or simple. This is what Docker
brings to the table: a simple way
to package complex applications
into containers that can be
easily versioned and reliably
distributed. As a result, it gives
lightweight Linux containers
about the same flexibility and
power as authentic virtual
machines but at lower cost and
in a more portable way. A Docker
image created with Docker
running in a Vagrant VirtualBox
VM on a MacBook Pro will run
great onAmazon EC2,Rackspace
Cloud, or on physical hardware,
and vice versa.
Docker is available for free
fromthe Web site. A good place
to start is the interactivetutorial.
23
25
my_first_cookbook/README.me
Recipes
The next step is to create a recipe. According to Chefs
docs, a recipe is the most fundamental configuration
element within the organization.
Thats not exactly helpful. An example will come
to the rescue. For the purpose of this article, well
use the hello world of configuration-management
tools: well install a Web server and publish an HTML
page.
If youre on Red Hat Enterprise Linux (RHEL)
or CentOS, place the following inside my_first_
cookbook/recipes/default.rb:
26
001
002
003
004
005
006
007
008
009
010
011
012
013
package httpd
service httpd do
action [:enable, :start]
end
file /var/www/html/index.html do
content <html>
<body>
<h1>#{node[index_message]}</h1>
</body>
</html>
end
Resources
So, what are the recipes doing? First of all, they are
making sure that the Web server is installed:
001 package httpd
002 In Windows, this looks like:
003 [IIS-WebServerRole, IISWebServer].each do |feature|
004
windows_feature feature do
005
action :install
006
end
007 end
Bothpackageandwindows_featureare resources.
A resource describes a desired state you want
the node to be in. The important point is that we
are describing, or declaring, that desired state,
but we are not explaining how to get there. The
Linuxpackagesays that we want thehttpdpackage
installed. In Windows, windows_feature asks for
installation of aWindows role or feature. Notice how
were using a standard Ruby array to enumerate
thewindows_featureresource twice.
The second step declares that we need a
service (httpd or w3svc) enabled and started. The
actions, as specified by action, vary from resource
to resource.
001 service httpd do
002
action [:start, :enable]
003 end
Attributes
Providers
Given that resources abstract away thehow to, which
piece of Chefs machinery is responsible for putting
a node in its desired state? This is where providers
come in. Each resource has one or more providers.
A provider knows how to translate the resource
definition to executable steps on a specific platform.
For instance, the service resource has providers for
Debian, Red Hat, and Windows among others. Its
outside the scope of this article to explain how to
create your own custom resources and providers,
called lightweight resource providers (LWRPs), but
if youre interested in learning more, Chefs site has
anarticlethat shows how simple the process is.
27
001
002
003
004
005
006
007
008
009
010
011
012
require
require
require
require
rspec/core/rake_task
rubocop/rake_task
foodcritic
kitchen
013
014
015
016
017
018
019 desc Run all style checks
020 task style: [style:ruby,
style:chef]
021
022 desc Run ChefSpec examples
023 RSpec::Core::RakeTask.new(:unit) do
|t|
024
t.pattern = ./**/unit/**/*_spec.
rb
025 end
026
027 desc Run Test Kitchen
028 task :integration do
029
Kitchen.logger = Kitchen.default_
file_logger
030
Kitchen::Config.new.instances.each
do |instance|
031
instance.test(:always)
032
end
033 end
034
035 # Default
036 task default: %w(style unit)
037
038 task full: %w(style unit integration)
28
001
002
003
004
005
006
007
008
009
010
Inspecting 1 file
C
Offenses:
s.rb:1:2: C: Prefer single-quoted
strings when you dont need string
interpolation or special symbols.
[IIS-WebServerRole, IISWebServer].each do |feature|
^^^^^^^^^^^^^^^^^^^
s.rb:1:23: C: Prefer single-quoted
strings when you dont need string
interpolation or special symbols.
[IIS-WebServerRole, IISWebServer].each do |feature|
^^^^^^^^^^^^^^^
011
012
013 1 file inspected, 2 offenses detected
001 [...]
002 FC031: Cookbook without metadata file:
/Users/joaomiranda/Dev/chef-test/
my_first_cookbook/metadata.rb:1
003 FC045: Consider setting cookbook name
in metadata: /Users/joaomiranda/Dev/
chef-test/my_first_cookbook/metadata.
rb:1
The spec_helper.rb:
requires ChefSpec so that we can use it with
RSpec;
29
[...]
my_first_cookbook::default
should enable service httpd
should start service httpd
Finished in 0.0803 seconds (files took 6.42 seconds to load)
2 examples, 0 failures
ChefSpec Coverage report generated...
Total Resources:
3
Touched Resources: 1
Touch Coverage:
33.33%
Untouched Resources:
package[httpd]
file[/var/www/html/index.html]
my_first_cookbook/recipes/default.rb:1
my_first_cookbook/recipes/default.rb:7
Output 1
30
31
Driver
Vagrant
Vagrant
Last Action
Created
<Not Created>
001
002
003
004
005
006
007
008
009
010
011
012
[...]
-----> Cleaning up any prior instances of <default-centos-64>
-----> Destroying <default-centos-64>...
Finished destroying <default-centos-64> (0m0.00s).
-----> Testing <default-centos-64>
-----> Creating <default-centos-64>...
Bringing machine default up with virtualbox provider...
==> default: Box opscode-centos-6.4 could not be found. Attempting to find
and install...
default: Box Provider: virtualbox
default: Box Version: >= 0
==> default: Adding box opscode-centos-6.4 (v0) for provider: virtualbox
default: Downloading: https://opscode-vm-bento.s3.amazonaws.com/vagrant/
virtualbox/opscode_centos-6.4_chef-provisionerless.box
013
014 [...]
015
016
Installing Chef
017
installing with rpm...
018
warning: /tmp/install.sh.2579/chef-11.16.4-1.el6.x86_64.rpm: Header V4 DSA/
SHA1 Signature, key ID 83ef826a: NOKEY
019 Preparing...
##### ###########################################
[100%]
020
1:chef
###########################################
[100%]
021
Thank you for installing Chef!
022
023 [...]
024
025
[2014-11-21T00:47:59+00:00] INFO: Run List is [recipe[my_first_
cookbook::default]]
026
[2014-11-21T00:47:59+00:00] INFO: Starting Chef Run for default-centos-64
027
[2014-11-21T00:47:59+00:00] INFO: Loading cookbooks [my_first_cookbook@0.1.0]
028
Synchronizing Cookbooks:
029
- my_first_cookbook
030
Compiling Cookbooks...
031
Converging 3 resources
032
Recipe: my_first_cookbook::default
033
* package[httpd] action install[2014-11-21T00:47:59+00:00] INFO: Processing
package[httpd] action install (my_first_cookbook::default line 1)
034
[2014-11-21T00:48:30+00:00] INFO: package[httpd] installing httpd-2.2.15-39.
el6.centos from base repository
035
036
- install version 2.2.15-39.el6.centos of package httpd
037
038 [...]
039
040 [2014-11-21T00:48:50+00:00] INFO: Chef Run complete in 51.251318527 seconds
041
042
Running handlers:
043
[2014-11-21T00:48:50+00:00] INFO: Running report handlers
044
Running handlers complete
045
[2014-11-21T00:48:50+00:00] INFO: Report handlers complete
046
Chef Client finished, 4/4 resources updated in 58.012060901 seconds
047
Finished converging <default-centos-64> (2m4.75s).
Code 1
Wrapping it up
We know the basic concepts of Chef. We know how to harness tools to help our Chef development process.
Whats next? Actually, quite a lot. Chef is a (very)largeproduct. I hope this gave you a step up. Start small. Make
sure you fully understand Chefs concepts. Create some cookbooks.Reusesome cookbooks. Youll be a master
chef in no time.
DevOps Toolchain for Beginners // eMag Issue 23 - Feb 2015
33
Introduction to Puppet
What is Puppet?
Puppet really refers to two
different things: the language
in which code is written and
the platform that manages
infrastructure.
Resources
The foundation of the Puppet
language is its declaration
of resources. Each resource
describes a component of a
system, such as a service that
must be running or a package
that must be installed. Some
other examples of resources:
A user account;
A specific file;
A directory of files;
Any software package;
Any running service.
Its helpful to think of resources
as building blocks that can be
combined to model the desired
state of the systems you manage.
This leads us naturally to
Puppets further definitions,
which allow you to combine
things in an economical way
economy being one of Puppets
key attributes.
35
INTRODUCTION TO PUPPET
types and providers allows a
single resource type (such as
package) to manage packages
on many different systems.
For example, your package
resource could manage yum on
Red Hat systems, dpkg and APT
on Debian systems, and ports on
BSD systems.
Providers
are
less
commonly declared by admins,
and only if they want to change
the system defaults. Providers
are written into Puppet precisely
so you dont have to know how
to manage each operating
system or platform running on
your infrastructure. Again, its
Puppet abstracting away details
you shouldnt have to worry
about. If you do need to write a
provider, these are often simple
Ruby wrappers around shell
commands so they are usually
short and easy to create.
Types and providers enable
Puppet to function across all
major platforms and allow
Puppet to grow and evolve to
support additional platforms
beyond compute servers, such as
networking and storage devices.
The
example
below
demonstrates the simplicity
of the Puppet language by
showing how a new user and
group are added with a shell
script, contrasted to the identical
action in Puppet. In the Puppet
example, user and group are
types, and Puppet automatically
discovers
the
appropriate
provider for your platform. The
platform-specific,
procedural
scripts are much harder both to
write and to understand.
36
37
Want to
make sure
Dev and
Ops are on
the same
page?
Learn more about
Dev and Ops
38
newrelic.com/dev-ops
James Turnbullis the author of six technical books about open source software and a long-time
member of the open source community. James authored the first (and second!) books about
Puppet and works for Puppet Labs running Operations and Professional Services.Jamesspeaks
regularly at conferences including OSCON, Linux.conf.au, FOSDEM, OpenSourceBridge,
DevOpsDays and a number of others. He is a past president of Linux Australia, a former
committee member of Linux Victoria, was Treasurer for Linux.conf.au 2008, and serves on the
program committee ofLinux.conf.au and OSCON.
James Turnbull makes a compelling case for using LogStash for centralizing
logging by explaining the implementation details of LogStash within the context
of a logging project. The Logstash Book targets both small companies and large
enterprises through a two sided case; both for the low barrier to entry and the
scaling capabilities. James talked about the book on Hangops: Its designed for
people who have never seen LogStash before, sysadmins, developers, devops,
operations people. I expect you to know a little about unix or linux. He continued,
Additionally it assumes you have no prior knowledge of LogStash.
The Problem of Over
Simplifying Log
Management
James comes from a system
administrator
and
security
background. He explains how
computing environments have
evolved log management in
ways that do not scale.
He shares that it generally
falls
apart
through
an
39
Image 1
of different log event types,
different formats, different time
zones and basically a lack of
easily understandable context.
Finally a team may retrofit
their computing environment
with logging technology that
can handle large amounts of
storage, search, filtering, and the
like. In the end unfortunately
this approach includes a lot of
waste and has a relatively high
cost. LogStash saves the day
by satisfying the need for a low
barrier to entry like the classical
system administrator tools, but is
fully architected to scale to large
web scale deployments.
LogStash Architecture
Overview
LogStash
provides
an
architecture
for
collecting,
parsing, and storing logs. In
addition, one of the main cross
cutting use cases for a LogStash
implementation is the viewing/
searching of the managed log
events. Kibana was a natural
fit because it provides a user
friendly search interface that
integrates with Elasticstorage,
the storage engine for LogStash.
After Logstash was bought
by Elasticsearch the company
bundled the three tools and
40
LogStash
Components:
Shipper, Broker,
Indexer
The book covers the three
LogStash plugin types in
the context of their usage
in shippers and indexers.
James shows how to use
the following input plugins
with LogStash: file, stdin,
syslog, lumberjack, and
redis. For environments
where LogStash cant
be installed, there are
other options for sending
events
that
integrate
Image 2
Image 3
DevOps Toolchain for Beginners // eMag Issue 23 - Feb 2015
41
COMPUTING
ENVIRONMENTS
HAVE EVOLVED LOG
MANAGEMENT IN
WAYS THAT DO NOT
SCALE. SCALING
WITH LOGSTASH
ACCOMPLISHES
THREE MAIN
GOALS: RESILIENCY,
PERFORMANCE, AND
INTEGRITY.
Aslan Brooke
Scaling LogStash
Scaling LogStash accomplishes
three main goals: resiliency,
performance, and integrity. The
following diagram from the book
illustrates the scaling of Redis,
LogStash, and Elasticsearch: (Image
3)
LogStash does not depend
on Redis to manage failover itself.
Instead LogStashh sends events
to one of two Redis instances
it has configured. Then if the
selected Redis instance becomes
unavailable, LogStash will begin
sending events to another
configured Redis instance. As an
Indexer, LogStash is easily scaled
by creating multiple instances that
continually pull from all available
Brokers and output to Elasticsearch.
Within this design events only make
it to one Broker so there should
be no duplicates being passed
through the LogStash indexer into
Elasticsearch. Elasticsearch easily
clusters itself when you install
multiple instances and set the
configurations to have common
settings. It uses multicast, unicast,
or an EC2 plugin to cluster itself
based on configuration settings in
each individual instance. As long
as network allows for the instances
to communicate they will cluster
themselves and begin dividing the
data up among the cluster nodes.
The divisions in the data are made
automatically to provide resiliency
and performance..
Franklin Angulooversees the teams that build and maintain the large-scale back-end engine
at the core ofSquarespace, a website-building platform based in New York City. Franklin
is a seasoned professional with experience leading complex, large-scale, multidisciplinary
engineering projects. Before joining Squarespace, he was a senior software engineer at
Amazon.com, working on route-planning optimizations, shipping-rate shopping, and capacity
planning algorithms for global inbound logistics and the Amazon Locker program.
Graphite stores and graphs numeric time-series data collected by other tools. This
article intends to guide you through the setting up a monitoring system using a
Graphite stack.
First and foremost, you
time-series data. The
need hardware on which
front-end components
to run the Graphite
retrieve the metric data
stack. For simplicity, I will
and optionally render
use Amazon EC2 hosts
graphs.
Lets
focus
but feel free to use any
first on the back-end
computer in your office
components: Carbon and
or at home.
Whisper.
The Amazon EC2
Carbon refers to
specifications are:
a series of daemons
Metrics can be published to a load balancer or directly to a Carbon
operating
system:
that make up the
process. The Carbon process interacts with the Whisper database
Red Hat Enterprise
storage back end of a
library to store the time-series data to the file system.
Linux (RHEL) 6.5;
Graphite
installation.
instance
type:
The daemons listen for
m3.xlarge;
Graphite is composed of
time-series data using an event elastic block store (EBS)
multiple back-end and frontdriven networking engine called
volume: 250 GB;
end components. The back-end
Twisted. The Twisted framework
Python: version 2.6.6.
components store the numeric
permits Carbon daemons to
DevOps Toolchain for Beginners // eMag Issue 23 - Feb 2015
43
44
001 # ls -l /usr/bin/whisper*
002 -rwxr-xr-x. 1 root root 1711 May 19 00:00 /
usr/bin/whisper-create.py
003 -rwxr-xr-x. 1 root root 2902 May 19 00:00 /
usr/bin/whisper-dump.py
004 -rwxr-xr-x. 1 root root 1779 May 19 00:00 /
usr/bin/whisper-fetch.py
005 -rwxr-xr-x. 1 root root 1121 May 19 00:00 /
usr/bin/whisper-info.py
006 -rwxr-xr-x. 1 root root 674 May 19 00:00 /
usr/bin/whisper-merge.py
007 -rwxr-xr-x. 1 root root 5982 May 19 00:00 /
usr/bin/whisper-resize.py
008 -rwxr-xr-x. 1 root root 1060 May 19 00:00 /
usr/bin/whisper-set-aggregation-method.py
009 -rwxr-xr-x. 1 root root 969 May 19 00:00 /
usr/bin/whisper-update.py
Code 1
001 # cd /opt/graphite/conf
002 # cp aggregation-rules.conf.example
aggregation-rules.conf
003 # cp blacklist.conf.example blacklist.conf
004 # cp carbon.conf.example carbon.conf
005 # cp carbon.amqp.conf.example carbon.amqp.
conf
006 # cp relay-rules.conf.example relay-rules.
conf
007 # cp rewrite-rules.conf.example rewriterules.conf
008 # cp storage-schemas.conf.example storageschemas.conf
009 # cp storage-aggregation.conf.example
storage-aggregation.conf
010 # cp whitelist.conf.example whitelist.conf
011 # vi carbon.conf
Code 2
Under the cache section, the line receiver port has
a default value and it is used to accept incoming
metrics through the plaintext protocol (see below).
001 [cache]
002 LINE_RECEIVER_INTERFACE = 0.0.0.0
003 LINE_RECEIVER_PORT = 2003
Publish metrics
A metric is any measurable quantity that can vary
over time, for example:
number of requests per second;
request processing time;
001
002
003
004
005
0.0.0.0:*
LISTEN
2674/python
Code 3
001 # tail -f /opt/graphite/storage/log/carbon001 sudo yum install nc
cache/carbon-cache-a/creates.log
002 echo carbon.agents.graphite-tutorial.
002 19/05/2014 10:42:44 :: creating database
metricsReceived 28198 `date +%s` | nc
file /opt/graphite/storage/whisper/carbon/
localhost 2003
agents/graphite-tutorial/metricsReceived.wsp
003 echo carbon.agents.graphite-tutorial.creates 8
(archive=[(60, 129600)] xff=0.5 agg=average)
`date +%s` | nc localhost 2003
003 19/05/2014 10:42:53 :: creating database file /
004 echo PRODUCTION.host.graphite-tutorial.
opt/graphite/storage/whisper/carbon/agents/
responseTime.p95 0.10 `date +%s` | nc
graphite-tutorial/creates.wsp (archive=[(60,
localhost 2003
129600)] xff=0.5 agg=average)
Code 4
004 19/05/2014 10:42:57 :: creating database file
/opt/graphite/storage/whisper/PRODUCTION/
CPU usage.
host/graphite-tutorial/responseTime/p95.wsp
A data point is a tuple
(archive=[(60, 1440)] xff=0.5 agg=average)
with a metric name,
Code 5
45
Code 6
retention periods along with the metadata
information about the Whisper file:
001 # whisper-dump.py /opt/graphite/
storage/whisper/PRODUCTION/host/
graphite-tutorial/responseTime/p95.
wsp
002 Meta data:
003
aggregation method: average
004
max retention: 86400
005
xFilesFactor: 0.5
006
007 Archive 0 info:
008
offset: 28
009
seconds per point: 60
010
points: 1440
011
retention: 86400
012
size: 17280
013
014 Archive 0 data:
015 0: 1400609220, 0.10000000000000000555
11151231257827
016 1: 0,
0
017 2: 0,
0
018 3: 0,
0
019 4: 0,
0
020 5: 0,
0
021 ...
022 1437: 0,
0
023 1438: 0,
0
024 1439: 0,
0
Aggregation method, max retention, xFilesFactor,
and all of the other attributes of the Whisper file are
important to understand. Well be covering these in
more detail in the next section.
001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
Meta data:
aggregation method: average
max retention: 604800
xFilesFactor: 0.5
Archive 0 info:
offset: 52
seconds per point: 10
points: 2160
retention: 21600
size: 25920
Archive 1 info:
offset: 25972
seconds per point: 60
points: 1440
retention: 86400
size: 17280
Archive 2 info:
offset: 43252
seconds per point: 600
points: 1008
retention: 604800
size: 12096
Code 7
/opt/graphite/conf/storage-schemas.
conf
/opt/graphite/conf/storageaggregation.conf
47
[min]
pattern = \.min$
xFilesFactor = 0.1
aggregationMethod = min
[max]
pattern = \.max$
xFilesFactor = 0.1
aggregationMethod = max
[sum]
pattern = \.count$
xFilesFactor = 0
aggregationMethod = sum
[default_average]
pattern = .*
xFilesFactor = 0.5
aggregationMethod = average
001 [production_staging]
002 pattern = ^(PRODUCTION|STAGING).*
003 retentions =
10s:3d,1min:180d,10min:180d
[ratio]
pattern = \.ratio$
xFilesFactor = 0.1
aggregationMethod = average
[m1_rate]
pattern = \.m1_rate$
xFilesFactor = 0.1
aggregationMethod = sum
[p95]
pattern = \.p95$
xFilesFactor = 0.1
aggregationMethod = max
001 [carbon]
002 pattern = ^carbon\.
003 retentions = 1min:180d,10min:180d
48
# cd /tmp/graphite-web
# sudo python setup.py install
# ls -l /opt/graphite/webapp/
total 12
drwxr-xr-x. 6 root root 4096 May 23
14:33 content
006 drwxr-xr-x. 15 root root 4096 May 23
14:33 graphite
007 -rw-r--r--. 1 root root 280 May 23
14:33 graphite_web-0.10.0_alphapy2.6.egg-info
49
50
# vi /opt/graphite/conf/carbon.conf
[cache]
LINE_RECEIVER_INTERFACE = 0.0.0.0
LINE_RECEIVER_PORT = 2003
CACHE_QUERY_INTERFACE = 0.0.0.0
CACHE_QUERY_PORT = 7002
[cache:b]
LINE_RECEIVER_INTERFACE = 0.0.0.0
LINE_RECEIVER_PORT = 2004
CACHE_QUERY_INTERFACE = 0.0.0.0
CACHE_QUERY_PORT = 7003
Open a Web browser and point it to http://yourip:8085. Make sure that the Graphite webapp loads. If
youre tailing the process.log file, you should be able
to see any resources that are loaded and any queries
that are made from the Web application. (Image 1)
In a previous section, we had published a
couple of metrics to the carbon-cache using the
netcat command. Specifically, we had published the
following:
001 carbon.agents.graphite-tutorial.
metricsReceived
002 carbon.agents.graphite-tutorial.
creates
003 PRODUCTION.host.graphite-tutorial.
responseTime.p95
Image 1
DevOps Toolchain for Beginners // eMag Issue 23 - Feb 2015
51
Image 2
Image 3
Image 4
Lets build a dashboard to monitor the carbon-cache process. This dashboard will monitor all carbon-cache
processes that we have running. Notice the use of the asterisk (*) in the metric name to match all values following
the carbon.agents prefix.
We specify the following in the Edit Dashboard window.
001 [
002
{
003
target: [
004
aliasByNode(carbon.agents.*.metricsReceived,2)
005
],
006
title: Carbon Caches - Metrics Received
007
},
008
{
009
target: [
010
aliasByNode(carbon.agents.*.creates,2)
011
],
012
title: Carbon Caches - Create Operations
013
},
014
{
015
target: [
016
aliasByNode(carbon.agents.*.cpuUsage,2)
017
],
018
title: Carbon Caches - CPU Usage
019
},
020
{
021
target: [
022
aliasByNode(carbon.agents.*.memUsage,2)
023
],
024
title: Carbon Caches - Memory Usage
025
}
026 ]
DevOps Toolchain for Beginners // eMag Issue 23 - Feb 2015
53
Image 5
Image 6
Sample request #2
Metric: CPU usage of all carbon-cache processes.
Graph dimensions: 500x300.
55
56
--
PREVIOUS ISSUES
21
Continuous Delivery
Stories
Infrastructure
Configuration
Management Tools
22
Web APIs:
From Start to Finish
20
19