Managing Infrastructure with Puppet - James Loope [13]
You can now start up ActiveMQ with the command bin/activemq start. MCollective Server The MCollective “server” is the part that you’ll need to deploy on all of your nodes. The client is a sort of command console that sends messages to the servers. The installation of MCollective itself is fairly straightforward and has packages available for most distributions. You’ll need at least one client and one server installed in order to execute commands. Alternatively, there is a community Puppet module that can be used for installation of MCollective and distribution of the accompanying plug-ins: MCollective downloads: http://www.puppetlabs.com/misc/download-options/ MCollective Puppet module: https://github.com/mikepea/puppet-module-mcollective Once it’s installed, you’ll need to edit the /etc/mcollective/server.cfg and /etc/mcollective/client.cfg files, entering the MCollective user’s password that you specified in the activemq configuration in the plugin.stomp.password field and specify your Stomp hostname in the plugin.stomp.host field. The plugin.psk secret must match between the server and client, as it is used for messaging encryption. This config assumes that you have Puppet installed and looks for the class file at the default location and sets the fact source to Facter: # /etc/mcollective/server.cfg topicprefix = /topic/mcollective libdir = /usr/share/mcollective/plugins logfile = /var/log/mcollective.log loglevel = info daemonize = 1 # Plugins securityprovider = psk plugin.psk = mysharedsecret connector = stomp plugin.stomp.host = stomp.example.com plugin.stomp.port = 61613 plugin.stomp.user = mcollective plugin.stomp.password = secret # Facts factsource = facter # Puppet setup classesfile = /var/lib/puppet/state/classes.txt plugin.service.hasstatus = true plugin.service.hasrestart = true In order for the Facter fact source to work correctly, you will need to distribute the Facter plug-in for MCollective to the servers. The plug-in source can be fetched from GitHub at https://github.com/puppetlabs/mcollective-plugins/tree/master/facts/facter/ and installed to the server under $libdir/mcollective. Remember to restart MCollective after copying the files so that MCollective will recognize the new agent. MCollective Client You’ll need to install and configure the client in the same fashion. Here’s an example of the client configuration: topicprefix = /topic/mcollective libdir = /usr/share/mcollective/plugins logfile = /dev/null loglevel = info # Plugins securityprovider = psk plugin.psk = mysharedsecret connector = stomp plugin.stomp.host = stomp.example.com plugin.stomp.port = 61613 plugin.stomp.user = mcollective plugin.stomp.password = secret * * * Warning * * * MCollective Commands With both the servers and a client configured, we’re ready to start issuing MCollective commands. Let’s start off with the mc-find-hosts command. When run without any argument,
These configuration files contain secrets that can be used to publish commands onto the MCollective channel. The MCollective servers necessarily run as root and execute with full privileges. It is of utmost importance that access to the secrets and the Stomp server be carefully controlled.