Admin-Toolkit: Difference between revisions

From Chaosdorf Wiki
m (Project-Template)
m (f)
Line 4: Line 4:
|description=Debian / ArchLinux Admin Helpers
|description=Debian / ArchLinux Admin Helpers
|people=derf, mxey
|people=derf, mxey
|sourcelink=https://github.com/chaosdorf/chaosdorf-admin-toolkit chaosdorf-admin-toolkit
|sourcelink=https://github.com/chaosdorf/chaosdorf-admin-toolkit
|sourcetext=github
|sourcetext=github
}}
}}

Revision as of 18:51, 18 June 2012

Admin-Toolkit unknown
Admin Icinga.png
Debian / ArchLinux Admin Helpers
Beteiligt derf, mxey

For easier management of Chaosdorf hosts.

The admin toolkit is a git tracked Debian package, which is installed on any host administrated by us (like the chaosdorf.de servers and the space's router). It provides the hosts with most of the required scripts and configs, which saves a lot of fiddling around in /usr/local and especially ensures that all hosts are up-to-date.

chaosdorf-admin-toolkit on github

Fabric

We use fabric to roll out package updates. The software still got some problems, but "fab configs deploy:2011.09.07" is way more comfortable than running scp and ssh for every host.

NSCA helpers

Our nagios checks run locally via cron, the results are transmitted via "send_nsca". They are configured for all hosts in one central file, which is parsed by a custom perl script.

Nagios checks

Custom or not shipped by Debian.

  • check_cert_expire reminds us when it's time to renew our SSL certificate. Much better than calendar entries.
  • check_git_status makes sure noone forgot to commit their changes in /etc (etckeeper) or /usr/local (plain git repo). The check intervals are pretty long, so it doesn't interfere with administrative work.
  • check_websites reads a little config to see if all URL / VHost combinations work or redirect as expected.

Icinga goodies

We have a bot called icinga in #chaosdorf. It's a simple perl script connected to Icinga, which immediately spams service alerts / recoveries into the channel. Handy if you check IRC more frequently than mail and if people wonder if something is b0rked or not.

checkrestart hook

After every system upgrade, a dpkg hook runs checkrestart to find daemons running with outdated library versions.

Backups

backup_external locally collects, compresses and encrypts important data and then transmits it to a remote host via SFTP. The backups are encrypted with a dedicated Admin key.

Dependencies

Like vim, etckeeper, git, zsh. So we don't need to install our standard software by hand (or maybe forget a package).