• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Intro to-puppet
 

Intro to-puppet

on

  • 297 views

Introduction to Puppet to Las Palmas DevOps group.

Introduction to Puppet to Las Palmas DevOps group.

Statistics

Views

Total Views
297
Views on SlideShare
294
Embed Views
3

Actions

Likes
2
Downloads
1
Comments
0

2 Embeds 3

https://www.linkedin.com 2
http://atlantic-canary.net 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Intro to-puppet Intro to-puppet Presentation Transcript

    • What’s Puppet
    • Sysadmin en la onda DevOps Drupal developer 10 años sysadmin 3 años con Puppet 8 años con Drupal http://atlantic-canary.net http://github.com/jonhattan @_jonhattan_ Jonathan Araña Cruz (aka jonhattan)
    • Caballeros
    • What? ● Configuration management ● Written in Ruby ● Free software (Apache 2.0) ● Current version 3.6 - towards 4.0 ● PuppetLabs, since 2005 ● Other products ○ Puppet Enterprise ○ MCollective
    • Puppet CLI tool root@chamber:~# puppet help Usage: puppet <subcommand> [options] <action> [options] … root@chamber:~# puppet help <subcommand> root@chamber:~# puppet man <subcommand> => man puppet-<subcommand>
    • Index ● Resource Abstraction Layer ● Puppet Language ● Modules ● Stored configuration ● Puppet Master ● Reporting
    • RAL: Resource types (I) ● Resource types: high-level models ○ Some types: package, service, file, user, cron,... ○ Providers: implementers on different systems ○ Providers for package: apt, yum, pip, gem, pear,... ● Available resource types ○ Puppet built-in reference: http://docs.puppetlabs. com/references/latest/type.html ○ Cheatsheet: http://docs.puppetlabs.com/puppet_core_types_cheatsheet.pdf ○ Provided by 3rd party modules
    • root@chamber:~# puppet resource --types anchor augeas computer cron database database_grant database_user exec file file_line filebucket firewall firewallchain group host ini_setting ini_subsetting interface k5login macauthorization mailalias maillist mcx mount mysql_database mysql_grant mysql_user nagios_command nagios_contact nagios_contactgroup nagios_host nagios_hostdependency network_config network_route notify package postgresql_conf router schedule scheduled_task selboolean selmodule service ssh_authorized_key sshkey RAL: Resource types (II)
    • root@chamber:~# puppet describe -s user Manage users. This type is mostly built to manage system users, so it is lacking some features useful for managing normal users. Parameters ---------- ensure, expiry, gid, groups, home, keys, managehome, membership, name, password, password_max_age, password_min_age, salt, shell,system, uid Providers --------- aix, directoryservice, hpuxuseradd, ldap, pw, user_role_add, useradd, windows_adsi RAL: Resource types (III)
    • RAL: Resources (I) ● Resource: instance of a resource type ○ Example: root user, ntp service, vim package,... ○ System discovery ○ Interactive management via CLI ○ Abstraction layer!
    • RAL: Resources (II) root@chamber:~# puppet resource user --list user { 'root': ensure => 'present', comment => 'root', gid => '0', home => '/root', password => '$6$szUwrw3k.uAo.', password_max_age => '99999', password_min_age => '0', shell => '/bin/bash', uid => '0', } user { 'www-data': ensure => 'present', comment => 'www-data', gid => '33', home => '/var/www', password => '*', password_max_age => '99999', password_min_age => '0', shell => '/bin/sh', uid => '33', }
    • RAL: Resources (III) root@chamber:~# puppet resource user root shell=/bin/dash Notice: /User[root]/shell: shell changed '/bin/bash' to '/bin/dash' user { 'root': ensure => 'present', shell => '/bin/dash', } root@chamber:~# puppet resource user root --edit
    • Index ● Resource Abstraction Layer ● => Puppet Language ● Modules ● Stored configuration ● Puppet Master ● Reporting
    • Puppet Language (I) ● Declarative, Domain Specific Language (DSL) ● Purpose of the language: ○ Describe desired state of the system by declaring resources ○ Every other part of the language exists to add flexibility and convenience to the way resources are declared ● Programs are called manifests ● A manifest is compiled into a catalog
    • Example manifest: Hello world root@chamber:~# echo "notify {'hello world': }" > hello-world.pp root@chamber:~# puppet apply hello-world.pp Notice: Compiled catalog for chamber.faita.net in environment production in 0.02 seconds Notice: hello world Notice: /Stage[main]/Main/Notify[hello world]/message: defined 'message' as 'hello world' Notice: Finished catalog run in 3.15 seconds
    • Example manifest: “The trifecta” case $operatingsystem { centos, redhat: { $service_name = 'ntpd' } debian, ubuntu: { $service_name = 'ntp' } } package { 'ntp': ensure => installed, } service { 'ntp': name => $service_name, ensure => running, enable => true, subscribe => File['ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => 'puppet:///modules/ntp/ntp.conf', }
    • Puppet Language (II) ● Some language constructs ○ Nodes ○ Classes ○ Defines ○ Variables, Conditionals ○ Dependency relationships ○ Anchors, tags, collectors, run-stages,...
    • Nodes ● Block of code included in one node’s catalog ● ENC ● Ref: http://docs.puppetlabs.com/puppet/latest/reference/lang_node_definitions.html # site.pp node 'foo.example.com' { ... } node '/^(bar|baz).example.net$/' { ... }
    • Classes (I) ● Block of code to group resources ● Parameterized ● Singleton ● Ref : http://docs.puppetlabs.com/puppet/latest/reference/lang_classes.html
    • Classes (II) # file: ntp.pp class ntp ( $ntpserver = ‘one.pool.ntp.org’, ) { package { 'ntp': … } service { 'ntp': … } file {'/etc/ntp.conf': … } } # file: manifest.pp import ntp.pp # Include the class. include ntp # Alternatively this way you can override params class {‘ntp’: ntpserver => ‘other.pool.ntp.org’ } # puppet apply manifest.pp
    • Defines (I) ● Blocks of code that can be evaluated multiple times with different parameters ● Once defined, they act like a new (compound) resource type
    • Defines (II) define apache::vhost ($port, $docroot, $servername = $title, $vhost_name = '*') { include apache # contains Package['httpd'] and Service['httpd'] include apache::params # contains common config settings $vhost_dir = $apache::params::vhost_dir file { "${vhost_dir}/${servername}.conf": content => template('apache/vhost-default.conf.erb'), owner => 'www', group => 'www', mode => '644', require => Package['httpd'], notify => Service['httpd'], } }
    • Puppet Language (III) ● Other related components ○ Functions ○ Facter ○ Hiera ● Language reference: http://docs.puppetlabs. com/puppet/latest/reference/index.html
    • Functions ● Implemented in ruby ● Enrich puppet language with handy features ● Examples: ○ include ○ template() ● Built-in functions: http://docs.puppetlabs.com/references/latest/function. html ● Puppet stdlib:https://github.com/puppetlabs/puppetlabs-stdlib ● Custom: http://docs.puppetlabs.com/guides/custom_functions.html
    • Facts ● System information, available as “global variables” in manifests root@chamber:~# facter architecture => amd64 fqdn => chamber.faita.net hostname => chamber interfaces => eth0,lo ipaddress => 10.0.0.2 ipaddress_eth0 => 10.0.0.2 ipaddress_lo => 127.0.0.1 is_virtual => true kernel => Linux kernelmajversion => 3.2 lsbdistcodename => wheezy lsbdistid => Debian lsbdistrelease => 7.5 lsbmajdistrelease => 7 osfamily => Debian processor0 => Intel(R) Core(TM) i7- 3770 CPU @ 3.40GHz processor1 => Intel(R) Core(TM) i7- 3770 CPU @ 3.40GHz processorcount => 2 puppetversion => 3.6.0 virtual => xenu
    • Hiera (I) ● Key/value lookup tool for configuration data ● Hierarchical ● Avoid repetition ○ Write common data for most nodes ○ Override some values for nodes with a specific role ○ Override some of those values for one or two unique nodes ● Ref: http://docs.puppetlabs.com/hiera/1/
    • Hiera (II) # file /etc/hiera.yaml --- :backends: - yaml :yaml: :datadir: /etc/puppet/hiera :hierarchy: - "os/%{lsbdistid}" - "groups/%{::domain}" - "node/%{::fqdn}" - common # Files in /etc/puppet/hiera/ os/RedHat.yaml os/Debian.yaml groups/example.net.yaml groups/example.com.yaml hiera/nodes/bar.example.com.yaml hiera/nodes/baz.example.net.yaml hiera/nodes/foo.example.com.yaml
    • Hiera (III) # os/RedHat.yaml packages: - httpd # os/Debian.yaml packages: - apache2 # nodes/foo.example.com.yaml packages: - apache2-mpm-itk
    • Index ● Resource Abstraction Layer ● Puppet Language ● => Modules ● Stored configuration ● Puppet Master ● Reporting
    • Modules (I) ● Self-contained bundles of code and data ● Manifests, classes, defines, files, templates, functions, tests,... ● Directory tree: MODULENAME/manifests/ MODULENAME/files/ MODULENAME/templates/ MODULENAME/lib/ MODULENAME/facts.d/ MODULENAME/tests/ MODULENAME/spec/
    • Modules (II) ● Best practices / well-known patterns ● Ref: http://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html ● Puppet forge: https://forge.puppetlabs.com ● CLI subcommand: puppet module install puppetlabs/mysql ● Librarian: https://github.com/rodjek/librarian-puppet
    • Index ● Resource Abstraction Layer ● Puppet Language ● Modules ● => Stored configuration ● Puppet Master ● Reporting
    • Stored configuration ● Centralized store of puppet-produced data ○ Nodes, resources, relationships, facts ○ Catalog run log ● Exported resources ● Inventory service: http://docs.puppetlabs.com/guides/inventory_service. html ● Active Record (sql backends) ● PuppetDB: http://docs.puppetlabs.com/puppetdb/2.0/index.html
    • Index ● Resource Abstraction Layer ● Puppet Language ● Modules ● Stored configuration ● => Puppet Master ● Reporting
    • Puppet Master ● Pull-based agent/master mode ● REST API ● Master stores manifests ● Agent requests its catalog to the master ● Ref: http://docs.puppetlabs.com/learning/agent_master_basic.html
    • Standalone (puppet apply site.pp)
    • Index ● Resource Abstraction Layer ● Puppet Language ● Modules ● Nodes, ENC ● Store configs, PuppetDB ● Puppet Master ● => Reporting
    • Reporting (I) ● Agent send reports at the end of every run ○ Logs ○ Metrics: time, resources, changes ● Report handlers: http, log, tagmail ● Ref: http://docs.puppetlabs.com/references/latest/report.html ● Puppet Dashboard: web interface ○ web interface: node classification and reporting feature ○ Ref: https://github.com/sodabrew/puppet-dashboard
    • Reporting (II)
    • Questions?