Your SlideShare is downloading. ×
Puppet NBLUG 2008-09
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Puppet NBLUG 2008-09

1,648

Published on

Slides for talk I gave about puppet to NBLUG in September 2009.

Slides for talk I gave about puppet to NBLUG in September 2009.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,648
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
58
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • My License: http://creativecommons.org/licenses/by-sa/3.0/ -- not all included images fall under that; check links

    Image: http://flickr.com/photos/victornuno/544763827/
  • What is system administration?
    Supporting Customers. Services, not computers. Invisible when done right.
    Ideal SysAdmin: lazy
    http://www.sysadminday.com/whatsysadmin.html

    Photo from: http://flickr.com/photos/emzee/139794246/
  • What is system administration?
    Supporting Customers. Services, not computers. Invisible when done right.
    Ideal SysAdmin: lazy
    http://www.sysadminday.com/whatsysadmin.html

    Photo from: http://flickr.com/photos/emzee/139794246/
  • It was okay to hand-craft; you only had one computer. One computer was all you needed.

    Image From: http://ftp.arl.mil/ftp/historic-computers/
  • Later, maybe more computers. Maybe 2 to have a highly-available cluster or to have one to test with and one to use for “production”

    Image from: http://hampage.hu/vax/kepek/VAXft3000.jpg -- originally from HP
  • The Old Ways
    Hand-crafted. Do every step by hand.
    Image From: http://flickr.com/photos/oaspetele_de_piatra/2680418274/
  • In that environment, it makes sense to hand-manage each system with care.

    Image: Niece, Kaylei Rose
  • Later, maybe more computers. Maybe 2 to have a highly-available cluster or to have one to test with and one to use for “production”.
    95 Unix servers, 27 of them are VMs. 54+ puppet managed. Total server population: ~150 (?)
  • Later, maybe more computers. Maybe 2 to have a highly-available cluster or to have one to test with and one to use for “production”.
    95 Unix servers, 27 of them are VMs. 54+ puppet managed. Total server population: ~150 (?)
  • Later, maybe more computers. Maybe 2 to have a highly-available cluster or to have one to test with and one to use for “production”.
    95 Unix servers, 27 of them are VMs. 54+ puppet managed. Total server population: ~150 (?)
  • Later, maybe more computers. Maybe 2 to have a highly-available cluster or to have one to test with and one to use for “production”.
    95 Unix servers, 27 of them are VMs. 54+ puppet managed. Total server population: ~150 (?)
  • Later, maybe more computers. Maybe 2 to have a highly-available cluster or to have one to test with and one to use for “production”.
    95 Unix servers, 27 of them are VMs. 54+ puppet managed. Total server population: ~150 (?)
  • As you go from 2 to many, one obvious technique: the golden master.
    By hand: work that system to perfection. Then copy up to an image server.

    Image From: http://flickr.com/photos/chitrasudar/2558214472/
  • Then clone your images from the golden master to all of your systems.
    Great for computer labs
    Ghost. Or even kickstart
  • Then clone your images from the golden master to all of your systems.
    Great for computer labs
    Ghost. Or even kickstart
  • But what if you need to make something different?
    4 web servers
    1 DB Server.
    Add a slimmed down image for Virtual machine
    Now you need to make at DB server for a VM?

    How? You have 4 images of the whole OS on a hard drive somewhere, but how do you merge 2 sets of changes together?
  • But what if you need to make something different?
    4 web servers
    1 DB Server.
    Add a slimmed down image for Virtual machine
    Now you need to make at DB server for a VM?

    How? You have 4 images of the whole OS on a hard drive somewhere, but how do you merge 2 sets of changes together?
  • But what if you need to make something different?
    4 web servers
    1 DB Server.
    Add a slimmed down image for Virtual machine
    Now you need to make at DB server for a VM?

    How? You have 4 images of the whole OS on a hard drive somewhere, but how do you merge 2 sets of changes together?
  • http://flickr.com/photos/thaths/1392403911/
    http://flickr.com/photos/odalaigh/2331571735/
    http://flickr.com/photos/chitrasudar/2558214472/
  • http://flickr.com/photos/eschipul/2403443144/
  • http://flickr.com/photos/yersinia/464036939/
  • http://flickr.com/photos/travel_aficionado/2266607520/
  • Fundamental Issue: You want your systems as alike as possible (makes life easier), but you also need to make them different from each other in specific ways.
  • Puppet is a way to automatically manage your systems.
  • Puppet lets you be lazier
    making the computers do all of the work
    BEING documentation

    http://friendfeed.com/e/d6e342f7-d768-ce43-5529-eef2166cabc3/puppetmasterd-People-are-finally-figuring-out/?service=twitter
  • An Analogy
    “A HighLevelLanguage is a ProgrammingLanguage that supports system development at a high LevelOfAbstraction, thereby freeing the developer from keeping in his head lots of details that are irrelevant to the problem at hand.” -- http://c2.com/cgi/wiki?HighLevelLanguage
  • An Analogy
    “A HighLevelLanguage is a ProgrammingLanguage that supports system development at a high LevelOfAbstraction, thereby freeing the developer from keeping in his head lots of details that are irrelevant to the problem at hand.” -- http://c2.com/cgi/wiki?HighLevelLanguage
  • An Analogy
    “A HighLevelLanguage is a ProgrammingLanguage that supports system development at a high LevelOfAbstraction, thereby freeing the developer from keeping in his head lots of details that are irrelevant to the problem at hand.” -- http://c2.com/cgi/wiki?HighLevelLanguage
  • An Analogy
    “A HighLevelLanguage is a ProgrammingLanguage that supports system development at a high LevelOfAbstraction, thereby freeing the developer from keeping in his head lots of details that are irrelevant to the problem at hand.” -- http://c2.com/cgi/wiki?HighLevelLanguage
  • An Analogy
    “A HighLevelLanguage is a ProgrammingLanguage that supports system development at a high LevelOfAbstraction, thereby freeing the developer from keeping in his head lots of details that are irrelevant to the problem at hand.” -- http://c2.com/cgi/wiki?HighLevelLanguage
  • Probably in response to programmers who still wanted to write Assembly
  • “Puppet is a declarative language for expressing system configuration, a client and server for distributing it, and a library for realizing the configuration.”
    New Way to Think: Instead of automating current techniques (files and commands), Puppet reframes the problem.
  • “Puppet is a declarative language for expressing system configuration, a client and server for distributing it, and a library for realizing the configuration.”
    New Way to Think: Instead of automating current techniques (files and commands), Puppet reframes the problem.
  • “Puppet is a declarative language for expressing system configuration, a client and server for distributing it, and a library for realizing the configuration.”
    New Way to Think: Instead of automating current techniques (files and commands), Puppet reframes the problem.
  • “Puppet is a declarative language for expressing system configuration, a client and server for distributing it, and a library for realizing the configuration.”
    New Way to Think: Instead of automating current techniques (files and commands), Puppet reframes the problem.
  • Declarative: You say what you want, not how to do it. nouns, not verbs.
    Semantic: Code has meaning.
    Reproducible: Repeat and get the same results
    Shareable: give to a friend. Or find modules on the internet and use them
    Maintainable
    Extensible: not all that terribly hard to write Resource Types and Providers. Also: define.
  • Declarative: You say what you want, not how to do it. nouns, not verbs.
    Semantic: Code has meaning.
    Reproducible: Repeat and get the same results
    Shareable: give to a friend. Or find modules on the internet and use them
    Maintainable
    Extensible: not all that terribly hard to write Resource Types and Providers. Also: define.
  • Declarative: You say what you want, not how to do it. nouns, not verbs.
    Semantic: Code has meaning.
    Reproducible: Repeat and get the same results
    Shareable: give to a friend. Or find modules on the internet and use them
    Maintainable
    Extensible: not all that terribly hard to write Resource Types and Providers. Also: define.
  • Declarative: You say what you want, not how to do it. nouns, not verbs.
    Semantic: Code has meaning.
    Reproducible: Repeat and get the same results
    Shareable: give to a friend. Or find modules on the internet and use them
    Maintainable
    Extensible: not all that terribly hard to write Resource Types and Providers. Also: define.
  • Declarative: You say what you want, not how to do it. nouns, not verbs.
    Semantic: Code has meaning.
    Reproducible: Repeat and get the same results
    Shareable: give to a friend. Or find modules on the internet and use them
    Maintainable
    Extensible: not all that terribly hard to write Resource Types and Providers. Also: define.
  • Declarative: You say what you want, not how to do it. nouns, not verbs.
    Semantic: Code has meaning.
    Reproducible: Repeat and get the same results
    Shareable: give to a friend. Or find modules on the internet and use them
    Maintainable
    Extensible: not all that terribly hard to write Resource Types and Providers. Also: define.
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)

    same thing applies to “clusterssh”
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)

    same thing applies to “clusterssh”
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)

    same thing applies to “clusterssh”
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)

    same thing applies to “clusterssh”
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)

    same thing applies to “clusterssh”
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)
  • Old: commands and files. New: resources.
    Problems with old way: doesn’t happen at install time. Doesn’t happen if system is unavailable. Doesn’t fix itself (yum/apt server down, typo, broken later, etc). Ugly.
    Could put into install script (kickstart, etc), but then what about later when want to change systems?
    Manage same code twice? Put into an RPM or .DEB? (funky when modifying config files)
  • Let’s build this up a bit
    Restart the box and puppet starts exim (instead of coming up on its own)
  • require <-> after
    subscribe <-> notify
  • hasstatus
    hasrestart
    start, stop, restart, status, pattern
  • groupadd: groupadd, netinfo, etc.
  • command (namevar)
    creates, onlyif, unless, refreshonly
    returns, user, group, timeout, environment, cwd,
  • I would never do this. I think this would work. Might not get a report, since could kill puppet before it’s done with stuff...
  • Like a virtual method in some object-oriented languages.

    Can only manage a resource in one place: this is a kind of workaround.
  • Requires database backend
    sqlite by default
    MySQL or something else required to scale
  • >>>>>>>>>>>>>>>>> STAND >>>>>>>>>>>>>>>>>>>>>>>>>>>
    http://commons.wikimedia.org/wiki/Image:Leontopithecus.rosalia-03-ZOO.Dvur.Kralove.jpg
  • Transcript

    • 1. Managing systems with Puppet NBLUG Sept 9, 2008 Eric Eisenhart http://eric.eisenhart.name/
    • 2. System Administration
    • 3. System Administration
    • 4. System Administration “We will encourage you to develop the three great virtues of a programmer: laziness, impatience, and hubris.” --Larry Wall, Programming Perl
    • 5. One Computer Image From: http://ftp.arl.mil/ftp/historic-computers/
    • 6. Two Computers Image From http://flickr.com/photos/arthur_pewty/2703897757/
    • 7. Hand- Crafted
    • 8. Individually Maintained
    • 9. Many Computers
    • 10. Many Computers
    • 11. Many Computers
    • 12. Many Computers
    • 13. Many Computers
    • 14. Gold Master
    • 15. Clone
    • 16. Clone
    • 17. Clone
    • 18. Alter
    • 19. Alter
    • 20. Alter
    • 21. Alter ? ?
    • 22. Multiple Masters?
    • 23. Change by Hand?
    • 24. What do you do next time?
    • 25. Reproducible Process
    • 26. Same But Different
    • 27. What is Puppet?
    • 28. Lazy Puppeteers People are finally figuring out puppet and how it gets you to the pub by 4pm. Note that I've been at this pub since 2pm. -- Jorge Castro
    • 29. An Analogy
    • 30. An Analogy
    • 31. An Analogy Programming SysAdmin Low Level, commands and Assembly Non-Portable, files Some Abstraction, Portability Possible C Cfengine Abstract, Perl, Python, Puppet Portable Ruby
    • 32. An Analogy Programming SysAdmin Low Level, commands and Assembly Non-Portable, files Some Abstraction, Portability Possible C Cfengine Abstract, Perl, Python, Puppet Portable Ruby
    • 33. An Analogy Programming SysAdmin Low Level, commands and Assembly Non-Portable, files Some Abstraction, Portability Possible C Cfengine Abstract, Perl, Python, Puppet Portable Ruby
    • 34. An Analogy Programming SysAdmin Low Level, commands and Assembly Non-Portable, files Some Abstraction, Portability Possible C Cfengine Abstract, Perl, Python, Puppet Portable Ruby
    • 35. “the most damaging phrase in the language is: `We've always done it this way.’” -- Grace Hopper (developer of the first compiler)
    • 36. Puppet
    • 37. Puppet Language
    • 38. Puppet Language Client & Server
    • 39. Puppet Language Client & Server Resource Abstraction
    • 40. Puppet Language Client & Server Resource Abstraction New Way To Think
    • 41. Puppet Language
    • 42. Puppet Language Declarative
    • 43. Puppet Language Declarative Semantic
    • 44. Puppet Language Declarative Semantic Reproducible
    • 45. Puppet Language Declarative Semantic Reproducible Shareable
    • 46. Puppet Language Declarative Semantic Reproducible Shareable Maintainable
    • 47. Puppet Language Declarative Semantic Reproducible Shareable Maintainable Extensible
    • 48. Old Way: Kickstart tricks %post if grep -q "release 5" /etc/redhat-release then INSTALL="yum -y install" else INSTALL="up2date-nox" fi $INSTALL exim curl https://master/exim/exim.conf > /etc/exim/exim.conf chkconfig exim on
    • 49. Old Way: Package tricks Requires: exim %post curl https://master/exim/exim.conf > /etc/exim/exim.conf chkconfig exim on service exim restart %triggerin -- exim curl https://master/exim/exim.conf > /etc/exim/exim.conf service exim restart
    • 50. Old Way: ssh in a for loop for h in eximbox1 eximbox2 eximbox3; do ssh $h ‘ grep “release 4” /etc/redhat-release && up2date exim grep “release 5” /etc/redhat-release && yum install exim’ scp exim/exim.conf $h:/etc/exim/exim.conf ssh $h /etc/init.d/exim start done
    • 51. for h in eximbox1 eximbox2 eximbox3; do ssh $h ‘ grep “release 4” /etc/redhat-release && up2date exim grep “release 5” /etc/redhat-release && yum install exim’ scp exim/exim.conf $h:/etc/exim/exim.conf ssh $h /etc/init.d/exim start done node eximbox1, eximbox2, eximbox3 { package { exim: ensure => installed } file { “/etc/exim/exim.conf”: source => “puppet:///exim/exim.conf” } service { exim: ensure => running } }
    • 52. Old Way: ssh in a for loop Server Client Client Client Client Client Client
    • 53. Old Way: ssh in a for loop Client Server Client Client Client Client Client
    • 54. Old Way: ssh in a for loop Client Server Client Client Client Client
    • 55. Client & Server Server Client
    • 56. Client & Server Code Server Client
    • 57. Client & Server Code Server Client
    • 58. Client & Server Code Server Facts Client
    • 59. Client & Server Code Server Compile Facts Client
    • 60. Client & Server Code Server Compile Config Facts Client
    • 61. Client & Server Code Server Compile Config Facts Run Client
    • 62. Client & Server Code Server Compile Files Config Facts Run Client
    • 63. Client & Server Code Server Compile Files Config Report Facts Run Client
    • 64. Client & Server Code Server Compile Files Config Report Facts Run Sleep Client
    • 65. Client & Server Code Server Compile Files Config Report Facts Run Sleep Client
    • 66. Clients & Server Code Server Client Client Client Client Client Client
    • 67. Expanded Old Way for h in eximbox1 eximbox2 eximbox3; do ssh $h ‘ grep “release 4” /etc/redhat-release && up2date exim grep “release 5” /etc/redhat-release && yum install exim’ scp exim/exim.conf $h:/etc/exim/exim.conf ssh $h /etc/init.d/exim start done
    • 68. for h in eximbox1 eximbox2 eximbox3; do ssh $h ‘ grep “release 4” /etc/redhat-release && up2date exim grep “release 5” /etc/redhat-release && yum install exim’ scp exim/exim.conf $h:/etc/exim/exim.conf ssh $h /etc/init.d/exim start done node eximbox1, eximbox2, eximbox3 { package { exim: ensure => installed } file { “/etc/exim/exim.conf”: source => “puppet:///exim/exim.conf” } service { exim: ensure => running } }
    • 69. for h in eximbox1 eximbox2 eximbox3; do ssh root@$h chkconfig exim on done service { exim: ensure => running, enable => true }
    • 70. package { exim: ensure => installed } file { “exim.conf”: source => “puppet:///exim/exim.conf”, name => “/etc/exim/exim.conf”, require => Package[exim] } service { exim: ensure => running, enable => true, subscribe => [ File[“exim.conf”], Package[exim] ] }
    • 71. class exim { include spamassassin::client package { exim: ... } file { “exim.conf”: ... } service { “exim”: ...} } class spamassassin { class server { ... } class client { ... } }
    • 72. node eximbox1, eximbox2 { include exim } node eximbox3 { include exim include spamassassin::server } node spambox { include spamassassin::server }
    • 73. Client
    • 74. Client • Collect Facts
    • 75. Client • Collect Facts • Send Facts
    • 76. Client • Collect Facts • Send Facts • Receive Configuration
    • 77. Client • Collect Facts • Send Facts • Receive Configuration • Sort Configuration
    • 78. Client • Collect Facts • Send Facts • Receive Configuration • Sort Configuration • For Each Resource:
    • 79. Client • Collect Facts • Send Facts • Receive Configuration • Sort Configuration • For Each Resource: • Check Current State
    • 80. Client • Collect Facts • Send Facts • Receive Configuration • Sort Configuration • For Each Resource: • Check Current State • Run Required Transactions
    • 81. Client • Collect Facts • Send Facts • Receive Configuration • Sort Configuration • For Each Resource: • Check Current State • Run Required Transactions • Send Report
    • 82. Server
    • 83. Server • Compiler
    • 84. Server • Compiler • Fileserver
    • 85. Server • Compiler • Fileserver • Certificate Authority
    • 86. Server • Compiler • Fileserver • Certificate Authority • Report Handler
    • 87. Library
    • 88. Library • Resource Types
    • 89. Library • Resource Types • Providers
    • 90. Library • Resource Types • Providers • Resource Abstraction Layer
    • 91. Resource Abstraction Layer
    • 92. Resource Abstraction Layer Resource Types
    • 93. Resource Abstraction Layer Resource Types Providers
    • 94. Resource Abstraction Layer Resource Types Package Providers
    • 95. Resource Abstraction Layer Resource Types Package Providers dpkg rpm ports apt yum sun
    • 96. Resource Abstraction Layer Resource Types Package Service Providers dpkg rpm ports apt yum sun
    • 97. Resource Abstraction Layer Resource Types Package Service Providers dpkg rpm ports init SMF apt yum sun redhat debian
    • 98. service { iptables: ensure => running, hasstatus => true, }
    • 99. host { example: ip => “192.168.7.4”, alias => [“monkey”, “tamarin”] }
    • 100. file { “/nfs”: ensure => directory; “/nfs/example”: ensure => directory; “/nfs/example/foo”: ensure => directory; }
    • 101. file { “/nfs”: ensure => directory; “/nfs/example”: ensure => directory; “/nfs/example/foo”: ensure => directory; } file { [ “/nfs”, “/nfs/example”, “/nfs/example/foo” ]: ensure => directory; }
    • 102. $nfsopts = “vers=3,tcp,intr,hard” mount { "/nfs/example/foo": atboot => true, device => "example:/foo", ensure => "mounted", fstype => "nfs", options => $nfsopts, dump => "0", pass => "0", require => [ Host[example], File["/nfs/example/foo"] ] }
    • 103. group { monkeys: ensure => present } group { eric: ensure => present } user { eric: ensure => present, comment => “Eric Eisenhart”, managehome => true, groups => [monkeys, admin], before => Group[eric], require => Group[monkeys] }
    • 104. mailalias { root: recipient => “eric@nblug.org”, }
    • 105. cron { logrotate: command => “/usr/sbin/logrotate”, user => root, hour => 2, minute => 0, }
    • 106. exec { “make stuff”: cwd => “/nfs/example/foo”, creates => “/nfs/example/foo/stuff”, require => Mount[“/nfs/example/foo”] }
    • 107. Conditionals case $operatingsystem { sunos: { include solaris } redhat: { include redhat } }
    • 108. Conditionals case $operatingsystem { sunos: { include solaris } redhat: { include redhat } } file { “/example”: owner => $operatingsystem ? { sunos => “adm”, redhat => “bin”, }, mode => 0755, owner => root }
    • 109. Conditionals include yoursite::${operatingsystem} case $operatingsystem { sunos: { include solaris } redhat: { include redhat } } file { “/example”: owner => $operatingsystem ? { sunos => “adm”, redhat => “bin”, }, mode => 0755, owner => root }
    • 110. Mutually Assured Resurrection $cron = $operatingsystem ? { redhat => “crond”, debian => “cron” } service { cron: name => $cron, ensure => running, } cron { “restart-puppet”: command => “pgrep puppetd || service puppetd restart”, minute => 0, }
    • 111. Scary package { “kernel”: ensure => latest, notify => Exec[reboot] } exec { “reboot”: refreshonly => true, } Think carefully before using this example
    • 112. Virtual Resources
    • 113. Virtual Resources class users { @user { eric: ... } } class sysadmins { include users realize( User[eric] ) } class workstation { include users realize( User[eric] ) }
    • 114. Exported Resources
    • 115. Exported Resources class ssh::knownhosts { @@sshkey { $hostname: type => rsa, key => $sshrsakey } Sshkey <<| name != $hostname |>> }
    • 116. define virtualhost ( $ensure = present, $aliases = [], $path = “/var/www/html/hosts/$hostname” ) { file { “/etc/httpd/conf.d/vh-$name.conf”: content => template(“vhost.erb”), notify => Service[“httpd”], ensure => $ensure } file { $path: ensure => directory } } virtualhost { “nblug.org”: aliases => [“www.nblug.org”] }
    • 117. Templates <VirtualHost> ServerName <%= hostname %> <% aliases.each do |name| -%> ServerAlias <%= name %> <% end -%> DocumentRoot <%= path %> CustomLog /var/log/httpd/<%= name %>.log ErrorLog /var/log/httpd/<%= name %>.err </VirtualHost>
    • 118. Modules # cd /etc/puppet/modules/bind/ # find . | grep -v CVS ./README ./manifests ./manifests/init.pp ./manifests/special.pp ./templates ./templates/named.conf.erb ./files ./files/named.root ./files/named.local
    • 119. ¿ Live Demo ?
    • 120. Future • More native types and providers • Puppet Common Modules • augeas integration: augeas { "grub timeout": context => "/files/etc/grub.conf", changes => "set timeout 30" } • Test Frameworks?
    • 121. Questions
    • 122. End • Puppet: http://puppet.reductivelabs.com/ • More: http://delicious.com/freiheit/puppet • Pulling Strings With Puppet: http://xrl.us/oqpb4 (amazon) • Alternatives: • cfengine (automating the old ways) • Bcfg2 (XML) • LCFG (less OS support) • $$$$ • Me: http://eric.eisenhart.name/ • slide:ology: http://slideology.com/

    ×