Dance for the puppet master: G6 Tech Talk

  • 152 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
152
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
1
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Dance for the puppetmasterAn introduction to PuppetMichael Peacock
  • 2. So, what is puppetProvisioning tool “Open source configuration management tool”Used to automate server management Configuration Installs & upgrades etc
  • 3. Internal development team presentation Ground Six Limited
  • 4. IdempotentCan be ran multiple times without changing theserver (unless the configuration changes)Instead of doing things, it checks or ensuresthings: Ensuring a package is installed only installs it if it hasn’t been installed. Execs only run if their create file isn’t found (and puppet doesn’t think they have been ran)
  • 5. Configuration withinVagrantTell puppet to runTell it where the manifests liveTell it the default manifestTell it where modules live
  • 6. config.vm.provision :puppet do |puppet| puppet.manifests_path = "provision/manifests" puppet.manifest_file = "default.pp" puppet.module_path = "provision/modules" end
  • 7. What can it do?cron: install and manage cron jobs (scheduled_task onwindows)exec: runs shall commandsuser: create and manage user accountsgroup: create and manage groupsfile: create and manage files, folders and symlinksnotify: log somethingservice: manage running servicesAnd more...the items in bold are known as resources withinpuppet
  • 8. RequireMany / all puppet options support a “require”configurationDefines other puppet tasks which must havebeen successfully checked / executed beforethis can be ran We only want to install packages once we have updated aptitude We only want to install MySQL drivers once we have the MySQL client/server installed
  • 9. Require examplerequire => [ Package[mysql-client], Package[mysql-server] ] notice when referencing other puppet configurations, the resource type is capitalised
  • 10. execcommand: command (including full path unless pathis also defined) to be executed. The “name” will beused if omitteduser & group: to run the command ascreate: a file that the command creates. If found,the exec is not runcwd: directory to run the command frompath: if full path for command isn’t supplied, pathmust point to location of the command
  • 11. exec: a note We create lock files in some of our execcommands to prevent repeated execution, e.g. after installing the default database,download something or run anything which can only be ran once.
  • 12. exec: exampleexec{ "create-db": command => /bin/gunzip -c/vagrant/database/default.sql.gz > db.sql &&/usr/bin/mysql < db.sql && /bin/rm db.sql &&/bin/touch /vagrant/mysqlimport.lock, require => [ Package[mysql-client],Package[mysql-server] ], creates => "/vagrant/mysqlimport.lock", timeout => 0 }
  • 13. exec: another exampleexec{ "compose": command => /bin/rm -rfv /vagrant/vendor/* && /bin/rm-f /vagrant/composer.lock && /usr/bin/curl -shttp://getcomposer.org/installer | /usr/bin/php -- --install-dir=/vagrant && cd /vagrant && /usr/bin/php/vagrant/composer.phar install, require => [ Package[curl], Package[git-core] ], creates => "/vagrant/composer.lock", timeout => 0 }
  • 14. exec: what we use it forInstalling the default MySQL database contentInstall pear projectsNote: we should probably use or write a puppetmodule to install pear projects we need, ourapproach is a bit of a hack
  • 15. subscribe & refreshonlySome commands need to be ran periodically afterother things have ran More so the case when puppet manages existing infrastructure (using it to manage whats already on a machine and installing new things)subscribe: defines other events which should cause thetask to run (like require, but refreshes the task)refreshonly: instructs the task to only run when the othertasks are completed
  • 16. Installing softwarePackage “type”We need to apt-get update first...We want to ensure some of our installedsoftware is running
  • 17. Update aptitude exec { apt-get update: command => /usr/bin/apt-get update, require => Exec[preparenetworking], timeout => 0 }
  • 18. Install packageWe just need to ensure the package is present package { "apache2": ensure => present, require => Exec[apt-get update] }
  • 19. Run the service service { "apache2": ensure => running, require => Package[apache2] }
  • 20. Filesensure: type of file - symlink (link), directorytarget: for symlinks - set the target filesource:file to be copied (if copying a file)owner: user who should own the filegroup: group associated with the filemode: file permissions e.g. 777
  • 21. file: copy apache config Set the source: source => ‘/path/to/file’file { /etc/apache2/sites-available/default: source =>/vagrant/provision/modules/apache/files/default, owner => root, group => root }
  • 22. file: create a symlinkensure => ‘link’ file { /var/www/vendor: ensure => link, target => /vagrant/vendor, require => Package[apache2] }
  • 23. file: create a folder ensure => ‘directory’ file{ "/var/www/uploads": ensure => "directory", owner => "www-data", group => "www-data", mode => 777, }
  • 24. file: create several folders$cache_directories = [ "/var/www/cache/", "/var/www/cache/pages", "/var/www/cache/routes","/var/www/cache/templates", ] file { $cache_directories: ensure => "directory", owner => "www-data", group => "www-data", mode => 777, }
  • 25. Add a croncommand: the command to runuser: user to run the cron ashour, minute, month, monthday, weekday can be defined as hour => 1 or hour => [1,2,3,5] or hour => [1-10]
  • 26. Create a user user { "developer": ensure => "present", gid => "wheel", shell => "/bin/bash", home => "/home/developer", managehome => true, password => "passwordtest", require => Group["wheel"] }
  • 27. Create a group group { "wheel": ensure => "present", }
  • 28. Make the group asudoer We probably want to stop this being ran multiple times!exec { "/bin/echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers": require => Group["wheel"] }
  • 29. StagesRunning things in a specific order can often beimportantRequire often makes this easy for us, howeverExec’s don’t seem to use this reliablyWe can define “stages” with a specific order.We can then put puppet modules into stagesDefault stage is Stage[main]
  • 30. Stages example stage { first: before => Stage[main] } class {apache: stage => first}
  • 31. Importing modulesImport the module (assuming it is in the rightfolder)Include the module to be executed import "apache" include apache
  • 32. Image Creditshttp://www.flickr.com/photos/stephen_wong/560079730/