Dance for the puppet master: G6 Tech Talk
Upcoming SlideShare
Loading in...5

Dance for the puppet master: G6 Tech Talk






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Dance for the puppet master: G6 Tech Talk Dance for the puppet master: G6 Tech Talk Presentation Transcript

  • Dance for the puppetmasterAn introduction to PuppetMichael Peacock
  • So, what is puppetProvisioning tool “Open source configuration management tool”Used to automate server management Configuration Installs & upgrades etc
  • Internal development team presentation Ground Six Limited
  • IdempotentCan be ran multiple times without changing theserver (unless the configuration changes)Instead of doing things, it checks or ensuresthings: Ensuring a package is installed only installs it if it hasn’t been installed. Execs only run if their create file isn’t found (and puppet doesn’t think they have been ran)
  • Configuration withinVagrantTell puppet to runTell it where the manifests liveTell it the default manifestTell it where modules live
  • config.vm.provision :puppet do |puppet| puppet.manifests_path = "provision/manifests" puppet.manifest_file = "default.pp" puppet.module_path = "provision/modules" end
  • What can it do?cron: install and manage cron jobs (scheduled_task onwindows)exec: runs shall commandsuser: create and manage user accountsgroup: create and manage groupsfile: create and manage files, folders and symlinksnotify: log somethingservice: manage running servicesAnd more...the items in bold are known as resources withinpuppet
  • RequireMany / all puppet options support a “require”configurationDefines other puppet tasks which must havebeen successfully checked / executed beforethis can be ran We only want to install packages once we have updated aptitude We only want to install MySQL drivers once we have the MySQL client/server installed
  • Require examplerequire => [ Package[mysql-client], Package[mysql-server] ] notice when referencing other puppet configurations, the resource type is capitalised
  • execcommand: command (including full path unless pathis also defined) to be executed. The “name” will beused if omitteduser & group: to run the command ascreate: a file that the command creates. If found,the exec is not runcwd: directory to run the command frompath: if full path for command isn’t supplied, pathmust point to location of the command
  • exec: a note We create lock files in some of our execcommands to prevent repeated execution, e.g. after installing the default database,download something or run anything which can only be ran once.
  • exec: exampleexec{ "create-db": command => /bin/gunzip -c/vagrant/database/default.sql.gz > db.sql &&/usr/bin/mysql < db.sql && /bin/rm db.sql &&/bin/touch /vagrant/mysqlimport.lock, require => [ Package[mysql-client],Package[mysql-server] ], creates => "/vagrant/mysqlimport.lock", timeout => 0 }
  • exec: another exampleexec{ "compose": command => /bin/rm -rfv /vagrant/vendor/* && /bin/rm-f /vagrant/composer.lock && /usr/bin/curl -s | /usr/bin/php -- --install-dir=/vagrant && cd /vagrant && /usr/bin/php/vagrant/composer.phar install, require => [ Package[curl], Package[git-core] ], creates => "/vagrant/composer.lock", timeout => 0 }
  • exec: what we use it forInstalling the default MySQL database contentInstall pear projectsNote: we should probably use or write a puppetmodule to install pear projects we need, ourapproach is a bit of a hack
  • subscribe & refreshonlySome commands need to be ran periodically afterother things have ran More so the case when puppet manages existing infrastructure (using it to manage whats already on a machine and installing new things)subscribe: defines other events which should cause thetask to run (like require, but refreshes the task)refreshonly: instructs the task to only run when the othertasks are completed
  • Installing softwarePackage “type”We need to apt-get update first...We want to ensure some of our installedsoftware is running
  • Update aptitude exec { apt-get update: command => /usr/bin/apt-get update, require => Exec[preparenetworking], timeout => 0 }
  • Install packageWe just need to ensure the package is present package { "apache2": ensure => present, require => Exec[apt-get update] }
  • Run the service service { "apache2": ensure => running, require => Package[apache2] }
  • Filesensure: type of file - symlink (link), directorytarget: for symlinks - set the target filesource:file to be copied (if copying a file)owner: user who should own the filegroup: group associated with the filemode: file permissions e.g. 777
  • file: copy apache config Set the source: source => ‘/path/to/file’file { /etc/apache2/sites-available/default: source =>/vagrant/provision/modules/apache/files/default, owner => root, group => root }
  • file: create a symlinkensure => ‘link’ file { /var/www/vendor: ensure => link, target => /vagrant/vendor, require => Package[apache2] }
  • file: create a folder ensure => ‘directory’ file{ "/var/www/uploads": ensure => "directory", owner => "www-data", group => "www-data", mode => 777, }
  • file: create several folders$cache_directories = [ "/var/www/cache/", "/var/www/cache/pages", "/var/www/cache/routes","/var/www/cache/templates", ] file { $cache_directories: ensure => "directory", owner => "www-data", group => "www-data", mode => 777, }
  • Add a croncommand: the command to runuser: user to run the cron ashour, minute, month, monthday, weekday can be defined as hour => 1 or hour => [1,2,3,5] or hour => [1-10]
  • Create a user user { "developer": ensure => "present", gid => "wheel", shell => "/bin/bash", home => "/home/developer", managehome => true, password => "passwordtest", require => Group["wheel"] }
  • Create a group group { "wheel": ensure => "present", }
  • Make the group asudoer We probably want to stop this being ran multiple times!exec { "/bin/echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers": require => Group["wheel"] }
  • StagesRunning things in a specific order can often beimportantRequire often makes this easy for us, howeverExec’s don’t seem to use this reliablyWe can define “stages” with a specific order.We can then put puppet modules into stagesDefault stage is Stage[main]
  • Stages example stage { first: before => Stage[main] } class {apache: stage => first}
  • Importing modulesImport the module (assuming it is in the rightfolder)Include the module to be executed import "apache" include apache
  • Image Credits