First Moves with Puppet<br />New Delhi Puppet HackDay/<br />BarCamp March 13, 2010<br />Presented by <br />Slideshare Oper...
Today<br />Quick Primer<br />Useful Commands<br />PuppetingSudoers I — Permissions<br />PuppetingSudoers II — OS Condition...
Quick Primer: How It Flows<br />Ref. http://www.linuxforu.com/wp-content/uploads/2009/06/puppet_diagram.png<br />3<br />
Quick Primer: Learning the Lingo<br />Resource – instance of native type, plugin, or definition, i.e. user, exec, file<br ...
Quick Primer: Data Parameters<br />Variables – substitution values<br />Arrays – grouped list of values<br />Attributes – ...
Quick Primer: Variable Scoping<br />Overridable variable defaults defined only in outer scope of resource instances<br />D...
Quick Primer: Where Things Are<br />Note: below assumes default install in /etc<br />/etc/puppet/fileserver.conf(used by p...
Quick Primer: A Client Directory Tree<br />puppetclient01:/var/lib/puppet<br />	|-> classes.txt– node’s class membership<b...
Quick Primer: Master Directory Tree<br />puppetmasterd:/var/lib/puppet<br />	|-> bucket<br />	|-> classes.txt<br />	|-> cl...
Useful Commands to Get Started<br />puppet <puppetscript.pp> - run standalone script<br />-l /path/to/file.log– logpath<br...
PuppetingSudoers I — Permissions<br />Configure /etc/puppet/manifests/sudoers.pp :<br />file { "/etc/sudoers":<br />    ow...
PuppetingSudoers II — Operating Conditions<br />Now, correct with /etc/puppet/manifests/sudoers2.pp<br />file { "/etc/sudo...
PuppetingSudoers III — Inheriting Class<br />/etc/puppet/manifests/sudoers3.pp<br />class unix {<br />        file { "/etc...
PuppetingSudoers III — Inheriting Class (cont.)<br />/etc/puppet/manifests/sudoers3.pp<br />node default {<br />        in...
PuppetingSudoers III — Inheriting Class (cont. 2)<br />Use Facter to defindnodename:<br />[puppet@puppet manifests]#  fact...
Facts about Facter<br />Facter is a Puppet utility that discovers relevant “facts” that puppet can use to dynamically popu...
References<br />Reductive Labs Puppet Guideshttp://docs.reductivelabs.com/guides/<br />Glossary of Terms  http://reductive...
Upcoming SlideShare
Loading in...5
×

Puppet barcampexercises.jzt

1,866

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,866
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Instructs to participants to test--&gt; puppet -dsite.pp--&gt; optional -l $LOG + other window with tail of log--&gt; puppet --noop -dsite.pp --&gt; pgrep -lf puppetd (default incremen is 30 min)--&gt; pgrep -lf puppetmasterd
  • 1) puppet --noopsudoers.pp2) puppet -dsudoers.pp* This faulty centos mode corrected by next exercise – this config actually changes file to faulty settings on purpose
  • 1) demonstrate conditionals per OS &lt;&quot;puppet -d --noop sudoers2.pp&quot;&gt; 2) service, operations on resource &lt;&quot;puppet -d sudoers2.pp&quot;&gt;
  • &lt;run site.pp to have something to change again&gt;  (c) 1) class w/ file &amp; service resources 2) inheritance &lt;run once in non-func. mode&gt; - to demo that nothing gets executed without resource instantiation, etc.
  • 3)idefault &amp; bastionhost node instance 4) bastionhost node instance &lt;run once in non-func. mode&gt; - to demo what it meands for node to belong to a certain class 5) cat /var/lib/puppet/classes.txt (loaded by puppetd)
  • 6)facter | egrep -i &apos;fqdn|hostname&apos; 7) specific node &apos;hostname&apos; &lt;run once in non-func. mode&gt; &lt;run once in func. mode&gt;Done
  • !
  • Puppet barcampexercises.jzt

    1. 1. First Moves with Puppet<br />New Delhi Puppet HackDay/<br />BarCamp March 13, 2010<br />Presented by <br />Slideshare Operations Engineering/Julie Tsai<br />
    2. 2. Today<br />Quick Primer<br />Useful Commands<br />PuppetingSudoers I — Permissions<br />PuppetingSudoers II — OS Conditions<br />PuppetingSudoers III — Inheriting Class<br />Facter<br />References<br />2<br />
    3. 3. Quick Primer: How It Flows<br />Ref. http://www.linuxforu.com/wp-content/uploads/2009/06/puppet_diagram.png<br />3<br />
    4. 4. Quick Primer: Learning the Lingo<br />Resource – instance of native type, plugin, or definition, i.e. user, exec, file<br />Capitalized resource: invoked by other resources of previously defined resource, i.e. file foo.txt laver invoked as File[“foo.txt”] <br />Class - resource(s) description with title, file, attributes<br />Definition – abstract description of class, can be invoked multiple times<br />Node – host instance (physical or virtual) <br />Collection – groups of resources<br />Recipe – sample puppet code (manifests/*.pp)<br />4<br />
    5. 5. Quick Primer: Data Parameters<br />Variables – substitution values<br />Arrays – grouped list of values<br />Attributes – statement(s) describing resources<br />Literals – string values that needn’t be interpolated<br />5<br />
    6. 6. Quick Primer: Variable Scoping<br />Overridable variable defaults defined only in outer scope of resource instances<br />Declarative language: Within the same-level scope, variables can only be defined once<br />Qualified variables are a method of passing parameters from a class<br />class mothership {<br /> $server = “juno”<br />}<br />class satellite { <br /> $ms = $mothership::server<br />}<br />6<br />
    7. 7. Quick Primer: Where Things Are<br />Note: below assumes default install in /etc<br />/etc/puppet/fileserver.conf(used by puppermasterd)<br />path /var/lib/puppet/files<br /> allow 10.100.0.0/24<br />/etc/puppet/puppet.conf(used by clients’ puppetd)<br />vardir = /var/lib/puppet<br />logdir = /var/log/puppet<br />classfile = $vardir/classes.txt<br />/etc/puppet/manifests/[../..]/*.pp (architecture varies)<br />7<br />
    8. 8. Quick Primer: A Client Directory Tree<br />puppetclient01:/var/lib/puppet<br /> |-> classes.txt– node’s class membership<br /> |-> cientbucket– hashed config artifacts<br /> |-> lib<br /> |-> localconfig.yaml<br /> |-> ssl– authentication certs<br /> |-> state – checksums, entropy-tracking<br />8<br />
    9. 9. Quick Primer: Master Directory Tree<br />puppetmasterd:/var/lib/puppet<br /> |-> bucket<br /> |-> classes.txt<br /> |-> clientbucket<br /> |-> client_yaml<br /> |-> lib<br /> |-> localconfig.yaml<br /> |-> reports<br /> |-> rrd<br /> |-> ssl<br /> |-> state<br /> |-> yaml<br />9<br />
    10. 10. Useful Commands to Get Started<br />puppet <puppetscript.pp> - run standalone script<br />-l /path/to/file.log– logpath<br />-d– debug<br />--noop– dry-run<br />puppetd– daemon on client that schedules retrieval of configs from puppetmaster and applies locally<br />-d– debug<br />--test – verbose logging<br />--noop– dry-run<br />-l /path/to/log – log path<br />facter– find out local node’s values for reserved classes<br />10<br />
    11. 11. PuppetingSudoers I — Permissions<br />Configure /etc/puppet/manifests/sudoers.pp :<br />file { "/etc/sudoers":<br /> owner => root,<br /> group => wheel,<br /> mode => 400,<br />}<br />11<br />And run:<br />[puppet@puppet manifests]# puppet –noop –d /etc/puppet/manifests/sudoers.pp<br />
    12. 12. PuppetingSudoers II — Operating Conditions<br />Now, correct with /etc/puppet/manifests/sudoers2.pp<br />file { "/etc/sudoers”:<br /> mode => $operatingsystem ? {<br /> centos => "440",<br />gentoo => "440",<br />suse => "640",<br /> default => ”400",<br /> },<br /> owner => root,<br /> group => root,<br />}<br />12<br />
    13. 13. PuppetingSudoers III — Inheriting Class<br />/etc/puppet/manifests/sudoers3.pp<br />class unix {<br /> file { "/etc/sudoers":<br /> owner => root,<br /> group => root,<br /> }<br /> service {<br /> "sshd":<br /> ensure => running,<br /> }<br />}<br />class centos_mycompany inherits unix {<br /> File["/etc/sudoers"] { mode => 440 }<br />}<br />13<br />
    14. 14. PuppetingSudoers III — Inheriting Class (cont.)<br />/etc/puppet/manifests/sudoers3.pp<br />node default {<br /> include unix<br />}<br />node bastionhost {<br /> include centos_mycompany<br />}<br />14<br />And run:<br />[puppet@puppet manifests]# puppet –d –noop sudoers3.pp<br />[puppet@puppet manifests]# cat /var/lib/puppet/classes.txt<br />
    15. 15. PuppetingSudoers III — Inheriting Class (cont. 2)<br />Use Facter to defindnodename:<br />[puppet@puppet manifests]# facter | egrep -i 'fqdn|hostname’<br />15<br />/etc/puppet/manifests/sudoers3.pp<br />node'puppet.us-west-1.compute.internal' {<br /> include centos_mycompany<br />} <br />
    16. 16. Facts about Facter<br />Facter is a Puppet utility that discovers relevant “facts” that puppet can use to dynamically populate puppet manifest variables<br />Executing command-line Facter can show you the reserved variables like FQDN, hostname, kernel, architecture, sshdsakey, etc.<br />16<br />
    17. 17. References<br />Reductive Labs Puppet Guideshttp://docs.reductivelabs.com/guides/<br />Glossary of Terms http://reductivelabs.com/trac/puppet/wiki/GlossaryOfTerms<br />Resource Attributeshttp://reductivelabs.com/trac/puppet/wiki/TypeReference#metaparameters<br />Nice vimrc for Puppethttp://www.davidpashley.com/blog/systems-administration/puppet/vim-highlighting.html<br />Classic LISA ‘98 paper on best-practice infrastructures http://www.infrastructures.org/papers/bootstrap/bootstrap.html<br />17<br />

    ×