• Save
Puppet barcampexercises.jzt
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Puppet barcampexercises.jzt

on

  • 2,384 views

 

Statistics

Views

Total Views
2,384
Views on SlideShare
2,381
Embed Views
3

Actions

Likes
1
Downloads
0
Comments
0

3 Embeds 3

https://www.mturk.com 1
http://www.slideshare.net 1
https://duckduckgo.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Instructs to participants to test--> puppet -dsite.pp--> optional -l $LOG + other window with tail of log--> puppet --noop -dsite.pp --> pgrep -lf puppetd (default incremen is 30 min)--> pgrep -lf puppetmasterd
  • 1) puppet --noopsudoers.pp2) puppet -dsudoers.pp* This faulty centos mode corrected by next exercise – this config actually changes file to faulty settings on purpose
  • 1) demonstrate conditionals per OS  2) service, operations on resource
  •   (c) 1) class w/ file & service resources 2) inheritance - to demo that nothing gets executed without resource instantiation, etc.
  • 3)idefault & bastionhost node instance 4) bastionhost node instance - to demo what it meands for node to belong to a certain class 5) cat /var/lib/puppet/classes.txt (loaded by puppetd)
  • 6)facter | egrep -i 'fqdn|hostname' 7) specific node 'hostname' Done
  • !

Puppet barcampexercises.jzt Presentation Transcript

  • 1. First Moves with Puppet
    New Delhi Puppet HackDay/
    BarCamp March 13, 2010
    Presented by
    Slideshare Operations Engineering/Julie Tsai
  • 2. Today
    Quick Primer
    Useful Commands
    PuppetingSudoers I — Permissions
    PuppetingSudoers II — OS Conditions
    PuppetingSudoers III — Inheriting Class
    Facter
    References
    2
  • 3. Quick Primer: How It Flows
    Ref. http://www.linuxforu.com/wp-content/uploads/2009/06/puppet_diagram.png
    3
  • 4. Quick Primer: Learning the Lingo
    Resource – instance of native type, plugin, or definition, i.e. user, exec, file
    Capitalized resource: invoked by other resources of previously defined resource, i.e. file foo.txt laver invoked as File[“foo.txt”]
    Class - resource(s) description with title, file, attributes
    Definition – abstract description of class, can be invoked multiple times
    Node – host instance (physical or virtual)
    Collection – groups of resources
    Recipe – sample puppet code (manifests/*.pp)
    4
  • 5. Quick Primer: Data Parameters
    Variables – substitution values
    Arrays – grouped list of values
    Attributes – statement(s) describing resources
    Literals – string values that needn’t be interpolated
    5
  • 6. Quick Primer: Variable Scoping
    Overridable variable defaults defined only in outer scope of resource instances
    Declarative language: Within the same-level scope, variables can only be defined once
    Qualified variables are a method of passing parameters from a class
    class mothership {
    $server = “juno”
    }
    class satellite {
    $ms = $mothership::server
    }
    6
  • 7. Quick Primer: Where Things Are
    Note: below assumes default install in /etc
    /etc/puppet/fileserver.conf(used by puppermasterd)
    path /var/lib/puppet/files
    allow 10.100.0.0/24
    /etc/puppet/puppet.conf(used by clients’ puppetd)
    vardir = /var/lib/puppet
    logdir = /var/log/puppet
    classfile = $vardir/classes.txt
    /etc/puppet/manifests/[../..]/*.pp (architecture varies)
    7
  • 8. Quick Primer: A Client Directory Tree
    puppetclient01:/var/lib/puppet
    |-> classes.txt– node’s class membership
    |-> cientbucket– hashed config artifacts
    |-> lib
    |-> localconfig.yaml
    |-> ssl– authentication certs
    |-> state – checksums, entropy-tracking
    8
  • 9. Quick Primer: Master Directory Tree
    puppetmasterd:/var/lib/puppet
    |-> bucket
    |-> classes.txt
    |-> clientbucket
    |-> client_yaml
    |-> lib
    |-> localconfig.yaml
    |-> reports
    |-> rrd
    |-> ssl
    |-> state
    |-> yaml
    9
  • 10. Useful Commands to Get Started
    puppet <puppetscript.pp> - run standalone script
    -l /path/to/file.log– logpath
    -d– debug
    --noop– dry-run
    puppetd– daemon on client that schedules retrieval of configs from puppetmaster and applies locally
    -d– debug
    --test – verbose logging
    --noop– dry-run
    -l /path/to/log – log path
    facter– find out local node’s values for reserved classes
    10
  • 11. PuppetingSudoers I — Permissions
    Configure /etc/puppet/manifests/sudoers.pp :
    file { "/etc/sudoers":
    owner => root,
    group => wheel,
    mode => 400,
    }
    11
    And run:
    [puppet@puppet manifests]# puppet –noop –d /etc/puppet/manifests/sudoers.pp
  • 12. PuppetingSudoers II — Operating Conditions
    Now, correct with /etc/puppet/manifests/sudoers2.pp
    file { "/etc/sudoers”:
    mode => $operatingsystem ? {
    centos => "440",
    gentoo => "440",
    suse => "640",
    default => ”400",
    },
    owner => root,
    group => root,
    }
    12
  • 13. PuppetingSudoers III — Inheriting Class
    /etc/puppet/manifests/sudoers3.pp
    class unix {
    file { "/etc/sudoers":
    owner => root,
    group => root,
    }
    service {
    "sshd":
    ensure => running,
    }
    }
    class centos_mycompany inherits unix {
    File["/etc/sudoers"] { mode => 440 }
    }
    13
  • 14. PuppetingSudoers III — Inheriting Class (cont.)
    /etc/puppet/manifests/sudoers3.pp
    node default {
    include unix
    }
    node bastionhost {
    include centos_mycompany
    }
    14
    And run:
    [puppet@puppet manifests]# puppet –d –noop sudoers3.pp
    [puppet@puppet manifests]# cat /var/lib/puppet/classes.txt
  • 15. PuppetingSudoers III — Inheriting Class (cont. 2)
    Use Facter to defindnodename:
    [puppet@puppet manifests]# facter | egrep -i 'fqdn|hostname’
    15
    /etc/puppet/manifests/sudoers3.pp
    node'puppet.us-west-1.compute.internal' {
    include centos_mycompany
    }
  • 16. Facts about Facter
    Facter is a Puppet utility that discovers relevant “facts” that puppet can use to dynamically populate puppet manifest variables
    Executing command-line Facter can show you the reserved variables like FQDN, hostname, kernel, architecture, sshdsakey, etc.
    16
  • 17. References
    Reductive Labs Puppet Guideshttp://docs.reductivelabs.com/guides/
    Glossary of Terms http://reductivelabs.com/trac/puppet/wiki/GlossaryOfTerms
    Resource Attributeshttp://reductivelabs.com/trac/puppet/wiki/TypeReference#metaparameters
    Nice vimrc for Puppethttp://www.davidpashley.com/blog/systems-administration/puppet/vim-highlighting.html
    Classic LISA ‘98 paper on best-practice infrastructures http://www.infrastructures.org/papers/bootstrap/bootstrap.html
    17