Your SlideShare is downloading. ×
Puppet barcampexercises.jzt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Puppet barcampexercises.jzt

1,852

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,852
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Instructs to participants to test--> puppet -dsite.pp--> optional -l $LOG + other window with tail of log--> puppet --noop -dsite.pp --> pgrep -lf puppetd (default incremen is 30 min)--> pgrep -lf puppetmasterd
  • 1) puppet --noopsudoers.pp2) puppet -dsudoers.pp* This faulty centos mode corrected by next exercise – this config actually changes file to faulty settings on purpose
  • 1) demonstrate conditionals per OS <"puppet -d --noop sudoers2.pp"> 2) service, operations on resource <"puppet -d sudoers2.pp">
  • <run site.pp to have something to change again>  (c) 1) class w/ file & service resources 2) inheritance <run once in non-func. mode> - to demo that nothing gets executed without resource instantiation, etc.
  • 3)idefault & bastionhost node instance 4) bastionhost node instance <run once in non-func. mode> - to demo what it meands for node to belong to a certain class 5) cat /var/lib/puppet/classes.txt (loaded by puppetd)
  • 6)facter | egrep -i 'fqdn|hostname' 7) specific node 'hostname' <run once in non-func. mode> <run once in func. mode>Done
  • !
  • Transcript

    • 1. First Moves with Puppet
      New Delhi Puppet HackDay/
      BarCamp March 13, 2010
      Presented by
      Slideshare Operations Engineering/Julie Tsai
    • 2. Today
      Quick Primer
      Useful Commands
      PuppetingSudoers I — Permissions
      PuppetingSudoers II — OS Conditions
      PuppetingSudoers III — Inheriting Class
      Facter
      References
      2
    • 3. Quick Primer: How It Flows
      Ref. http://www.linuxforu.com/wp-content/uploads/2009/06/puppet_diagram.png
      3
    • 4. Quick Primer: Learning the Lingo
      Resource – instance of native type, plugin, or definition, i.e. user, exec, file
      Capitalized resource: invoked by other resources of previously defined resource, i.e. file foo.txt laver invoked as File[“foo.txt”]
      Class - resource(s) description with title, file, attributes
      Definition – abstract description of class, can be invoked multiple times
      Node – host instance (physical or virtual)
      Collection – groups of resources
      Recipe – sample puppet code (manifests/*.pp)
      4
    • 5. Quick Primer: Data Parameters
      Variables – substitution values
      Arrays – grouped list of values
      Attributes – statement(s) describing resources
      Literals – string values that needn’t be interpolated
      5
    • 6. Quick Primer: Variable Scoping
      Overridable variable defaults defined only in outer scope of resource instances
      Declarative language: Within the same-level scope, variables can only be defined once
      Qualified variables are a method of passing parameters from a class
      class mothership {
      $server = “juno”
      }
      class satellite {
      $ms = $mothership::server
      }
      6
    • 7. Quick Primer: Where Things Are
      Note: below assumes default install in /etc
      /etc/puppet/fileserver.conf(used by puppermasterd)
      path /var/lib/puppet/files
      allow 10.100.0.0/24
      /etc/puppet/puppet.conf(used by clients’ puppetd)
      vardir = /var/lib/puppet
      logdir = /var/log/puppet
      classfile = $vardir/classes.txt
      /etc/puppet/manifests/[../..]/*.pp (architecture varies)
      7
    • 8. Quick Primer: A Client Directory Tree
      puppetclient01:/var/lib/puppet
      |-> classes.txt– node’s class membership
      |-> cientbucket– hashed config artifacts
      |-> lib
      |-> localconfig.yaml
      |-> ssl– authentication certs
      |-> state – checksums, entropy-tracking
      8
    • 9. Quick Primer: Master Directory Tree
      puppetmasterd:/var/lib/puppet
      |-> bucket
      |-> classes.txt
      |-> clientbucket
      |-> client_yaml
      |-> lib
      |-> localconfig.yaml
      |-> reports
      |-> rrd
      |-> ssl
      |-> state
      |-> yaml
      9
    • 10. Useful Commands to Get Started
      puppet <puppetscript.pp> - run standalone script
      -l /path/to/file.log– logpath
      -d– debug
      --noop– dry-run
      puppetd– daemon on client that schedules retrieval of configs from puppetmaster and applies locally
      -d– debug
      --test – verbose logging
      --noop– dry-run
      -l /path/to/log – log path
      facter– find out local node’s values for reserved classes
      10
    • 11. PuppetingSudoers I — Permissions
      Configure /etc/puppet/manifests/sudoers.pp :
      file { "/etc/sudoers":
      owner => root,
      group => wheel,
      mode => 400,
      }
      11
      And run:
      [puppet@puppet manifests]# puppet –noop –d /etc/puppet/manifests/sudoers.pp
    • 12. PuppetingSudoers II — Operating Conditions
      Now, correct with /etc/puppet/manifests/sudoers2.pp
      file { "/etc/sudoers”:
      mode => $operatingsystem ? {
      centos => "440",
      gentoo => "440",
      suse => "640",
      default => ”400",
      },
      owner => root,
      group => root,
      }
      12
    • 13. PuppetingSudoers III — Inheriting Class
      /etc/puppet/manifests/sudoers3.pp
      class unix {
      file { "/etc/sudoers":
      owner => root,
      group => root,
      }
      service {
      "sshd":
      ensure => running,
      }
      }
      class centos_mycompany inherits unix {
      File["/etc/sudoers"] { mode => 440 }
      }
      13
    • 14. PuppetingSudoers III — Inheriting Class (cont.)
      /etc/puppet/manifests/sudoers3.pp
      node default {
      include unix
      }
      node bastionhost {
      include centos_mycompany
      }
      14
      And run:
      [puppet@puppet manifests]# puppet –d –noop sudoers3.pp
      [puppet@puppet manifests]# cat /var/lib/puppet/classes.txt
    • 15. PuppetingSudoers III — Inheriting Class (cont. 2)
      Use Facter to defindnodename:
      [puppet@puppet manifests]# facter | egrep -i 'fqdn|hostname’
      15
      /etc/puppet/manifests/sudoers3.pp
      node'puppet.us-west-1.compute.internal' {
      include centos_mycompany
      }
    • 16. Facts about Facter
      Facter is a Puppet utility that discovers relevant “facts” that puppet can use to dynamically populate puppet manifest variables
      Executing command-line Facter can show you the reserved variables like FQDN, hostname, kernel, architecture, sshdsakey, etc.
      16
    • 17. References
      Reductive Labs Puppet Guideshttp://docs.reductivelabs.com/guides/
      Glossary of Terms http://reductivelabs.com/trac/puppet/wiki/GlossaryOfTerms
      Resource Attributeshttp://reductivelabs.com/trac/puppet/wiki/TypeReference#metaparameters
      Nice vimrc for Puppethttp://www.davidpashley.com/blog/systems-administration/puppet/vim-highlighting.html
      Classic LISA ‘98 paper on best-practice infrastructures http://www.infrastructures.org/papers/bootstrap/bootstrap.html
      17

    ×