2. Puppet Configuration Management tool in DevOps community
Lets understand what is the problem and why is puppet required.
Situation:
As the business environment grows and there is need for more machines been added,
there is possiblitiy of pushing similar configuration on these multiple machines.
Problem:
To keep the state of changes, there might be different linux flavours like centos and
ubuntu, which have different way to install and deploy.
Solution:
So in DevOps community we use configuration management system like puppet, chef, salt.
3. Puppet Configuration Management
What is Puppet?
Puppet is Ruby-based, licensed as GPLv2 and can run in either client-server or stand-
alone modes.
Puppet is principally developed by Luke Kanies and his company, Puppet Labs.
Puppet can be used to manage configuration on UNIX, Linux platforms, OSX and
Microsoft Windows.
4. Puppet Configuration Management
Puppet is often used to manage a host throughout its lifecycle:
from initial build and installation, to upgrades, maintenance, and finally to end-of-life,
when you move services elsewhere. Puppet is designed to continuously interact with
your hosts
Puppet has a simple operating model that is easy to understand and implement.
The model is made up of three components:
• Deployment
• Configuration Language and Resource Abstraction Layer
• Transactional Layer
5. Puppet Configuration Management
Depoloyment:
Puppet is usually deployed in a simple client-server model. The server is called a
“Puppet master”, the Puppet client software is called an agent and the host itself is
defined as a node.
The Puppet master runs as a daemon on a host and contains the configuration required
for your environment.
The Puppet agents connect to the Puppet master via an encrypted and authenticated
connection using standard SSL, and retrieve or “pull” any configuration to be applied.
6. Puppet Configuration Management
Configuration Language
Puppet uses a declarative language to define your configuration items, which Puppet
calls “resources.”
A declarative language makes statements about the state of your configuration - for
example, it declares that a package should be installed or a service should be started.
E.g. In Puppet, we define a configuration resource for the vim package.
A Puppet Resource
package { "vim":
ensure => present,
}
Puppet further takes care of installing it appropriately on different linux flavoures
7. Puppet Configuration Management
Configuration Language
Puppet uses a declarative language to define your configuration items, which Puppet
calls “resources.”
A declarative language makes statements about the state of your configuration - for
example, it declares that a package should be installed or a service should be started.
E.g. In Puppet, we define a configuration resource for the vim package.
A Puppet Resource
package { "vim":
ensure => present,
}
Puppet further takes care of installing it appropriately on different linux flavoures
8. Puppet Configuration Management
Resource Abstraction Layer
With our resource created, Puppet takes care of the details of how to manage that
resource when our agents connect.
Puppet handles the “how” by knowing how different platforms and operating systems
manage certain types of resources.
Each type has a number of “providers.” A provider contains the “how” of managing
packages using a particular package management tool.
For the package type, for example, for there are more than 20 providers covering a
variety of tools including yum, aptitude, pkgadd, ports, and emerge.
9. Puppet Configuration Management
When an agent connects, Puppet uses a tool called “Facter” to return information about
that agent, including what operating system it is running.
Puppet then chooses the appropriate package provider for that operating system and
uses that provider to check if the vim package is installed.
For example, on Red Hat it would execute yum, on Ubuntu it would execute aptitude,
and on Solaris it would use the pkg command.
10. Puppet Configuration Management
Facter:
Facter is a system inventory tool that we use throughout the book. It returns “facts”
about each agent, such as its hostname, IP address, operating system and version, and
other configuration items.
These facts are gathered when the agent runs. The facts are then sent to the Puppet
master, and automatically created as variables available to Puppet.
You can see the facts available on your clients by running the facter binary from the
command line.
Each fact is returned as a key => value pair. For example:
operatingsystem => Ubuntu
ipaddress => 10.0.0.10
11. Puppet Configuration Management
Quick setup for demo
We have two vagrant boxes, updated in /etc/hosts files for name to ip resolution.
File:/etc/hosts
172.28.128.5 ubuntu.my.home.net ubuntu
172.28.128.4 centos.my.home.net centos
172.28.128.1 windows.my.home.net windows
Centos repo does not have puppet, so we fetch from puppet labs
[vagrant@centos manifests]$ sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-rel
ease-pc1-el-7.noarch.rpm
yum install puppetserver puppet facter
12. Puppet Configuration Management
Puppet server setup, let our server be also client
File: /etc/puppetlabs/puppet/puppet.conf
[master]
certname=centos.my.home.net
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
[agent]
server=centos.my.home.net
13. Puppet Configuration Management
Service check and signing certificates
Start service on foreground
$sudo /opt/puppetlabs/bin/puppetserver foreground
Added agent for same host, so now we can create certificate for the same
$s udo /opt/puppetlabs/bin/puppet cert sign centos.my.home .net
$ sudo /opt/puppetlabs/puppet/bin/puppet cert list –all
Check status and start puppet client
$ sudo systemctl status puppet
$ sudo systemctl start puppet
14. Puppet Configuration Management
Setup basic configuration for the client
File: /etc/puppetlabs/code/environments/production/manifests/site.pp
file { '/tmp/Demo':
content=>'Hooray !!'
}
Lets fetch client puppet configuration
$ sudo /opt/puppetlabs/puppet/bin/puppet agent --server centos.my.home.net --
waitforcert 20 –test
This will create /tmp/Demo file with the content as provided
15. Puppet Configuration Management
Adding Ubuntu machine as a client
On centos puppet server, certify the host
$ sudo /opt/puppetlabs/bin/puppet cert sign ubuntu.my.home.net
On Ubuntu make the changes
vagrant@ubuntu:~$ cat /etc/puppet/puppet.conf
[agent]
server=centos.my.home.net
$ sudo puppet agent –test --debug
This will create /tmp/Demo file with the content as provided