Uploaded byjeyg
8,968 views

Getting started with Puppet

This document provides an overview of getting started with Puppet configuration management software. It discusses configuration management in general and compares different solutions like Puppet, Chef, and Cfengine. It then covers installing and setting up Puppet, including prerequisites, sources, installing the Puppet agent on clients, and generating certificates. The document also describes the Puppetmaster, Puppet configuration files and directories, and some key Puppet concepts.

Embed presentation

Downloaded 448 times
Getting started with Puppet Jeremy MATHEVET 12/09/2012
Topics  Configuration management  Puppet Installation  Puppetmaster  Puppet language basics  Puppet language advanced
Configuration management Puppet, Chef, Cfengine
Configuration management Definition Configuration Management is the process of standardizing resource configurations and enforcing their state across IT infrastructure in an automated yet agile manner. — Puppet Labs
Configuration management Why do we need it  Heterogeneous Operating Systems  Servers profusion  Increasing deployment needs  Cloud
Configuration management Different solutions 3 ways for deploying software to the SI Manually  Could take very long time By scripts  Could be quite tricky  Multi-environment case By configuration management software
Configuration management Configuration management software Pros :  Centralized management  Automated management  Mass deployment  Configuration customization  Abstraction layer  Idempotence  “DevOps ready”
Configuration management Principle  A client/server architecture.  The server has a reference configuration.  The client queries the server.  The client makes change in order to match the reference configuration.
Configuration management Principle 1. Pull Request 2. Reference configuration 3. Operations 4. (optionnal) Message code / error
Configuration management Principle Version control and security  Revision control used to keep a trace of config revisions  Not mandatory but hugely recommended  Encrypted connection
Configuration management Principle What you can do  File transfer  File edition  Service management  Package management  Mount points management  Cron management  VLAN management  Command launching  …
Configuration management Comparison 3 major solutions :  Puppet  The most popular  Easiest solution  Chef  Puppet fork  Still young but very promising  CFEngine  The first CM software  The most resource effective  More complex
Configuration management Comparison Timeline :
Configuration management Comparison Some differences Technology Ruby Ruby C Configuration Dedicated Ruby Dedicated langage langage Configuration Plain text files method Plain text files CLI tool Plain text files Web UI Licence Apache Apache GPL
Configuration management Comparison Some similarities  Same origin  Specially designed for config management  Client/server model  Standalone mode possible  CLI interface  Need to increase your competence
Configuration management Do you have any questions ?
Puppet Installation Install && setup
Puppet Installation Puppet Some details and features  Created in 2006 by Puppet Labs  Latest version : 3.0.0  The easiest solution  Dedicated declarative language  Inspired by Ruby  Modular configuration  System profiling with Facter  Template support  Asymmetric Key Encryption
Puppet Installation Puppet Prerequisite and sources  Prerequisite  Configured DNS  Ruby  Installation sources :  Distribution repositories  RubyGem  Sources
Puppet Installation Puppet Client and server Puppet server : Puppetmaster Puppet client : Puppet (agent) Main steps once installed :  Puppet agent installation on client hosts (also called a node).  Enter the server FQDN into /etc/puppet/puppet.conf  The agent checks every 30 mn by default  Certificate generation  CSR for the node generated on the puppetmaster during the first agent request
Puppet Installation Working with Puppetmaster Working with Puppet CA [root@puppetmaster ~]# puppetca --sign fqdn.utopia.net Options Definitions --sign Sign the certificate request for the following host --list List certificate request --all Used with --sign, sign all certificate request --clean Remove all files related to the host from the CA --print Print the full text version of a host’s certificate --revoke Remove all files related to the host from the CA
Puppet Installation Do you have any questions ?
Puppet Puppetmaster Puppetmaster said…
Puppetmaster One important thing Infrastructure is code.
Puppetmaster Definition Manifest – Puppet programs are called « manifests » . They use the .pp file extension. These programs contain one or more class.
Puppetmaster Puppet configuration tree Configuration files overview 1/2  puppet.conf  General Puppetmaster settings  auth.conf  General ACL  fileserver.conf  ACL for the Puppet fileserver  manifests directory  site.pp : global defaults configuration  nodes.pp : manage hosts
Puppetmaster Puppet configuration tree Configuration files overview 2/2  modules directory  Contain one subdirectory per module  manifests/init.pp  The module code  The best way to use Puppet  templates directory  The default directory which contains templates.
Puppetmaster Puppet configuration files puppet.conf [main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter templatedir=$confdir/templates server=debiantest.decilex.net downcasefacts = true
Puppetmaster Puppet configuration files manifests/nodes.pp  Skeleton : node basenode {  node ‘fqdn’ { include include ssh module} include ntp }  Node declaration node 'test.utopia.net' inherits basenode {  Module inclusion include nagios  Inheritance }
Puppetmaster Puppet configuration files Reading order manifests/site.pp manifests/nodes.pp modules/$nomdumodule/manifests/init.pp modules/$nomdumodule/files/
Puppetmaster Do you have any questions ?
Puppet Puppet language basics Puppet, Chef, Cfengine
Puppet language basics The declarative language About the language  With Puppet, we declare how the node must be.  Everything you want to manage have to be explicitly declared.  A Puppet program is called a manifest  Central manifest : site.pp  Puppet load modules manifests  Into manifests, we define classes.  We write resources inside these classes
Puppet language basics The declarative language Resources  The fundamental unit of modeling  Like a “function”  Inside, a series of attributes and their values  Resources types and attributes are predefined by Puppet  List of available resources  http://docs.puppetlabs.com/references/stable/type.html  Skeleton  Ressource-name { ‘title’ : attribute = value }
Puppet language basics Resources File  Manage files file { '/etc/passwd':  Content owner => 'root', group => 'root',  Permissions mode => '0644',  Ownership source => ‘puppet:///base/passwd‘  }  Source attribute  Copy a file from the Puppetmaster to the node  puppet:/// followed by the relative source of the file placed in /etc/puppet/modules/module-name/files/
Puppet language basics Resources Package package { ‘openssh-server’: ensure => installed }  Manage packages  Wide provider support package { ‘openssh-server’: ensure => latest  APT }  Aptitude package { ‘openssh-server’:  YUM ensure => absent }  And more..  Install, upgrade, uninstall packages  The last or defined package version
Puppet language basics Resources Service  Manage services  Wide provider support service { ‘snmpd’:  Init ensure => running, enable => true,  Systemd hasrestart => true,  Upstart hasstatus => true }  And more…  Start, stop, restart, start on boot (enable) services
Puppet language basics Do you have any questions ?
Puppet Puppet language advanced Dive into Puppet
Puppet language advanced Facter The system profiler  Software used by Puppet ~ # facter architecture => i386  Installed on nodes domain => utopia.net facterversion => 1.5.7  Collect various data, "facts", fqdn => debiantest.utopia.net on node hardwaremodel => i686  Many facts already defined by hostname => debiantest Facter id => root […]  Possibility to create your own facts
Puppet language advanced Variables Variables into classes  Begin by $ case $operatingsystem {  Can use facts or you centos, redhat: { $service_name = 'ntpd' } own defined debian, ubuntu: { $service_name = 'ntp' } variables }  Often used with service { 'ntp': conditional name => $service_name, statements ensure => running, enable => true  Case statement }  If statement
Puppet language advanced Conditional statements If/Elsif/Else Statement if $variable { file { '/some/file': ensure => present } } else {  Based on file { '/some/other/file': ensure => present } }  the truth value of a variable  the value of an expression if $server == 'mongrel' { include mongrel  The truth of an } elsif $server == 'nginx' { arithmetic include nginx expression } else { include thin } if $ram > 1024 { $maxclient = 500 }
Puppet language advanced Expressions Operators  Operators usable in if statements  Boolean expressions  And, or, not  Comparison expressions  == =! < > <= > >=  Arithmetic expressions  + - / * >> (left shift) << (right shift)  Regular expressions  =~ !~  “in” expressions  allows to find if the left operand is in the right one.
Puppet language advanced Templates Personalized text files file {"hosts":  Permit to have path => "/etc/hosts", personalized owner => root, configuration per node group => root, mode => 644,  Use ERB language content => template("base/hosts.erb")  Retrieve and use } facts <%= ipadress %> <%fqdn> <%hostname>  Use file resource  ERB file placed in module template directory
Puppet language advanced Resources relationship Relationship meta-parameters  before  Resource is applied before the target resource  require  Resource is applied after the target resource  notify  Like before + The target resource will refresh if the notifying resource changes  subscribe  Like require + The subscribing resource will refresh if the target resource changes.
Puppet language advanced Resources relationship Ordering relationship package { 'openssh-server': ensure => present, before => File['/etc/ssh/sshd_config'], } file { '/etc/ssh/sshd_config': ensure => file, mode => 600, source => 'puppet:///modules/sshd/sshd_config', require => Package['openssh-server'], } These two examples are mutually-exclusive
Puppet language advanced Resources relationship Notification relationship file { '/etc/ssh/sshd_config': ensure => file, mode => 600, source => 'puppet:///modules/sshd/sshd_config', notify => Service['sshd'] } service { 'sshd': ensure => running, enable => true, subscribe => File['/etc/ssh/sshd_config‘] } These two examples are mutually-exclusive
Puppet language advanced Resources relationship Chaining and refreshing  Ordering resources  The resource on the left is applied before the resource on the right.  ->  Refreshing  Kind of trigger  Restart a service after a file update  ~> # ntp.conf is applied first, and will notify the ntpd service if it changes: File['/etc/ntp.conf'] ~> Service['ntpd']
Puppet language advanced Do you have any questions ?
Puppet Summary Configuration Configuration Puppetmaster Puppetmaster management management Puppet installation Puppet installation Puppet Language Puppet Language Puppet language Puppet language advanced advanced basics basics
Contact Jeremy MATHEVET @Jeyg Content under Creative Commons BY 3.0 License

More Related Content

KEY
11 Ways to Hack Puppet for Fun and Productivity - Luke Kanies - Velocity 2012
byPuppet
 
PDF
Puppet - Configuration Management Made Eas(ier)
byAaron Bernstein
 
PDF
Introduction to puppet
byHabeeb Rahman
 
ZIP
Puppet and the Model-Driven Infrastructure
bylkanies
 
PPTX
Introduction to Puppet Scripting
byAchieve Internet
 
PDF
Using Puppet - Real World Configuration Management
byJames Turnbull
 
PDF
Puppet for SysAdmins
byPuppet
 
PDF
Pro Puppet
bydsadas
 
11 Ways to Hack Puppet for Fun and Productivity - Luke Kanies - Velocity 2012
byPuppet
 
Puppet - Configuration Management Made Eas(ier)
byAaron Bernstein
 
Introduction to puppet
byHabeeb Rahman
 
Puppet and the Model-Driven Infrastructure
bylkanies
 
Introduction to Puppet Scripting
byAchieve Internet
 
Using Puppet - Real World Configuration Management
byJames Turnbull
 
Puppet for SysAdmins
byPuppet
 
Pro Puppet
bydsadas
 

What's hot

PPT
State of Puppet 2013 - Puppet Camp DC
byPuppet
 
PDF
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...
byEdureka!
 
PDF
Puppet for Sys Admins
byPuppet
 
PDF
Learn Puppet : Quest Guide for the Learning VM
byKumaran Balachandran
 
PPT
Configuration management with puppet
byJakub Stransky
 
PDF
Virtual Bolt Workshop, 5 May 2020
byPuppet
 
PDF
Configuration manager presentation
byjeyg
 
PDF
Our Puppet Story (Linuxtag 2014)
byDECK36
 
PDF
Play Framework + Docker + CircleCI + AWS + EC2 Container Service
byJosh Padnick
 
PPTX
Puppetizing Your Organization
byRobert Nelson
 
PDF
A Puppet Story
byAndrew Shafer
 
PDF
Puppet evolutions
byAlessandro Franceschi
 
PPT
Scalable Systems Management with Puppet
byPuppet
 
PDF
Essential applications management with Tiny Puppet
byAlessandro Franceschi
 
PDF
PuppetCamp SEA 1 - Using Vagrant, Puppet, Testing & Hadoop
byWalter Heck
 
PDF
Puppet camp2021 testing modules and controlrepo
byPuppet
 
PDF
Learning Puppet Chapter 1
byVishal Biyani
 
KEY
Puppet for dummies - ZendCon 2011 Edition
byJoshua Thijssen
 
PDF
PuppetCamp SEA 1 - The State of Puppet
byWalter Heck
 
PDF
Puppet modules: A Holistic Approach - Geneva
byAlessandro Franceschi
 
State of Puppet 2013 - Puppet Camp DC
byPuppet
 
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...
byEdureka!
 
Puppet for Sys Admins
byPuppet
 
Learn Puppet : Quest Guide for the Learning VM
byKumaran Balachandran
 
Configuration management with puppet
byJakub Stransky
 
Virtual Bolt Workshop, 5 May 2020
byPuppet
 
Configuration manager presentation
byjeyg
 
Our Puppet Story (Linuxtag 2014)
byDECK36
 
Play Framework + Docker + CircleCI + AWS + EC2 Container Service
byJosh Padnick
 
Puppetizing Your Organization
byRobert Nelson
 
A Puppet Story
byAndrew Shafer
 
Puppet evolutions
byAlessandro Franceschi
 
Scalable Systems Management with Puppet
byPuppet
 
Essential applications management with Tiny Puppet
byAlessandro Franceschi
 
PuppetCamp SEA 1 - Using Vagrant, Puppet, Testing & Hadoop
byWalter Heck
 
Puppet camp2021 testing modules and controlrepo
byPuppet
 
Learning Puppet Chapter 1
byVishal Biyani
 
Puppet for dummies - ZendCon 2011 Edition
byJoshua Thijssen
 
PuppetCamp SEA 1 - The State of Puppet
byWalter Heck
 
Puppet modules: A Holistic Approach - Geneva
byAlessandro Franceschi
 

Similar to Getting started with Puppet

PDF
Systems building Systems: A Puppet Story
byAndrew Shafer
 
PPTX
One click deployment
byAlex Su
 
PDF
Configuration management: automating and rationalizing server setup with CFEn...
byJonathan Clarke
 
PDF
Configuration management: automating and rationalizing server setup with CFEn...
byRUDDER
 
KEY
Puppet
bygbws
 
PDF
Unix Automation using centralized configuration management tool
byTorrid Networks Private Limited
 
PDF
Unix Automation using centralized configuration management tool
byTorrid Networks Private Limited
 
PPTX
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
byMiguel Zuniga
 
KEY
Puppet NBLUG 2008-09
byEric Eisenhart
 
KEY
Capistrano, Puppet, and Chef
byDavid Benjamin
 
PDF
Presentation
byRudy Gevaert
 
KEY
Puppet talk at OSCON 2010.
byteyotyree
 
PDF
Systems building-systems-a-puppet-story-19133
byguestd90cb0
 
PDF
Cobbler, Func and Puppet: Tools for Large Scale Environments
byViSenze - Artificial Intelligence for the Visual Web
 
PDF
Cobbler, Func and Puppet: Tools for Large Scale Environments
byMichael Zhang
 
ZIP
Intro To Puppet.Key
byWork
 
PDF
Puppet and Telefonica R&D
byPuppet
 
KEY
20100425 Configuration Management With Puppet Lfnw
bygarrett honeycutt
 
PDF
20090514 Introducing Puppet To Sasag
bygarrett honeycutt
 
PDF
Puppet buero20 presentation
byMartin Alfke
 
Systems building Systems: A Puppet Story
byAndrew Shafer
 
One click deployment
byAlex Su
 
Configuration management: automating and rationalizing server setup with CFEn...
byJonathan Clarke
 
Configuration management: automating and rationalizing server setup with CFEn...
byRUDDER
 
Puppet
bygbws
 
Unix Automation using centralized configuration management tool
byTorrid Networks Private Limited
 
Unix Automation using centralized configuration management tool
byTorrid Networks Private Limited
 
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
byMiguel Zuniga
 
Puppet NBLUG 2008-09
byEric Eisenhart
 
Capistrano, Puppet, and Chef
byDavid Benjamin
 
Presentation
byRudy Gevaert
 
Puppet talk at OSCON 2010.
byteyotyree
 
Systems building-systems-a-puppet-story-19133
byguestd90cb0
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
byViSenze - Artificial Intelligence for the Visual Web
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
byMichael Zhang
 
Intro To Puppet.Key
byWork
 
Puppet and Telefonica R&D
byPuppet
 
20100425 Configuration Management With Puppet Lfnw
bygarrett honeycutt
 
20090514 Introducing Puppet To Sasag
bygarrett honeycutt
 
Puppet buero20 presentation
byMartin Alfke
 

Recently uploaded

PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
PDF
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
PDF
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
PPTX
Webinar: EVerest for Production: Accelerating EV Charger Development w/ Indus...
byDanBrown980551
 
PPTX
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
PDF
January Patch Tuesday
byIvanti
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PPTX
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
PDF
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
PDF
Are AI Hallucinations Getting Better or Worse? We Analyzed the Data.
byScott M. Graffius
 
PPTX
Fortify Your Digital Defenses with ServiceNow Security Operations by Suma Soft
byGavin Ellis
 
PDF
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
PDF
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
PDF
2006 IEEE International Solid-State Circuits Conference
bySlide_N
 
PDF
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PPTX
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
PDF
Salesforce Sales Cloud and Generative AI Present a Fresh Approach to Personal...
byMinuscule Technologies
 
PPT
connectives-linking words in English.ppt
byAmrMohammed82
 
PPTX
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
Webinar: EVerest for Production: Accelerating EV Charger Development w/ Indus...
byDanBrown980551
 
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
January Patch Tuesday
byIvanti
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
Are AI Hallucinations Getting Better or Worse? We Analyzed the Data.
byScott M. Graffius
 
Fortify Your Digital Defenses with ServiceNow Security Operations by Suma Soft
byGavin Ellis
 
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
2006 IEEE International Solid-State Circuits Conference
bySlide_N
 
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
Salesforce Sales Cloud and Generative AI Present a Fresh Approach to Personal...
byMinuscule Technologies
 
connectives-linking words in English.ppt
byAmrMohammed82
 
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 

Getting started with Puppet

  • 1.
    Getting started withPuppet Jeremy MATHEVET 12/09/2012
  • 2.
    Topics  Configuration management  Puppet Installation  Puppetmaster  Puppet language basics  Puppet language advanced
  • 3.
    Configuration management Puppet, Chef, Cfengine
  • 4.
    Configuration management Definition Configuration Management is the process of standardizing resource configurations and enforcing their state across IT infrastructure in an automated yet agile manner. — Puppet Labs
  • 5.
    Configuration management Why do we need it  Heterogeneous Operating Systems  Servers profusion  Increasing deployment needs  Cloud
  • 6.
    Configuration management Different solutions 3 ways for deploying software to the SI Manually  Could take very long time By scripts  Could be quite tricky  Multi-environment case By configuration management software
  • 7.
    Configuration management Configuration management software Pros :  Centralized management  Automated management  Mass deployment  Configuration customization  Abstraction layer  Idempotence  “DevOps ready”
  • 8.
    Configuration management Principle  A client/server architecture.  The server has a reference configuration.  The client queries the server.  The client makes change in order to match the reference configuration.
  • 9.
    Configuration management Principle 1. Pull Request 2. Reference configuration 3. Operations 4. (optionnal) Message code / error
  • 10.
    Configuration management Principle Version control and security  Revision control used to keep a trace of config revisions  Not mandatory but hugely recommended  Encrypted connection
  • 11.
    Configuration management Principle What you can do  File transfer  File edition  Service management  Package management  Mount points management  Cron management  VLAN management  Command launching  …
  • 12.
    Configuration management Comparison 3 major solutions :  Puppet  The most popular  Easiest solution  Chef  Puppet fork  Still young but very promising  CFEngine  The first CM software  The most resource effective  More complex
  • 13.
    Configuration management Comparison Timeline :
  • 14.
    Configuration management Comparison Some differences Technology Ruby Ruby C Configuration Dedicated Ruby Dedicated langage langage Configuration Plain text files method Plain text files CLI tool Plain text files Web UI Licence Apache Apache GPL
  • 15.
    Configuration management Comparison Some similarities  Same origin  Specially designed for config management  Client/server model  Standalone mode possible  CLI interface  Need to increase your competence
  • 16.
    Configuration management Do you have any questions ?
  • 17.
    Puppet Installation Install && setup
  • 18.
    Puppet Installation Puppet Some details and features  Created in 2006 by Puppet Labs  Latest version : 3.0.0  The easiest solution  Dedicated declarative language  Inspired by Ruby  Modular configuration  System profiling with Facter  Template support  Asymmetric Key Encryption
  • 19.
    Puppet Installation Puppet Prerequisite and sources  Prerequisite  Configured DNS  Ruby  Installation sources :  Distribution repositories  RubyGem  Sources
  • 20.
    Puppet Installation Puppet Client and server Puppet server : Puppetmaster Puppet client : Puppet (agent) Main steps once installed :  Puppet agent installation on client hosts (also called a node).  Enter the server FQDN into /etc/puppet/puppet.conf  The agent checks every 30 mn by default  Certificate generation  CSR for the node generated on the puppetmaster during the first agent request
  • 21.
    Puppet Installation Working with Puppetmaster Working with Puppet CA [root@puppetmaster ~]# puppetca --sign fqdn.utopia.net Options Definitions --sign Sign the certificate request for the following host --list List certificate request --all Used with --sign, sign all certificate request --clean Remove all files related to the host from the CA --print Print the full text version of a host’s certificate --revoke Remove all files related to the host from the CA
  • 22.
    Puppet Installation Do you have any questions ?
  • 23.
    Puppet Puppetmaster Puppetmaster said…
  • 24.
    Puppetmaster One important thing Infrastructure is code.
  • 25.
    Puppetmaster Definition Manifest – Puppet programs are called « manifests » . They use the .pp file extension. These programs contain one or more class.
  • 26.
    Puppetmaster Puppet configuration tree Configuration files overview 1/2  puppet.conf  General Puppetmaster settings  auth.conf  General ACL  fileserver.conf  ACL for the Puppet fileserver  manifests directory  site.pp : global defaults configuration  nodes.pp : manage hosts
  • 27.
    Puppetmaster Puppet configuration tree Configuration files overview 2/2  modules directory  Contain one subdirectory per module  manifests/init.pp  The module code  The best way to use Puppet  templates directory  The default directory which contains templates.
  • 28.
    Puppetmaster Puppet configuration files puppet.conf [main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter templatedir=$confdir/templates server=debiantest.decilex.net downcasefacts = true
  • 29.
    Puppetmaster Puppet configuration files manifests/nodes.pp  Skeleton : node basenode {  node ‘fqdn’ { include include ssh module} include ntp }  Node declaration node 'test.utopia.net' inherits basenode {  Module inclusion include nagios  Inheritance }
  • 30.
    Puppetmaster Puppet configuration files Reading order manifests/site.pp manifests/nodes.pp modules/$nomdumodule/manifests/init.pp modules/$nomdumodule/files/
  • 31.
    Puppetmaster Do you have any questions ?
  • 32.
    Puppet Puppet language basics Puppet, Chef, Cfengine
  • 33.
    Puppet language basics The declarative language About the language  With Puppet, we declare how the node must be.  Everything you want to manage have to be explicitly declared.  A Puppet program is called a manifest  Central manifest : site.pp  Puppet load modules manifests  Into manifests, we define classes.  We write resources inside these classes
  • 34.
    Puppet language basics The declarative language Resources  The fundamental unit of modeling  Like a “function”  Inside, a series of attributes and their values  Resources types and attributes are predefined by Puppet  List of available resources  http://docs.puppetlabs.com/references/stable/type.html  Skeleton  Ressource-name { ‘title’ : attribute = value }
  • 35.
    Puppet language basics Resources File  Manage files file { '/etc/passwd':  Content owner => 'root', group => 'root',  Permissions mode => '0644',  Ownership source => ‘puppet:///base/passwd‘  }  Source attribute  Copy a file from the Puppetmaster to the node  puppet:/// followed by the relative source of the file placed in /etc/puppet/modules/module-name/files/
  • 36.
    Puppet language basics Resources Package package { ‘openssh-server’: ensure => installed }  Manage packages  Wide provider support package { ‘openssh-server’: ensure => latest  APT }  Aptitude package { ‘openssh-server’:  YUM ensure => absent }  And more..  Install, upgrade, uninstall packages  The last or defined package version
  • 37.
    Puppet language basics Resources Service  Manage services  Wide provider support service { ‘snmpd’:  Init ensure => running, enable => true,  Systemd hasrestart => true,  Upstart hasstatus => true }  And more…  Start, stop, restart, start on boot (enable) services
  • 38.
    Puppet language basics Do you have any questions ?
  • 39.
    Puppet Puppet language advanced Dive into Puppet
  • 40.
    Puppet language advanced Facter The system profiler  Software used by Puppet ~ # facter architecture => i386  Installed on nodes domain => utopia.net facterversion => 1.5.7  Collect various data, "facts", fqdn => debiantest.utopia.net on node hardwaremodel => i686  Many facts already defined by hostname => debiantest Facter id => root […]  Possibility to create your own facts
  • 41.
    Puppet language advanced Variables Variables into classes  Begin by $ case $operatingsystem {  Can use facts or you centos, redhat: { $service_name = 'ntpd' } own defined debian, ubuntu: { $service_name = 'ntp' } variables }  Often used with service { 'ntp': conditional name => $service_name, statements ensure => running, enable => true  Case statement }  If statement
  • 42.
    Puppet language advanced Conditional statements If/Elsif/Else Statement if $variable { file { '/some/file': ensure => present } } else {  Based on file { '/some/other/file': ensure => present } }  the truth value of a variable  the value of an expression if $server == 'mongrel' { include mongrel  The truth of an } elsif $server == 'nginx' { arithmetic include nginx expression } else { include thin } if $ram > 1024 { $maxclient = 500 }
  • 43.
    Puppet language advanced Expressions Operators  Operators usable in if statements  Boolean expressions  And, or, not  Comparison expressions  == =! < > <= > >=  Arithmetic expressions  + - / * >> (left shift) << (right shift)  Regular expressions  =~ !~  “in” expressions  allows to find if the left operand is in the right one.
  • 44.
    Puppet language advanced Templates Personalized text files file {"hosts":  Permit to have path => "/etc/hosts", personalized owner => root, configuration per node group => root, mode => 644,  Use ERB language content => template("base/hosts.erb")  Retrieve and use } facts <%= ipadress %> <%fqdn> <%hostname>  Use file resource  ERB file placed in module template directory
  • 45.
    Puppet language advanced Resources relationship Relationship meta-parameters  before  Resource is applied before the target resource  require  Resource is applied after the target resource  notify  Like before + The target resource will refresh if the notifying resource changes  subscribe  Like require + The subscribing resource will refresh if the target resource changes.
  • 46.
    Puppet language advanced Resources relationship Ordering relationship package { 'openssh-server': ensure => present, before => File['/etc/ssh/sshd_config'], } file { '/etc/ssh/sshd_config': ensure => file, mode => 600, source => 'puppet:///modules/sshd/sshd_config', require => Package['openssh-server'], } These two examples are mutually-exclusive
  • 47.
    Puppet language advanced Resources relationship Notification relationship file { '/etc/ssh/sshd_config': ensure => file, mode => 600, source => 'puppet:///modules/sshd/sshd_config', notify => Service['sshd'] } service { 'sshd': ensure => running, enable => true, subscribe => File['/etc/ssh/sshd_config‘] } These two examples are mutually-exclusive
  • 48.
    Puppet language advanced Resources relationship Chaining and refreshing  Ordering resources  The resource on the left is applied before the resource on the right.  ->  Refreshing  Kind of trigger  Restart a service after a file update  ~> # ntp.conf is applied first, and will notify the ntpd service if it changes: File['/etc/ntp.conf'] ~> Service['ntpd']
  • 49.
    Puppet language advanced Do you have any questions ?
  • 50.
    Puppet Summary Configuration Configuration Puppetmaster Puppetmaster management management Puppet installation Puppet installation Puppet Language Puppet Language Puppet language Puppet language advanced advanced basics basics
  • 51.
    Contact Jeremy MATHEVET @Jeyg Content under Creative Commons BY 3.0 License