This document provides an overview of getting started with Puppet configuration management software. It discusses configuration management in general and compares different solutions like Puppet, Chef, and Cfengine. It then covers installing and setting up Puppet, including prerequisites, sources, installing the Puppet agent on clients, and generating certificates. The document also describes the Puppetmaster, Puppet configuration files and directories, and some key Puppet concepts.
Comment débuter en devops et apprendre à réaliser son premier pipeline. Très facilement et en toute simplicité.
Une formation gratuite pour s'initier au devops.
https://youtu.be/tiSfXCM8VTw
https://gitlab.com/xavki/pipeline-saison-1
C'est avec un plaisir non dissimulé que nous libérons nos supports de formation OpenStack en Français. Ceux-ci, présentés sous forme de slides, ont été réalisés dans le cadre de nos activités de formation délivrées à nos clients.
Ils vous permettront de comprendre les enjeux liés au cloud IaaS (Infrastructure as a Service) puis d'installer et de piloter une infrastructure OpenStack, solution leader du marché.
Participants actifs à la communauté OpenStack francophone depuis sa création, nous espérons que cette dernière pourra réutiliser ces supports de formation.
> Des projets OpenStack ? Besoin de formations OpenStack intra- / inter- entreprise ?
Contactez-nous sur http://www.osones.com
네트워크 엔지니어에게 왜 쿠버네티스가 필요한지 설명하는 내용입니다.
영상은 아래의 링크에서 제공됩니다. https://www.inflearn.com/course/%EC%BF%A0%EB%B2%84%EB%84%A4%ED%8B%B0%EC%8A%A4-%EC%89%BD%EA%B2%8C%EC%8B%9C%EC%9E%91/lecture/97562
Metasploit et Metasploitable2 : exploiter VSFTPD v2.3.4 Khalid EDAIG
exploiter VSFTPD v2.3.4 manuellement et avec Metasploit. Cet exploit VSFTPD
particulier est assez facile à exploiter et constitue un excellent premier départ sur la boîte Metasploitable 2.
Comment débuter en devops et apprendre à réaliser son premier pipeline. Très facilement et en toute simplicité.
Une formation gratuite pour s'initier au devops.
https://youtu.be/tiSfXCM8VTw
https://gitlab.com/xavki/pipeline-saison-1
C'est avec un plaisir non dissimulé que nous libérons nos supports de formation OpenStack en Français. Ceux-ci, présentés sous forme de slides, ont été réalisés dans le cadre de nos activités de formation délivrées à nos clients.
Ils vous permettront de comprendre les enjeux liés au cloud IaaS (Infrastructure as a Service) puis d'installer et de piloter une infrastructure OpenStack, solution leader du marché.
Participants actifs à la communauté OpenStack francophone depuis sa création, nous espérons que cette dernière pourra réutiliser ces supports de formation.
> Des projets OpenStack ? Besoin de formations OpenStack intra- / inter- entreprise ?
Contactez-nous sur http://www.osones.com
네트워크 엔지니어에게 왜 쿠버네티스가 필요한지 설명하는 내용입니다.
영상은 아래의 링크에서 제공됩니다. https://www.inflearn.com/course/%EC%BF%A0%EB%B2%84%EB%84%A4%ED%8B%B0%EC%8A%A4-%EC%89%BD%EA%B2%8C%EC%8B%9C%EC%9E%91/lecture/97562
Metasploit et Metasploitable2 : exploiter VSFTPD v2.3.4 Khalid EDAIG
exploiter VSFTPD v2.3.4 manuellement et avec Metasploit. Cet exploit VSFTPD
particulier est assez facile à exploiter et constitue un excellent premier départ sur la boîte Metasploitable 2.
Docker nous permet de déployer nos applications dans des conteneurs. Du coup notre infrastructure se retrouve divisée dans différents conteneurs, un pour la base de données, un pour le front, un pour le backend. Voir même une division en services lorsque l’on est dans une approche micro-services.
Mais comment faire communiquer ces différents conteneurs? Comment orchestrer un cluster de conteneurs? Kubernetes est une réponse à ces questions.
Réussir sa migration vers le Cloud grâce à la virtualisation des donnéesDenodo
Watch full webinar here: https://buff.ly/35Kpcl2
Selon une récente étude*, à l’heure où 36% des entreprises déclarent avoir amorcé leur migration vers le Cloud, 20% seulement estiment avoir atteint les phases avancées de leur implémentation. Si l'adoption du Cloud continue de prendre de la vitesse, elle reste soumise à un certain nombre de défis comme la sécurité, la gestion et le suivi des dépenses liées au Cloud, ou encore le manque de compétences dans le Cloud. Les entreprises éprouvent en effet des difficultés à migrer leurs ressources d’information critique compte tenu de la complexité du paysage Big Data.
Pourtant, la virtualisation des données peut permettre aux entreprises de surmonter cet obstacle. En associant différents types et sources de données hébergées dans le Cloud et sur site, de nombreuses organisations optent pour des solutions de virtualisation des données pour bénéficier de l'agilité et de la flexibilité caractéristiques du cloud tout en permettant à leurs équipes d'exploiter les données issues de ces environnements hybrides.
Les points clés abordés:
Comment l’architecture multi-sites de la virtualisation peut simplifier et accélérer la migration vers le Cloud.
Les meilleures pratiques pour déployer la virtualisation des données dans le Cloud.
Comment exploiter la couche de données virtuelles de Denodo pour tirer profit des solutions Cloud, comme la modernisation du data warehouse, la data science et le data lake gouverné dans le Cloud.
Une démo live pour voir la data virtualization en action, et notamment pour l'analyse de données dans le Cloud.
* Denodo Global Cloud Survey 2019
Podman was created to be an alternative to Docker. It bears many similarities to the popular containerization tool, but it also differs in some important aspects.
Podman is daemonless, unlike Docker, which uses a client-server paradigm. While Docker needs a daemon process to maintain the connection between the client and the server, Podman is a single main process with containers as child processes.
Due to its architecture, Docker requires root privileges. Podman is rootless by design.
Docker is a monolithic platform that strives to be an all-in-one solution for container management. Podman, on the other side, focuses on running containers. It utilizes specialized tools for other functionalities - for example, it uses Buildah for building images, and skopeo for image management and distribution.
Rudder - Configuration management benefits for everyone (FOSDEM 2012)RUDDER
Rudder is a new open source tool in the configuration management domain. Its aim is not to reinvent the technical wheel, but to provide a new way to drive our infrastructure.
Specifically aimed at drift assessment, it addresses automation, ongoing verification and repairs, centralizing information and knowledge about your infrastructure, compliance reporting... thus helping to keep drift from nominal behavior low. Built upon a standard CFEngine architecture (and other open source components).
This talk will show how Rudder's approach enables everyone in the IT department to benefit from the advantages of configuration management, without necessarily needing to learn a complex tool, or even get their hands dirty. We'll describe and demonstrate how this is possible, and dive into the technical architecture that makes it work.
In a nutshell, clearly separated tasks permit technical experts to create configuration templates for the tools they know best, thus letting non-experts leverage this power via a modern web interface, such as: architects or security officers who implement policy, junior sysadmins who use and reuse such policies to setup services, and pretty much anyone who digs into real-time compliance reports and error logs.
See http://www.rudder-project.org for more info.
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...RUDDER
Sharing and reusing configurations, rolling out upgrades, ensuring a security policy is correctly applied, automating repetitive tasks, preparing for disaster recovery... these are all missions for configuration management tools.
Rudder is a new, open source approach to this domain, built on existing and reliable components. By allowing experts and power-users to create reusable templates and configurations based on best practices, it enables other actors in the IT department to benefit from the advantages of configuration management: using a web-based interface, junior sysadmins can quickly setup new servers while learning and respecting best practices and company policy, while service managers and security officers can get instant reports on their policies compliance level.
This talk introduces Rudder and show some illustrative use cases before describing the architecture of it's main components and how they interact (a web interface written in Scala, the CFEngine 3 infrastructure used to manage hosts, OpenLDAP as an inventory and configuration data store...), including how to write your own techniques and extend existing ones.
Docker nous permet de déployer nos applications dans des conteneurs. Du coup notre infrastructure se retrouve divisée dans différents conteneurs, un pour la base de données, un pour le front, un pour le backend. Voir même une division en services lorsque l’on est dans une approche micro-services.
Mais comment faire communiquer ces différents conteneurs? Comment orchestrer un cluster de conteneurs? Kubernetes est une réponse à ces questions.
Réussir sa migration vers le Cloud grâce à la virtualisation des donnéesDenodo
Watch full webinar here: https://buff.ly/35Kpcl2
Selon une récente étude*, à l’heure où 36% des entreprises déclarent avoir amorcé leur migration vers le Cloud, 20% seulement estiment avoir atteint les phases avancées de leur implémentation. Si l'adoption du Cloud continue de prendre de la vitesse, elle reste soumise à un certain nombre de défis comme la sécurité, la gestion et le suivi des dépenses liées au Cloud, ou encore le manque de compétences dans le Cloud. Les entreprises éprouvent en effet des difficultés à migrer leurs ressources d’information critique compte tenu de la complexité du paysage Big Data.
Pourtant, la virtualisation des données peut permettre aux entreprises de surmonter cet obstacle. En associant différents types et sources de données hébergées dans le Cloud et sur site, de nombreuses organisations optent pour des solutions de virtualisation des données pour bénéficier de l'agilité et de la flexibilité caractéristiques du cloud tout en permettant à leurs équipes d'exploiter les données issues de ces environnements hybrides.
Les points clés abordés:
Comment l’architecture multi-sites de la virtualisation peut simplifier et accélérer la migration vers le Cloud.
Les meilleures pratiques pour déployer la virtualisation des données dans le Cloud.
Comment exploiter la couche de données virtuelles de Denodo pour tirer profit des solutions Cloud, comme la modernisation du data warehouse, la data science et le data lake gouverné dans le Cloud.
Une démo live pour voir la data virtualization en action, et notamment pour l'analyse de données dans le Cloud.
* Denodo Global Cloud Survey 2019
Podman was created to be an alternative to Docker. It bears many similarities to the popular containerization tool, but it also differs in some important aspects.
Podman is daemonless, unlike Docker, which uses a client-server paradigm. While Docker needs a daemon process to maintain the connection between the client and the server, Podman is a single main process with containers as child processes.
Due to its architecture, Docker requires root privileges. Podman is rootless by design.
Docker is a monolithic platform that strives to be an all-in-one solution for container management. Podman, on the other side, focuses on running containers. It utilizes specialized tools for other functionalities - for example, it uses Buildah for building images, and skopeo for image management and distribution.
Rudder - Configuration management benefits for everyone (FOSDEM 2012)RUDDER
Rudder is a new open source tool in the configuration management domain. Its aim is not to reinvent the technical wheel, but to provide a new way to drive our infrastructure.
Specifically aimed at drift assessment, it addresses automation, ongoing verification and repairs, centralizing information and knowledge about your infrastructure, compliance reporting... thus helping to keep drift from nominal behavior low. Built upon a standard CFEngine architecture (and other open source components).
This talk will show how Rudder's approach enables everyone in the IT department to benefit from the advantages of configuration management, without necessarily needing to learn a complex tool, or even get their hands dirty. We'll describe and demonstrate how this is possible, and dive into the technical architecture that makes it work.
In a nutshell, clearly separated tasks permit technical experts to create configuration templates for the tools they know best, thus letting non-experts leverage this power via a modern web interface, such as: architects or security officers who implement policy, junior sysadmins who use and reuse such policies to setup services, and pretty much anyone who digs into real-time compliance reports and error logs.
See http://www.rudder-project.org for more info.
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...RUDDER
Sharing and reusing configurations, rolling out upgrades, ensuring a security policy is correctly applied, automating repetitive tasks, preparing for disaster recovery... these are all missions for configuration management tools.
Rudder is a new, open source approach to this domain, built on existing and reliable components. By allowing experts and power-users to create reusable templates and configurations based on best practices, it enables other actors in the IT department to benefit from the advantages of configuration management: using a web-based interface, junior sysadmins can quickly setup new servers while learning and respecting best practices and company policy, while service managers and security officers can get instant reports on their policies compliance level.
This talk introduces Rudder and show some illustrative use cases before describing the architecture of it's main components and how they interact (a web interface written in Scala, the CFEngine 3 infrastructure used to manage hosts, OpenLDAP as an inventory and configuration data store...), including how to write your own techniques and extend existing ones.
Configuration management: automating and rationalizing server setup with CFEn...Jonathan Clarke
With the advent of virtualization and cloud computing, modern IT management relies more and more on the concept of "create, set up, use and throw away" servers. In this context, the benefits of automating and rationalizing the "set up phase" are obvious. This is where configuration management tools come in to play.
This presentation kicks off with a discussion of some key points of configuration management and their benefits and drawbacks, building on real world examples (well, pseudo examples, mostly too silly to have ever really happened... or maybe not?)
The main contender is then introduced: CFEngine 3. Released in 2009, this is a brand new version of the open source configuration management solution, built on 17+ years of experience from previous versions of the software. We'll introduce the technology's key points, comparing approaches with similar devops-type tools, such as Puppet and Chef (where possible).
last cover the basics of setting up a minimal environment to start automating your configuration with CFEngine 3. We'll cover simple but illustrative examples, and show real-time demos of the technology in action.
Configuration management: automating and rationalizing server setup with CFEn...RUDDER
With the advent of virtualization and cloud computing, modern IT management relies more and more on the concept of "create, set up, use and throw away" servers. In this context, the benefits of automating and rationalizing the "set up phase" are obvious. This is where configuration management tools come in to play.
This presentation kicks off with a discussion of some key points of configuration management and their benefits and drawbacks, building on real world examples (well, pseudo examples, mostly too silly to have ever really happened... or maybe not?)
The main contender will then be introduced: CFEngine 3. Released in 2009, this is a brand new version of the open source configuration management solution, built on 17+ years of experience from previous versions of the software. We'll introduce the technology's key points, comparing approaches with similar devops-type tools, such as Puppet and Chef (where possible).
I then cover the basics of setting up a minimal environment to start automating your configuration with CFEngine 3, and simple but illustrative examples.
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...XebiaLabs
Learn how you can enhance and extend your existing infrastructure to create an automated, end-to-end IT platform supporting on-demand middleware and application environments, application release pipelines, Continuous Delivery, Private/ hybrid development platform and PaaS and more.
Nagios Conference 2012 - Andreas Ericsson - MerlinNagios
Andreas Ericsson's presentation on using Nagios with Merlin.
The presentation was given during the Nagios World Conference North America held Sept 25-28th, 2012 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
SOA Summer School: Best of SOA Summer School – Encore Session WSO2
This wrap-up session of WSO2's SOA Summer School brings you the best of all sessions conducted over the past 8 weeks. Enterprise architects, developers, consultants and business analysts can now gain an overall understanding of SOA concepts and implementations of end-to-end SOA solutions.
LAST Conference - Dev-Ops and Continuous DeliveryNigel Fernandes
This is a talk I gave at the Lean, Agile and Systems Thinking conference in Melbourne, July 2012.
http://www.lastconference.com/
Covering DevOps as a movement. Ideas behind continuous delivery and a sample implementation covering some of those principles in practise using Puppet and Amazon Web Services.
Great news for Systems Center 2012 customers. With the aim of making System Center more cloud-friendly, Microsoft has made changes to the way that the licensing model for this popular product works. What used to be an extremely complex licensing system has been made much easier for clients to understand and manage. This presentation provides a quick overview of what these key updates are and work with a Softchoice Microsoft specialist to understand your needs under this new model moving forward.
From dotCMS Boot Camp 2010. High-level slides from presentation on how to configure plugins in dotCMS and a focus on plugin development in Velocity and Java.
Juniper Networks introduced its SDN strategy during its 2013 Global Partner Conference. Executive Vice President of the Software Solutions Division, Bob Muglia, introduced the company's vision, strategy and licensing model for the SDN transition.
This slide deck Introduces Chef and its role in DevOps. The agenda of the deck is as follows:
- A Review of DevOps
- BMs Continuous Delivery solution
- Introduction to Chef
- Chef and Continuous Delivery
Read more on DevOps: http://sdarchitect.wordpress.com/understanding-devops/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
4. Configuration management
Definition
Configuration Management is the
process of standardizing resource
configurations and enforcing their state
across IT infrastructure in an automated
yet agile manner.
— Puppet Labs
5. Configuration management
Why do we need it
Heterogeneous Operating Systems
Servers profusion
Increasing deployment needs
Cloud
6. Configuration management
Different solutions
3 ways for deploying software to the SI
Manually
Could take very long time
By scripts
Could be quite tricky
Multi-environment case
By configuration management software
8. Configuration management
Principle
A client/server
architecture.
The server has a reference
configuration.
The client queries the
server.
The client makes change in
order to match the
reference configuration.
10. Configuration management
Principle
Version control and security
Revision control used to keep a trace of config
revisions
Not mandatory but hugely recommended
Encrypted connection
11. Configuration management
Principle
What you can do
File transfer
File edition
Service management
Package management
Mount points management
Cron management
VLAN management
Command launching
…
12. Configuration management
Comparison
3 major solutions :
Puppet
The most popular
Easiest solution
Chef
Puppet fork
Still young but very promising
CFEngine
The first CM software
The most resource effective
More complex
14. Configuration management
Comparison
Some differences
Technology Ruby Ruby C
Configuration Dedicated Ruby Dedicated
langage langage
Configuration Plain text files
method Plain text files CLI tool Plain text files
Web UI
Licence Apache Apache GPL
15. Configuration management
Comparison
Some similarities
Same origin
Specially designed for config
management
Client/server model
Standalone mode possible
CLI interface
Need to increase your
competence
18. Puppet Installation
Puppet
Some details and features
Created in 2006 by Puppet Labs
Latest version : 3.0.0
The easiest solution
Dedicated declarative language
Inspired by Ruby
Modular configuration
System profiling with Facter
Template support
Asymmetric Key Encryption
19. Puppet Installation
Puppet
Prerequisite and sources
Prerequisite
Configured DNS
Ruby
Installation sources :
Distribution repositories
RubyGem
Sources
20. Puppet Installation
Puppet
Client and server
Puppet server : Puppetmaster
Puppet client : Puppet (agent)
Main steps once installed :
Puppet agent installation on client hosts (also called a node).
Enter the server FQDN into /etc/puppet/puppet.conf
The agent checks every 30 mn by default
Certificate generation
CSR for the node generated on the puppetmaster during
the first agent request
21. Puppet Installation
Working with Puppetmaster
Working with Puppet CA
[root@puppetmaster ~]# puppetca --sign fqdn.utopia.net
Options Definitions
--sign Sign the certificate request for the following host
--list List certificate request
--all Used with --sign, sign all certificate request
--clean Remove all files related to the host from the CA
--print Print the full text version of a host’s certificate
--revoke Remove all files related to the host from the CA
24. Puppetmaster
One important thing
Infrastructure is code.
25. Puppetmaster
Definition
Manifest – Puppet programs are called
« manifests » . They use the .pp file
extension. These programs contain one or
more class.
26. Puppetmaster
Puppet configuration tree
Configuration files overview 1/2
puppet.conf
General Puppetmaster settings
auth.conf
General ACL
fileserver.conf
ACL for the Puppet fileserver
manifests directory
site.pp : global defaults
configuration
nodes.pp : manage hosts
27. Puppetmaster
Puppet configuration tree
Configuration files overview 2/2
modules directory
Contain one subdirectory per
module
manifests/init.pp
The module code
The best way to use Puppet
templates directory
The default directory which contains
templates.
32. Puppet
Puppet language basics
Puppet, Chef, Cfengine
33. Puppet language basics
The declarative language
About the language
With Puppet, we declare how the node
must be.
Everything you want to manage have to
be explicitly declared.
A Puppet program is called a manifest
Central manifest : site.pp
Puppet load modules manifests
Into manifests, we define classes.
We write resources inside these
classes
34. Puppet language basics
The declarative language
Resources
The fundamental unit of modeling
Like a “function”
Inside, a series of attributes and their values
Resources types and attributes are predefined by Puppet
List of available resources
http://docs.puppetlabs.com/references/stable/type.html
Skeleton
Ressource-name { ‘title’ : attribute = value }
35. Puppet language basics
Resources
File
Manage files
file { '/etc/passwd':
Content owner => 'root',
group => 'root',
Permissions mode => '0644',
Ownership source => ‘puppet:///base/passwd‘
}
Source attribute
Copy a file from the Puppetmaster to the node
puppet:/// followed by the relative source of the file
placed in /etc/puppet/modules/module-name/files/
36. Puppet language basics
Resources
Package package { ‘openssh-server’:
ensure => installed
}
Manage packages
Wide provider support package { ‘openssh-server’:
ensure => latest
APT }
Aptitude package { ‘openssh-server’:
YUM ensure => absent
}
And more..
Install, upgrade, uninstall packages
The last or defined package version
37. Puppet language basics
Resources
Service
Manage services
Wide provider support service { ‘snmpd’:
Init ensure => running,
enable => true,
Systemd hasrestart => true,
Upstart hasstatus => true
}
And more…
Start, stop, restart, start on boot (enable) services
39. Puppet
Puppet language advanced
Dive into Puppet
40. Puppet language advanced
Facter
The system profiler
Software used by Puppet ~ # facter
architecture => i386
Installed on nodes domain => utopia.net
facterversion => 1.5.7
Collect various data, "facts",
fqdn => debiantest.utopia.net
on node hardwaremodel => i686
Many facts already defined by hostname => debiantest
Facter id => root
[…]
Possibility to create your
own facts
41. Puppet language advanced
Variables
Variables into classes
Begin by $
case $operatingsystem {
Can use facts or you centos, redhat: { $service_name = 'ntpd' }
own defined debian, ubuntu: { $service_name = 'ntp' }
variables }
Often used with service { 'ntp':
conditional name => $service_name,
statements ensure => running,
enable => true
Case statement }
If statement
42. Puppet language advanced
Conditional statements
If/Elsif/Else Statement if $variable {
file { '/some/file': ensure => present }
} else {
Based on file { '/some/other/file': ensure => present }
}
the truth value
of a variable
the value of an
expression if $server == 'mongrel' {
include mongrel
The truth of an } elsif $server == 'nginx' {
arithmetic include nginx
expression } else {
include thin
}
if $ram > 1024 {
$maxclient = 500
}
43. Puppet language advanced
Expressions
Operators
Operators usable in if statements
Boolean expressions
And, or, not
Comparison expressions
== =! < > <= > >=
Arithmetic expressions
+ - / * >> (left shift) << (right shift)
Regular expressions
=~ !~
“in” expressions
allows to find if the left operand is in the right one.
44. Puppet language advanced
Templates
Personalized text files
file {"hosts":
Permit to have path => "/etc/hosts",
personalized owner => root,
configuration per node group => root,
mode => 644,
Use ERB language content => template("base/hosts.erb")
Retrieve and use }
facts
<%= ipadress %> <%fqdn> <%hostname>
Use file resource
ERB file
placed in
module
template
directory
45. Puppet language advanced
Resources relationship
Relationship meta-parameters
before
Resource is applied before the target resource
require
Resource is applied after the target resource
notify
Like before + The target resource will refresh if the
notifying resource changes
subscribe
Like require + The subscribing resource will refresh if the
target resource changes.
46. Puppet language advanced
Resources relationship
Ordering relationship
package { 'openssh-server':
ensure => present,
before => File['/etc/ssh/sshd_config'],
}
file { '/etc/ssh/sshd_config':
ensure => file,
mode => 600,
source => 'puppet:///modules/sshd/sshd_config',
require => Package['openssh-server'],
}
These two examples are mutually-exclusive
47. Puppet language advanced
Resources relationship
Notification relationship
file { '/etc/ssh/sshd_config':
ensure => file,
mode => 600,
source => 'puppet:///modules/sshd/sshd_config',
notify => Service['sshd']
}
service { 'sshd':
ensure => running,
enable => true,
subscribe => File['/etc/ssh/sshd_config‘]
}
These two examples are mutually-exclusive
48. Puppet language advanced
Resources relationship
Chaining and refreshing
Ordering resources
The resource on the left is applied
before the resource on the right.
->
Refreshing
Kind of trigger
Restart a service after a file update
~>
# ntp.conf is applied first, and will notify the ntpd service if it changes:
File['/etc/ntp.conf'] ~> Service['ntpd']