Downloaded 155 times
![Puppet CLI tool
root@chamber:~# puppet help
Usage: puppet <subcommand> [options] <action> [options]
…
root@chamber:~# puppet help <subcommand>
root@chamber:~# puppet man <subcommand>
=> man puppet-<subcommand>](https://image.slidesharecdn.com/intro-to-puppet-140605051010-phpapp01/75/Intro-to-puppet-5-2048.jpg)
![RAL: Resources (III)
root@chamber:~# puppet resource user root shell=/bin/dash
Notice: /User[root]/shell: shell changed '/bin/bash' to '/bin/dash'
user { 'root':
ensure => 'present',
shell => '/bin/dash',
}
root@chamber:~# puppet resource user root --edit](https://image.slidesharecdn.com/intro-to-puppet-140605051010-phpapp01/75/Intro-to-puppet-12-2048.jpg)
![Example manifest: Hello world
root@chamber:~# echo "notify {'hello world': }" > hello-world.pp
root@chamber:~# puppet apply hello-world.pp
Notice: Compiled catalog for chamber.faita.net in environment production in 0.02
seconds
Notice: hello world
Notice: /Stage[main]/Main/Notify[hello world]/message: defined 'message' as 'hello
world'
Notice: Finished catalog run in 3.15 seconds](https://image.slidesharecdn.com/intro-to-puppet-140605051010-phpapp01/75/Intro-to-puppet-15-2048.jpg)
![Example manifest: “The trifecta”
case $operatingsystem {
centos, redhat: { $service_name = 'ntpd' }
debian, ubuntu: { $service_name = 'ntp' }
}
package { 'ntp':
ensure => installed,
}
service { 'ntp':
name => $service_name,
ensure => running,
enable => true,
subscribe => File['ntp.conf'],
}
file { '/etc/ntp.conf':
ensure => file,
require => Package['ntp'],
source => 'puppet:///modules/ntp/ntp.conf',
}](https://image.slidesharecdn.com/intro-to-puppet-140605051010-phpapp01/75/Intro-to-puppet-16-2048.jpg)
![Defines (II)
define apache::vhost ($port, $docroot, $servername = $title, $vhost_name = '*') {
include apache # contains Package['httpd'] and Service['httpd']
include apache::params # contains common config settings
$vhost_dir = $apache::params::vhost_dir
file { "${vhost_dir}/${servername}.conf":
content => template('apache/vhost-default.conf.erb'),
owner => 'www',
group => 'www',
mode => '644',
require => Package['httpd'],
notify => Service['httpd'],
}
}](https://image.slidesharecdn.com/intro-to-puppet-140605051010-phpapp01/75/Intro-to-puppet-22-2048.jpg)
Uploaded byF.L. Jonathan Araña Cruz
Intro to-puppet
Puppet is a configuration management tool that allows systems to be declared and maintained in a desired state. It uses a declarative domain-specific language to describe system configuration. Resources are used to model system components like packages, services, files and users. Modules bundle related manifests, files and templates. A Puppet master stores configurations and agents pull configurations from the master to make necessary changes. After runs, agents report back metrics and logs to provide visibility into infrastructure changes.
More Related Content
Intro to-puppet
- 1.
- 2. Sysadmin en laonda DevOps Drupal developer 10 años sysadmin 3 años con Puppet 8 años con Drupal http://atlantic-canary.net http://github.com/jonhattan @_jonhattan_ Jonathan Araña Cruz (aka jonhattan)
- 3.
- 4. What? ● Configuration management ●Written in Ruby ● Free software (Apache 2.0) ● Current version 3.6 - towards 4.0 ● PuppetLabs, since 2005 ● Other products ○ Puppet Enterprise ○ MCollective
- 5. Puppet CLI tool root@chamber:~#puppet help Usage: puppet <subcommand> [options] <action> [options] … root@chamber:~# puppet help <subcommand> root@chamber:~# puppet man <subcommand> => man puppet-<subcommand>
- 6. Index ● Resource AbstractionLayer ● Puppet Language ● Modules ● Stored configuration ● Puppet Master ● Reporting
- 7. RAL: Resource types(I) ● Resource types: high-level models ○ Some types: package, service, file, user, cron,... ○ Providers: implementers on different systems ○ Providers for package: apt, yum, pip, gem, pear,... ● Available resource types ○ Puppet built-in reference: http://docs.puppetlabs. com/references/latest/type.html ○ Cheatsheet: http://docs.puppetlabs.com/puppet_core_types_cheatsheet.pdf ○ Provided by 3rd party modules
- 8. root@chamber:~# puppet resource--types anchor augeas computer cron database database_grant database_user exec file file_line filebucket firewall firewallchain group host ini_setting ini_subsetting interface k5login macauthorization mailalias maillist mcx mount mysql_database mysql_grant mysql_user nagios_command nagios_contact nagios_contactgroup nagios_host nagios_hostdependency network_config network_route notify package postgresql_conf router schedule scheduled_task selboolean selmodule service ssh_authorized_key sshkey RAL: Resource types (II)
- 9. root@chamber:~# puppet describe-s user Manage users. This type is mostly built to manage system users, so it is lacking some features useful for managing normal users. Parameters ---------- ensure, expiry, gid, groups, home, keys, managehome, membership, name, password, password_max_age, password_min_age, salt, shell,system, uid Providers --------- aix, directoryservice, hpuxuseradd, ldap, pw, user_role_add, useradd, windows_adsi RAL: Resource types (III)
- 10. RAL: Resources (I) ●Resource: instance of a resource type ○ Example: root user, ntp service, vim package,... ○ System discovery ○ Interactive management via CLI ○ Abstraction layer!
- 11. RAL: Resources (II) root@chamber:~#puppet resource user --list user { 'root': ensure => 'present', comment => 'root', gid => '0', home => '/root', password => '$6$szUwrw3k.uAo.', password_max_age => '99999', password_min_age => '0', shell => '/bin/bash', uid => '0', } user { 'www-data': ensure => 'present', comment => 'www-data', gid => '33', home => '/var/www', password => '*', password_max_age => '99999', password_min_age => '0', shell => '/bin/sh', uid => '33', }
- 12. RAL: Resources (III) root@chamber:~#puppet resource user root shell=/bin/dash Notice: /User[root]/shell: shell changed '/bin/bash' to '/bin/dash' user { 'root': ensure => 'present', shell => '/bin/dash', } root@chamber:~# puppet resource user root --edit
- 13. Index ● Resource AbstractionLayer ● => Puppet Language ● Modules ● Stored configuration ● Puppet Master ● Reporting
- 14. Puppet Language (I) ●Declarative, Domain Specific Language (DSL) ● Purpose of the language: ○ Describe desired state of the system by declaring resources ○ Every other part of the language exists to add flexibility and convenience to the way resources are declared ● Programs are called manifests ● A manifest is compiled into a catalog
- 15. Example manifest: Helloworld root@chamber:~# echo "notify {'hello world': }" > hello-world.pp root@chamber:~# puppet apply hello-world.pp Notice: Compiled catalog for chamber.faita.net in environment production in 0.02 seconds Notice: hello world Notice: /Stage[main]/Main/Notify[hello world]/message: defined 'message' as 'hello world' Notice: Finished catalog run in 3.15 seconds
- 16. Example manifest: “Thetrifecta” case $operatingsystem { centos, redhat: { $service_name = 'ntpd' } debian, ubuntu: { $service_name = 'ntp' } } package { 'ntp': ensure => installed, } service { 'ntp': name => $service_name, ensure => running, enable => true, subscribe => File['ntp.conf'], } file { '/etc/ntp.conf': ensure => file, require => Package['ntp'], source => 'puppet:///modules/ntp/ntp.conf', }
- 17. Puppet Language (II) ●Some language constructs ○ Nodes ○ Classes ○ Defines ○ Variables, Conditionals ○ Dependency relationships ○ Anchors, tags, collectors, run-stages,...
- 18. Nodes ● Block ofcode included in one node’s catalog ● ENC ● Ref: http://docs.puppetlabs.com/puppet/latest/reference/lang_node_definitions.html # site.pp node 'foo.example.com' { ... } node '/^(bar|baz).example.net$/' { ... }
- 19. Classes (I) ● Blockof code to group resources ● Parameterized ● Singleton ● Ref : http://docs.puppetlabs.com/puppet/latest/reference/lang_classes.html
- 20. Classes (II) # file:ntp.pp class ntp ( $ntpserver = ‘one.pool.ntp.org’, ) { package { 'ntp': … } service { 'ntp': … } file {'/etc/ntp.conf': … } } # file: manifest.pp import ntp.pp # Include the class. include ntp # Alternatively this way you can override params class {‘ntp’: ntpserver => ‘other.pool.ntp.org’ } # puppet apply manifest.pp
- 21. Defines (I) ● Blocksof code that can be evaluated multiple times with different parameters ● Once defined, they act like a new (compound) resource type
- 22. Defines (II) define apache::vhost($port, $docroot, $servername = $title, $vhost_name = '*') { include apache # contains Package['httpd'] and Service['httpd'] include apache::params # contains common config settings $vhost_dir = $apache::params::vhost_dir file { "${vhost_dir}/${servername}.conf": content => template('apache/vhost-default.conf.erb'), owner => 'www', group => 'www', mode => '644', require => Package['httpd'], notify => Service['httpd'], } }
- 23. Puppet Language (III) ●Other related components ○ Functions ○ Facter ○ Hiera ● Language reference: http://docs.puppetlabs. com/puppet/latest/reference/index.html
- 24. Functions ● Implemented inruby ● Enrich puppet language with handy features ● Examples: ○ include ○ template() ● Built-in functions: http://docs.puppetlabs.com/references/latest/function. html ● Puppet stdlib:https://github.com/puppetlabs/puppetlabs-stdlib ● Custom: http://docs.puppetlabs.com/guides/custom_functions.html
- 25. Facts ● System information,available as “global variables” in manifests root@chamber:~# facter architecture => amd64 fqdn => chamber.faita.net hostname => chamber interfaces => eth0,lo ipaddress => 10.0.0.2 ipaddress_eth0 => 10.0.0.2 ipaddress_lo => 127.0.0.1 is_virtual => true kernel => Linux kernelmajversion => 3.2 lsbdistcodename => wheezy lsbdistid => Debian lsbdistrelease => 7.5 lsbmajdistrelease => 7 osfamily => Debian processor0 => Intel(R) Core(TM) i7- 3770 CPU @ 3.40GHz processor1 => Intel(R) Core(TM) i7- 3770 CPU @ 3.40GHz processorcount => 2 puppetversion => 3.6.0 virtual => xenu
- 26. Hiera (I) ● Key/valuelookup tool for configuration data ● Hierarchical ● Avoid repetition ○ Write common data for most nodes ○ Override some values for nodes with a specific role ○ Override some of those values for one or two unique nodes ● Ref: http://docs.puppetlabs.com/hiera/1/
- 27. Hiera (II) # file/etc/hiera.yaml --- :backends: - yaml :yaml: :datadir: /etc/puppet/hiera :hierarchy: - "os/%{lsbdistid}" - "groups/%{::domain}" - "node/%{::fqdn}" - common # Files in /etc/puppet/hiera/ os/RedHat.yaml os/Debian.yaml groups/example.net.yaml groups/example.com.yaml hiera/nodes/bar.example.com.yaml hiera/nodes/baz.example.net.yaml hiera/nodes/foo.example.com.yaml
- 28. Hiera (III) # os/RedHat.yaml packages: -httpd # os/Debian.yaml packages: - apache2 # nodes/foo.example.com.yaml packages: - apache2-mpm-itk
- 29. Index ● Resource AbstractionLayer ● Puppet Language ● => Modules ● Stored configuration ● Puppet Master ● Reporting
- 30. Modules (I) ● Self-containedbundles of code and data ● Manifests, classes, defines, files, templates, functions, tests,... ● Directory tree: MODULENAME/manifests/ MODULENAME/files/ MODULENAME/templates/ MODULENAME/lib/ MODULENAME/facts.d/ MODULENAME/tests/ MODULENAME/spec/
- 31. Modules (II) ● Bestpractices / well-known patterns ● Ref: http://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html ● Puppet forge: https://forge.puppetlabs.com ● CLI subcommand: puppet module install puppetlabs/mysql ● Librarian: https://github.com/rodjek/librarian-puppet
- 32. Index ● Resource AbstractionLayer ● Puppet Language ● Modules ● => Stored configuration ● Puppet Master ● Reporting
- 33. Stored configuration ● Centralizedstore of puppet-produced data ○ Nodes, resources, relationships, facts ○ Catalog run log ● Exported resources ● Inventory service: http://docs.puppetlabs.com/guides/inventory_service. html ● Active Record (sql backends) ● PuppetDB: http://docs.puppetlabs.com/puppetdb/2.0/index.html
- 34. Index ● Resource AbstractionLayer ● Puppet Language ● Modules ● Stored configuration ● => Puppet Master ● Reporting
- 35. Puppet Master ● Pull-basedagent/master mode ● REST API ● Master stores manifests ● Agent requests its catalog to the master ● Ref: http://docs.puppetlabs.com/learning/agent_master_basic.html
- 36. Standalone (puppet applysite.pp)
- 37. Index ● Resource AbstractionLayer ● Puppet Language ● Modules ● Nodes, ENC ● Store configs, PuppetDB ● Puppet Master ● => Reporting
- 38. Reporting (I) ● Agentsend reports at the end of every run ○ Logs ○ Metrics: time, resources, changes ● Report handlers: http, log, tagmail ● Ref: http://docs.puppetlabs.com/references/latest/report.html ● Puppet Dashboard: web interface ○ web interface: node classification and reporting feature ○ Ref: https://github.com/sodabrew/puppet-dashboard
- 39.
- 40.