This document discusses the Puppet configuration management tool. It provides an overview of Puppet including its open source nature, supported platforms, file structure, and types of resources it can manage like files, packages, services. It also discusses Facter for collecting system facts. Several examples are shown of how to configure files, packages, services. Finally Amazon EC2 is mentioned as a way to deploy Puppet in a scalable environment.

2. Puppet – system do zarządzania
systemami
Łukasz Jagiełło – l.jagiello@gratka-technologie.pl
http://images.businessweek.com/cms/2011-09-01/tech__puppet37__01__600.jpg

3. Agenda
Kilka słów o sobie
Puppet
Przyklady – co i jak zrobić
Prezentacja LIVE
Mozliwości – co możemy osiągnąć
Pytania ?

4. Co mamy na rynku
Autorskie skrypty (tar, rsync itd.)
Etckeeper
bcfg2
CFEngine
Puppet
Chef
itd.

5. Puppet
http://puppetlabs.com/
http://projects.puppetlabs.com/
open source (Apache 2.0)
dostępny w wielu dystrybucjach out-of-box
gotowe obrazy Amazon EC2
projekt istnieje od dawna
duże community
wersja enterprice

6. Puppet
Struktura katalogów:
/manifest (nodes.pp, site.pp)
/modules
/name (np. nginx, webpage, snmp ...)
/files (nginx.conf, infoshare.conf ...)
/manifests (init.pp, config.pp, install.pp ...)
/template (index.html.erb ...)
/rack ( passenger + nginx)
/lib ( dodatkowe biblioteki np. facter)

7. Puppet
File - plik, katalog, symlink (lokalny fs)
Package – yum,gem,pkg,apt,pip,ports...
Service – systemd,upstart,init,daemontools...
Notify
Exec – commandline + creates,onlyif,cwd,user..
Cron, user, group itd...
http://docs.puppetlabs.com/references/latest/type.html

8. Przykłady
node 'www.testing.com' {
include common
include apache, squid
}
node /^(foo|bar).testing.com$/ {
include common
}
case $hostname {
'jack','jill': { include hill } # apply the hill class
'humpty','dumpty': { include wall } # apply the wall class
default: { include generic } # apply the generic class
}

9. Przykłady
file { '/etc/passwd':
owner => 'root',
group => 'root',
mode => '0644'}
define cfg {
file { "/etc/sec/$name.sec":
owner => root,
content => template("sec/$name.sec.erb"),
notify => Service['sec'],
require => File["/etc/sec"],
}}
@sec::cfg { ["webpage1","webpage2"] }
if $config_www_webpage1 == 1 { realize(Sec::Cfg["webpage1"])}
if $config_www_webpage2 == 1 { realize(Sec::Cfg["webpage2"])}

10. Przykłady
package { 'openssh­server': ensure => installed }
file { '/etc/ssh/sshd_config':
source => 'puppet:///modules/sshd/sshd_config',
owner => 'root',
group => 'root',
mode => '640',
notify => Service['sshd'], # sshd will restart whenever you edit this file.
require => Package['openssh­server'],
}
service { 'sshd':
ensure => running,
enable => true,
hasstatus => true,
hasrestart => true,
}

11. Przykłady
package { "rubygems": ensure => present }
package { "xmpp4r": ensure => "0.5", provider => gem }
package { "xmpp4r­simple": ensure => "0.8.8", provider => gem }
python::pip::install{"Paste": package => 'Paste==1.7.5.1', venv => '/usr', ensure => 'present' }
python::pip::install{"PasteDeploy": package => 'PasteDeploy==1.5.0', venv => '/usr', ensure =>
'present' }
if $ensure == 'present' {
exec { "pip install $name":
command => "$venv/bin/pip­python install $package",
unless => "$venv/bin/pip­python freeze | grep ­e $grep_regex",
require => [ Package[python­pip], Package[libxml2­devel], Package[libxslt­devel],
Package[gcc], Package[python­devel] ],
}

12. Facter
facter is an independent !
cross-platform Ruby library
collect information about the hardware and
operating system
operating system names, hardware
characteristics, IP addresses, MAC addresses,
and SSH keys.

13. Facter
[lcf@p0x ~]$ facter
architecture => x86_64
facterversion => 1.6.6
hostname => p0x
id => lcf
interfaces => lo,p6p1,virbr0,virbr0_nic,wlan0
ipaddress => 192.168.10.100
is_virtual => false
kernel => Linux
kernelmajversion => 3.3
kernelrelease => 3.3.1­5.fc16.x86_64
kernelversion => 3.3.1
lsbdistcodename => Verne
lsbdistdescription => Fedora release 16 (Verne)

14. Przykłady
case $operatingsystem {
'CentOS': { include centos }
'MacOS': { include mac }
}
case $operatingsystemrelease {
/^5/: { service { "anacron": ensure => stopped, enable => false } }
}
<%= hostname %>

15. pre-LIVE
OS: CentOS 6.2
Repo: CentOS + EPEL
Minimal install + selinux disables + iptables
disables + puppet/puppet-server install
192.168.122.10 – puppetmaster
192.168.122.20 – www1
192.168.122.21 – www2

16. LIVE

17. Amazon EC2
AMI
Puppetmaster (HA?)
Amazon ELB
Amazon Auto Scaling
Efekt:
W pełni automatycznie skalowalne środowisko !

18. Plusy
Konfiguracja w jednym miescu
Łatwa kontrola wersji (svn,git,hg...)
oraz kontrola nad zmianami na produkcji
Wygodne propagowanie zmian
Powtarzalność
Błyskawicznie dokładanie gotowych
funkcjonalności

19. Minus
Wydajność (da się coś z tym zrobić)
Losowość
Działa tak dobrze, jak dobrze się w nim pisze
SSL -> klucze -> hostname (uniq ?!)
Kwiatki w składni

20. Przydatne linki
http://puppetlabs.com/
http://docs.puppetlabs.com/
http://puppetlabs.com/puppet/related-
projects/facter/
https://github.com/example42/
https://github.com/puppet-modules

21. Pytania ?
l.jagiello@gratka-technologie.pl