Puppet
-
Upload
seenaah-seenaahzadeh -
Category
Documents
-
view
521 -
download
3
Transcript of Puppet
![Page 1: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/1.jpg)
![Page 2: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/2.jpg)
Client – Server Model
Configuration managementUnix-like and WindowsDiscover by Facter and send to agent…
![Page 3: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/3.jpg)
Procedural vs. DeclarativeHow vs. WhatShell vs. Puppet
package { "vim": ensure => present,}
![Page 4: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/4.jpg)
Nodes Manifest and Modules
node /^www\d+\.example\.com/ {include sudo
}
node jira-dev.researchnow.com/ {include sudo
}…
![Page 5: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/5.jpg)
--noop
$ puppet agent –test --noop
![Page 6: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/6.jpg)
It’s own DSL…if/else, etc.
package { "ssh":name => $operatingsystem ?/(Red Hat|CentOS|Fedora|Ubuntu|Debian)/ =>
"openssh-server",Solaris => "openssh",},ensure => installed,
}
My recommendation: RTFB …. Read The Fowler Book on DSL
![Page 7: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/7.jpg)
Audit
file { '/etc/hosts':audit => [ owner, group, mode ],
}
audit change: previously recorded value owner root has been changed to owner daemon
![Page 8: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/8.jpg)
Environments, Dev/QA…or Per contributor
$ puppet agent –test –v –-environemnt testing
![Page 9: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/9.jpg)
Scaling• Default puppet master is using webrick• You can host it on apache
![Page 10: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/10.jpg)
Externalizing Puppet Configuration• ENC – External Node Classification• LDAP server classification• Database• Ruby script or Perl• Dashboard• Foreman
![Page 11: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/11.jpg)
Foreman
![Page 12: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/12.jpg)
TDD - rspecrequire 'spec_helper'
describe 'logrotate::rule' do let(:title) { 'nginx' }
it { should include_class('logrotate::rule') }
it do should contain_file('/etc/logrotate.d/nginx').with({ 'ensure' => 'present', 'owner' => 'root', 'group' => 'root', 'mode' => '0444', }) end
context 'with compress => true' do let(:params) { {:compress => true} }
it do should contain_file('/etc/logrotate.d/nginx') \ .with_content(/^\s*compress$/) end end
context 'with compress => false' do let(:params) { {:compress => false} }
it do should contain_file('/etc/logrotate.d/nginx') \ .with_content(/^\s*nocompress$/) end end
context 'with compress => foo' do let(:params) { {:compress => 'foo'} }
it do expect { contain_file('/etc/logrotate.d/nginx') }.to raise_error(Puppet::Error, /compress must be true or false/) end endend
![Page 13: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/13.jpg)
TDD - cucumberFeature: General catalog policy In order to ensure applicability of a host's catalog As a manifest developer I want all catalogs to obey some general rules
Scenario Outline: Compile and verify catalog Given a node specified by "features/yaml/<hostname>.example.com.yaml" When I compile its catalog Then compilation should succeed And all resource dependencies should resolve
Examples: | hostname | | localhost |
![Page 14: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/14.jpg)
Tips• # install latest puppet• wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb • sudo dpkg -i puppetlabs-release-precise.deb • sudo apt-get update sudo apt-get install puppetmaster
• # chaining• # ntp.conf is applied first, and will notify the ntpd service • # if it changes:• File['/etc/ntp.conf'] ~> Service['ntpd']
• # Certification tips• puppet cert clean liferay-dev.local• rm -f /var/lib/puppet/ssl/certs/liferay-dev.local.pem• find /var/lib/puppet -type f -print0 |xargs -0r rm
• # Debug• puppet master --no-daemonize --debug --verbose –trace• puppet config print manifest • puppet config print all • puppet config print modulepath
![Page 15: Puppet](https://reader035.fdocuments.in/reader035/viewer/2022070315/554f3d57b4c905cd048b51f8/html5/thumbnails/15.jpg)
What do we have so far?
https://github.com/rsn-innovation/puppets