Puppet
15
-
Upload
seenaah-seenaahzadeh -
Category
Documents
-
view
521 -
download
3
Transcript of Puppet
Client – Server Model
Configuration managementUnix-like and WindowsDiscover by Facter and send to agent…
Procedural vs. DeclarativeHow vs. WhatShell vs. Puppet
package { "vim": ensure => present,}
Nodes Manifest and Modules
node /^www\d+\.example\.com/ {include sudo
}
node jira-dev.researchnow.com/ {include sudo
}…
--noop
$ puppet agent –test --noop
It’s own DSL…if/else, etc.
package { "ssh":name => $operatingsystem ?/(Red Hat|CentOS|Fedora|Ubuntu|Debian)/ =>
"openssh-server",Solaris => "openssh",},ensure => installed,
}
My recommendation: RTFB …. Read The Fowler Book on DSL
Audit
file { '/etc/hosts':audit => [ owner, group, mode ],
}
audit change: previously recorded value owner root has been changed to owner daemon
Environments, Dev/QA…or Per contributor
$ puppet agent –test –v –-environemnt testing
Scaling• Default puppet master is using webrick• You can host it on apache
Externalizing Puppet Configuration• ENC – External Node Classification• LDAP server classification• Database• Ruby script or Perl• Dashboard• Foreman
Foreman
TDD - rspecrequire 'spec_helper'
describe 'logrotate::rule' do let(:title) { 'nginx' }
it { should include_class('logrotate::rule') }
it do should contain_file('/etc/logrotate.d/nginx').with({ 'ensure' => 'present', 'owner' => 'root', 'group' => 'root', 'mode' => '0444', }) end
context 'with compress => true' do let(:params) { {:compress => true} }
it do should contain_file('/etc/logrotate.d/nginx') \ .with_content(/^\s*compress$/) end end
context 'with compress => false' do let(:params) { {:compress => false} }
it do should contain_file('/etc/logrotate.d/nginx') \ .with_content(/^\s*nocompress$/) end end
context 'with compress => foo' do let(:params) { {:compress => 'foo'} }
it do expect { contain_file('/etc/logrotate.d/nginx') }.to raise_error(Puppet::Error, /compress must be true or false/) end endend
TDD - cucumberFeature: General catalog policy In order to ensure applicability of a host's catalog As a manifest developer I want all catalogs to obey some general rules
Scenario Outline: Compile and verify catalog Given a node specified by "features/yaml/<hostname>.example.com.yaml" When I compile its catalog Then compilation should succeed And all resource dependencies should resolve
Examples: | hostname | | localhost |
Tips• # install latest puppet• wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb • sudo dpkg -i puppetlabs-release-precise.deb • sudo apt-get update sudo apt-get install puppetmaster
• # chaining• # ntp.conf is applied first, and will notify the ntpd service • # if it changes:• File['/etc/ntp.conf'] ~> Service['ntpd']
• # Certification tips• puppet cert clean liferay-dev.local• rm -f /var/lib/puppet/ssl/certs/liferay-dev.local.pem• find /var/lib/puppet -type f -print0 |xargs -0r rm
• # Debug• puppet master --no-daemonize --debug --verbose –trace• puppet config print manifest • puppet config print all • puppet config print modulepath
What do we have so far?
https://github.com/rsn-innovation/puppets
