2. Sysadmin en la onda DevOps
Drupal developer
10 años sysadmin
3 años con Puppet
8 años con Drupal
http://atlantic-canary.net
http://github.com/jonhattan
@_jonhattan_
Jonathan Araña Cruz (aka jonhattan)
4. What?
● Configuration management
● Written in Ruby
● Free software (Apache 2.0)
● Current version 3.6 - towards 4.0
● PuppetLabs, since 2005
● Other products
○ Puppet Enterprise
○ MCollective
5. Puppet CLI tool
root@chamber:~# puppet help
Usage: puppet <subcommand> [options] <action> [options]
…
root@chamber:~# puppet help <subcommand>
root@chamber:~# puppet man <subcommand>
=> man puppet-<subcommand>
6. Index
● Resource Abstraction Layer
● Puppet Language
● Modules
● Stored configuration
● Puppet Master
● Reporting
7. RAL: Resource types (I)
● Resource types: high-level models
○ Some types: package, service, file, user, cron,...
○ Providers: implementers on different systems
○ Providers for package: apt, yum, pip, gem, pear,...
● Available resource types
○ Puppet built-in reference: http://docs.puppetlabs.
com/references/latest/type.html
○ Cheatsheet: http://docs.puppetlabs.com/puppet_core_types_cheatsheet.pdf
○ Provided by 3rd party modules
9. root@chamber:~# puppet describe -s user
Manage users. This type is mostly built to manage system
users, so it is lacking some features useful for managing normal
users.
Parameters
----------
ensure, expiry, gid, groups, home, keys, managehome, membership, name,
password, password_max_age, password_min_age, salt, shell,system, uid
Providers
---------
aix, directoryservice, hpuxuseradd, ldap, pw, user_role_add, useradd,
windows_adsi
RAL: Resource types (III)
10. RAL: Resources (I)
● Resource: instance of a resource type
○ Example: root user, ntp service, vim package,...
○ System discovery
○ Interactive management via CLI
○ Abstraction layer!
12. RAL: Resources (III)
root@chamber:~# puppet resource user root shell=/bin/dash
Notice: /User[root]/shell: shell changed '/bin/bash' to '/bin/dash'
user { 'root':
ensure => 'present',
shell => '/bin/dash',
}
root@chamber:~# puppet resource user root --edit
13. Index
● Resource Abstraction Layer
● => Puppet Language
● Modules
● Stored configuration
● Puppet Master
● Reporting
14. Puppet Language (I)
● Declarative, Domain Specific Language (DSL)
● Purpose of the language:
○ Describe desired state of the system by declaring
resources
○ Every other part of the language exists to add flexibility
and convenience to the way resources are declared
● Programs are called manifests
● A manifest is compiled into a catalog
15. Example manifest: Hello world
root@chamber:~# echo "notify {'hello world': }" > hello-world.pp
root@chamber:~# puppet apply hello-world.pp
Notice: Compiled catalog for chamber.faita.net in environment production in 0.02
seconds
Notice: hello world
Notice: /Stage[main]/Main/Notify[hello world]/message: defined 'message' as 'hello
world'
Notice: Finished catalog run in 3.15 seconds
17. Puppet Language (II)
● Some language constructs
○ Nodes
○ Classes
○ Defines
○ Variables, Conditionals
○ Dependency relationships
○ Anchors, tags, collectors, run-stages,...
18. Nodes
● Block of code included in one node’s catalog
● ENC
● Ref: http://docs.puppetlabs.com/puppet/latest/reference/lang_node_definitions.html
# site.pp
node 'foo.example.com' {
...
}
node '/^(bar|baz).example.net$/' {
...
}
19. Classes (I)
● Block of code to group resources
● Parameterized
● Singleton
● Ref : http://docs.puppetlabs.com/puppet/latest/reference/lang_classes.html
20. Classes (II)
# file: ntp.pp
class ntp (
$ntpserver = ‘one.pool.ntp.org’,
) {
package { 'ntp':
…
}
service { 'ntp':
…
}
file {'/etc/ntp.conf':
…
}
}
# file: manifest.pp
import ntp.pp
# Include the class.
include ntp
# Alternatively this way you can override params
class {‘ntp’:
ntpserver => ‘other.pool.ntp.org’
}
# puppet apply manifest.pp
21. Defines (I)
● Blocks of code that can be evaluated multiple
times with different parameters
● Once defined, they act like a new
(compound) resource type
22. Defines (II)
define apache::vhost ($port, $docroot, $servername = $title, $vhost_name = '*') {
include apache # contains Package['httpd'] and Service['httpd']
include apache::params # contains common config settings
$vhost_dir = $apache::params::vhost_dir
file { "${vhost_dir}/${servername}.conf":
content => template('apache/vhost-default.conf.erb'),
owner => 'www',
group => 'www',
mode => '644',
require => Package['httpd'],
notify => Service['httpd'],
}
}
23. Puppet Language (III)
● Other related components
○ Functions
○ Facter
○ Hiera
● Language reference: http://docs.puppetlabs.
com/puppet/latest/reference/index.html
24. Functions
● Implemented in ruby
● Enrich puppet language with handy features
● Examples:
○ include
○ template()
● Built-in functions: http://docs.puppetlabs.com/references/latest/function.
html
● Puppet stdlib:https://github.com/puppetlabs/puppetlabs-stdlib
● Custom: http://docs.puppetlabs.com/guides/custom_functions.html
26. Hiera (I)
● Key/value lookup tool for configuration data
● Hierarchical
● Avoid repetition
○ Write common data for most nodes
○ Override some values for nodes with a specific role
○ Override some of those values for one or two unique
nodes
● Ref: http://docs.puppetlabs.com/hiera/1/
32. Index
● Resource Abstraction Layer
● Puppet Language
● Modules
● => Stored configuration
● Puppet Master
● Reporting
33. Stored configuration
● Centralized store of puppet-produced data
○ Nodes, resources, relationships, facts
○ Catalog run log
● Exported resources
● Inventory service: http://docs.puppetlabs.com/guides/inventory_service.
html
● Active Record (sql backends)
● PuppetDB: http://docs.puppetlabs.com/puppetdb/2.0/index.html
34. Index
● Resource Abstraction Layer
● Puppet Language
● Modules
● Stored configuration
● => Puppet Master
● Reporting
35. Puppet Master
● Pull-based agent/master mode
● REST API
● Master stores manifests
● Agent requests its catalog to the master
● Ref: http://docs.puppetlabs.com/learning/agent_master_basic.html
37. Index
● Resource Abstraction Layer
● Puppet Language
● Modules
● Nodes, ENC
● Store configs, PuppetDB
● Puppet Master
● => Reporting
38. Reporting (I)
● Agent send reports at the end of every run
○ Logs
○ Metrics: time, resources, changes
● Report handlers: http, log, tagmail
● Ref: http://docs.puppetlabs.com/references/latest/report.html
● Puppet Dashboard: web interface
○ web interface: node classification and reporting
feature
○ Ref: https://github.com/sodabrew/puppet-dashboard