The Codex of Business Writing Software for Real-World Solutions 2.pptx
Puppet HackDay/BarCamp New Delhi Exercises
1. First Moves
with Puppet
New Delhi Puppet HackDay/
BarCamp March 13, 2010
Presented by
Slideshare Operations Engineering/Julie Tsai
2. Today
Quick Primer
Useful Commands
Puppeting Sudoers I — Permissions
Puppeting Sudoers II — OS Conditions
Puppeting Sudoers III — Inheriting Class
Facter
References
2
3. Quick Primer: How It Flows
Ref. http://www.linuxforu.com/wp-content/uploads/2009/06/puppet_diagram.png 3
4. Quick Primer: Learning the Lingo
Resource – instance of native type, plugin, or
definition, i.e. user, exec, file
Capitalized resource: invoked by other resources of previously
defined resource, i.e. file foo.txt laver invoked as File[“foo.txt”]
Class - resource(s) description with title, file, attributes
Definition – abstract description of class, can be
invoked multiple times
Node – host instance (physical or virtual)
Collection – groups of resources
Recipe – sample puppet code (manifests/*.pp)
4
5. Quick Primer: Data Parameters
Variables – substitution values
Arrays – grouped list of values
Attributes – statement(s) describing
resources
Literals – string values that needn’t be
interpolated
5
6. Quick Primer: Variable Scoping
Overridable variable defaults defined only in
outer scope of resource instances
Declarative language: Within the same-level
scope, variables can only be defined once
Qualified variables are a method of passing
parameters from a class
class mothership {
$server = “juno”
}
class satellite {
$ms = $mothership::server
}
6
7. Quick Primer: Where Things Are
Note: below assumes default install in /etc
/etc/puppet/fileserver.conf (used by puppermasterd)
path /var/lib/puppet/files
allow 10.100.0.0/24
/etc/puppet/puppet.conf (used by clients’ puppetd)
vardir = /var/lib/puppet
logdir = /var/log/puppet
classfile = $vardir/classes.txt
/etc/puppet/manifests/[../..]/*.pp (architecture varies)
7
8. Quick Primer: A Client Directory Tree
puppetclient01:/var/lib/puppet
|-> classes.txt – node’s class membership
|-> cientbucket – hashed config artifacts
|-> lib
|-> localconfig.yaml
|-> ssl – authentication certs
|-> state – checksums, entropy-tracking
8
13. Puppeting Sudoers III — Inheriting Class
/etc/puppet/manifests/sudoers3.pp
class unix {
file { "/etc/sudoers":
owner => root,
group => root,
}
service {
"sshd":
ensure => running,
}
}
class centos_mycompany inherits unix {
File["/etc/sudoers"] { mode => 440 }
}
13
14. Puppeting Sudoers III — Inheriting Class (cont.)
/etc/puppet/manifests/sudoers3.pp
node default {
include unix
}
node bastionhost {
include centos_mycompany
}
And run:
[puppet@puppet manifests]# puppet –d –noop sudoers3.pp
[puppet@puppet manifests]# cat /var/lib/puppet/classes.txt
14
15. Puppeting Sudoers III — Inheriting Class (cont. 2)
Use Facter to defind nodename:
[puppet@puppet manifests]# facter | egrep -i 'fqdn|hostname’
/etc/puppet/manifests/sudoers3.pp
node'puppet.us-west-1.compute.internal' {
include centos_mycompany
}
15
16. Facts about Facter
Facter is a Puppet utility that
discovers relevant “facts” that
puppet can use to dynamically
populate puppet manifest variables
Executing command-line Facter
can show you the reserved
variables like FQDN, hostname,
kernel, architecture, sshdsakey, etc.
16
17. References
Reductive Labs Puppet Guides
http://docs.reductivelabs.com/guides/
Glossary of Terms
http://reductivelabs.com/trac/puppet/wiki/
GlossaryOfTerms
Resource Attributes
http://reductivelabs.com/trac/puppet/wiki/
TypeReference#metaparameters
Nice vimrc for Puppet
http://www.davidpashley.com/blog/systems-
administration/puppet/vim-highlighting.html
Classic LISA ‘98 paper on best-practice infrastructures
http://www.infrastructures.org/papers/bootstrap/
bootstrap.html 17