34,79 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
A revolution is coming to IT operations. Configuration management tools can build servers in seconds, and automate your entire network. Tools like Puppet are essential to take full advantage of the power of cloud computing, and build reliable, scalable, secure, high-performance systems.The book takes you beyond the basics to explore the full power of Puppet, showing you in detail how to tackle a variety of real-world problems and applications. At every step it shows you exactly what commands you need to type, and includes full code samples for every recipe. The book takes the reader from a basic knowledge of Puppet to a complete and expert understanding of Puppet’s latest and most advanced features, community best practices, writing great manifests, scaling and performance, and how to extend Puppet by adding your own providers and resources.The book includes real examples from production systems and techniques that are in use in some of the world’s largest Puppet installations, including a distributed Puppet architecture and a high-performance Puppetmaster solution using Apache and Passenger.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Veröffentlichungsjahr: 2011
Ähnliche
Table of Contents
Puppet 2.7 Cookbook
Puppet 2.7 Cookbook
Copyright © 2011 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: October 2011
Production Reference: 1171011
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-84951-538-2
www.packtpub.com
Cover Image by Sujay Gawand (<[email protected]>)
Credits
Author
John Arundel
Reviewers
Mark Phillips
Eric Stonfer
Acquisition Editors
Chaitanya Apte
Kartikey Pandey
Development Editor
Alina Lewis
Technical Editors
Priyanka S
Ankita Shashi
Project Coordinator
Michelle Quadros
Proofreader
Matthew Humphries
Indexer
Monica Ajmera
Graphics
Valentina Joseph D'silva
Production Coordinator
Prachali Bhiwandkar
Cover Work
Prachali Bhiwandkar
About the Author
John Arundel is a consultant engineer who helps people build better infrastructure. He uses automation and configuration management to make computer systems cheaper, faster, and more reliable. Formerly a senior enterprise systems engineer in the hosting division of US telco Verizon, he now runs his own company, Bitfield Consulting, and says he has never worked so hard in his life, or for less money.
Over the years John has worked with clients in the advertising and media industry, software, finance, retail, logistics, and even the emergency services, advising on architecture, automation, security, backups, resilience, performance, capacity planning, and regulatory compliance. He has been a member of the Puppet community since its earliest days, and organizes regular local sysadmin meetups and social events.
John holds a B.Sc.(Hons) in Computer Science, with a research interest in kernel resource scheduler design, and is a certified Sun Solaris administrator, LPI (Linux Professional Institute) graduate, and a member of the British Computer Society (MBCS). He is security-cleared to work on computer systems for the UK nuclear industry, which is probably nothing to worry about.
He has also worked as a software developer, both professionally and for the fun of it, contributing to several open source projects, and building a high-performance research chess engine. He blogs regularly at http://bitfieldconsulting.com on Puppet and system administration topics, is usually to be found on Twitter (@bitfield) complaining about things, and often speaks at technical user groups and conferences.
In his negligible spare time, John enjoys repairing Land Rovers, playing Go, and barbecuing. He lives in London and Cornwall.
My thanks go to Luke Kanies and the team at Puppet Labs; also to Ken Barber, Lindsay Holmwood, Gary Larizza, Stephen Nelson-Smith, R.I. Pienaar, Julian Simpson, Jordan Sissel, Cosimo Streppone, James Turnbull, and Dean Wilson, who all provided valuable contributions to the book, whether they know it or not; and for their brave self-sacrifice in the cause of proofreading, Ian Chilton, Kris Buytaert, Stefan Goethals, and Martin Brooks. A special mention goes to the regulars of channel #puppet, who often helped out when things didn't work the way they were supposed to, which was virtually all the time.
About the Reviewers
Mark Philips has had a varied career spanning Motor Manufacturer, Internet, Telco, and Finance industries over the last 17 years. Engineering for UNIX estates from a handful of hosts through to many thousands, Mark has strived to automate anything and everything that had to be carried out more than once. Discovering Puppet in early 2007 was a boon to achieving his idea of systems nirvana—simple centralized and automated configuration management.
Mark runs an IT consultancy company, VNTX Limited, specializing in UNIX installation, integration, automation, and performance tuning.
When he's not in front of a computer, Mark can be found out riding one of his bicycles—training for a race, or boring his ever patient wife talking about cycling.
Eric Stonfer is a 10 year veteran of systems administration, with an emphasis on automation and configuration systems, and has been using Puppet to manage thousands of servers for over 3 years. In his spare time Eric is an avid home brewer.
www.PacktPub.com
Support files, eBooks, discount offers and more
You might want to visit www.PacktPub.com for support files and downloads related to your book.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at <[email protected]> for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
http://PacktLib.PacktPub.com
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books.
Why Subscribe?
Free Access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view nine entirely free books. Simply use your login credentials for immediate access.
Preface
A revolution is coming to IT operations. Configuration management tools can build servers in seconds and automate your entire network. Tools like Puppet are essential to take full advantage of the power of cloud computing, and build reliable, scalable, secure, and high-performance systems.
This book takes you beyond the basics and explores the full power of Puppet, showing you in detail how to tackle a variety of real-world problems and applications. At every step, it shows you exactly what commands you need to type and includes complete code samples for every recipe.
It takes the reader from rudimentary knowledge of Puppet to a more complete and expert understanding of Puppet's latest and most advanced features, community best practices, writing great manifests, scaling and performance, and how to extend Puppet by adding your own providers and resources.
This book also includes real examples from production systems and techniques that are in use in some of the world's largest Puppet installations, including a distributed Puppet architecture and a high-performance Puppetmaster solution using Apache and Passenger.
Explore the power of Puppet with this practical guide to the world's most popular configuration management system.
What this book covers
Chapter 1, Puppet Infrastructure introduces some key techniques for managing your Puppet server and manifests, including version control, automated deployment, file serving, pre-signing and autosigning certificates, scaling with Passenger, and a distributed decentralized Puppet architecture using Git.
Chapter 2, Monitoring, Reporting, and Troubleshooting covers ways that Puppet can report information about what it's doing, and the status of your systems. This includes graphical and e-mail reports, log and debug messages, dependency graphing, testing and dry-running your manifests, using tags, run stages, and environments, and a guide to some of Puppet's more common error messages.
Chapter 3, Puppet Language and Style will show you examples of good programming style in Puppet and language constructs that can help you keep your code concise and readable, including conditionals, selectors, case statements, arrays, and regular expressions.
Chapter 4, Writing Better Manifests takes you through structuring your Puppet manifests using node and class inheritance, resource dependencies, and parameterized classes. You'll also see how to get data in and out of Puppet from the environment using CSV files and shell scripts.
Chapter 5, Working with Files and Packages covers powerful techniques for managing config files, including ERB templates, generating files from snippets, and using the Augeas tool. You'll also see how to use Puppet to install packages from APT repositories, and how to set up your own APT and Gem repositories.
Chapter 6, Users and Virtual Resources explains how virtual resources can help you manage different combinations of users and packages on different machines, and shows you how to use Puppet's resource scheduling and auditing features.
Chapter 7, Applications focuses on some specific applications that you may need to manage with Puppet, including complete recipes for Apache and Nginx, MySQL, Drupal, and Rails.
Chapter 8, Servers and Cloud Infrastructure extends the power of Puppet to managing virtual machines, both in the cloud and on your desktop, with recipes for Vagrant and EC2 instances. It also shows you how to set up a Nagios monitoring server, load balancing with HAProxy, firewalls with iptables, network filesystems with NFS, and high-availability services with Heartbeat.
Chapter 9, External Tools and the Puppet Ecosystem looks at the tools that have grown up around Puppet and help you integrate it with the rest of your network, including Puppet Dashboard, Foreman, and MCollective. It also introduces you to some advanced topics including writing your own resource types, providers, and external node classifiers.
What you need for this book
To run the examples in this book, you will need a computer with Ubuntu Linux 10.04 and Puppet installed, and an Internet connection. Though not strictly necessary, I also recommend an espresso machine or some other form of caffeinated beverage dispenser.
Who this book is for
The book assumes that the reader already has a working Puppet installation and perhaps has written some basic manifests or adapted some published modules. It also requires some experience of Linux systems administration, including familiarity with the command line, file system, and text editing. No programming experience is required.
Conventions
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text are shown as follows: " You'll need a Puppetmaster and a set of existing manifests in /etc/puppet."
A block of code is set as follows:
Any command-line input or output is written as follows:
Newterms and importantwords are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "clicking the Next button moves you to the next screen".
Note
Warnings or important notes appear in a box like this.
Tip
Tips and tricks appear like this.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a book that you need and would like to see us publish, please send us a note in the SUGGEST A TITLE form on www.packtpub.com or e-mail <[email protected]>.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/support, selecting your book, clicking on the erratasubmissionform link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
Questions
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.
Chapter 1. Puppet Infrastructure
"Computers in the future may have as few as 1,000 vacuum tubes and weigh only 1.5 tons."— Popular Mechanics, 1949
In this chapter, we will cover:
Some of the recipes in this book represent best practices as agreed upon by the Puppet community. Others are tips and tricks that will make it easier for you to work with Puppet, or introduce you to features that you may not have been previously aware of. Some recipes are short cuts which I wouldn't recommend you use as standard operating procedure, but may be useful in emergencies. Finally, there are some experimental recipes that you may like to try, but are only useful or applicable in very large infrastructures or otherwise unusual circumstances.
I hope that, by reading through and thinking about the recipes presented here, you will gain a deeper and broader understanding of how Puppet works and how you can use it to help you build better infrastructures. Only you can decide whether a particular recipe is appropriate for you and your organization, but I hope this collection will inspire you to experiment, find out more, and most of all—have fun using Puppet!
Tip
You'll see that throughout the examples in this book, most of the commands are run as the root user. If you prefer to administer systems with a normal user account and sudo, please do it this way instead.
Because Linux distributions such as Ubuntu, Red Hat, and CentOS differ in the specific details of package names, configuration file paths, and many other things, I have decided that for reasons of space and clarity the best approach for this book is to pick one distribution (Ubuntu 10.04 Lucid) and stick with it. However, Puppet runs on almost every operating system there is, so you should have very little trouble adapting the recipes to your own favored OS and distribution.
At the time of writing this book, Puppet 2.7 was the latest stable version available, and consequently I have chosen that as the reference version of Puppet used. However, the syntax of Puppet commands changes every so often; so be aware that while older versions of Puppet are still perfectly usable, they may not support all of the features and syntax described in this book.
Using version control
"Unix was not designed to stop you from doing stupid things, because that would also stop you from doing clever things." —Doug Gwyn
Ever deleted something and wished you hadn't? The most important tip in this book is to put your Puppet manifests in a versioncontrolsystem such as Git or Subversion. Editing the manifests directly on the Puppetmaster is a bad idea, because your changes could get applied before you're ready. Puppet automatically detects any changes to manifest files, so you might find half-finished manifests being applied to your clients. This could have nasty results!
Instead, use version control (I recommend Git) and make the /etc/puppet directory on the Puppetmaster a checkout from your repository. This gives you several advantages:
Getting ready
You'll need a Puppetmaster and a set of existing manifests in /etc/puppet. If you don't have these already, refer to the Puppet documentation to find out how to install Puppet and create your first manifests.
To put your manifests under version control, you need to import the /etc/puppet directory from the Puppetmaster into your version control system, and make it a working copy. In this example, we'll use a GitHub account to store the Puppet configuration.
You'll need a GitHub account (it's free to sign up) and a repository. Follow the instructions at www.github.com to create one.
Tip
You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.
How to do it...
Branch master setup to track remote branch masters from the origin.
How it works...
You've created a "master" repository (usually known as a repo for short) at GitHub which contains your Puppet manifests. You can check out multiple copies of this in different places and work on them before committing your changes. For example, if you had a team of system admins, each of them could work on their own local copy of the repo.
The copy in /etc/puppet on the Puppetmaster is now just another working copy, slaved to the GitHub repo. When you decide that you want to tell Puppet about your changes, you can update this copy and it will pull the latest changes from GitHub.
There's more...
Now that you've set up version control, you can use the following workflow for editing your Puppet manifests:
See also
Using commit hooks
It would be nice if we knew there was a syntax error in the manifest before we even committed it. You can have Puppet check the manifest using the puppet parser validate command:
This is especially useful because a mistake anywhere in the manifest will stop Puppet from running on any node, even on nodes that don't use that particular part of the manifest. So checking in a bad manifest can cause Puppet to stop applying updates to production for some time, until the problem is discovered, and this could potentially have serious consequences.
The best way to avoid this is to automate the syntax check by using a pre-commit hook in your version control repo.
How to do it…
If you are using Git for version control, you can add a script, .git/hooks/pre-commit that syntax checks all files about to be committed. This example is taken from the Puppet Labs wiki:
How it works…
The commit hook script will prevent you from committing any files with syntax errors:
There's more…
You can find this script, and more details about it, on the Puppet Labs wiki: http://projects.puppetlabs.com/projects/1/wiki/Puppet_Version_Control
You can use a similar update hook to prevent broken manifests from being pushed to the Puppetmaster: see the wiki page for details.
See also
Configuring Puppet's file server
Deploying configuration files is one of the most common uses of Puppet. Most non-trivial services need some kind of configuration file, and you can have Puppet push it to the client using a file resource as shown in the following code:
The source parameter works like this: the first part after puppet:/// is assumed to be the name of a mountpoint, and the remainder is treated as a path to the file as shown.
Usually the value of <mount point> is modules, as in the preceding example. In this case, Puppet will look for the file in:
