Puppet 5 Cookbook E-Book

Puppet 5 Cookbook  Fourth Edition

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author , nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin BorichaAcquisition Editor: Namrata PatilContent Development Editor: Deepti ThoreTechnical Editors: Cymon Pereira, Varsha ShivhareCopy Editor:Safis EditingProject Coordinator: Kinjal BariProofreader: Safis EditingIndexer: Tejal Daruwale SoniGraphics: Jisha ChirayilProduction Coordinator: Shantanu Zagade

First published: October 2011

Second edition: August 2013

Third edition: February 2015

Fourth edition: June 2018

Production reference: 1250618

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78862-244-8

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributors

About the author

Thomas Uphill is a Puppet engineer in a large corporate environment. He's been using Puppet for several years now, starting as a system administrator. He's written several books on Puppet as well as given talks at LISA and Puppetconf. He lives and works in Seattle. When not at a computer, he enjoys mountain biking, hiking, and camping.

About the reviewer

Subhash Vasarapu is a DevOps and CloudOps engineer, as well as an ethical hacker, who works for mindtree. He loves automating things, pushing production code, testing network penetration tools, working with containerized microservice solutions. He is familiar with the design, build, and deployment of scalable solutions that use sophisticated and complex implementation. He is also a gym rat, coach, swimmer, boxer, anime watcher, pet lover, nutritionist, traveler, and the kitchen is his laboratory. You can contact him on linkedin— Subhash Vasarapu

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Puppet 5 Cookbook  Fourth Edition

Packt Upsell

Why subscribe?

PacktPub.com

Contributors

About the author

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Sections

Getting ready

How to do it...

How it works...

There's more...

See also

Get in touch

Reviews

Puppet Language and Style

Introduction

Adding a resource to a node

How to do it...

How it works...

See also...

Using facter to describe a node

How to do it...

How it works...

There's more...

Variables

Scope

Using puppet facts

How to do it...

Installing a package before starting a service

How to do it...

How it works...

Learning metaparameters and ordering

Trifecta

Idempotency

Installing, configuring, and starting a service

How to do it...

How it works...

Using community Puppet style

How to do it...

Indentation

Quoting

false

Variables

Parameters

Symlinks

Installing Puppet

How to do it...

Creating a manifest

How to do it...

There's more...

Checking your manifests with puppet-lint

Getting ready

How to do it...

There's more...

See also

Making modules

How to do it...

How it works...

There's more...

Templates

Facts, functions, types, and providers

Third-party modules

Module organization

See also

Using standard naming conventions

How to do it...

There's more...

Using inline templates

How to do it...

How it works...

There's more...

See also

Iterating over multiple items

How to do it...

How it works...

There's more...

Using hashes

Creating arrays with the split function

Writing powerful conditional statements

How to do it...

How it works...

There's more...

elsif branches

Comparisons

Combining expressions

See also

Using regular expressions in if statements

How to do it...

How it works...

There's more...

Capturing patterns

Regular expression syntax

See also

Using selectors and case statements

How to do it...

How it works...

Selector

Case statement

There's more...

Regular expressions

Defaults

Using the in operator

How to do it...

There's more...

Using regular expression substitutions

How to do it...

How it works...

There's more...

See also

Puppet 5 changes

Using the call function

Puppet 4/5 changes

Appending to and concatenating arrays

Merging hashes

Using the sensitive type

Lambda functions

reduce

filter

map

slice

each

Functions in Puppet language

Puppet Infrastructure

Introduction

Managing your manifests with Git

Getting ready

How to do it...

How it works...

There's more...

Creating a decentralized Puppet architecture

Getting ready

How to do it...

How it works...

Writing a papply script

How to do it...

How it works...

Running Puppet from cron

Getting ready

How to do it...

How it works...

There's more...

Bootstrapping Puppet with bash

Getting ready

How to do it...

How it works...

There's more...

Creating a centralized Puppet infrastructure

Getting ready

How to do it...

How it works...

There's more...

Creating certificates with multiple DNS names

Getting ready

How to do it...

How it works...

Setting up the environment

Getting ready

How to do it...

There's more...

Configuring PuppetDB

Getting ready

How to do it...

How it works...

There's more...

Configuring Hiera

How to do it...

How it works...

There's more...

Environment-specific Hiera

Getting ready

How to do it...

How it works...

Setting node-specific data with Hiera

Getting ready

How to do it...

How it works...

Writing a custom Hiera5 function

Getting ready

How to do it...

How it works...

There's more...

Storing secret data with hiera-eyaml

Getting ready

How to do it...

How it works...

There's more...

Automatic syntax-checking with Git hooks

How to do it...

How it works...

Pushing code around with Git

Getting ready

How to do it...

How it works...

Managing environments with Git

Getting ready

How to do it...

How it works...

There's more...

Writing Better Manifests

Introduction

Using arrays of resources

How to do it...

How it works...

There's more...

See also

Using resource defaults

How to do it...

How it works...

There's more...

Using defined types

How to do it...

How it works...

There's more...

See also

Using tags

How to do it...

There's more...

Using run stages

How to do it...

How it works...

There's more...

See also

Using roles and profiles

How to do it...

How it works...

There's more...

Using data types in Puppet

How to do it...

There's more...

Passing parameters to classes

How to do it...

How it works...

There's more...

Specifying default values

Passing parameters from Hiera

Getting ready

How to do it...

How it works...

There's more...

Writing reusable, cross-platform manifests

How to do it...

How it works...

There's more...

See also

Getting information about the environment

How to do it...

How it works...

There's more...

See also

Importing dynamic information

Getting ready

How to do it...

How it works...

There's more...

See also

Passing arguments to shell commands

How to do it...

How it works...

Working with Files and Packages

Introduction

Making quick edits to config files

Getting ready

How to do it...

How it works...

There's more...

Editing INI-style files with puppetlabs-inifile

Getting ready

How to do it...

How it works...

There's more...

Using Augeas to reliably edit config files

How to do it...

How it works...

There's more...

Building config files using snippets

Getting ready

How to do it...

How it works...

Using ERB templates

How to do it...

How it works...

There's more...

See also

Using array iterations in templates

How to do it...

How it works...

There's more...

See also

Using EPP templates

How to do it...

How it works...

There's more...

Using GnuPG to encrypt secrets

Getting ready

How to do it...

How it works...

There's more...

See also

Comparing package versions

How to do it...

How it works...

Users and Virtual Resources

Introduction

Using virtual resources

How to do it...

How it works...

There's more...

Managing users with virtual resources

How to do it...

How it works...

There's more...

See also

Managing users' SSH access

How to do it...

How it works...

There's more...

Managing users' customization files

How to do it...

How it works...

There's more...

See also

Using exported resources

Getting ready

How to do it...

How it works...

There's more...

Managing Resources and Files

Introduction

Distributing cron jobs efficiently

How to do it...

How it works...

There's more...

See also

Scheduling when resources are to be applied

How to do it...

How it works...

There's more...

Using host resources

How to do it...

How it works...

There's more...

Using exported host resources

Getting ready

How to do it...

How it works...

There's more...

Using multiple file sources

How to do it...

How it works...

There's more...

See also

Distributing and merging directory trees

How to do it...

How it works...

There's more...

Cleaning up old files

How to do it...

How it works...

There's more...

Auditing resources

How to do it...

How it works...

There's more...

See also

Temporarily disabling resources

How to do it...

How it works...

Managing Applications

Introduction

Using public modules

How to do it...

How it works...

There's more...

Managing Apache servers

How to do it...

How it works...

Creating Apache virtual hosts

How to do it...

How it works...

There's more...

Creating NGINX virtual hosts

How to do it...

How it works...

There's more...

Managing MariaDB

How to do it...

How it works...

There's more...

Creating databases and users

How to do it...

How it works...

There's more...

Servers and Cloud Infrastructure

Introduction

Managing firewalls with iptables

Getting ready

How to do it...

How it works...

There's more...

Building high-availability services using Keepalived

Getting ready

How to do it...

How it works...

There's more...

Managing NFS servers and file shares

How to do it...

How it works...

Using HAProxy to load balance multiple web servers

How to do it...

How it works...

There's more...

Managing EC2 instances

Getting ready

How to do it...

How it works...

There's more...

Managing virtual machines with Vagrant

Getting ready

How to do it...

How it works...

There's more...

Managing Docker with Puppet

Getting ready

How to do it...

How it works...

There's more...

External Tools and the Puppet Ecosystem

Introduction

Creating custom facts

How to do it...

How it works...

There's more...

Adding external facts

Getting ready

How to do it...

How it works...

There's more...

Debugging external facts

Using external facts in Puppet

Setting facts as environment variables

How to do it...

Generating manifests with the Puppet resource command

How to do it...

There's more...

Generating manifests with other tools

Getting ready

How to do it...

There's more...

Using PDK

Getting ready

How to do it...

How it works...

There's more...

Using an external node classifier

Getting ready

How to do it...

How it works...

There's more...

See also

Creating your own resource types

How to do it...

How it works...

There's more...

Documentation

Validation

Creating your own providers

How to do it...

How it works...

There's more...

Creating custom functions

How to do it...

How it works...

There's more...

Testing your puppet manifests with rspec-puppet

Getting ready

How to do it...

How it works...

There's more...

Monitoring, Reporting, and Troubleshooting

Introduction

Noop—the don't-change-anything option

How to do it...

How it works...

There's more...

See also

Logging the command output

How to do it...

How it works...

There's more...

Logging debug messages

How to do it...

How it works...

There's more...

Resource ordering

Generating reports

How to do it...

How it works...

There's more...

Other report types

See also

Producing automatic HTML documentation

Getting ready...

How to do it...

How it works...

There's more...

Drawing dependency graphs

Getting ready

How to do it...

How it works...

When Puppet looks for the dependencies

There's more...

See also

Understanding Puppet errors

How to do it...

Could not retrieve file metadata for XXX: getaddrinfo: Name or service not known

Could not evaluate: Could not retrieve information from environment production source(s) XXX

Error: Could not set 'file' on ensure: No such file or directory XXX

Change from absent to file failed: Could not set 'file on ensure: No such file or directory

Undefined method 'closed?' for nil:NilClass

Duplicate definition: X is already defined in [file] at line Y; cannot redefine at [file] line Y

See also

Inspecting configuration settings

How to do it...

How it works...

See also

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Configuration management has gone from something that few organizations practiced to a necessity. Today, every organization I visit is using configuration management in some form or another. The range of tools available has expanded as well. A few years ago, there were only two or three viable options for cross-platform configuration management. Now, there are many more options, including Salt, Chef, Ansible, and Puppet.

In the move to the cloud, it is important to be able to automate building nodes; manual tasks are no longer acceptable. Using Configuration management to automate the building of your nodes is now a requirement of the DevOps engineer.

This book takes you beyond the basics of Puppet and starts to explore the power of customizing Puppet to suit your needs. The book consists of mostly atomic recipes, which can be read independently to tackle a variety of real-world problems. The examples are structured so that you can dip in at any point and try out a recipe without having to work your way through the book from cover to cover. Code samples are included in each example. The book will take you from a rudimentary knowledge of Puppet to a more complete and expert understanding of Puppet's latest features and community best practices.

The open source version of Puppet was used throughout the book; you will not require Puppet Enterprise to complete the examples.

Puppet 5 is still changing rapidly, and I've included what I believe to be the most important parts of this release in this book. For up-to-the-minute information on the latest releases, I suggest you subscribe to the Puppet Developers mailing list at https://groups.google.com/forum/#!forum/puppet-dev, the Puppet Slack Channel at https://slack.puppet.com/, and the puppetlabs blog at https://puppet.com/blog.

Who this book is for

This book assumes a familiarity with Linux administration. The examples require some experience with command-line usage and basic text file editing. Although beneficial, previous coding experience is not required. This book is for the Puppet engineer that is looking for a book that covers a wide range of Puppet topics. This book is also for the system administrator looking for a guide to Puppet with real-world examples.

What this book covers

Chapter 1,Puppet Language and Style, introduces the Puppet language and shows how to write manifests. The Puppet linting tool, puppet-lint, is introduced, and we review best practices to write Puppet code. Metaparameters are shown with examples. We also cover changes in the Puppet language available in versions 4 and 5 of Puppet.

Chapter 2,Puppet Infrastructure, explains how to deploy Puppet in your environment. It covers the two main methods of installation, centralized and decentralized (masterless). It shows you how to use Git to centrally manage your code. It will help you configure PuppetDB and Hiera.

Chapter 3,Writing Better Manifests, deals with organizing your Puppet manifests. Manifests are used to build modules. This chapter introduces the concept of roles and profiles to abstract how modules are applied to machines. Parameterized classes are introduced. It also shows you how to efficiently define resources with arrays of resources and resource defaults.

Chapter 4,Working with Files and Packages, shows you how to manage files using snippets (fragments). It introduces the power of creating files with both Ruby (ERB) and Puppet (EPP) templates. It also helps you explore ways to secure information stored in your Puppet manifests.

Chapter 5,Users and Virtual Resources, deals with the advanced topic of virtual and exported resources. Virtual resources are a way of defining resources but not applying them by default. Exported resources are similar but are used to have resources from one machine applied to one or more other machines.

Chapter 6,Managing Resources and Files, speaks about dealing with directories and purging resources not controlled by Puppet. It shows you how to have file resources applied differently on different machines. Furthermore, methods for managing host entries in /etc/hosts are shown with exported resources examples.

Chapter 7,Managing Applications, shows you how to use Puppet to manage your deployed applications. Using public Forge modules, it helps you configure Apache, NGINX, and MariaDB.

Chapter 8,Servers and Cloud Infrastructure, introduces virtual resources and shows how to use them to configure highly available services. It also shows you how to use Puppet to manage Docker and AWS instances. Furthermore, Vagrant is used as a tool to create test environments for your Puppet code.

Chapter 9,External Tools and the Puppet Ecosystem, shows you how to extend Puppet with your own types and providers, how to make your own facts, as well as the Puppet Development Kit (PDK).

Chapter 10,Monitoring, Reporting, and Troubleshooting, shows you how to leverage Puppet to monitor your infrastructure for problems. We configure Puppet reporting and then discuss some of the common problems with Puppet code.

To get the most out of this book

You will need a computer capable of running Linux virtual machines. The examples in the book use Debian and Enterprise Linux-based distributions (RHEL and CentOS). Some of the examples will require multiple virtual machines to be run concurrently. You will need a host machine capable of running three or four virtual machines simultaneously. A minimum of 8 GB of RAM is suggested for performance reasons. To configure a test environment similar to that used in the production of the book, Vagrant should be used. Vagrant is a tool developed by Hashicorp to enable quick deployment of virtual machines via a definition file,  Vagrantfile. More information on Vagrantfile syntax is available at https://www.vagrantup.com/docs/vagrantfile/. Vagrantfile used to build the example systems in this book is provided in the files section. To effectively use the Vagrantfile provided, you will need to install the vagrant-hosts plugin. To do so, issue the following command:

[t@mylaptop ~] $ vagrant plugin install vagrant-hosts

Installing the 'vagrant-hosts' plugin. This can take a few minutes...

Fetching: vagrant-hosts-2.8.2.gem (100%)

Installed the plugin 'vagrant-hosts (2.8.2)'!

This will allow Vagrant to update the /etc/hosts file on your nodes with host entries for the other nodes in your test environment (for example, puppet.example.com and git.example.com). It is also convenient to configure ssh to connect to your test machines. After copying down Vagrantfile into a directory on your machine, cd into that directory. Check whether Vagrant is configured properly using the following command:

[t@mylaptop ~/cookbook] $ vagrant status

Current machine states:

cookbook poweroff (virtualbox)

puppet running (virtualbox)

This environment represents multiple VMs. The VMs are all listedabove with their current state. For more information about a specificVM, run `vagrant status NAME`.

Now, copy the output of the following command into the .ssh/config file in your home directory as shown here:

[t@mylaptop ~/cookbook] $ vagrant ssh-config puppet >>~/.ssh/config

This will enable you to do the following:

[t@mylaptop ~/cookbook] $ ssh puppet

Last login: Mon Jun 18 20:13:21 2018 from 10.0.2.2

puppet.example.com

Managed by puppet 5.5.2

[vagrant@puppet ~]$ hostname

puppet.example.com

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packtpub.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Puppet-5-Cookbook-Fourth-Edition. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/Puppet5CookbookFourthEdition_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Apply this manifest using puppet apply git.pp; this will install Git."

A block of code is set as follows:

package {'git': ensure => installed}

Any command-line input or output is written as follows:

t@mylaptop ~/.ssh $ ssh-copy-id -i git_rsa [email protected]

[email protected]'s password:

Number of key(s) added: 1

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Select System info from the Administration panel."

Sections

In this book, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., There's more..., and See also).

To give clear instructions on how to complete a recipe, use these sections as follows:

Getting ready

This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.

How to do it...

This section contains the steps required to follow the recipe.

How it works...

This section usually consists of a detailed explanation of what happened in the previous section.

There's more...

This section consists of additional information about the recipe in order to make you more knowledgeable about the recipe.

See also

This section provides helpful links to other useful information for the recipe.

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Puppet Language and Style

We will cover the following recipes in this chapter:

Adding a resource to a node

Using facter to describe a node

Using Puppet facts

Installing a package before starting a service

Installing, configuring, and starting a service

Using community Puppet style

Installing Puppet

Creating a manifest

Checking your manifests with Puppet-lint

Making modules

Using standard naming conventions

Using in-line templates

Iterating over multiple terms

Writing powerful conditional statements

Using regular expressions in

if

statements

Using selectors and case statements

Using the

in

operator

Using regular expression substitutions

Puppet 5 changes

Puppet 4/5 Changes

Introduction

In this chapter, we'll start with the basics of the Puppet syntax and show you how some of the syntactic sugar in Puppet is used. We'll then move on to how Puppet deals with dependencies and how to make Puppet do the work for you.

Adding a resource to a node

This recipe will introduce the language and show you the basics of writing Puppet code. Puppet code files are called manifests; manifests declare resources. A resource in Puppet may be a type, class, or node. A type is something like a file or package or anything that has a type declared in the language. The current list of standard types is available on the puppetlabs website at https://puppet.com/docs/puppet/latest/type.html. I find myself referencing this site very often. You may define your own types, either using a mechanism, similar to a subroutine, named defined types, extending the language using a custom type. Types are the heart of the language; they describe the things that make up a node (node is the word Puppet uses for client computers/devices). Puppet uses resources to describe the state of a node; for example, we will declare the following package resource for a node using a site manifest: site.pp.

How to do it...

Create a site.pp file and place the following code in it:

node default { package { 'httpd': ensure => 'installed' } }

How it works...

This manifest will ensure that any node on which this manifest is applied will install a package called httpd. The default keyword is a wildcard to Puppet; it applies anything within the node default definition to any node. When Puppet applies the manifest to a node, it uses a Resource Abstraction Layer (RAL) to translate the package type into the package management system of the target node. What this means is that we can use the same manifest to install the httpd package on any system where Puppet has a Provider for the package type. Providers are the pieces of code that do the real work of applying a manifest. When the previous code is applied to a node running on a YUM-based distribution, the YUM provider will be used to install the httpd RPM packages. When the same code is applied to a node running on an APT-based distribution, the APT provider will be used to install the httpd DEB package (which may not exist, as most Debian-based systems call this package apache2; we'll deal with this sort of naming problem later).

See also...

Puppet 3: Beginner's Guide

, John Arundel, Packt Publishing,

in addition to this section

Using facter to describe a node

Facter is a separate utility upon which Puppet depends. It is the system used by Puppet to gather information about the target system (node); facter calls the nuggets of information facts. You may run facter from the command line to obtain real-time information from the system.

How to do it...

We'll compare the output of facter with that of system utilities:

Use facter to find the current uptime of the system, the uptime fact:

t@cookbook ~$ facter uptime 0:12 hours

Compare this with the output of the Linux uptime command:

t@cookbook ~$ uptime

01:18:52 up 12 min, 1 user, load average: 0.00, 0.00, 0.00

How it works...

When facter is installed (as a dependency for Puppet), several fact definitions are installed by default. You can reference each of these facts by name from the command line.

There's more...

Running facter without any arguments causes facter to print all the facts known about the system. We will see in later chapters that facter can be extended with your own custom facts. All facts are available for you to use as variables; variables are discussed in the next section.

Variables

Variables in Puppet are marked with a $ character. Variables are immutable; once assigned a value, they cannot be changed. When using variables within a manifest, it is advisable to enclose the variable within braces, such as ${myvariable}, instead of $myvariable. All of the facts from facter can be referenced as top-scope variables (we will discuss scope in the next section). For example, the Fully Qualified Domain Name (FQDN) of the node may be referenced by ${::fqdn}. Variables can only contain alphabetic characters, numerals, and the underscore character, _. As a matter of style, variables should start with an alphabetic character. Never use dashes in variable names.

Using puppet facts

As we'll see in subsequent chapters, facter may be extended with custom facts written in Ruby. By default, custom facts are not loaded when you run facter.

How to do it...

To pull in the custom facts, you need to specify the -p option to facter, as shown here:

t@cookbook:~$ facter puppetversion

t@cookbook:~$ facter -p puppetversion

5.5.2

Although still valid, the facter -p syntax is now deprecated in favor of using the Puppet face, facts. Puppet faces are the various sub-applications supported by the Puppet command. To see the available faces, run Puppet help, as shown here:

t@cookbook:~$ puppet help

Usage: puppet <subcommand> [options] <action> [options]

Available subcommands:

agent The puppet agent daemon

apply Apply Puppet manifests locally

ca Local Puppet Certificate Authority management. (Deprecated)

catalog Compile, save, view, and convert catalogs.

cert Manage certificates and requests

certificate Provide access to the CA for certificate management.

certificate_request Manage certificate requests. (Deprecated)

certificate_revocation_list Manage the list of revoked certificates. (Deprecated)

config Interact with Puppet's settings.

describe Display help about resource types

device Manage remote network devices

doc Generate Puppet references

epp Interact directly with the EPP template parser/renderer.

facts Retrieve and store facts.

filebucket Store and retrieve files in a filebucket

generate Generates Puppet code from Ruby definitions.

help Display Puppet help.

key Create, save, and remove certificate keys. (Deprecated)

lookup Interactive Hiera lookup

man Display Puppet manual pages.

master The puppet master daemon

module Creates, installs and searches for modules on the Puppet Forge.

node View and manage node definitions.

parser Interact directly with the parser.

plugin Interact with the Puppet plugin system.

report Create, display, and submit reports.

resource The resource abstraction layer shell

status View puppet server status. (Deprecated)

One difference between facter and Puppet facts is that you may request a single fact from facter, whereas Puppet facts will return all the facts for a node at once as a JSON object (you may request other formats with the --render-as option).

Installing a package before starting a service

To show how ordering works, we'll create a manifest that installs httpd and then ensures the httpd package service is running.

How to do it...

We'll create a manifest to install and start our service:

S

tart by creating a manifest that defines 

service

:

service {'httpd': ensure => running, require => Package['httpd'],}

The

service

definition references a

package

resource named

httpd

; we now need to define that resource:

package {'httpd': ensure => 'installed',}

How it works...

In this example, the package will be installed before the service is started. Using require within the definition of the httpd service ensures that the package is installed first, regardless of the order within the manifest file.

Capitalization is important in Puppet. In our previous example, we created a package named httpd. If we wanted to refer to this package later, we would capitalize its type (package) as follows:

Package['httpd']

To refer to a class- for example, the something::somewhere class, which has already been included/defined in your manifest-you can reference it with the full path as follows:

Class['something::somewhere']

Let's say you have defined the following type:

example::thing {'one':}

The preceding line may be referenced later, as follows:

Example::Thing['one']

Knowing how to reference previously defined resources is necessary for the next section on metaparameters and ordering.

Learning metaparameters and ordering

All the manifests that will be used to define a node are compiled into a catalog. A catalog is the code that will be applied to configure a node. It is important to remember that manifests are not applied to nodes sequentially. There is no inherent order to the application of manifests. With this in mind, in the previous httpd example, what if we wanted to ensure that the httpd process started after the httpd package was installed?

We couldn't rely on the httpd service coming after the httpd package in the manifests. What we would have to do is use metaparameters to tell Puppet the order in which we want resources applied to the node. Metaparameters are parameters that can be applied to any resource and are not specific to any one resource type. They are used for catalog compilation and as hints to Puppet, but not to define anything about the resource to which they are attached.

When dealing with ordering, there are four metaparameters used:

before

require

notify

subscribe

The before and require metaparameters specify a direct ordering; notify implies before and subscribe implies require. The notify metaparameter is only applicable to services; what notify does is tell a service to restart after the notifying resource has been applied to the node (this is most often a package or file resource). In the case of files, once the file is created on the node, a notify parameter will restart any services mentioned. The subscribe metaparameter has the same effect but is defined on the service; the service will subscribe to the file.

Trifecta

The relationship between package and service previously mentioned is an important and powerful paradigm of Puppet. Adding one more resource-type file into the fold creates what puppeteers refer to as the trifecta. Almost all system administration tasks revolve around these three resource types. As a system administrator, you install a package, configure the package with files, and then start the service:

Idempotency

A key concept of Puppet is that the state of the system when a manifest is applied to a node cannot affect the outcome of the Puppet run. In other words, at the end of the Puppet run (if the run was successful), the system will be in a known state and any further application of the manifest will result in a system that is in the same state. This property of Puppet is known as idempotency. Idempotency is the property that, no matter how many times you do something, remains in the same state as the first time you did it. For instance, if you had a light switch and you gave the instruction to turn it on, the light would turn on. If you gave the instruction again, the light would remain on.

Installing, configuring, and starting a service

There are many examples of this pattern online. In our simple example, we will create an Apache configuration file under /etc/httpd/conf.d/cookbook.conf. The /etc/httpd/conf.d directory will not exist until the httpd package is installed. After this file is created, we would want httpd to restart to notice the change; we can achieve this with a notify parameter.

How it works...

The require attribute to the file resources tells Puppet that we need the /var/www/cookbook directory created before we can create the index.html file. The important concept to remember is that we cannot assume anything about the target system (node). We need to define everything on which the target depends. Anytime you create a file in a manifest, you have to ensure that the directory containing that file exists. Anytime you specify that a service should be running, you have to ensure that the package providing that service is installed.