35,99 €
Write custom plugins for Puppet, including facts, providers, and functions
Key FeaturesGrasp recipes that work with centralized and decentralized deploymentsExplore language differences and enhancements anticipated in Puppet version 5.xGain expert understanding of Puppet's latest and most advanced featuresBook Description
Puppet is a configuration management system that automates all your IT configurations, giving you control of managing each node. Puppet 5 Cookbook will take you through Puppet's latest and most advanced features, including Docker containers, Hiera, and AWS Cloud Orchestration. Updated with the latest advancements and best practices, this book delves into various aspects of writing good Puppet code, which includes using Puppet community style, checking your manifests with puppet-lint, and learning community best practices with an emphasis on real-world implementation.
You will learn to set up, install, and create your first manifests with version control, and also learn about various sysadmin tasks, including managing configuration files, using Augeas, and generating files from snippets and templates. As the book progresses, you'll explore virtual resources and use Puppet's resource scheduling and auditing features. In the concluding chapters, you'll walk through managing applications and writing your own resource types, providers, and external node classifiers.
By the end of this book, you will have learned to report, log, and debug your system.
What you will learnDiscover the latest and most advanced features of PuppetMaster techniques to deal with centralized and decentralized Puppet deploymentsUse exported resources and forge modules to configure and deploy applicationsCreate efficient manifests to streamline your deploymentsAutomate deployment of puppet environment using git-hooksDeploy AWS instances and Docker containers with PuppetMake Puppet reliable, performant, and scalableWho this book is for
Puppet 5 Cookbook is for anyone who builds and administers servers, especially in a web operations context. You’ll need some experience of Linux systems administration, including familiarity with the command line, filesystem, and text editing. No prior programming experience is required.
Thomas Uphill is an RHCA who has been using Puppet since version 0.24. He has been a system administrator for nearly 20 years, more than 10 of which have been with Red Hat Linux and its derivatives. He has presented tutorials on Puppet at LISA and has spoken at PuppetConf. He enjoys teaching others how to use Puppet to automate as much system administration tasks as possible.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 378
Veröffentlichungsjahr: 2018
Copyright © 2018 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author , nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Commissioning Editor: Vijin BorichaAcquisition Editor: Namrata PatilContent Development Editor: Deepti ThoreTechnical Editors: Cymon Pereira, Varsha ShivhareCopy Editor:Safis EditingProject Coordinator: Kinjal BariProofreader: Safis EditingIndexer: Tejal Daruwale SoniGraphics: Jisha ChirayilProduction Coordinator: Shantanu Zagade
First published: October 2011
Second edition: August 2013
Third edition: February 2015
Fourth edition: June 2018
Production reference: 1250618
Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.
ISBN 978-1-78862-244-8
www.packtpub.com
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.
Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.
Thomas Uphill is a Puppet engineer in a large corporate environment. He's been using Puppet for several years now, starting as a system administrator. He's written several books on Puppet as well as given talks at LISA and Puppetconf. He lives and works in Seattle. When not at a computer, he enjoys mountain biking, hiking, and camping.
Subhash Vasarapu is a DevOps and CloudOps engineer, as well as an ethical hacker, who works for mindtree. He loves automating things, pushing production code, testing network penetration tools, working with containerized microservice solutions. He is familiar with the design, build, and deployment of scalable solutions that use sophisticated and complex implementation. He is also a gym rat, coach, swimmer, boxer, anime watcher, pet lover, nutritionist, traveler, and the kitchen is his laboratory. You can contact him on linkedin— Subhash Vasarapu
If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.
Title Page
Copyright and Credits
Puppet 5 Cookbook  Fourth Edition
Packt Upsell
Why subscribe?
PacktPub.com
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Sections
Getting ready
How to do it...
How it works...
There's more...
See also
Get in touch
Reviews
Puppet Language and Style
Introduction
Adding a resource to a node
How to do it...
How it works...
See also...
Using facter to describe a node
How to do it...
How it works...
There's more...
Variables
Scope
Using puppet facts
How to do it...
Installing a package before starting a service
How to do it...
How it works...
Learning metaparameters and ordering
Trifecta
Idempotency
Installing, configuring, and starting a service
How to do it...
How it works...
Using community Puppet style
How to do it...
Indentation
Quoting
false
Variables
Parameters
Symlinks
Installing Puppet
How to do it...
Creating a manifest
How to do it...
There's more...
Checking your manifests with puppet-lint
Getting ready
How to do it...
There's more...
See also
Making modules
How to do it...
How it works...
There's more...
Templates
Facts, functions, types, and providers
Third-party modules
Module organization
See also
Using standard naming conventions
How to do it...
There's more...
Using inline templates
How to do it...
How it works...
There's more...
See also
Iterating over multiple items
How to do it...
How it works...
There's more...
Using hashes
Creating arrays with the split function
Writing powerful conditional statements
How to do it...
How it works...
There's more...
elsif branches
Comparisons
Combining expressions
See also
Using regular expressions in if statements
How to do it...
How it works...
There's more...
Capturing patterns
Regular expression syntax
See also
Using selectors and case statements
How to do it...
How it works...
Selector
Case statement
There's more...
Regular expressions
Defaults
Using the in operator
How to do it...
There's more...
Using regular expression substitutions
How to do it...
How it works...
There's more...
See also
Puppet 5 changes
Using the call function
Puppet 4/5 changes
Appending to and concatenating arrays
Merging hashes
Using the sensitive type
Lambda functions
reduce
filter
map
slice
each
Functions in Puppet language
Puppet Infrastructure
Introduction
Managing your manifests with Git
Getting ready
How to do it...
How it works...
There's more...
Creating a decentralized Puppet architecture
Getting ready
How to do it...
How it works...
Writing a papply script
How to do it...
How it works...
Running Puppet from cron
Getting ready
How to do it...
How it works...
There's more...
Bootstrapping Puppet with bash
Getting ready
How to do it...
How it works...
There's more...
Creating a centralized Puppet infrastructure
Getting ready
How to do it...
How it works...
There's more...
Creating certificates with multiple DNS names
Getting ready
How to do it...
How it works...
Setting up the environment
Getting ready
How to do it...
There's more...
Configuring PuppetDB
Getting ready
How to do it...
How it works...
There's more...
Configuring Hiera
How to do it...
How it works...
There's more...
Environment-specific Hiera
Getting ready
How to do it...
How it works...
Setting node-specific data with Hiera
Getting ready
How to do it...
How it works...
Writing a custom Hiera5 function
Getting ready
How to do it...
How it works...
There's more...
Storing secret data with hiera-eyaml
Getting ready
How to do it...
How it works...
There's more...
Automatic syntax-checking with Git hooks
How to do it...
How it works...
Pushing code around with Git
Getting ready
How to do it...
How it works...
Managing environments with Git
Getting ready
How to do it...
How it works...
There's more...
Writing Better Manifests
Introduction
Using arrays of resources
How to do it...
How it works...
There's more...
See also
Using resource defaults
How to do it...
How it works...
There's more...
Using defined types
How to do it...
How it works...
There's more...
See also
Using tags
How to do it...
There's more...
Using run stages
How to do it...
How it works...
There's more...
See also
Using roles and profiles
How to do it...
How it works...
There's more...
Using data types in Puppet
How to do it...
There's more...
Passing parameters to classes
How to do it...
How it works...
There's more...
Specifying default values
Passing parameters from Hiera
Getting ready
How to do it...
How it works...
There's more...
Writing reusable, cross-platform manifests
How to do it...
How it works...
There's more...
See also
Getting information about the environment
How to do it...
How it works...
There's more...
See also
Importing dynamic information
Getting ready
How to do it...
How it works...
There's more...
See also
Passing arguments to shell commands
How to do it...
How it works...
Working with Files and Packages
Introduction
Making quick edits to config files
Getting ready
How to do it...
How it works...
There's more...
Editing INI-style files with puppetlabs-inifile
Getting ready
How to do it...
How it works...
There's more...
Using Augeas to reliably edit config files
How to do it...
How it works...
There's more...
Building config files using snippets
Getting ready
How to do it...
How it works...
Using ERB templates
How to do it...
How it works...
There's more...
See also
Using array iterations in templates
How to do it...
How it works...
There's more...
See also
Using EPP templates
How to do it...
How it works...
There's more...
Using GnuPG to encrypt secrets
Getting ready
How to do it...
How it works...
There's more...
See also
Comparing package versions
How to do it...
How it works...
Users and Virtual Resources
Introduction
Using virtual resources
How to do it...
How it works...
There's more...
Managing users with virtual resources
How to do it...
How it works...
There's more...
See also
Managing users' SSH access
How to do it...
How it works...
There's more...
Managing users' customization files
How to do it...
How it works...
There's more...
See also
Using exported resources
Getting ready
How to do it...
How it works...
There's more...
Managing Resources and Files
Introduction
Distributing cron jobs efficiently
How to do it...
How it works...
There's more...
See also
Scheduling when resources are to be applied
How to do it...
How it works...
There's more...
Using host resources
How to do it...
How it works...
There's more...
Using exported host resources
Getting ready
How to do it...
How it works...
There's more...
Using multiple file sources
How to do it...
How it works...
There's more...
See also
Distributing and merging directory trees
How to do it...
How it works...
There's more...
Cleaning up old files
How to do it...
How it works...
There's more...
Auditing resources
How to do it...
How it works...
There's more...
See also
Temporarily disabling resources
How to do it...
How it works...
Managing Applications
Introduction
Using public modules
How to do it...
How it works...
There's more...
Managing Apache servers
How to do it...
How it works...
Creating Apache virtual hosts
How to do it...
How it works...
There's more...
Creating NGINX virtual hosts
How to do it...
How it works...
There's more...
Managing MariaDB
How to do it...
How it works...
There's more...
Creating databases and users
How to do it...
How it works...
There's more...
Servers and Cloud Infrastructure
Introduction
Managing firewalls with iptables
Getting ready
How to do it...
How it works...
There's more...
Building high-availability services using Keepalived
Getting ready
How to do it...
How it works...
There's more...
Managing NFS servers and file shares
How to do it...
How it works...
Using HAProxy to load balance multiple web servers
How to do it...
How it works...
There's more...
Managing EC2 instances
Getting ready
How to do it...
How it works...
There's more...
Managing virtual machines with Vagrant
Getting ready
How to do it...
How it works...
There's more...
Managing Docker with Puppet
Getting ready
How to do it...
How it works...
There's more...
External Tools and the Puppet Ecosystem
Introduction
Creating custom facts
How to do it...
How it works...
There's more...
Adding external facts
Getting ready
How to do it...
How it works...
There's more...
Debugging external facts
Using external facts in Puppet
Setting facts as environment variables
How to do it...
Generating manifests with the Puppet resource command
How to do it...
There's more...
Generating manifests with other tools
Getting ready
How to do it...
There's more...
Using PDK
Getting ready
How to do it...
How it works...
There's more...
Using an external node classifier
Getting ready
How to do it...
How it works...
There's more...
See also
Creating your own resource types
How to do it...
How it works...
There's more...
Documentation
Validation
Creating your own providers
How to do it...
How it works...
There's more...
Creating custom functions
How to do it...
How it works...
There's more...
Testing your puppet manifests with rspec-puppet
Getting ready
How to do it...
How it works...
There's more...
Monitoring, Reporting, and Troubleshooting
Introduction
Noop—the don't-change-anything option
How to do it...
How it works...
There's more...
See also
Logging the command output
How to do it...
How it works...
There's more...
Logging debug messages
How to do it...
How it works...
There's more...
Resource ordering
Generating reports
How to do it...
How it works...
There's more...
Other report types
See also
Producing automatic HTML documentation
Getting ready...
How to do it...
How it works...
There's more...
Drawing dependency graphs
Getting ready
How to do it...
How it works...
When Puppet looks for the dependencies
There's more...
See also
Understanding Puppet errors
How to do it...
Could not retrieve file metadata for XXX: getaddrinfo: Name or service not known
Could not evaluate: Could not retrieve information from environment production source(s) XXX
Error: Could not set 'file' on ensure: No such file or directory XXX
Change from absent to file failed: Could not set 'file on ensure: No such file or directory
Undefined method 'closed?' for nil:NilClass
Duplicate definition: X is already defined in [file] at line Y; cannot redefine at [file] line Y
See also
Inspecting configuration settings
How to do it...
How it works...
See also
Other Books You May Enjoy
Leave a review - let other readers know what you think
Configuration management has gone from something that few organizations practiced to a necessity. Today, every organization I visit is using configuration management in some form or another. The range of tools available has expanded as well. A few years ago, there were only two or three viable options for cross-platform configuration management. Now, there are many more options, including Salt, Chef, Ansible, and Puppet.
In the move to the cloud, it is important to be able to automate building nodes; manual tasks are no longer acceptable. Using Configuration management to automate the building of your nodes is now a requirement of the DevOps engineer.
This book takes you beyond the basics of Puppet and starts to explore the power of customizing Puppet to suit your needs. The book consists of mostly atomic recipes, which can be read independently to tackle a variety of real-world problems. The examples are structured so that you can dip in at any point and try out a recipe without having to work your way through the book from cover to cover. Code samples are included in each example. The book will take you from a rudimentary knowledge of Puppet to a more complete and expert understanding of Puppet's latest features and community best practices.
The open source version of Puppet was used throughout the book; you will not require Puppet Enterprise to complete the examples.
Puppet 5 is still changing rapidly, and I've included what I believe to be the most important parts of this release in this book. For up-to-the-minute information on the latest releases, I suggest you subscribe to the Puppet Developers mailing list at https://groups.google.com/forum/#!forum/puppet-dev, the Puppet Slack Channel at https://slack.puppet.com/, and the puppetlabs blog at https://puppet.com/blog.
This book assumes a familiarity with Linux administration. The examples require some experience with command-line usage and basic text file editing. Although beneficial, previous coding experience is not required. This book is for the Puppet engineer that is looking for a book that covers a wide range of Puppet topics. This book is also for the system administrator looking for a guide to Puppet with real-world examples.
Chapter 1,Puppet Language and Style, introduces the Puppet language and shows how to write manifests. The Puppet linting tool, puppet-lint, is introduced, and we review best practices to write Puppet code. Metaparameters are shown with examples. We also cover changes in the Puppet language available in versions 4 and 5 of Puppet.
Chapter 2,Puppet Infrastructure, explains how to deploy Puppet in your environment. It covers the two main methods of installation, centralized and decentralized (masterless). It shows you how to use Git to centrally manage your code. It will help you configure PuppetDB and Hiera.
Chapter 3,Writing Better Manifests, deals with organizing your Puppet manifests. Manifests are used to build modules. This chapter introduces the concept of roles and profiles to abstract how modules are applied to machines. Parameterized classes are introduced. It also shows you how to efficiently define resources with arrays of resources and resource defaults.
Chapter 4,Working with Files and Packages, shows you how to manage files using snippets (fragments). It introduces the power of creating files with both Ruby (ERB) and Puppet (EPP) templates. It also helps you explore ways to secure information stored in your Puppet manifests.
Chapter 5,Users and Virtual Resources, deals with the advanced topic of virtual and exported resources. Virtual resources are a way of defining resources but not applying them by default. Exported resources are similar but are used to have resources from one machine applied to one or more other machines.
Chapter 6,Managing Resources and Files, speaks about dealing with directories and purging resources not controlled by Puppet. It shows you how to have file resources applied differently on different machines. Furthermore, methods for managing host entries in /etc/hosts are shown with exported resources examples.
Chapter 7,Managing Applications, shows you how to use Puppet to manage your deployed applications. Using public Forge modules, it helps you configure Apache, NGINX, and MariaDB.
Chapter 8,Servers and Cloud Infrastructure, introduces virtual resources and shows how to use them to configure highly available services. It also shows you how to use Puppet to manage Docker and AWS instances. Furthermore, Vagrant is used as a tool to create test environments for your Puppet code.
Chapter 9,External Tools and the Puppet Ecosystem, shows you how to extend Puppet with your own types and providers, how to make your own facts, as well as the Puppet Development Kit (PDK).
Chapter 10,Monitoring, Reporting, and Troubleshooting, shows you how to leverage Puppet to monitor your infrastructure for problems. We configure Puppet reporting and then discuss some of the common problems with Puppet code.
You will need a computer capable of running Linux virtual machines. The examples in the book use Debian and Enterprise Linux-based distributions (RHEL and CentOS). Some of the examples will require multiple virtual machines to be run concurrently. You will need a host machine capable of running three or four virtual machines simultaneously. A minimum of 8 GB of RAM is suggested for performance reasons. To configure a test environment similar to that used in the production of the book, Vagrant should be used. Vagrant is a tool developed by Hashicorp to enable quick deployment of virtual machines via a definition file, Vagrantfile. More information on Vagrantfile syntax is available at https://www.vagrantup.com/docs/vagrantfile/. Vagrantfile used to build the example systems in this book is provided in the files section. To effectively use the Vagrantfile provided, you will need to install the vagrant-hosts plugin. To do so, issue the following command:
[t@mylaptop ~] $ vagrant plugin install vagrant-hosts
Installing the 'vagrant-hosts' plugin. This can take a few minutes...
Fetching: vagrant-hosts-2.8.2.gem (100%)
Installed the plugin 'vagrant-hosts (2.8.2)'!
This will allow Vagrant to update the /etc/hosts file on your nodes with host entries for the other nodes in your test environment (for example, puppet.example.com and git.example.com). It is also convenient to configure ssh to connect to your test machines. After copying down Vagrantfile into a directory on your machine, cd into that directory. Check whether Vagrant is configured properly using the following command:
[t@mylaptop ~/cookbook] $ vagrant status
Current machine states:
cookbook poweroff (virtualbox)
puppet running (virtualbox)
This environment represents multiple VMs. The VMs are all listedabove with their current state. For more information about a specificVM, run `vagrant status NAME`.
Now, copy the output of the following command into the .ssh/config file in your home directory as shown here:
[t@mylaptop ~/cookbook] $ vagrant ssh-config puppet >>~/.ssh/config
This will enable you to do the following:
[t@mylaptop ~/cookbook] $ ssh puppet
Last login: Mon Jun 18 20:13:21 2018 from 10.0.2.2
puppet.example.com
Managed by puppet 5.5.2
[vagrant@puppet ~]$ hostname
puppet.example.com
You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.
You can download the code files by following these steps:
Log in or register at
www.packtpub.com
.
Select the
SUPPORT
tab.
Click on
Code Downloads & Errata
.
Enter the name of the book in the
Search
box and follow the onscreen instructions.
Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
WinRAR/7-Zip for Windows
Zipeg/iZip/UnRarX for Mac
7-Zip/PeaZip for Linux
The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Puppet-5-Cookbook-Fourth-Edition. In case there's an update to the code, it will be updated on the existing GitHub repository.
We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/Puppet5CookbookFourthEdition_ColorImages.pdf.
There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Apply this manifest using puppet apply git.pp; this will install Git."
A block of code is set as follows:
package {'git': ensure => installed}
Any command-line input or output is written as follows:
t@mylaptop ~/.ssh $ ssh-copy-id -i git_rsa [email protected]
[email protected]'s password:
Number of key(s) added: 1
Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Select System info from the Administration panel."
In this book, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., There's more..., and See also).
To give clear instructions on how to complete a recipe, use these sections as follows:
This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.
This section contains the steps required to follow the recipe.
This section usually consists of a detailed explanation of what happened in the previous section.
This section consists of additional information about the recipe in order to make you more knowledgeable about the recipe.
This section provides helpful links to other useful information for the recipe.
Feedback from our readers is always welcome.
General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packtpub.com.
We will cover the following recipes in this chapter:
Adding a resource to a node
Using facter to describe a node
Using Puppet facts
Installing a package before starting a service
Installing, configuring, and starting a service
Using community Puppet style
Installing Puppet
Creating a manifest
Checking your manifests with Puppet-lint
Making modules
Using standard naming conventions
Using in-line templates
Iterating over multiple terms
Writing powerful conditional statements
Using regular expressions in
if
statements
Using selectors and case statements
Using the
in
operator
Using regular expression substitutions
Puppet 5 changes
Puppet 4/5 Changes
In this chapter, we'll start with the basics of the Puppet syntax and show you how some of the syntactic sugar in Puppet is used. We'll then move on to how Puppet deals with dependencies and how to make Puppet do the work for you.
We'll look at how to organize and structure your code into modules following community conventions so that other people will find it easy to read and maintain your code. We will also see some powerful features of the Puppet language, which will let you write concise yet expressive manifests.
This recipe will introduce the language and show you the basics of writing Puppet code. Puppet code files are called manifests; manifests declare resources. A resource in Puppet may be a type, class, or node. A type is something like a file or package or anything that has a type declared in the language. The current list of standard types is available on the puppetlabs website at https://puppet.com/docs/puppet/latest/type.html. I find myself referencing this site very often. You may define your own types, either using a mechanism, similar to a subroutine, named defined types, extending the language using a custom type. Types are the heart of the language; they describe the things that make up a node (node is the word Puppet uses for client computers/devices). Puppet uses resources to describe the state of a node; for example, we will declare the following package resource for a node using a site manifest: site.pp.
Create a site.pp file and place the following code in it:
node default { package { 'httpd': ensure => 'installed' } }
This manifest will ensure that any node on which this manifest is applied will install a package called httpd. The default keyword is a wildcard to Puppet; it applies anything within the node default definition to any node. When Puppet applies the manifest to a node, it uses a Resource Abstraction Layer (RAL) to translate the package type into the package management system of the target node. What this means is that we can use the same manifest to install the httpd package on any system where Puppet has a Provider for the package type. Providers are the pieces of code that do the real work of applying a manifest. When the previous code is applied to a node running on a YUM-based distribution, the YUM provider will be used to install the httpd RPM packages. When the same code is applied to a node running on an APT-based distribution, the APT provider will be used to install the httpd DEB package (which may not exist, as most Debian-based systems call this package apache2; we'll deal with this sort of naming problem later).
Puppet 3: Beginner's Guide
, John Arundel, Packt Publishing,
in addition to this section
Facter is a separate utility upon which Puppet depends. It is the system used by Puppet to gather information about the target system (node); facter calls the nuggets of information facts. You may run facter from the command line to obtain real-time information from the system.
We'll compare the output of facter with that of system utilities:
Use facter to find the current uptime of the system, the uptime fact:
t@cookbook ~$ facter uptime 0:12 hours
Compare this with the output of the Linux uptime command:
t@cookbook ~$ uptime
01:18:52 up 12 min, 1 user, load average: 0.00, 0.00, 0.00
When facter is installed (as a dependency for Puppet), several fact definitions are installed by default. You can reference each of these facts by name from the command line.
Running facter without any arguments causes facter to print all the facts known about the system. We will see in later chapters that facter can be extended with your own custom facts. All facts are available for you to use as variables; variables are discussed in the next section.
Variables in Puppet are marked with a $ character. Variables are immutable; once assigned a value, they cannot be changed. When using variables within a manifest, it is advisable to enclose the variable within braces, such as ${myvariable}, instead of $myvariable. All of the facts from facter can be referenced as top-scope variables (we will discuss scope in the next section). For example, the Fully Qualified Domain Name (FQDN) of the node may be referenced by ${::fqdn}. Variables can only contain alphabetic characters, numerals, and the underscore character, _. As a matter of style, variables should start with an alphabetic character. Never use dashes in variable names.
As we'll see in subsequent chapters, facter may be extended with custom facts written in Ruby. By default, custom facts are not loaded when you run facter.
To pull in the custom facts, you need to specify the -p option to facter, as shown here:
t@cookbook:~$ facter puppetversion
t@cookbook:~$ facter -p puppetversion
5.5.2
Although still valid, the facter -p syntax is now deprecated in favor of using the Puppet face, facts. Puppet faces are the various sub-applications supported by the Puppet command. To see the available faces, run Puppet help, as shown here:
t@cookbook:~$ puppet help
Usage: puppet <subcommand> [options] <action> [options]
Available subcommands:
agent The puppet agent daemon
apply Apply Puppet manifests locally
ca Local Puppet Certificate Authority management. (Deprecated)
catalog Compile, save, view, and convert catalogs.
cert Manage certificates and requests
certificate Provide access to the CA for certificate management.
certificate_request Manage certificate requests. (Deprecated)
certificate_revocation_list Manage the list of revoked certificates. (Deprecated)
config Interact with Puppet's settings.
describe Display help about resource types
device Manage remote network devices
doc Generate Puppet references
epp Interact directly with the EPP template parser/renderer.
facts Retrieve and store facts.
filebucket Store and retrieve files in a filebucket
generate Generates Puppet code from Ruby definitions.
help Display Puppet help.
key Create, save, and remove certificate keys. (Deprecated)
lookup Interactive Hiera lookup
man Display Puppet manual pages.
master The puppet master daemon
module Creates, installs and searches for modules on the Puppet Forge.
node View and manage node definitions.
parser Interact directly with the parser.
plugin Interact with the Puppet plugin system.
report Create, display, and submit reports.
resource The resource abstraction layer shell
status View puppet server status. (Deprecated)
One difference between facter and Puppet facts is that you may request a single fact from facter, whereas Puppet facts will return all the facts for a node at once as a JSON object (you may request other formats with the --render-as option).
To show how ordering works, we'll create a manifest that installs httpd and then ensures the httpd package service is running.
We'll create a manifest to install and start our service:
S
tart by creating a manifest that defines
service
:
service {'httpd': ensure => running, require => Package['httpd'],}
The
service
definition references a
package
resource named
httpd
; we now need to define that resource:
package {'httpd': ensure => 'installed',}
In this example, the package will be installed before the service is started. Using require within the definition of the httpd service ensures that the package is installed first, regardless of the order within the manifest file.
Capitalization is important in Puppet. In our previous example, we created a package named httpd. If we wanted to refer to this package later, we would capitalize its type (package) as follows:
Package['httpd']
To refer to a class- for example, the something::somewhere class, which has already been included/defined in your manifest-you can reference it with the full path as follows:
Class['something::somewhere']
Let's say you have defined the following type:
example::thing {'one':}
The preceding line may be referenced later, as follows:
Example::Thing['one']
Knowing how to reference previously defined resources is necessary for the next section on metaparameters and ordering.
All the manifests that will be used to define a node are compiled into a catalog. A catalog is the code that will be applied to configure a node. It is important to remember that manifests are not applied to nodes sequentially. There is no inherent order to the application of manifests. With this in mind, in the previous httpd example, what if we wanted to ensure that the httpd process started after the httpd package was installed?
We couldn't rely on the httpd service coming after the httpd package in the manifests. What we would have to do is use metaparameters to tell Puppet the order in which we want resources applied to the node. Metaparameters are parameters that can be applied to any resource and are not specific to any one resource type. They are used for catalog compilation and as hints to Puppet, but not to define anything about the resource to which they are attached.
When dealing with ordering, there are four metaparameters used:
before
require
notify
subscribe
The before and require metaparameters specify a direct ordering; notify implies before and subscribe implies require. The notify metaparameter is only applicable to services; what notify does is tell a service to restart after the notifying resource has been applied to the node (this is most often a package or file resource). In the case of files, once the file is created on the node, a notify parameter will restart any services mentioned. The subscribe metaparameter has the same effect but is defined on the service; the service will subscribe to the file.
The relationship between package and service previously mentioned is an important and powerful paradigm of Puppet. Adding one more resource-type file into the fold creates what puppeteers refer to as the trifecta. Almost all system administration tasks revolve around these three resource types. As a system administrator, you install a package, configure the package with files, and then start the service:
A key concept of Puppet is that the state of the system when a manifest is applied to a node cannot affect the outcome of the Puppet run. In other words, at the end of the Puppet run (if the run was successful), the system will be in a known state and any further application of the manifest will result in a system that is in the same state. This property of Puppet is known as idempotency. Idempotency is the property that, no matter how many times you do something, remains in the same state as the first time you did it. For instance, if you had a light switch and you gave the instruction to turn it on, the light would turn on. If you gave the instruction again, the light would remain on.
There are many examples of this pattern online. In our simple example, we will create an Apache configuration file under /etc/httpd/conf.d/cookbook.conf. The /etc/httpd/conf.d directory will not exist until the httpd package is installed. After this file is created, we would want httpd to restart to notice the change; we can achieve this with a notify parameter.
The require attribute to the file resources tells Puppet that we need the /var/www/cookbook directory created before we can create the index.html file. The important concept to remember is that we cannot assume anything about the target system (node). We need to define everything on which the target depends. Anytime you create a file in a manifest, you have to ensure that the directory containing that file exists. Anytime you specify that a service should be running, you have to ensure that the package providing that service is installed.