STOP WRITING PUPPET MODULESBest Practices In The Puppet Community

Assembled by Lucas Yamanishi / lucas.yamanishi@nasa.gov

http://lucas.yamanishi.us/stop_writing_puppet_modules

Bona Fides

Systems Administrator - ADNET Systems, Inc.NASA SESDA PMO(Space and Earth Science Analysis Project Management Office)

Background in the US Army

InfantryCounterintelligence (Reserves)

Minor contributions made to...

Gentoovim-puppetvarious Puppet modulesThis presentation software ( )reveal-ck

DISCLAIMER

AGENDA

IntroFree & Open Source SoftwareCommunity WorkflowsBuilding with Community in mindFinding & building great Puppet modules

Stop Writing Puppet Modules

(and start focusing on your business)

Puppet is more than a...

configuration toolframeworklanguage

Puppet is a community

FREE & OPEN SOURCE SOFTWARE

Free as in freedom,Free as in beer

Open as a book,Open as in "to everybody"

PuppetOpen Source Community

Community Benefits

Large ecosystemLinus's Law (many eyes)Reduced maintenance costs*Easier to troubleshoot*Better overall quality*

Hidden Costs

Limited support*Publication requirementsLegal overheadNo guarantees

Open Source Software Policy

(use and contribution)

Software Policy

(use and contribution)

Software Policy

(use and contribution)

What content is OK? What's off limits?Who signs off?Acceptable license features

Use permissionRedistribution rightsAttribution requirementsPatent protectionDisclaimer of liability

Acceptable licenses (MIT, BSD, Apache, GPL, etc.)Display of license (LICENSE file, file headers, etc.)Contributor License Agreements (CLAs)Quality control

WORKFLOWS

The Puppet Forge

GitHub & Google

puppet module install

git clone

Feature branches

Image courtesy of - .Atlassian Creative Commons Attribution 2.5

Australia License

r10k

http://github.com/puppetlabs/r10k

BUILDINGWITH COMMUNITY IN MIND

environment.conf

Puppet >= 3.6 required

Older versions

modulepath = site:modules:$basemodulepath

basemodulepath = $confdir/$environment/site:$confdir/$environment/modules

manifests/site.pp

Facter >= 2.2 required for $::os structured facts

$os_name = $::os['name']$os_major = $::os['release']['major']$os_minor = $::os['release']['minor']

node default { $host_group = 'default' $security_policy = 'high'

include 'base'

warning("Node ${::certname} does not match any host groups")}

node /^ntp[[:digit:]]{2}\.dca\.example\.net$/ { $host_group = 'ntp' $location = 'DCA' $security_policy = 'medium'

include 'base'}

site/base/manifests/init.pp

Puppet >= 3.0 required

# A base class to manage Puppet runs class base { $hiera_classes = hiera_array('classes', []) include $hiera_classes}

hiera.yaml

Puppet >= 3.0 required

---:backends: - 'eyaml' - 'yaml':merge_behavior: 'deeper':hierarchy: - "nodes/%{::clientcert}" - "host_groups/%{::host_group}" - "os/%{::kernel}/%{::osfamily}/%{::os_name}/%{::os_major}/%{::os_minor}" - "os/%{::kernel}/%{::osfamily}/%{::os_name}/%{::os_major}" - "os/%{::kernel}/%{::osfamily}/%{::os_name}" - "os/%{::kernel}/%{::osfamily}" - "os/%{::kernel}" - "locations/%{::location}" - "security_policies/%{::security_policy}" - 'common':yaml: :datadir: "/etc/puppet/environments/%{::environment}/datadir":eyaml: :datadir: "/etc/puppet/environments/%{::environment}/datadir" :gpg_gnupghome: '/etc/puppet/gpg' :extension: 'yaml'

host_groups/ntp_stratum2.yaml

Hiera >= 1.3 required for hiera() function in data

---classes: - 'ntp'

ntp::preferred_servers: - %{hiera('ntp_local_master', '')}ntp::servers: - 0.us.pool.ntp.org - 1.us.pool.ntp.org - 2.us.pool.ntp.org - 3.us.pool.ntp.org

Puppetfile

(for use with )

r10k / librarian-puppet file

r10k

##################### Site-local modules#mod 'root_account', git: 'git@git-server.example.net:puppet/site-local/root_account.git'

mod 'really_awesome_product', svn: 'https://svn-server.example.net/puppet/site-local/really_awesome_product/trunk', rev: '539'

##################### Third-party modules#mod 'docker', git: 'git@git-server.example.net:puppet/third-party/garethr-docker.git', tag: 'v4.0.2'

# TODO:# - find an NTP module

FINDING & WRITING GREAT MODULES

Modularity

Types & Providers

./ | +-- manifests/ | +-- lib/ | +-- puppet/ | +-- provider/ | +-- type/

Compatibility

Operating System Portability

Structureparams.pp

Puppet Labs ticket:Data in modules

PUP-42

Cross-module compatibility

conf.d

Augeas resourcesconcat

Augeas Providers

Semantic Versioningpuppetforgepuppetforge v0.9.0v0.9.0

MajorMinorBugfix

http://SemVar.org

Readability

Style Guide

Every major [software] project has its own style guide: a set of conventions(sometimes arbitrary) about how to write code for that project. It is mucheasier to understand a large codebase when all the code in it is in aconsistent style.

google-styleguide

https://docs.puppetlabs.com/guides/style_guide.html

puppet-lint

http://puppet-lint.com

Documentation

Tests

SmokeUnitIntegrationAcceptance

rspec-puppet

coveragecoverage 98%98%

http://rspec-puppet.com

require 'spec_helper'

describe 'example_module' do context 'on CentOS' do let(:facts) {{ operatingsystem: 'CentOS' }}

context "example_module class with default parameters" do let(:params) {{ }}

it { is_expected.to compile.with_all_deps }

it { is_expected.to contain_class('example_module::params') }

it { is_expected.to contain_service('example_module') } it { is_expected.to contain_file('/path/to/example_file').with_ensure('file') } end endend

Vagrant

http://VagrantUp.com

Beaker

https://github.com/puppetlabs/beaker

Skeletons & Other Standards

https://github.com/garethr/puppet-module-skeletonStdMod

QUESTIONS?

© Lucas Yamanishi 2015

RESOURCES

(book in pre-release)Blogs:

Mailing list:IRC: on

Beginner's Guide to ModulesPuppetBestPractices.comThe Puppet design philosophy - Brian AndersonPuppet Best Practices - Chris Barbour

Tim SharpeAdrien TheboJoe TopjianGary LarizzaPlanet PuppetPuppet Labs

puppet-users#puppet freenode

This work is licensed under a .

Creative Commons Attribution-ShareAlike4.0 International License