puppet quick start guide
TRANSCRIPT
Learning Puppet
Quick Start Guide
Suhan DharmasuriyaSoftware Engineer - Test AutomationWSO2 Inc.
Outline
● What is puppet?
● Session 1 - Configuring puppet master/agent
● Puppet module fundamentals
● What are puppet templates?
● Session 2 - Puppet modules and templates
● Session 3 - Looping elements in a given template
What is puppet?
"The Puppet Domain Specific Language (DSL) is a
Ruby-based coding language that provides a precise and
adaptable way to describe a desired state for each
machine in your infrastructure. Once you've described a
desired state, Puppet does the work to bring your systems
in line and keeping them there" - Puppet Labs
Q: Why not use shell scripts and manage infrastructure?
- Not feasible to manage large # of nodes
Installing Puppet Master and Agent
Puppet Master● sudo apt-get update● sudo apt-get install puppetmaster
● /etc/puppet/puppet.conf
[main]
dns_alt_names=puppetmaster,puppet,puppet.example.co
m
[master]
autosign=true
● /etc/hosts
127.0.0.1 localhost
127.0.0.1 puppetmaster
● /etc/hostname
puppetmaster
dns_alt_names are mentioned so that when creating ssl certificates for the master itself, the names will be embedded to the certificate itself which is easy for the agent to find out that agent is connecting to the intended puppet master.
autosign=true is used to automatically sign puppet agent join requests for the time being. So that you can easily learn puppet and later comment out the said line to manually sign agent certificates.SE
SSIO
N 1
Installing Puppet Master and Agent
Puppet Agent● sudo apt-get update● sudo apt-get install puppet
● /etc/puppet/puppet.conf
[main]
server = puppet
● /etc/hosts
127.0.0.1 localhost
127.0.1.1 agent1
192.168.92.2 puppet
● /etc/hostname
agent1
IP address of the Puppet master
SESS
ION
1
If you get certificate issues, using puppet cert command clean and regenerate the certificates accordingly.> puppet cert clean <host>> puppet cert generate <host>
Do a puppet agent catalog run● Add the following to /etc/puppet/manifests/site.pp
node default {
}
● Since we have established the master/agent communication
previously, go to puppet agent and issue the following,
> puppet agent --test OR
> puppet agent -t
You will see an output as follows.root@agent1:~# puppet agent --testinfo: Caching catalog for agent1.domain.nameinfo: Applying configuration version '1416123976'notice: Finished catalog run in 0.01 seconds
Puppet always starts compiling with either a single manifest file or a directory of manifests that get treated like a single file.
This main starting point is called the main manifest or site manifest.
SESS
ION
1
The name default (without quotes) is a special value for node names. If no node statement matching a given node can be found, the default node will be used.
Do a puppet agent catalog run> puppet cert list --all+ "agent1.us-west-2.compute.internal" (SHA256) B4:DC:3C:FF:DF:D6:36:C7:1E:49:CE:99:17:E9:55:89:42:0E:3A:DB:67:84:4F:D0:7B:FE:7E:E4:2D:BE:8C:D4+ "puppetmaster.us-west-2.compute.internal" (SHA256) 58:EF:90:05:72:1C:51:8F:BC:63:6C:5E:30:11:87:AC:04:28:F5:F3:94:F3:0A:DA:91:05:00:ED:5A:7A:E7:9E (alt names: "DNS:puppet", "DNS:puppet.us-west-2.compute.internal", "DNS:puppetmaster", "DNS:puppetmaster.us-west-2.compute.internal")SE
SSIO
N 1
Do a puppet agent catalog runHTTP trace at puppet master node /var/log/puppet/masterhttp.log
When puppet agent connect to master and get the certificate auto signed for the first time
When a puppet agent catalog run is performed,> puppet agent -t
{{
module is simply a directory tree with a specific, predictable structuremodules|_your_module |_ manifests |_ templates |_yourtemplate.erb |_ files |__ facts.d |__ examples |__ spec |__ lib
Puppet module fundamentalsThis outermost directory’s name matches the name of the module
Contains all of the manifests in the module- init.pp — Contains a class definition. This class’s name
must match the module’s name.- other_class.pp — Contains a class named
your_module::other_class.- my_defined_type.pp — Contains a defined type named
your_module::my_defined_type.- implementation/ — This directory’s name affects the class
names beneath it.- foo.pp — Contains a class named
your_module::implementation::foo.- bar.pp — Contains a class named
your_module::implementation::barContains plugins, like custom facts and custom resource types.
Contains templates, which the module’s manifests can use.- component.erb — A manifest can render this template with
template('your_module/component.erb').- component.epp — A manifest can render this template with
epp('your_module/component.epp').Contains static files, which managed nodes can download
- service.conf — This file’s source => URL would be puppet:///modules/your_module/service.conf. Its contents can also be accessed with the file function, like content => file('your_module/service.conf').
Contains external facts, which are an alternative to Ruby-based custom facts. These will be synced to all agent nodes, so they can submit values for those facts to the Puppet master
Contains spec tests for any plugins in the lib directory
Contains examples showing how to declare the module’s classes and defined types
- init.pp- other_example.pp
What are puppet templates?
$value = template("your_module/yourtemplate.erb")
Puppet assumes that,
● Template files are stored in the templates directory inside your
puppet module
● common modulepath is at /etc/puppet/modules
/etc/ |__ puppet |__ manifests | |__ site.pp |__ modules |__ your_module |__ manifests |__ templates |__ yourtemplate.erb
/etc/puppet/modules/your_module/templates/
yourtemplate.erb
Templates can be used to specify the contents of files. They are commonly used to template out configuration files, filling in variables with the managed node’s facts.
Puppet supports templates written in the ERB templating language, which is part of the Ruby standard library.
Embedded Puppet template (EPP)
Using Puppet modules and templates● puppet agent → agent1
● create puppet module → myserver, create init.pp, template files/etc/ |__ puppet |__ manifests | |__ site.pp |__ modules |__ myserver |__ manifests |__init.pp |__params.pp |__ templates |__ welcome-template-file.erb
/etc/puppet/manifests/site.ppimport 'myserver'node 'agent1' { include myserver}node default {}
SESS
ION
2 Contains the class definition. This class’s name must match the module’s name
When we include the module in site.pp manifest file, puppet looks into this init.pp script and execute
1
2
3
4
1
We are importing the myserver module to our main manifest: site.pp
Then we are including it to our agent1 puppet node definition
Using Puppet modules and templates/etc/puppet/modules/myserver/manifests/init.ppclass myserver inherits myserver::params{ file { "/tmp/$myname": ensure => file, content => template('myserver/welcome-template-file.erb'), }}
/etc/puppet/modules/myserver/manifests/params.pp [1]class myserver::params { $say_hello_to = 'guys and gals' $myname = 'welcome file.xml'}
SESS
ION
22
3
Image Credits: https://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html#manifests
Image Credits: https://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html#templates
Using Puppet modules and templates/etc/puppet/modules/myserver/templates/welcome-template-file.erb<% if @say_hello_to -%>Hello <%= @say_hello_to %>,<% end -%>I'm <%= @myname %>, on a <%= @operatingsystem %> system, nice to meet you.
Then issue the following command on puppet agent node.> puppet agent -t
A file will be created on agent node./tmp/welcome file.xml
Hello guys and gals,I'm welcome file.xml, on a Ubuntu system, nice to meet you.
SESS
ION
24
Wondering how value came for @operatingsystem?Apart from custom variables defined, puppet can use variables predefined by Factor.
Looping elements in a given template/etc/puppet/manifests/site.pp to be modified as follows,class myserver::params { $say_hello_to = 'guys and gals' $myname = 'welcome file.xml' $members = ['10.0.1.196', '10.0.1.198', '10.0.1.200']}
Append the following to the /etc/puppet/modules/myserver/templates/welcome-template-file.erb
<members> <%- if @members -%> # loop hostnames <%- @members.each do |hostname| -%> <member> <hostName><%= hostname %></hostName> <port>4100</port> </member> <%- end -%> <%- end -%></members>
SESS
ION
3
loop variable
each — Repeat a block of code any number of times, using a collection of values to provide different parameters each time.
Looping elements in a given templateThen issue the following command on puppet agent node.> puppet agent -t
/tmp/welcome file.xml will now look like this.
Hello guys and gals,I'm welcome file.xml, on a Ubuntu system, nice to meet you.
<members><member> <hostName>10.0.1.196</hostName> <port>4100</port></member><member> <hostName>10.0.1.198</hostName> <port>4100</port></member><member> <hostName>10.0.1.200</hostName> <port>4100</port></member></members>
SESS
ION
3
Looping elements in a given templateNow lets try to parameterize both member and port.Modify /etc/puppet/manifests/site.pp as follows,
class myserver::params { $say_hello_to = 'guys and gals' $myname = 'welcome file.xml' $members = { '192.168.1.156' => '4100', '192.168.1.157' => '4000' }}
Modify the following <members> section in /etc/puppet/modules/myserver/templates/welcome-template-file.erb
<members> <%- if @members -%> <%- @members.each_pair do |hostname,port| -%> <member> <hostName><%= hostname %></hostName> <port><%= port %></port> </member> <%- end -%> <%- end -%></members>
SESS
ION
3
two loop variables[example]
Looping elements in a given templateThen issue the following command on puppet agent node.> puppet agent -t
/tmp/welcome file.xml will now look like this.
Hello guys and gals,I'm welcome file.xml, on a Ubuntu system, nice to meet you.
<members> <member> <hostName>192.168.1.156</hostName> <port>4100</port> </member> <member> <hostName>192.168.1.157</hostName> <port>4000</port> </member></members>
SESS
ION
3
Contact us !