Introduction to Puppet The IT automation software

Ahmed Elgenedy

Cairo, January 2013

• Introduction

–What is Puppet?

–How Puppet Works?

• RAL - Resource Abstraction Layer

–Manifests, Resource Ordering

–Variables, Facts, Classes, and Modules

–More

• Templates

• Parameterized Classes

• Defined Types

• Master/Agent Puppet

– Serving a Real Configuration

• Introduction

–What is Puppet?

–How Puppet Works?

• RAL - Resource Abstraction Layer

–Manifests, Resource Ordering

–Variables, Facts, Classes, and Modules

–More

• Templates

• Parameterized Classes

• Defined Types

• Master/Agent Puppet

– Serving a Real Configuration

• IT automation software

• Helps system administrators manage infrastructure throughout its

lifecycle, from provisioning and configuration to patch

management and compliance

• Automate repetitive tasks, quickly deploy critical applications, and

proactively manage change, scaling from 10s of servers to 1000s,

• Available as both open source and commercial software

• Declarative, model-based approach to IT automation

1. Define the desired state of the infrastructure’s configuration

using Puppet’s declarative configuration language

2. Simulate configuration changes before applying

3. Enforce the deployed desired state automatically, correcting

any configuration drift

4. Report on the differences between actual and desired states

and any changes made enforcing the desired state

• Introduction

–What is Puppet?

–How Puppet Works?

• RAL - Resource Abstraction Layer

–Manifests, Resource Ordering

–Variables, Facts, Classes, and Modules

–More

• Templates

• Parameterized Classes

• Defined Types

• Master/Agent Puppet

– Serving a Real Configuration

• System’s configuration is a collection of resources

• Resources vary in size, complexity, and lifespan:

• For example:

– File

–User account

– Software package

– Running service

– Scheduled cron job

• Similar resources can be grouped into types

• RAL splits resources into:

– Types: high-level models

–Providers: platform-specific implementations

• RAL lets you describe resources in a way that can apply to any

system

• Puppet starts with an understanding of what state a

resource should have

• To sync the resource, it uses the RAL to query the current state,

compares that against the desired state, to make any necessary

changes

•

• Every resource is an instance of a resource type:

– Identified by a title

–Has a number of attributes

– Each attribute has a value.

• Puppet ships with a tool called puppet resource

• Use the shell to query and modify your system

• Provide attribute=value pairs to modify the resource

• This includes creating it or destroying it

* Note that this command line assignment syntax differs from the Puppet

language’s normal attribute => value syntax

• Core types:

– notify, file, package

– service, exec, cron

– user, goup

• Core types cheat sheet

• Use “puppet describe –s”

• Puppet programs are called manifests

• Manifests use the .pp file extension

• The core of the Puppet language is the resource declaration

• Manifests can also use:

–Conditional statements

–Group resources into collections

–Generate text with functions

– Reference code in other manifests

–… and do many other things

• Use puppet apply to apply a manifest on local system

• Before being applied, manifests get compiled into a catalog that

only represents resources and the order in which they need to be

synced

• Puppet might sync resources in any order

• The physical order of resources in a manifest doesn’t imply a

logical order

• When some resources depend on other resources, how do we tell

Puppet which ones go first?

• before and require make simple dependency relationships

• before is used in the earlier resource, and lists resources that

depend on it

• require is used in the later resource and lists the resources that it

depends on

• The arrows can point in either direction <- or ->

• Think of them as representing the flow of time

• $variables always start with a dollar sign

• Can be assigned with the = operator

• Can hold strings, numbers, special values (false, undef…), etc

• Unassigned variable value will be undef

• Inside strings, use ${variable}

• Variable can be assigned once in a given scope

• You can use variables as the value for any resource attribute, or as

the title of a resource

• Puppet builds pre-assigned variables

• Puppet ships with a tool called Facter, which formulates system

information into a set of variables

• Classes are singleton collections of resources that Puppet can

apply as a unit

• Classes are blocks of code that can be turned on or off

• Before you can use a class, you have to define it

• To build a class into the catalog, the class has to be declared

• Re-usable bundles of code and data

• Puppet autoloads manifests from the modules in its modulepath

• The modulepath is a colon-separated list of directories

• Let’s just convert that last class to a module…

• You can now include the class from any manifest, without having to

cut and paste anything

• my_module — This outermost directory’s name matches the name

of the module

–manifests/ — Contains all of the manifests in the module.

• init.pp — Contains a class definition. This class’s name must match the

module’s name

• other_class.pp — Contains other classes

• my_defined_type.pp — Contains defined types

– files/ — Contains files, managed nodes can download

– lib/ — Contains plugins, custom facts and custom types

– templates/ — Contains templates

• The Puppet Forge is a great place to start looking for modules

• Modules written by other users, Puppet employees and community

members

• Freely downloaded, modified, and reused

• Most of these modules are open source

• You can also contribute your own modules

• Install and manage modules from the Puppet Forge

• Templates

– ERB templates

– Ruby code can be added to plain text document

–Make your config files as flexible as your Puppet manifests

• Parameterized Classes

–Give a list of parameters when defining a class

• Defined Types

–Model repeatable chunks of configuration

• Introduction

–What is Puppet?

–How Puppet Works?

• RAL - Resource Abstraction Layer

–Manifests, Resource Ordering

–Variables, Facts, Classes, and Modules

–More

• Templates

• Parameterized Classes

• Defined Types

• Master/Agent Puppet

– Serving a Real Configuration

• Pull-based

• Agents are configured to periodically fetch a catalog and apply it

• Also, you can trigger it to run manually

• Puppet master server

–Owns the manifests

– Responsible for compilation

• Puppet agents:

–Don’t have to see any manifest files

at all

–Have no access to configuration

information

• We already built some useful classes

• All classes are available on the puppet master into

/etc/puppetlabs/puppet/modules

• But how do we choose which classes go into an agent’s catalog?

• Puppet master always loads the manifest file site.pp

• With Puppet Enterprise, it’s located by default at

/etc/puppetlabs/puppet/manifests/site.pp

• You can declare classes and resources in a node definition

• Fetches configurations from a master server

• Has two main modes:

–Daemon: fetch configurations every half-hour (default)

– Run once and quit (use the --test option)

• On Puppet master server

• Run Puppet agent again

• Learning Puppet

– http://docs.puppetlabs.com/learning/