Dance for the puppet master: G6 Tech Talk
Download as PPT, PDF0 likes548 views
Puppet is an open source tool used to automate server configuration management. It ensures servers are configured and packages installed as defined. Puppet manages configuration through resources like packages, files, users and more. It can install packages, configure files and folders, manage services, create users/groups, and run commands. Puppet applies configurations idempotently so they can be run multiple times without changing the server unless the configuration changes.
![Require example
require => [ Package['mysql-client'], Package['mysql-server'] ]
notice when referencing other puppet
configurations, the resource type is capitalised](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-9-320.jpg)
![exec: example
exec{ "create-db":
command => '/bin/gunzip -c
/vagrant/database/default.sql.gz > db.sql &&
/usr/bin/mysql < db.sql && /bin/rm db.sql &&
/bin/touch /vagrant/mysqlimport.lock',
require => [ Package['mysql-client'],
Package['mysql-server'] ],
creates => "/vagrant/mysqlimport.lock",
timeout => 0
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-12-320.jpg)
![exec: another example
exec{ "compose":
command => '/bin/rm -rfv /vagrant/vendor/* && /bin/rm
-f /vagrant/composer.lock && /usr/bin/curl -s
http://getcomposer.org/installer | /usr/bin/php -- --install-
dir=/vagrant && cd /vagrant && /usr/bin/php
/vagrant/composer.phar install',
require => [ Package['curl'], Package['git-core'] ],
creates => "/vagrant/composer.lock",
timeout => 0
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-13-320.jpg)
![Update aptitude
exec { 'apt-get update':
command => '/usr/bin/apt-get update',
require => Exec['preparenetworking'],
timeout => 0
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-17-320.jpg)
![Install package
We just need to ensure the package is present
package { "apache2":
ensure => present,
require => Exec['apt-get update']
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-18-320.jpg)
![Run the service
service { "apache2":
ensure => running,
require => Package['apache2']
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-19-320.jpg)
![file: create a symlink
ensure => ‘link’
file { '/var/www/vendor':
ensure => 'link',
target => '/vagrant/vendor',
require => Package['apache2']
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-22-320.jpg)
![file: create several
folders
$cache_directories = [ "/var/www/cache/", "/var/www/cache/pages",
"/var/www/cache/routes",
"/var/www/cache/templates",
]
file { $cache_directories:
ensure => "directory",
owner => "www-data",
group => "www-data",
mode => 777,
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-24-320.jpg)
![Add a cron
command: the command to run
user: user to run the cron as
hour, minute, month, monthday, weekday
can be defined as hour => 1 or
hour => [1,2,3,5] or
hour => [1-10]](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-25-320.jpg)
![Create a user
user { "developer":
ensure => "present",
gid => "wheel",
shell => "/bin/bash",
home =>
"/home/developer",
managehome => true,
password =>
"passwordtest",
require =>
Group["wheel"]
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-26-320.jpg)
![Make the group a
sudoer
We probably want to stop this being ran
multiple times!
exec { "/bin/echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers":
require => Group["wheel"]
}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-28-320.jpg)
![Stages
Running things in a specific order can often be
important
Require often makes this easy for us, however
Exec’s don’t seem to use this reliably
We can define “stages” with a specific order.
We can then put puppet modules into stages
Default stage is Stage[main]](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-29-320.jpg)
![Stages example
stage { 'first': before => Stage[main] }
class {'apache': stage => first}](https://image.slidesharecdn.com/g6-tech-talk-puppet-130124192114-phpapp01/85/Dance-for-the-puppet-master-G6-Tech-Talk-30-320.jpg)
Dance for the puppet master: G6 Tech Talk
- 1. Dance for the puppet master An introduction to Puppet Michael Peacock
- 2. So, what is puppet Provisioning tool “Open source configuration management tool” Used to automate server management Configuration Installs & upgrades etc
- 3. Internal development team presentation Ground Six Limited
- 4. Idempotent Can be ran multiple times without changing the server (unless the configuration changes) Instead of doing things, it checks or ensures things: Ensuring a package is installed only installs it if it hasn’t been installed. Execs only run if their create file isn’t found (and puppet doesn’t think they have been ran)
- 5. Configuration within Vagrant Tell puppet to run Tell it where the manifests live Tell it the default manifest Tell it where modules live
- 6. config.vm.provision :puppet do |puppet| puppet.manifests_path = "provision/manifests" puppet.manifest_file = "default.pp" puppet.module_path = "provision/modules" end
- 7. What can it do? cron: install and manage cron jobs (scheduled_task on windows) exec: runs shall commands user: create and manage user accounts group: create and manage groups file: create and manage files, folders and symlinks notify: log something service: manage running services And more...the items in bold are known as resources within puppet
- 8. Require Many / all puppet options support a “require” configuration Defines other puppet tasks which must have been successfully checked / executed before this can be ran We only want to install packages once we have updated aptitude We only want to install MySQL drivers once we have the MySQL client/server installed
- 9. Require example require => [ Package['mysql-client'], Package['mysql-server'] ] notice when referencing other puppet configurations, the resource type is capitalised
- 10. exec command: command (including full path unless path is also defined) to be executed. The “name” will be used if omitted user & group: to run the command as create: a file that the command creates. If found, the exec is not run cwd: directory to run the command from path: if full path for command isn’t supplied, path must point to location of the command
- 11. exec: a note We create lock files in some of our exec commands to prevent repeated execution, e.g. after installing the default database, download something or run anything which can only be ran once.
- 12. exec: example exec{ "create-db": command => '/bin/gunzip -c /vagrant/database/default.sql.gz > db.sql && /usr/bin/mysql < db.sql && /bin/rm db.sql && /bin/touch /vagrant/mysqlimport.lock', require => [ Package['mysql-client'], Package['mysql-server'] ], creates => "/vagrant/mysqlimport.lock", timeout => 0 }
- 13. exec: another example exec{ "compose": command => '/bin/rm -rfv /vagrant/vendor/* && /bin/rm -f /vagrant/composer.lock && /usr/bin/curl -s http://getcomposer.org/installer | /usr/bin/php -- --install- dir=/vagrant && cd /vagrant && /usr/bin/php /vagrant/composer.phar install', require => [ Package['curl'], Package['git-core'] ], creates => "/vagrant/composer.lock", timeout => 0 }
- 14. exec: what we use it for Installing the default MySQL database content Install pear projects Note: we should probably use or write a puppet module to install pear projects we need, our approach is a bit of a hack
- 15. subscribe & refreshonly Some commands need to be ran periodically after other things have ran More so the case when puppet manages existing infrastructure (using it to manage whats already on a machine and installing new things) subscribe: defines other events which should cause the task to run (like require, but refreshes the task) refreshonly: instructs the task to only run when the other tasks are completed
- 16. Installing software Package “type” We need to apt-get update first... We want to ensure some of our installed software is running
- 17. Update aptitude exec { 'apt-get update': command => '/usr/bin/apt-get update', require => Exec['preparenetworking'], timeout => 0 }
- 18. Install package We just need to ensure the package is present package { "apache2": ensure => present, require => Exec['apt-get update'] }
- 19. Run the service service { "apache2": ensure => running, require => Package['apache2'] }
- 20. Files ensure: type of file - symlink (link), directory target: for symlinks - set the target file source:file to be copied (if copying a file) owner: user who should own the file group: group associated with the file mode: file permissions e.g. 777
- 21. file: copy apache config Set the source: source => ‘/path/to/file’ file { '/etc/apache2/sites-available/default': source => '/vagrant/provision/modules/apache/files/default', owner => 'root', group => 'root' }
- 22. file: create a symlink ensure => ‘link’ file { '/var/www/vendor': ensure => 'link', target => '/vagrant/vendor', require => Package['apache2'] }
- 23. file: create a folder ensure => ‘directory’ file{ "/var/www/uploads": ensure => "directory", owner => "www-data", group => "www-data", mode => 777, }
- 24. file: create several folders $cache_directories = [ "/var/www/cache/", "/var/www/cache/pages", "/var/www/cache/routes", "/var/www/cache/templates", ] file { $cache_directories: ensure => "directory", owner => "www-data", group => "www-data", mode => 777, }
- 25. Add a cron command: the command to run user: user to run the cron as hour, minute, month, monthday, weekday can be defined as hour => 1 or hour => [1,2,3,5] or hour => [1-10]
- 26. Create a user user { "developer": ensure => "present", gid => "wheel", shell => "/bin/bash", home => "/home/developer", managehome => true, password => "passwordtest", require => Group["wheel"] }
- 27. Create a group group { "wheel": ensure => "present", }
- 28. Make the group a sudoer We probably want to stop this being ran multiple times! exec { "/bin/echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers": require => Group["wheel"] }
- 29. Stages Running things in a specific order can often be important Require often makes this easy for us, however Exec’s don’t seem to use this reliably We can define “stages” with a specific order. We can then put puppet modules into stages Default stage is Stage[main]
- 30. Stages example stage { 'first': before => Stage[main] } class {'apache': stage => first}
- 31. Importing modules Import the module (assuming it is in the right folder) Include the module to be executed import "apache" include apache