Académique Documents
Professionnel Documents
Culture Documents
Management
Puppet
The Foreman
Marionette Collective
Agent
Puppetmaster
Manifest
Catalog
Puppet
Overview
Written in Ruby
Purposes
Deployment
Configuration
Abstraction Of Resources
Transactional Configurations
Puppet Components
Puppet Master
puppet://<puppetmaster>/(files|manifests|templates)
Puppet Components
Puppet Agent
Puppet Components
Puppet CA
/etc
/puppet
fileserver.conf
puppet.conf
auth.conf
/ssl
/manifests
site.pp
/templates
/files
Types
File
Package
Cron
Exec
Service
Augeas
User
Group
ssh_authorized_key
Node
Class
Parameterized Classes
Node Example
node "dub1.dns.com" {
package { openssh:
ensure
=> latest,
notify => Service['openssh'],
}
file { /etc/ssh/sshd_config:
ensure
=> present,
owner
=> root,
group
=> root,
mode
=> 0644,
source=> puppet://<puppetmaster>/files/etc/ssh/sshd_config,
require
=> Package['openssh'],
notify => Service['openssh'],
}
service { openssh:
ensure
=> running,
require
=> [Package['openssh'],File['/etc/ssh/sshd_config']],
hasstatus
=> true,
hasrestart
=> true,
}
}
Class Example
class secureShell {
package { openssh:
ensure
=> latest,
notify => Service['openssh'],
}
file { /etc/ssh/sshd_config:
ensure
=> present,
owner
=> root,
group
=> root,
mode
=> 0644,
source=> puppet://<puppetmaster>/files/etc/ssh/sshd_config,
require
=> Package['openssh'],
notify => Service['openssh'],
}
service { openssh:
ensure
=> running,
require
=> [Package['openssh'],File['/etc/ssh/sshd_config']],
hasstatus
=> true,
hasrestart
=> true,
}
}
file { /etc/ssh/sshd_config:
ensure
=> present,
owner
=> root,
group
=> root,
mode
=> 0644,
content
=> template('sshd_config.erb'),
require
=> Package['openssh'],
notify => Service['openssh'],
}
service { openssh:
ensure
=> running,
require
=> [Package['openssh'],File['/etc/ssh/sshd_config']],
hasstatus
=> true,
hasrestart
=> true,
}
}
facter command
Conditionals In Puppet
Manifests
if ( $operatingsystem==redhat or $operatingsystem==RedHat ) {
package { openssh:
ensure
=> latest,
}
} else {
package { ssh:
ensure
=> latest,
alias
=> openssh,
}
}
case $operatingsystem {
centos, redhat: { $apache = "httpd" }
debian, ubuntu: { $apache = "apache2" }
default: { fail("Unrecognized operating system for webserver") }
}
Conditionals In Puppet
Manifests
The selector
$apache = $operatingsystem ? {
centos
=> 'httpd',
redhat
=> 'httpd',
/(?i)(ubuntu|debian)/ => "apache2-$1",
# (Don't actually use that package name.)
default
=> undef,
}
package {$apache:
ensure
=> latest,
}
Package Management In
Puppet
Puppet Setup
Initial installation
YUM:
[comwired]
name=Comwired
baseurl=http://comwired:gr4n173@opennms.dns.com/repo/centos5/5/
enabled=1
gpgcheck=0
APT:
Puppet Setup
Install puppet
Puppet Setup
Configure puppet
Edit /etc/puppet/puppet.conf
server = lou1
certname = <fqdn>
puppetca -s <fqdn>
Puppet Management
Revoking a certificate
puppetca -c <fqdn>
puppetca -r <fqdn>
puppetca -l -a
Puppet Management
Version Control
Puppet Management
Gepetto
The Foreman
The Foreman
View Facts
View Reports
The Foreman
Installation
http://theforeman.org/projects/foreman/wiki/Installati
on_instructions
Marionette Collective
What is mcollective?
Marionette Collective
Installation
Ruby
Rubygems
Marionette Collective
Installation (cont.)
Marionette Collective
Usage
---- ping statistics ---28 replies max: 554.15 min: 46.91 avg: 221.43
Marionette Collective
root@lou1:~# mco inventory chi1.dns.com
Inventory for chi1.dns.com:
Server Statistics:
Version: 1.2.1
Start Time: Tue Sep 27 08:31:00 -0400 2011
Config File: /etc/mcollective/server.cfg
Collectives: mcollective
Main Collective: mcollective
Process ID: 27281
Total Messages: 27435
Messages Passed Filters: 14485
Messages Filtered: 12950
Replies Sent: 14484
Total Processor Time: 47.21 seconds
System Time: 8.29 seconds
Agents:
discovery
filemgr
iptables
nettest
nrpe
puppet-package
puppet-service puppetca
puppetd
puppetral
rpcutil
Configuration Management Classes:
basenode
chi1.dns.com
comwiredrepo
dnsfirewall
dnsinterface
dnsnode
geodns
hosts
mcollective
ntp
resolver
settings
snmpconfig
useraccounts
Facts:
mcollective => 1
Marionette Collective
Packaged By DNS.com
Marionette Collective
found 2 times
awsstub1
awsstub2
16
found 1 times
chi1.dns.com
found 1 times
ip-10-194-58-223.ec2.internal
10.2.32.13
h6eddnrecur2
found 1 times
Marionette Collective
Marionette Collective
Marionette Collective
Resources
http://puppetlabs.com/
Pro Puppet By James Turnbull and Jeffrey
McCune
#theforeman