Difference between revisions of "Puppet"
m |
m |
||
Line 1: | Line 1: | ||
https://puppet.com/ | https://puppet.com/ | ||
+ | |||
+ | Puppet code is a declarative language, which means that you describe only the desired state for your systems, not the steps needed to get there | ||
+ | |||
+ | One of Puppet's core concepts is the resource abstraction layer. For Puppet, each aspect of the system you want to manage (such as a user, file, service, or package) is represented in code as a unit called a resource. The puppet resource tool lets you view and modify these resources directly. | ||
+ | |||
+ | Puppet Master --> [Catalog] --> Node --> [Facts] --> Puppet Master | ||
+ | * Facts = data about its state | ||
+ | * Catalog = Facts are used to compile a catalog that specifies how the node should be configured | ||
+ | |||
+ | |||
+ | Puppet agent uses providers to check for difference between current and desired state. The Providers help puppet implement whatever changes are necessary | ||
+ | |||
+ | * Learn Puppet (hands on) https://puppet.com/try-puppet/puppet-learning-vm/ | ||
+ | |||
+ | See what Puppet knows about a resource | ||
+ | <pre> | ||
+ | sudo puppet resource file /tmp/ | ||
+ | file { '/tmp/': | ||
+ | ensure => 'directory', | ||
+ | ctime => '2020-03-28 19:15:40 +0000', | ||
+ | group => 0, | ||
+ | mode => '1777', | ||
+ | mtime => '2020-03-28 19:15:40 +0000', | ||
+ | owner => 0, | ||
+ | type => 'directory', | ||
+ | } | ||
+ | </pre> | ||
+ | |||
+ | <code>sudo puppet resource package httpd ensure=present</code> | ||
+ | Installs a package using the default package manager | ||
+ | |||
+ | Manifests – puppet code saves as .pp | ||
+ | |||
+ | Run a manifest directly (without puppet master involvement) | ||
+ | sudo puppet apply /tmp/hello.pp | ||
+ | |||
+ | Class – named block of Puppet Code – Class brings together resoures that manage one logical component of a system | ||
+ | |||
+ | Module – directory structure | ||
+ | |||
+ | Simple Validator | ||
+ | puppet parser validate pasture/manifests/init.pp | ||
+ | |||
+ | |||
Normally to update the host (instead of waiting for the timer) | Normally to update the host (instead of waiting for the timer) | ||
sudo puppet agent --test | sudo puppet agent --test | ||
+ | Run and make no changes | ||
+ | sudo puppet agent --t --noop | ||
+ | |||
+ | |||
+ | Relationship metaparameters tell Puppet about ordering relationships among your resources. | ||
+ | <code>before => File['/etc/pasture_config.yaml'],</code> <-- create my resource before this other resource (config file) is generated | ||
+ | <code>notify => Service['pasture'], </code) <- on change tell this other resource | ||
+ | |||
+ | |||
+ | ==Host stops reporting, it will not fetch anything== | ||
+ | |||
+ | |||
+ | ===puppet encrypt=== | ||
+ | ssh-keygen -f hostname -C hostname -t ed25519 | ||
+ | sudo /opt/puppetlabs/puppet/bin/eyaml encrypt -f hostname | ||
+ | |||
− | |||
====Forman Integration==== | ====Forman Integration==== | ||
Line 35: | Line 94: | ||
</pre> | </pre> | ||
− | |||
− | |||
− | |||
− |
Revision as of 01:26, 28 March 2020
Puppet code is a declarative language, which means that you describe only the desired state for your systems, not the steps needed to get there
One of Puppet's core concepts is the resource abstraction layer. For Puppet, each aspect of the system you want to manage (such as a user, file, service, or package) is represented in code as a unit called a resource. The puppet resource tool lets you view and modify these resources directly.
Puppet Master --> [Catalog] --> Node --> [Facts] --> Puppet Master
- Facts = data about its state
- Catalog = Facts are used to compile a catalog that specifies how the node should be configured
Puppet agent uses providers to check for difference between current and desired state. The Providers help puppet implement whatever changes are necessary
- Learn Puppet (hands on) https://puppet.com/try-puppet/puppet-learning-vm/
See what Puppet knows about a resource
sudo puppet resource file /tmp/ file { '/tmp/': ensure => 'directory', ctime => '2020-03-28 19:15:40 +0000', group => 0, mode => '1777', mtime => '2020-03-28 19:15:40 +0000', owner => 0, type => 'directory', }
sudo puppet resource package httpd ensure=present
Installs a package using the default package manager
Manifests – puppet code saves as .pp
Run a manifest directly (without puppet master involvement)
sudo puppet apply /tmp/hello.pp
Class – named block of Puppet Code – Class brings together resoures that manage one logical component of a system
Module – directory structure
Simple Validator
puppet parser validate pasture/manifests/init.pp
Normally to update the host (instead of waiting for the timer)
sudo puppet agent --test
Run and make no changes
sudo puppet agent --t --noop
Relationship metaparameters tell Puppet about ordering relationships among your resources.
before => File['/etc/pasture_config.yaml'],
<-- create my resource before this other resource (config file) is generated
notify => Service['pasture'], </code) <- on change tell this other resource
Host stops reporting, it will not fetch anything
puppet encrypt
ssh-keygen -f hostname -C hostname -t ed25519
sudo /opt/puppetlabs/puppet/bin/eyaml encrypt -f hostname
Forman Integration
If the branch that the environment is using gets merged/deleted the nodes stop updating as puppet cant find a class = branch.
puppet only needs to find a branch thats 'alive' then it will get told the right information from forman.
so
sudo puppet agent -t --environment develop
Instead of --->
Usually when someone has stopped puppet - done lots of changes, potentially deleted the branch it was configured with.
Ensure that the /etc/puppetlabs/puppetpuppet.conf
files environment is correct
[main]
vardir = /opt/puppetlabs/puppet/cache
logdir = /var/log/puppetlabs/puppet
rundir = /var/run/puppetlabs
ssldir = /etc/puppetlabs/puppet/ssl
[agent]
pluginsync = true
report = true
ignoreschedules = true
ca_server = puppetmaster.domain
certname = thishost.domain
environment = develop
server = puppetmaster.domain
splay = true