Questions Agenda 1 Introduction 2 Puppet, things to know 3 Getting started 4 Examples 5 Tips and Questions tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 2 / 21
Questions $ who am i UNIX/Linux consultant and Trainer @ ATComputing Linux Geek (started in 1992 with 0.96α) Shell script nerd Open Source enthusiast Programming (learning Python) Loves DNS Plain text aficionado Big fan of things that just work · · · tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 3 / 21
Questions Puppet, what it is!? Configuration management tool Written in Ruby by Luke Kanies Client / server model Own domain-specific language (DSL) Buzzword compliant Easy to learn Easy to use Safe, uses SSL with an own PKI Idempotent · · · tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 4 / 21
Questions What to consider Do I need a “heavy” tool like Puppet Do I have enough knowledge of Puppet If not, do I have time to learn Puppet Do I have a generic enough setup Do I have multiple environments (OTAP) Do I have multiple OS’s to take care of · · · tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 5 / 21
Questions What you need Dedicated server as “Puppet master” ntp server (because of SSL) VCS like git or svn Nice to have: deployment server like Cobbler · · · tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 6 / 21
Questions Master / Slave One central server: Master Contains all configurations Has the SSL key store One or more clients: Nodes Asks configuration sets Sends back reports Node Node Node XMLRPC over HTTPS Reports SVN / Git Puppet master tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 7 / 21
Questions What it does Clients asks for configuration Master gathers manifests for client Compiles a catalog for the client Sends the catalog to the client Checks current state Enforces wanted state Sends back a report Manifest Manifest Manifest Catalog Apply configuration Query status Enforce state Defined system state Compile tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 8 / 21
Questions Getting started Use the Puppet Labs Package Repositories http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html Make sure NTP and DNS are working Install the Puppet master software Install the Puppet client software Create a repository in VCS Deploy a simple file, like /etc/motd Extend things · · · tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 9 / 21
Questions Extending things Add a second host Create a “generic” module Deploy more difficult things with templates · · · tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 10 / 21
Questions The structure Modules contain one or more manifests Classes are defined in manifests Classes can inherit other classes Classes contain the resource definitions Nodes can be subscribed to classes Module Class Resource(s) File(s) Template(s) Node Node Node tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 11 / 21
Questions The start The file $puppet/manifests/site.pp is the first file used Start of the configuration tree. This is the place to import other classes and modules site.pp example import "prod/nodes" import "dmz/nodes" import "test/nodes" tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 12 / 21
Questions Nodes From site.pp nodes are imported. These files are normally called nodes.pp nodes.pp example node default { include generic } node "mach1.acme.com" inherits default { class { issue: loc => "attic", room => "closet" ,} include logcheck } tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 13 / 21
Questions Install packages Installation of packages is OS independant Puppet “knows” how to install a package on a certain OS package example package { "rsyslog" : ensure => installed , } tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 14 / 21
Questions Managing services When a service needs to run, Puppet can check into this service example service { "rsyslog" : ensure => running , enable => true , hasstatus => true , require => Package["rsyslog"], } tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 16 / 21
Questions Managing cron jobs Puppet can manage all your cron jobs cron example cron { "reright" : ensure => present , user => root , hour => 3, minute => 32, command => "/etc/puppet/bin/reright", } tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 17 / 21
Questions User management If you don’t want to use LDAP or other central systems user example user { "tonk" : ensure => "present", uid => "1001", gid => "1001", comment => "Ton Kersten", home => "/home/tonk", shell => "/bin/zsh", } tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 18 / 21
Questions Tips Puppet Dashboard http://www.puppetlabs.com/puppet/related-projects/dashboard The Marionette Collective http://www.puppetlabs.com/mcollective/introduction Puppet Cloud Config Management http://www.puppetlabs.com/puppet/solutions/large-scale-deployments Example 42 modules and tools http://www.example42.com Geppetto IDE http://cloudsmith.github.com/geppetto/download.html tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 19 / 21
Questions Tips Learning Puppet on Puppet Labs http://docs.puppetlabs.com/learning Puppet coding style http://docs.puppetlabs.com/guides/style_guide.html The Pro Puppet book http://www.apress.com/9781430230571 Puppet documentation on Puppet Labs http://docs.puppetlabs.com The Puppet PDF http://www.puppetlabs.com/downloads/puppet/puppet.pdf The Puppet Forge https://forge.puppetlabs.com IRC: #puppet on Freenode · · · tk-at-pup-v1.0α Ton Kersten c 2013 – AT Computing 20 / 21
tonk
cmusudakeisuke
koichiotomo
miu_crescent
ken5scal
salaboy
stajima
sugamasao
trishagee
naospon
kazushi_ohata
takumiogawa
4su_para
samlambert
brettharned
maltzj
stephaniewalter
jcasabona
deanohume
marcelosomers
bkeepers
keithpitt
moore
62gerente
brad_frost
