01 puppet基礎
配置:
node1:192.168.1.131 CentOS7.2
node2:192.168.1.132 CentOS7.2
[root@node1 ~]# rpm -ivh epel-release-latest-7.noarch.rpm
[root@node1 ~]# yum list all | grep -i "puppet"
puppet.noarch 3.6.2-3.el7 epel
puppet-firewalld.noarch 0.1.3-1.el7 epel
puppet-server.noarch 3.6.2-3.el7 epel
[root@node2 ~]# ls *rpm
facter-2.4.4-1.el7.x86_64.rpm puppet-server-3.8.4-1.el7.noarch.rpm
puppet-3.8.4-1.el7.noarch.rpm
[root@node2 ~]# rpm -ivh epel-release-latest-7.noarch.rpm
[root@node2 ~]# yum install facter-2.4.4-1.el7.x86_64.rpm puppet-3.8.4-1.el7.noarch.rpm
02 puppet資源詳解
#定義資源清單:
1、group、user示例
[root@node2 ~]# mkdir mainfests
[root@node2 ~]# cd mainfests/
[root@node2 mainfests]# vim test1.pp
group {'distro':
gid => 2000,
ensure => present,
}
user {'centos':
uid => 2000,
gid => 2000,
shell => '/bin/bash',
home => '/home/centos',
ensure => present,
}
[root@node2 mainfests]# puppet apply -v test1.pp
Notice: Compiled catalog for node2 in environment production in 0.61 seconds
Info: Applying configuration version '1480767979'
Notice: Finished catalog run in 0.08 seconds
[root@node2 mainfests]# tail -5 /etc/group
avahi:x:70:
slocate:x:21:
tcpdump:x:72:
puppet:x:52:
distro:x:2000:
[root@node2 mainfests]# tail -5 /etc/passwd
gnome-initial-setup:x:988:983::/run/gnome-initial-setup/:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
puppet:x:52:52:Puppet:/var/lib/puppet:/sbin/nologin
centos:x:2000:2000::/home/centos:/bin/bash
2、file實例
[root@node2 mainfests]# vim test2.pp
file{'/tmp/mydir':
ensure => directory,
}
file{'/tmp/puppet.file';
content => 'puppet testing\nsecond line.',
ensure => file,
owner => 'centos',
group => 'distro',
mode => '0400',
}
file{'/tmp/fstab.puppet':
source => '/etc/fstab',
ensure => file,
}
file{'/tmp/puppet.link':
ensure => link,
target => '/tmp/puppet.file',
}
[root@node2 mainfests]# puppet apply -v -d test2.pp
3、exec示例
[root@node2 mainfests]# vim test3.pp
exec{'/usr/sbin/modprobe ext4':
user => root,
group => root,
refresh => '/usr/sbin/modprobe -r ext4 && /usr/sbin/modprobe ext4',
timeout => 5,
tries => 2,
}
exec {'/bin/echo hello > /tmp/hello.txt':
user => root,
group => root,
creates => '/tmp/hello.txt',
}
exec {'/bin/echo hello > /tmp/hello2.txt':
user => root,
group => root,
unless => '/usr/bin/test -e /tmp/hello2.txt',
}
[root@node2 mainfests]# puppet apply -v test3.pp
Notice: Compiled catalog for node2 in environment production in 0.23 seconds
Info: Applying configuration version '1480822653'
Notice: /Stage[main]/Main/Exec[/usr/sbin/modprobe ext4]/returns: executed successfully
Notice: Finished catalog run in 0.06 seconds
4、notify示例
[root@node2 mainfests]# vim test4.pp
notify{"hello there.":}
[root@node2 mainfests]# puppet apply -v test4.pp
Notice: Compiled catalog for node2 in environment production in 0.09 seconds
Info: Applying configuration version '1480823772'
Notice: hello there.
Notice: /Stage[main]/Main/Notify[hello there.]/message: defined 'message' as 'hello there.'
Notice: Finished catalog run in 0.06 seconds
5、cron示例
[root@node2 mainfests]# vim test5.pp
cron{"sync time":
command => '/usr/sbin/ntpdate 192.168.1.62 &> /dev/null',
minute => '*/10',
ensure => absent,
}
[root@node2 mainfests]# puppet apply -v test5.pp
Notice: Compiled catalog for node2 in environment production in 0.26 seconds
Info: Applying configuration version '1480824444'
Notice: /Stage[main]/Main/Cron[sync time]/ensure: created
Notice: Finished catalog run in 0.11 seconds
03 puppet配置語言
6、package示例
[root@node2 ~]# ls jdk-8u25-linux-x64.rpm
jdk-8u25-linux-x64.rpm
[root@node2 ~]# mv jdk-8u25-linux-x64.rpm /usr/local/src/
[root@node2 ~]# cd mainfests/
[root@node2 mainfests]# vim test6.pp
package{'zsh':
ensure => latest,
}
package{'jdk':
ensure => installed,
source => '/usr/local/src/jdk-8u25-linux-x64.rpm',
provider => rpm,
}
[root@node2 mainfests]# puppet apply -v test6.pp
Notice: Compiled catalog for node2 in environment production in 1.05 seconds
Info: Applying configuration version '1480827477'
Notice: /Stage[main]/Main/Package[zsh]/ensure: created
Notice: /Stage[main]/Main/Package[jdk]/ensure: created
Notice: Finished catalog run in 424.65 seconds
7、service示例
[root@node2 mainfests]# vim test7.pp
package{'nginx':
ensure => latest,
}
service{'nginx':
ensure => running,
enable => true,
hasrestart => true,
restart => 'systemctl reload nginx.service',
}
[root@node2 mainfests]# puppet apply -v test7.pp
Notice: Compiled catalog for node2 in environment production in 1.24 seconds
Info: Applying configuration version '1480836821'
Notice: /Stage[main]/Main/Package[nginx]/ensure: created
Notice: /Stage[main]/Main/Service[nginx]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Main/Service[nginx]: Unscheduling refresh on Service[nginx]
Notice: Finished catalog run in 41.21 seconds
[root@node2 mainfests]# vim test8.pp
group {'linux':
gid => 3000,
ensure => present,
}
user {'suse':
uid => 3000,
gid => 3000,
shell => '/bin/bash',
home => '/home/suse',
ensure => present,
}
[root@node2 mainfests]# puppet apply -v test8.pp
Notice: Compiled catalog for node2 in environment production in 0.60 seconds
Info: Applying configuration version '1480837614'
Notice: /Stage[main]/Main/Group[linux]/ensure: created
Notice: /Stage[main]/Main/User[suse]/ensure: created
Notice: Finished catalog run in 0.24 seconds
8、特殊屬性
[root@node2 mainfests]# mkdir -p /root/modules/nginx/flies
[root@node2 mainfests]# cp /etc/nginx/nginx.conf /root/modules/nginx/flies/
[root@node2 mainfests]# vim /root/modules/nginx/flies/nginx.conf
修改
worker_processes auto;
爲
worker_processes 2;
修改
listen 80
爲
listen 8080
[root@node2 mainfests]# vim test9.pp
package{'nginx':
ensure => latest,
}
file{'/etc/nginx/nginx.conf':
ensure => file,
source => '/root/modules/nginx/flies/nginx.conf',
require => Package['nginx'],
notify => Service['nginx'],
}
service{'nginx':
ensure => running,
enable => true,
hasrestart => true,
#restart => 'systemctl reload nginx.service',
require => [ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
[root@node2 mainfests]# puppet apply -v test9.pp
Notice: Compiled catalog for node2 in environment production in 1.43 seconds
Info: Applying configuration version '1480854538'
Notice: Finished catalog run in 4.68 seconds
[root@node2 mainfests]# service nginx stop
Redirecting to /bin/systemctl stop nginx.service
[root@node2 mainfests]# vim /etc/nginx/nginx.conf
修改
worker_processes 2;
爲
worker_processes auto;
[root@node2 mainfests]# puppet apply -v test9.pp
Notice: Compiled catalog for node2 in environment production in 1.45 seconds
Info: Applying configuration version '1480855179'
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: FileBucket got a duplicate file {md5}93bc8e01bfd45e7e18b23acc178ae25b
Info: /Stage[main]/Main/File[/etc/nginx/nginx.conf]: Filebucketed /etc/nginx/nginx.conf to puppet with sum 93bc8e01bfd45e7e18b23acc178ae25b
Notice: /Stage[main]/Main/File[/etc/nginx/nginx.conf]/content: content changed '{md5}93bc8e01bfd45e7e18b23acc178ae25b' to '{md5}456ddb9d4209543dab23207931473c91'
Notice: /Stage[main]/Main/Service[nginx]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Main/Service[nginx]: Unscheduling refresh on Service[nginx]
Notice: Finished catalog run in 5.29 seconds
[root@node2 mainfests]# vim /root/modules/nginx/flies/nginx.conf
修改
worker_processes 2;
爲
worker_processes 3;
修改
listen 80 default_server;
爲
listen 808 default_server;
[root@node2 mainfests]# puppet apply -v test9.pp
Notice: Compiled catalog for node2 in environment production in 1.41 seconds
Info: Applying configuration version '1480857702'
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: /Stage[main]/Main/File[/etc/nginx/nginx.conf]: Filebucketed /etc/nginx/nginx.conf to puppet with sum 456ddb9d4209543dab23207931473c91
Notice: /Stage[main]/Main/File[/etc/nginx/nginx.conf]/content: content changed '{md5}456ddb9d4209543dab23207931473c91' to '{md5}5aeb19c0057030b2990920a929d8aed3'
Info: /Stage[main]/Main/File[/etc/nginx/nginx.conf]: Scheduling refresh of Service[nginx]
Notice: /Stage[main]/Main/Service[nginx]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 4.98 seconds
9、變量
[root@node2 mainfests]# vim test10.pp
$webserver=nginx
package{$webserver:
ensure => latest,
}
file{'/etc/nginx/nginx.conf':
ensure => file,
source => '/root/modules/nginx/flies/nginx.conf',
require => Package['nginx'],
notify => Service['nginx'],
}
service{'nginx':
ensure => running,
enable => true,
hasrestart => true,
#restart => 'systemctl reload nginx.service',
require => [ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
[root@node2 mainfests]# puppet apply -v test10.pp
Notice: Compiled catalog for node2 in environment production in 1.42 seconds
Info: Applying configuration version '1480938332'
Notice: Finished catalog run in 18.48 seconds
[root@node2 mainfests]# systemctl stop nginx.service
[root@node2 mainfests]# yum -y remove nginx
[root@node2 mainfests]# rm -rf /etc/nginx/
[root@node2 mainfests]# puppet apply -v test10.pp
Notice: Compiled catalog for node2 in environment production in 1.44 seconds
Info: Applying configuration version '1480938505'
Notice: /Stage[main]/Main/Package[nginx]/ensure: created
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: FileBucket got a duplicate file {md5}93bc8e01bfd45e7e18b23acc178ae25b
Info: /Stage[main]/Main/File[/etc/nginx/nginx.conf]: Filebucketed /etc/nginx/nginx.conf to puppet with sum 93bc8e01bfd45e7e18b23acc178ae25b
Notice: /Stage[main]/Main/File[/etc/nginx/nginx.conf]/content: content changed '{md5}93bc8e01bfd45e7e18b23acc178ae25b' to '{md5}5aeb19c0057030b2990920a929d8aed3'
Info: /Stage[main]/Main/File[/etc/nginx/nginx.conf]: Scheduling refresh of Service[nginx]
Notice: /Stage[main]/Main/Service[nginx]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Main/Service[nginx]: Unscheduling refresh on Service[nginx]
Notice: Finished catalog run in 12.16 seconds
10、if語句
[root@node2 mainfests]# vim test11.pp
if $processorcount>1 {
notice("SMP Host.")
} else {
notice("Poor Guy.")
}
[root@node2 mainfests]# puppet apply -v test11.pp
Notice: Scope(Class[main]): SMP Host.
Notice: Compiled catalog for node2 in environment production in 0.10 seconds
Info: Applying configuration version '1480939461'
Notice: Finished catalog run in 0.02 seconds
[root@node2 mainfests]# vim test12.pp
if $operatingsystem =~ /^(?i-mx:(centos|redhat|fedora|ubuntu))/ {
notice("Welcome to $1 distribute linux.")
}
[root@node2 mainfests]# puppet apply -v test12.pp
Notice: Scope(Class[main]): Welcome to CentOS distribute linux.
Notice: Compiled catalog for node2 in environment production in 0.10 seconds
Info: Applying configuration version '1480940033'
Notice: Finished catalog run in 0.05 seconds
04 puppet類、模板及模塊
1、類聲明方式1
[root@node2 mainfests]# vim test13.pp
class nginx {
$webserver=nginx
package{$webserver:
ensure => latest,
}
file{'/etc/nginx/nginx.conf':
ensure => file,
source => '/root/modules/nginx/flies/nginx.conf',
require => Package['nginx'],
notify => Service['nginx'],
}
service{'nginx':
ensure => running,
enable => true,
hasrestart => true,
#restart => 'systemctl reload nginx.service',
require => [ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
}
include nginx
[root@node2 mainfests]# systemctl stop nginx.service
[root@node2 mainfests]# yum -y remove nginx
[root@node2 mainfests]# rm -rf /etc/nginx/
[root@node2 mainfests]# puppet apply -v test13.pp
Notice: Compiled catalog for node2 in environment production in 1.41 seconds
Info: Applying configuration version '1481026945'
Notice: /Stage[main]/Nginx/Package[nginx]/ensure: created
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: FileBucket got a duplicate file {md5}93bc8e01bfd45e7e18b23acc178ae25b
Info: /Stage[main]/Nginx/File[/etc/nginx/nginx.conf]: Filebucketed /etc/nginx/nginx.conf to puppet with sum 93bc8e01bfd45e7e18b23acc178ae25b
Notice: /Stage[main]/Nginx/File[/etc/nginx/nginx.conf]/content: content changed '{md5}93bc8e01bfd45e7e18b23acc178ae25b' to '{md5}5aeb19c0057030b2990920a929d8aed3'
Info: /Stage[main]/Nginx/File[/etc/nginx/nginx.conf]: Scheduling refresh of Service[nginx]
Notice: /Stage[main]/Nginx/Service[nginx]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Nginx/Service[nginx]: Unscheduling refresh on Service[nginx]
Notice: Finished catalog run in 917.40 seconds
2、類聲明方式2
[root@node2 mainfests]# vim test14.pp
class nginx($webserver='nginx') {
package{$webserver:
ensure => latest,
}
file{'/etc/nginx/nginx.conf':
ensure => file,
source => '/root/modules/nginx/flies/nginx.conf',
require => Package['nginx'],
notify => Service['nginx'],
}
service{'nginx':
ensure => running,
enable => true,
hasrestart => true,
#restart => 'systemctl reload nginx.service',
require => [ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
}
class {'nginx':
webserver => 'tengine',
}
3、子類調用父類
[root@node2 mainfests]# vim test15.pp
class nginx {
package {'nginx':
ensure => latest,
} ->
service{'nginx':
enable => true,
ensure => running,
hasrestart => true,
restart => 'service nginx reload',
}
}
class nginx::webserver inherits nginx {
file{'/etc/nginx/nginx.conf':
source => /root/modules/nginx/files/nginx_web.conf,
ensure => file,
notify => Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
source => /root/modules/nginx/files/nginx_proxy.conf,
ensure => file,
notify => Service['nginx'],
}
}
include nginx::webserverclass nginx {
package {'nginx':
ensure => latest,
} ->
service{'nginx':
enable => true,
ensure => running,
hasrestart => true,
restart => 'service nginx reload',
}
}
class nginx::webserver inherits nginx {
file{'/etc/nginx/nginx.conf':
source => '/root/modules/nginx/files/nginx_web.conf',
ensure => file,
notify => Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
source => '/root/modules/nginx/files/nginx_proxy.conf',
ensure => file,
notify => Service['nginx'],
}
}
include nginx::webserver
[root@node2 mainfests]# cd /root/modules/nginx/flies/
[root@node2 flies]# cp nginx.conf nginx_web.conf
[root@node2 flies]# cp nginx.conf nginx_proxy.conf
[root@node2 flies]# vim nginx_proxy.conf
修改
location / {
}
爲
location / {
proxy_pass http://192.168.1.131/;
}
[root@node2 mainfests]# puppet apply -v test15.pp
Notice: Compiled catalog for node2 in environment production in 1.49 seconds
Info: Applying configuration version '1481031545'
4、在子類中覆蓋父類中已經定義的資源的屬性值
[root@node2 mainfests]# vim test16.pp
class nginx {
package {'nginx':
ensure => latest,
name => nginx,
} ->
service{'nginx':
enable => true,
ensure => running,
hasrestart => true,
restart => 'service nginx reload',
}
}
class nginx::webserver inherits nginx {
Package['nginx']{
name => tengine,
}
file{'/etc/nginx/nginx.conf':
source => '/root/modules/nginx/files/nginx_web.conf',
ensure => file,
notify => Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
source => '/root/modules/nginx/files/nginx_proxy.conf',
ensure => file,
notify => Service['nginx'],
}
}
include nginx::webserver
[root@node2 mainfests]# puppet apply -v test16.pp
Notice: Compiled catalog for node2 in environment production in 1.40 seconds
Info: Applying configuration version '1481112014'
Error: /Stage[main]/Nginx::Webserver/File[/etc/nginx/nginx.conf]: Could not evaluate: Could not retrieve information from environment production source(s) file:/root/modules/nginx/files/nginx_web.conf
Error: Could not update: Execution of '/usr/bin/yum -d 0 -e 0 -y list tengine' returned 1: Error: No matching Packages to list
Error: /Stage[main]/Nginx/Package[nginx]/ensure: change from absent to latest failed: Could not update: Execution of '/usr/bin/yum -d 0 -e 0 -y list tengine' returned 1: Error: No matching Packages to list
Notice: /Stage[main]/Nginx/Service[nginx]: Dependency Package[nginx] has failures: true
Notice: /Stage[main]/Nginx/Service[nginx]: Dependency File[/etc/nginx/nginx.conf] has failures: true
Warning: /Stage[main]/Nginx/Service[nginx]: Skipping because of failed dependencies
Notice: Finished catalog run in 5.41 seconds
5、模板
[root@node2 mainfests]# cd /root/modules/nginx/files/
[root@node2 flies]# vim nginx_proxy.conf
修改
worker_processes 3;
爲
worker_processes <%= @processorcount %>;
[root@node2 flies]# cd -
/root/mainfests
[root@node2 mainfests]# vim test16.pp
修改
source => '/root/modules/nginx/files/nginx_proxy.conf',
爲
content => template('/root/modules/nginx/files/nginx_proxy.conf'),
修改
include nginx::webserver
爲
include nginx::proxy
[root@node2 mainfests]# puppet apply -v test16.pp
Notice: Compiled catalog for node2 in environment production in 1.35 seconds
Info: Applying configuration version '1481113843'
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: /Stage[main]/Nginx::Proxy/File[/etc/nginx/nginx.conf]: Filebucketed /etc/nginx/nginx.conf to puppet with sum 5aeb19c0057030b2990920a929d8aed3
Notice: /Stage[main]/Nginx::Proxy/File[/etc/nginx/nginx.conf]/content: content changed '{md5}5aeb19c0057030b2990920a929d8aed3' to '{md5}a7a50e95d479630c400907a161a348b8'
Info: /Stage[main]/Nginx::Proxy/File[/etc/nginx/nginx.conf]: Scheduling refresh of Service[nginx]
Notice: /Stage[main]/Nginx/Service[nginx]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 22.55 seconds
6、模塊
#列出可用模塊
[root@node2 ~]# puppet module list
/etc/puppet/modules (no modules installed)
/usr/share/puppet/modules (no modules installed)
#查找模塊
[root@node2 ~]# puppet module search nginx
#安裝模塊
[root@node2 ~]# puppet module install nginx
#創建模塊
[root@node2 ~]# mkdir -p /etc/puppet/modules/nginx/{mainfets,files,templates,tests,lib,spec}
[root@node2 ~]# puppet module list
/etc/puppet/modules
└── nginx (???)
/usr/share/puppet/modules (no modules installed)
[root@node2 ~]# cd mainfests/
[root@node2 mainfests]# cp test16.pp /etc/puppet/modules/nginx/mainfets/init.pp
[root@node2 mainfests]# cp /root/modules/nginx/files/nginx_web.conf /etc/puppet/modules/nginx/files/
[root@node2 mainfests]# cp /root/modules/nginx/files/nginx_proxy.conf /etc/puppet/modules/nginx/templates/nginx_proxy.conf.erb
[root@node2 mainfests]# cd /etc/puppet/modules/nginx/
[root@node2 nginx]# ls
files lib mainfets spec templates tests
[root@node2 nginx]# cd mainfets/
[root@node2 mainfets]# ls
init.pp
[root@node2 mainfets]# vim init.pp
class nginx {
package {'nginx':
ensure => latest,
name => nginx,
} ->
service{'nginx':
enable => true,
ensure => running,
hasrestart => true,
restart => 'service nginx reload',
}
}
class nginx::webserver inherits nginx {
Package['nginx']{
name => tengine,
}
file{'/etc/nginx/nginx.conf':
source => 'puppet:///modules/nginx/nginx_web.conf',
ensure => file,
notify => Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
content => template('nginx/nginx_proxy.conf.erb'),
ensure => file,
notify => Service['nginx'],
}
}
[root@node2 mainfets]# systemctl stop nginx.service
[root@node2 mainfets]# yum -y remove nginx
[root@node2 mainfets]# rm -rf /etc/nginx/
[root@node2 mainfets]# puppet apply --noop -v -e 'include nginx::proxy'