cis
Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.
For the best experience please use the latest Chrome, Safari or Firefox browser.
CIS 527
Lecture 7 - Puppet 1 - The Basics
Puppet
Image Credit: Puppet Labs
Learning Puppet
Much of this lecture's content is adapted from the Learning Puppet series on https://docs.puppetlabs.com/learning/
Learning Puppet VM
Follow along using the
Learning Puppet VM
http://puppetlabs.com/download-learning-vm
It is also available on the
CIS 527 transient drive
Abstraction
3 big insights
Resources
$> puppet resource service
Resources
$> puppet resource service
service { 'NetworkManager':
ensure => 'stopped',
enable => 'false',
}
service { 'acpid':
ensure => 'running',
enable => 'true',
}
service { 'anacron':
ensure => 'stopped',
enable => 'true',
}
...
Resources
Resources Example
user { 'dave':
ensure => present,
uid => '507',
gid => 'admin',
shell => '/bin/zsh',
home => '/home/dave',
managehome => true,
}
Find the type, title, attributes, and values
Resource Types
Resource Reference
http://docs.puppetlabs.com/puppet_
core_types_cheatsheet.pdf
http://docs.puppetlabs.com/references/
latest/type.html
$> puppet describe <TYPE>
Modifying a Resource
$> puppet resource user russfeld
ensure=present shell="/bin/zsh"
home="/home/russfeld"
managehome=true
Modifying a Resource
$> puppet resource user russfeld
ensure=present shell="/bin/zsh"
home="/home/russfeld"
managehome=true
notice: /User[russfeld]/ensure: created
user { 'russfeld':
ensure => 'present',
home => '/home/russfeld',
shell => '/bin/zsh'
}
Try to create your own user account
Manifest File
First Manifest File
# /root/user-absent.pp
user {'russfeld':
ensure => absent,
}
First Manifest File
# /root/user-absent.pp
user {'russfeld':
ensure => absent,
}
$> puppet apply /root/user-absent.pp
First Manifest File
# /root/user-absent.pp
user {'russfeld':
ensure => absent,
}
$> puppet apply /root/user-absent.pp
notice: /Stage[main]//User[russfeld]/
ensure: removed
notice: Finished catalog run in
0.44 seconds
Resource Declaration
file {'testfile':
path => '/tmp/testfile',
ensure => present,
mode => 0640,
content => "I'm a test file.",
}
Testing Resources
Manifest Compilation
Image Credit: Puppet Labs
Resource Ordering
# /root/training-manifests/2.file.pp
file {'/tmp/test1':
ensure => present,
content => "Hi.",
}
file {'/tmp/test2':
ensure => directory,
mode => 644,
}
file {'/tmp/test3':
ensure => link,
target => '/tmp/test1',
}
notify {"I'm notifying you.":}
notify {"So am I!":}
Resource Ordering
$ puppet apply /root/examples/file-2.pp
notice: /Stage[main]//File[/tmp/test1]/
ensure: created
notice: /Stage[main]//File[/tmp/test3]/
ensure: created
notice: /Stage[main]//File[/tmp/test2]/
ensure: created
notice: So am I!
notice: /Stage[main]//Notify[So am I!]/
message: defined 'message' as 'So am I!'
notice: I'm notifying you.
notice: /Stage[main]//Notify[I'm notifying you.]/
message: defined 'message' as 'I'm notifying you.'
notice: Finished catalog run in 0.05 seconds
Resource Ordering
Require
file {'/tmp/test1':
ensure => present,
content => "Hi.",
}
notify {'/tmp/test1 has already been synced.':
require => File['/tmp/test1'],
}
Before
file {'/tmp/test1':
ensure => present,
content => "Hi.",
before => Notify['/tmp/test1 has
already been synced.'],
}
notify {'/tmp/test1 has already been synced.':}
Subscribe
file { '/etc/ssh/sshd_config':
ensure => file,
mode => 600,
source => 'puppet:///modules/ssh/sshd_config',
}
service { 'sshd':
ensure => running,
enable => true,
subscribe => File['/etc/ssh/sshd_config'],
}
Chaining Arrows
file {'/tmp/test1':
ensure => present,
content => "Hi.",
}
notify {'after':
message => '/tmp/test1 has already
been synced.',
}
File['/tmp/test1'] -> Notify['after']
Chaining Arrows
file {'/tmp/test1':
ensure => present,
content => "Hi.",
}
->
notify {'after':
message => '/tmp/test1 has already
been synced.',
}
Package/File/Service
package { 'openssh-server':
ensure => present,
before => File['/etc/ssh/sshd_config'],
}
file { '/etc/ssh/sshd_config':
ensure => file,
mode => 600,
source => '/root/examples/sshd_config',
}
service { 'sshd':
ensure => running,
enable => true,
subscribe => File['/etc/ssh/sshd_config'],
}
Assignments