cis CIS 527 Spring 2015 Lecture 7

Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.

For the best experience please use the latest Chrome, Safari or Firefox browser.

CIS 527

Lecture 7 - Puppet 1 - The Basics

Puppet

Image Credit: Puppet Labs

Learning Puppet

Much of this lecture's content is adapted from the Learning Puppet series on https://docs.puppetlabs.com/learning/

Learning Puppet VM

Follow along using the
Learning Puppet VM
http://puppetlabs.com/download-learning-vm
It is also available on the
CIS 527 transient drive

Abstraction

3 big insights

Resources

$> puppet resource service

Resources

$> puppet resource service
service { 'NetworkManager':
  ensure => 'stopped',
  enable => 'false',
}
service { 'acpid':
  ensure => 'running',
  enable => 'true',
}
service { 'anacron':
  ensure => 'stopped',
  enable => 'true',
}
...

Resources

Resources Example

user { 'dave':
  ensure     => present,
  uid        => '507',
  gid        => 'admin',
  shell      => '/bin/zsh',
  home       => '/home/dave',
  managehome => true,
}

Find the type, title, attributes, and values

Resource Types

Resource Reference

http://docs.puppetlabs.com/puppet_
core_types_cheatsheet.pdf


http://docs.puppetlabs.com/references/
latest/type.html


$> puppet describe <TYPE>

Modifying a Resource

$> puppet resource user russfeld
ensure=present shell="/bin/zsh"
home="/home/russfeld"
managehome=true


Modifying a Resource

$> puppet resource user russfeld
ensure=present shell="/bin/zsh"
home="/home/russfeld"
managehome=true


notice: /User[russfeld]/ensure: created
user { 'russfeld':
  ensure => 'present',
  home   => '/home/russfeld',
  shell  => '/bin/zsh'
}

Try to create your own user account

Manifest File

First Manifest File

# /root/user-absent.pp
user {'russfeld':
  ensure => absent,
}

First Manifest File

# /root/user-absent.pp
user {'russfeld':
  ensure => absent,
}


$> puppet apply /root/user-absent.pp

First Manifest File

# /root/user-absent.pp
user {'russfeld':
  ensure => absent,
}


$> puppet apply /root/user-absent.pp
notice: /Stage[main]//User[russfeld]/
    ensure: removed notice: Finished catalog run in
    0.44 seconds

Resource Declaration

file {'testfile':
  path    => '/tmp/testfile',
  ensure  => present,
  mode    => 0640,
  content => "I'm a test file.",
}


Testing Resources

Manifest Compilation

Image Credit: Puppet Labs

Resource Ordering

# /root/training-manifests/2.file.pp

file {'/tmp/test1':
  ensure  => present,
  content => "Hi.",
}

file {'/tmp/test2':
  ensure => directory,
  mode   => 644,
}

file {'/tmp/test3':
  ensure => link,
  target => '/tmp/test1',
}

notify {"I'm notifying you.":}
notify {"So am I!":}

Resource Ordering

$ puppet apply /root/examples/file-2.pp
notice: /Stage[main]//File[/tmp/test1]/
    ensure: created notice: /Stage[main]//File[/tmp/test3]/
    ensure: created notice: /Stage[main]//File[/tmp/test2]/
    ensure: created notice: So am I! notice: /Stage[main]//Notify[So am I!]/
    message: defined 'message' as 'So am I!' notice: I'm notifying you. notice: /Stage[main]//Notify[I'm notifying you.]/
    message: defined 'message' as 'I'm notifying you.' notice: Finished catalog run in 0.05 seconds

Resource Ordering

Require

file {'/tmp/test1':
  ensure  => present,
  content => "Hi.",
}

notify {'/tmp/test1 has already been synced.':
  require => File['/tmp/test1'],
}

Before

file {'/tmp/test1':
  ensure  => present,
  content => "Hi.",
  before  => Notify['/tmp/test1 has
    already been synced.'], } notify {'/tmp/test1 has already been synced.':}

Subscribe

file { '/etc/ssh/sshd_config':
  ensure => file,
  mode   => 600,
  source => 'puppet:///modules/ssh/sshd_config',
}
service { 'sshd':
  ensure    => running,
  enable    => true,
  subscribe => File['/etc/ssh/sshd_config'],
}

Chaining Arrows

file {'/tmp/test1':
  ensure  => present,
  content => "Hi.",
}

notify {'after':
  message => '/tmp/test1 has already
    been synced.', } File['/tmp/test1'] -> Notify['after']

Chaining Arrows

file {'/tmp/test1':
  ensure  => present,
  content => "Hi.",
}
->
notify {'after':
  message => '/tmp/test1 has already
    been synced.', }

Package/File/Service

package { 'openssh-server':
  ensure => present,
  before => File['/etc/ssh/sshd_config'],
}
file { '/etc/ssh/sshd_config':
  ensure => file,
  mode   => 600,
  source => '/root/examples/sshd_config',
}
service { 'sshd':
  ensure     => running,
  enable     => true,
  subscribe  => File['/etc/ssh/sshd_config'],
}

Assignments