45 puppet基础、资源详解、配置语言、puppet类与模板及模块
01puppet基础配置:
node1:192.168.1.131CentOS7.2
node2:192.168.1.132CentOS7.2
# rpm -ivh epel-release-latest-7.noarch.rpm
# yum list all | grep -i "puppet"
puppet.noarch 3.6.2-3.el7 epel
puppet-firewalld.noarch 0.1.3-1.el7 epel
puppet-server.noarch 3.6.2-3.el7 epel
# ls *rpm
facter-2.4.4-1.el7.x86_64.rpmpuppet-server-3.8.4-1.el7.noarch.rpm
puppet-3.8.4-1.el7.noarch.rpm
# rpm -ivh epel-release-latest-7.noarch.rpm
# yum install facter-2.4.4-1.el7.x86_64.rpm puppet-3.8.4-1.el7.noarch.rpm
02puppet资源详解
#定义资源清单:
1、group、user示例
# mkdir mainfests
# cd mainfests/
# vim test1.pp
group {'distro':
gid => 2000,
ensure=> present,
}
user {'centos':
uid => 2000,
gid => 2000,
shell => '/bin/bash',
home => '/home/centos',
ensure=> present,
}
# puppet apply -v test1.pp
Notice: Compiled catalog for node2 in environment production in 0.61 seconds
Info: Applying configuration version '1480767979'
Notice: Finished catalog run in 0.08 seconds
# tail -5 /etc/group
avahi:x:70:
slocate:x:21:
tcpdump:x:72:
puppet:x:52:
distro:x:2000:
# tail -5 /etc/passwd
gnome-initial-setup:x:988:983::/run/gnome-initial-setup/:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
puppet:x:52:52:Puppet:/var/lib/puppet:/sbin/nologin
centos:x:2000:2000::/home/centos:/bin/bash
2、file实例
# vim test2.pp
file{'/tmp/mydir':
ensure =>directory,
}
file{'/tmp/puppet.file';
content =>'puppet testing\nsecond line.',
ensure =>file,
owner =>'centos',
group =>'distro',
mode =>'0400',
}
file{'/tmp/fstab.puppet':
source =>'/etc/fstab',
ensure =>file,
}
file{'/tmp/puppet.link':
ensure =>link,
target =>'/tmp/puppet.file',
}
# puppet apply -v -d test2.pp
3、exec示例
# vim test3.pp
exec{'/usr/sbin/modprobe ext4':
user =>root,
group =>root,
refresh =>'/usr/sbin/modprobe -r ext4 && /usr/sbin/modprobe ext4',
timeout =>5,
tries =>2,
}
exec {'/bin/echo hello > /tmp/hello.txt':
user =>root,
group =>root,
creates =>'/tmp/hello.txt',
}
exec {'/bin/echo hello > /tmp/hello2.txt':
user =>root,
group =>root,
unless=>'/usr/bin/test -e /tmp/hello2.txt',
}
# puppet apply -v test3.pp
Notice: Compiled catalog for node2 in environment production in 0.23 seconds
Info: Applying configuration version '1480822653'
Notice: /Stage/Main/Exec/returns: executed successfully
Notice: Finished catalog run in 0.06 seconds
4、notify示例
# vim test4.pp
notify{"hello there.":}
# puppet apply -v test4.pp
Notice: Compiled catalog for node2 in environment production in 0.09 seconds
Info: Applying configuration version '1480823772'
Notice: hello there.
Notice: /Stage/Main/Notify/message: defined 'message' as 'hello there.'
Notice: Finished catalog run in 0.06 seconds
5、cron示例
# vim test5.pp
cron{"sync time":
command =>'/usr/sbin/ntpdate 192.168.1.62 &> /dev/null',
minute =>'*/10',
ensure =>absent,
}
# puppet apply -v test5.pp
Notice: Compiled catalog for node2 in environment production in 0.26 seconds
Info: Applying configuration version '1480824444'
Notice: /Stage/Main/Cron/ensure: created
Notice: Finished catalog run in 0.11 seconds
03puppet配置语言
6、package示例
# ls jdk-8u25-linux-x64.rpm
jdk-8u25-linux-x64.rpm
# mv jdk-8u25-linux-x64.rpm /usr/local/src/
# cd mainfests/
# vim test6.pp
package{'zsh':
ensure =>latest,
}
package{'jdk':
ensure =>installed,
source =>'/usr/local/src/jdk-8u25-linux-x64.rpm',
provider =>rpm,
}
# puppet apply -v test6.pp
Notice: Compiled catalog for node2 in environment production in 1.05 seconds
Info: Applying configuration version '1480827477'
Notice: /Stage/Main/Package/ensure: created
Notice: /Stage/Main/Package/ensure: created
Notice: Finished catalog run in 424.65 seconds
7、service示例
# vim test7.pp
package{'nginx':
ensure =>latest,
}
service{'nginx':
ensure =>running,
enable =>true,
hasrestart=>true,
restart =>'systemctl>
}
# puppet apply -v test7.pp
Notice: Compiled catalog for node2 in environment production in 1.24 seconds
Info: Applying configuration version '1480836821'
Notice: /Stage/Main/Package/ensure: created
Notice: /Stage/Main/Service/ensure: ensure changed 'stopped' to 'running'
Info: /Stage/Main/Service: Unscheduling refresh on Service
Notice: Finished catalog run in 41.21 seconds
# vim test8.pp
group {'linux':
gid => 3000,
ensure=> present,
}
user {'suse':
uid => 3000,
gid => 3000,
shell => '/bin/bash',
home => '/home/suse',
ensure=> present,
}
# puppet apply -v test8.pp
Notice: Compiled catalog for node2 in environment production in 0.60 seconds
Info: Applying configuration version '1480837614'
Notice: /Stage/Main/Group/ensure: created
Notice: /Stage/Main/User/ensure: created
Notice: Finished catalog run in 0.24 seconds
8、特殊属性
# mkdir -p /root/modules/nginx/flies
# cp /etc/nginx/nginx.conf /root/modules/nginx/flies/
# vim /root/modules/nginx/flies/nginx.conf
修改
worker_processes auto;
为
worker_processes 2;
修改
listen 80
为
listen 8080
# vim test9.pp
package{'nginx':
ensure =>latest,
}
file{'/etc/nginx/nginx.conf':
ensure =>file,
source =>'/root/modules/nginx/flies/nginx.conf',
require =>Package['nginx'],
notify =>Service['nginx'],
}
service{'nginx':
ensure =>running,
enable =>true,
hasrestart=>true,
#restart =>'systemctl>
require =>[ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
# puppet apply -v test9.pp
Notice: Compiled catalog for node2 in environment production in 1.43 seconds
Info: Applying configuration version '1480854538'
Notice: Finished catalog run in 4.68 seconds
# service nginx stop
Redirecting to /bin/systemctl stopnginx.service
# vim /etc/nginx/nginx.conf
修改
worker_processes 2;
为
worker_processes auto;
# puppet apply -v test9.pp
Notice: Compiled catalog for node2 in environment production in 1.45 seconds
Info: Applying configuration version '1480855179'
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: FileBucket got a duplicate file {md5}93bc8e01bfd45e7e18b23acc178ae25b
Info: /Stage/Main/File: Filebucketed /etc/nginx/nginx.conf to puppet with sum 93bc8e01bfd45e7e18b23acc178ae25b
Notice: /Stage/Main/File/content: content changed '{md5}93bc8e01bfd45e7e18b23acc178ae25b' to '{md5}456ddb9d4209543dab23207931473c91'
Notice: /Stage/Main/Service/ensure: ensure changed 'stopped' to 'running'
Info: /Stage/Main/Service: Unscheduling refresh on Service
Notice: Finished catalog run in 5.29 seconds
# vim /root/modules/nginx/flies/nginx.conf
修改
worker_processes 2;
为
worker_processes 3;
修改
listen 80 default_server;
为
listen 808 default_server;
# puppet apply -v test9.pp
Notice: Compiled catalog for node2 in environment production in 1.41 seconds
Info: Applying configuration version '1480857702'
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: /Stage/Main/File: Filebucketed /etc/nginx/nginx.conf to puppet with sum 456ddb9d4209543dab23207931473c91
Notice: /Stage/Main/File/content: content changed '{md5}456ddb9d4209543dab23207931473c91' to '{md5}5aeb19c0057030b2990920a929d8aed3'
Info: /Stage/Main/File: Scheduling refresh of Service
Notice: /Stage/Main/Service: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 4.98 seconds
9、变量
# vim test10.pp
$webserver=nginx
package{$webserver:
ensure =>latest,
}
file{'/etc/nginx/nginx.conf':
ensure =>file,
source =>'/root/modules/nginx/flies/nginx.conf',
require =>Package['nginx'],
notify =>Service['nginx'],
}
service{'nginx':
ensure =>running,
enable =>true,
hasrestart=>true,
#restart =>'systemctl>
require =>[ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
# puppet apply -v test10.pp
Notice: Compiled catalog for node2 in environment production in 1.42 seconds
Info: Applying configuration version '1480938332'
Notice: Finished catalog run in 18.48 seconds
# systemctl stop nginx.service
# yum -y remove nginx
# rm -rf /etc/nginx/
# puppet apply -v test10.pp
Notice: Compiled catalog for node2 in environment production in 1.44 seconds
Info: Applying configuration version '1480938505'
Notice: /Stage/Main/Package/ensure: created
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: FileBucket got a duplicate file {md5}93bc8e01bfd45e7e18b23acc178ae25b
Info: /Stage/Main/File: Filebucketed /etc/nginx/nginx.conf to puppet with sum 93bc8e01bfd45e7e18b23acc178ae25b
Notice: /Stage/Main/File/content: content changed '{md5}93bc8e01bfd45e7e18b23acc178ae25b' to '{md5}5aeb19c0057030b2990920a929d8aed3'
Info: /Stage/Main/File: Scheduling refresh of Service
Notice: /Stage/Main/Service/ensure: ensure changed 'stopped' to 'running'
Info: /Stage/Main/Service: Unscheduling refresh on Service
Notice: Finished catalog run in 12.16 seconds
10、if语句
# vim test11.pp
if $processorcount>1 {
notice("SMP Host.")
} else {
notice("Poor Guy.")
}
# puppet apply -v test11.pp
Notice: Scope(Class): SMP Host.
Notice: Compiled catalog for node2 in environment production in 0.10 seconds
Info: Applying configuration version '1480939461'
Notice: Finished catalog run in 0.02 seconds
# vim test12.pp
if $operatingsystem =~ /^(?i-mx:(centos|redhat|fedora|ubuntu))/ {
notice("Welcome to $1 distribute linux.")
}
# puppet apply -v test12.pp
Notice: Scope(Class): Welcome to CentOS distribute linux.
Notice: Compiled catalog for node2 in environment production in 0.10 seconds
Info: Applying configuration version '1480940033'
Notice: Finished catalog run in 0.05 seconds
04puppet类、模板及模块
1、类声明方式1
# vim test13.pp
class nginx {
$webserver=nginx
package{$webserver:
ensure =>latest,
}
file{'/etc/nginx/nginx.conf':
ensure =>file,
source =>'/root/modules/nginx/flies/nginx.conf',
require =>Package['nginx'],
notify =>Service['nginx'],
}
service{'nginx':
ensure =>running,
enable =>true,
hasrestart=>true,
#restart =>'systemctl>
require =>[ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
}
include nginx
# systemctl stop nginx.service
# yum -y remove nginx
# rm -rf /etc/nginx/
# puppet apply -v test13.pp
Notice: Compiled catalog for node2 in environment production in 1.41 seconds
Info: Applying configuration version '1481026945'
Notice: /Stage/Nginx/Package/ensure: created
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: FileBucket got a duplicate file {md5}93bc8e01bfd45e7e18b23acc178ae25b
Info: /Stage/Nginx/File: Filebucketed /etc/nginx/nginx.conf to puppet with sum 93bc8e01bfd45e7e18b23acc178ae25b
Notice: /Stage/Nginx/File/content: content changed '{md5}93bc8e01bfd45e7e18b23acc178ae25b' to '{md5}5aeb19c0057030b2990920a929d8aed3'
Info: /Stage/Nginx/File: Scheduling refresh of Service
Notice: /Stage/Nginx/Service/ensure: ensure changed 'stopped' to 'running'
Info: /Stage/Nginx/Service: Unscheduling refresh on Service
Notice: Finished catalog run in 917.40 seconds
2、类声明方式2
# vim test14.pp
class nginx($webserver='nginx') {
package{$webserver:
ensure =>latest,
}
file{'/etc/nginx/nginx.conf':
ensure =>file,
source =>'/root/modules/nginx/flies/nginx.conf',
require =>Package['nginx'],
notify =>Service['nginx'],
}
service{'nginx':
ensure =>running,
enable =>true,
hasrestart=>true,
#restart =>'systemctl>
require =>[ Package['nginx'], File['/etc/nginx/nginx.conf'] ],
}
}
class {'nginx':
webserver => 'tengine',
}
3、子类调用父类
# vim test15.pp
class nginx {
package {'nginx':
ensure=>latest,
} ->
service{'nginx':
enable =>true,
ensure =>running,
hasrestart=>true,
restart =>'service nginx>
}
}
class nginx::webserver inherits nginx {
file{'/etc/nginx/nginx.conf':
source=> /root/modules/nginx/files/nginx_web.conf,
ensure=>file,
notify=>Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
source=> /root/modules/nginx/files/nginx_proxy.conf,
ensure=>file,
notify=>Service['nginx'],
}
}
include nginx::webserverclass nginx {
package {'nginx':
ensure=>latest,
} ->
service{'nginx':
enable =>true,
ensure =>running,
hasrestart=>true,
restart =>'service nginx>
}
}
class nginx::webserver inherits nginx {
file{'/etc/nginx/nginx.conf':
source=> '/root/modules/nginx/files/nginx_web.conf',
ensure=>file,
notify=>Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
source=> '/root/modules/nginx/files/nginx_proxy.conf',
ensure=>file,
notify=>Service['nginx'],
}
}
include nginx::webserver
# cd /root/modules/nginx/flies/
# cp nginx.conf nginx_web.conf
# cp nginx.conf nginx_proxy.conf
# vim nginx_proxy.conf
修改
location / {
}
为
location / {
proxy_pass http://192.168.1.131/;
}
# puppet apply -v test15.pp
Notice: Compiled catalog for node2 in environment production in 1.49 seconds
Info: Applying configuration version '1481031545'
4、在子类中覆盖父类中已经定义的资源的属性值
# vim test16.pp
class nginx {
package {'nginx':
ensure=>latest,
name =>nginx,
} ->
service{'nginx':
enable =>true,
ensure =>running,
hasrestart=>true,
restart =>'service nginx>
}
}
class nginx::webserver inherits nginx {
Package['nginx']{
name =>tengine,
}
file{'/etc/nginx/nginx.conf':
source=> '/root/modules/nginx/files/nginx_web.conf',
ensure=>file,
notify=>Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
source=> '/root/modules/nginx/files/nginx_proxy.conf',
ensure=>file,
notify=>Service['nginx'],
}
}
include nginx::webserver
# puppet apply -v test16.pp
Notice: Compiled catalog for node2 in environment production in 1.40 seconds
Info: Applying configuration version '1481112014'
Error: /Stage/Nginx::Webserver/File: Could not evaluate: Could not retrieve information from environment production source(s) file:/root/modules/nginx/files/nginx_web.conf
Error: Could not update: Execution of '/usr/bin/yum -d 0 -e 0 -y list tengine' returned 1: Error: No matching Packages to list
Error: /Stage/Nginx/Package/ensure: change from absent to latest failed: Could not update: Execution of '/usr/bin/yum -d 0 -e 0 -y list tengine' returned 1: Error: No matching Packages to list
Notice: /Stage/Nginx/Service: Dependency Package has failures: true
Notice: /Stage/Nginx/Service: Dependency File has failures: true
Warning: /Stage/Nginx/Service: Skipping because of failed dependencies
Notice: Finished catalog run in 5.41 seconds
5、模板
# cd /root/modules/nginx/files/
# vim nginx_proxy.conf
修改
worker_processes 3;
为
worker_processes <%= @processorcount %>;
# cd -
/root/mainfests
# vim test16.pp
修改
source=> '/root/modules/nginx/files/nginx_proxy.conf',
为
content => template('/root/modules/nginx/files/nginx_proxy.conf'),
修改
include nginx::webserver
为
include nginx::proxy
# puppet apply -v test16.pp
Notice: Compiled catalog for node2 in environment production in 1.35 seconds
Info: Applying configuration version '1481113843'
Info: Computing checksum on file /etc/nginx/nginx.conf
Info: /Stage/Nginx::Proxy/File: Filebucketed /etc/nginx/nginx.conf to puppet with sum 5aeb19c0057030b2990920a929d8aed3
Notice: /Stage/Nginx::Proxy/File/content: content changed '{md5}5aeb19c0057030b2990920a929d8aed3' to '{md5}a7a50e95d479630c400907a161a348b8'
Info: /Stage/Nginx::Proxy/File: Scheduling refresh of Service
Notice: /Stage/Nginx/Service: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 22.55 seconds
6、模块
#列出可用模块
# puppet module list
/etc/puppet/modules (no modules installed)
/usr/share/puppet/modules (no modules installed)
#查找模块
# puppet module search nginx
#安装模块
# puppet module install nginx
#创建模块
# mkdir -p /etc/puppet/modules/nginx/{mainfets,files,templates,tests,lib,spec}
# puppet module list
/etc/puppet/modules
└── nginx (???)
/usr/share/puppet/modules (no modules installed)
# cd mainfests/
# cp test16.pp /etc/puppet/modules/nginx/mainfets/init.pp
# cp /root/modules/nginx/files/nginx_web.conf /etc/puppet/modules/nginx/files/
# cp /root/modules/nginx/files/nginx_proxy.conf /etc/puppet/modules/nginx/templates/nginx_proxy.conf.erb
# cd /etc/puppet/modules/nginx/
# ls
fileslibmainfetsspectemplatestests
# cd mainfets/
# ls
init.pp
# vim init.pp
class nginx {
package {'nginx':
ensure=>latest,
name =>nginx,
} ->
service{'nginx':
enable =>true,
ensure =>running,
hasrestart=>true,
restart =>'service nginx>
}
}
class nginx::webserver inherits nginx {
Package['nginx']{
name =>tengine,
}
file{'/etc/nginx/nginx.conf':
source=> 'puppet:///modules/nginx/nginx_web.conf',
ensure=>file,
notify=>Service['nginx'],
}
}
class nginx::proxy inherits nginx {
file{'/etc/nginx/nginx.conf':
content => template('nginx/nginx_proxy.conf.erb'),
ensure=>file,
notify=>Service['nginx'],
}
}
# systemctl stop nginx.service
# yum -y remove nginx
# rm -rf /etc/nginx/
# puppet apply --noop -v -e 'include nginx::proxy'
页:
[1]