运维自动化之puppet资源(1)
什么是puppet资源?puppet是一种Linux、Unix、windows平台的集中配置管理系统,使用自有的puppet描述语言,可管理配置文件、用户、cron任务、软件包、系统服务等。puppet把这些系统实体称之为资源,puppet的设计目标是简化对这些资源的管理以及妥善处理资源间的依赖关系。
定义资源语法:
每个资源必须有一个type一个title和一些属性。
type {'title': attribute => value,
}
一个简单示例:
vim test.pp
notify {'notice':
message => 'hello world!',
} #保存,退出
puppet apply test.pp #执行
#在定义时,资源类型必须使用小写字符。
#资源名称仅是一个字符串,但要求在同一个类型中其必须唯一。
puppet describe --list#可查看资源列表。
puppet describe notify#可查看资源的详细信息。
资源间的依赖关系:
puppet提供了before、require、notify和subscribe四个元参数来定义资源间的相关性。
-这四个元参数都以另外的其他资源或资源数组作为其值,这也称作资源引用
-资源引用要通过“Type['title']”的方式进行,如User['wang390750']
…注意:资源引用时,其类型名的首字母要大写。
before……Causes a resource to be applied before the target resource
require……Causes a resource to be applied after the target resource
notify……Causes a resource to be applied before the target resource
……The target resource will refresh if the notifying resource changes
subscribe……Causes a resource to be applied after the target resource
……The subscribing resource will refresh if the target resource changes
before示例:
# cat before.pp
package {'httpd':
ensure => installed,
before => Service['httpd'],
}
service {'httpd':
ensure => true,
}
# puppet apply before.pp
Notice: Compiled catalog for localhost.localdomain in environment production in 0.33 seconds
Notice: /Stage/Main/Package/ensure: created
Notice: /Stage/Main/Service/ensure: ensure changed 'stopped' to 'running'
Notice: Finished catalog run in 70.95 seconds
# rpm -q httpd
httpd-2.2.15-29.el6.centos.x86_64
# netstat -ntpl | grep httpd
tcp 0 0 :::80 :::* LISTEN 20692/httpd
require示例:
# cat require.pp
group {'test':
ensure => present,
gid => 10001,
}
user {'test':
gid=>10001,
uid=>10001,
home => '/home/test',
managehome => true,
ensure => present,
require => Group['test'],
}
# puppet apply require.pp
Notice: Compiled catalog for localhost.localdomain in environment production in 0.14 seconds
Notice: /Stage/Main/Group/ensure: created
Notice: /Stage/Main/User/ensure: created
Notice: Finished catalog run in 0.95 seconds
# cat /etc/group | grep test
test:x:10001:
# cat /etc/passwd | grep test
test:x:10001:10001::/home/test:/bin/bash
notify示例:
# netstat -ntpl | grep sendmail
\tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 28156/sendmail
# puppet apply notify.pp
Notice: Compiled catalog for localhost.localdomain in environment production in 0.10 seconds
Notice: /Stage/Main/File/ensure: defined content as '{md5}1a39b842b386c79250fc70fdf68dbb14'
Notice: /Stage/Main/Exec/returns: executed successfully
Notice: /Stage/Main/Exec: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.56 seconds
# netstat -ntpl | grep sendmail
#
# cat notify.pp
file {'/root/command':
ensure => file,
source => '/tmp/test',
mode => '755',
owner => 'root',
group => 'root',
notify => Exec['/bin/bash /root/command'],
}
exec {'/bin/bash /root/command':
path => '/bin:/sbin:/usr/bin:/usr/sbin',
user => root,
group => root,
}
# cat /tmp/test
/etc/init.d/sendmail stop
subscribe示例:
# cat subscribe.pp
package {'httpd':
ensure => installed,
}
service {'httpd':
ensure => true,
subscribe => Package['httpd'],
}
资源间的应用次序链:
"->"用来定义次序链,而"~>"用于定义通知链。
他们既可以用于资源应用间,也可以用于资源申报之间。
页:
[1]