Skip to content

Puppet 4 :: Language Essentials

Jump to bottom
Sandesh Kota edited this page Jun 21, 2018 · 20 revisions

Intro:

  • Puppet script should be Idempotent : Same result every time the script is ran
  • Ex: Create User 'kota' with id 101
    • No matter how many times the above script is ran it should result in User 'kota' with Id '101' existence. not necessarily create it.
  • Puppet Docs

Display Data:

  • puppet agent --version
  • puppet config print
  • puppet config print confdir
  • puppet config print certname
  • puppet config print { confdir rundir ssldir runinterval }

Puppet script Validation

  • puppet parser validate hello.pp

Puppet Agent - Runs on Clients and send facts (about the machine) to the server
Puppet Server - Collects facts from agents and compiles a catalog for the agents to apply
Puppet Apply - A combination of puppet agent and puppet server allowing client to run in a standalone mode

Controlling the Agent - We currently do want to use the Puppet Agent. This can run as a daemon service so we should check that it us both stopped and disabled

service { 'puppet':
  ensure => 'stopped',
  enable => false,
}

To show all puppet modules that are installed
puppet module list
To Install a module
puppet module install <module_name>
To install from a manifest
puppet apply -e "include <module_name>"
include <module_name>

Puppet Resources - The Big Three

  • Package
    • ensure => 'installed', 'absent', 'purged', 'latest', '4.1'
  • File
    • ensure =>
    • content =>
  • Service
    • ensure => 'running', 'stopped'
    • enable => true, false
type { 'title':
  attribute => value,
}
#List of all resources
puppet describe --list
#Attributes of a particular resource
puppet describe <resource_name>
puppet describe notify
puppet describe user
puppet describe user --short

NameVar

file { '/var/puppet':      #namvar - Path variable is set as namevar. So this is used as path if not explicitly specified
  ensure => 'present',
}
service { 'ntpd':   #namvar - name variable is set as namevar. So this is used as Service Name if not explicitly specified
  ensure => 'running',
}

Puppet Standard Library & Users and Groups & Hosts & SSH_Authorized_Keys

puppet module install puppetlabs/stdlib

user { 'name':
  ensure => 'present', 'absent'
  managehome => true,
  groups => [ 'sudo', 'users' ],
  password => pw_hash('Password1', 'SHA-512', 'salt'),
}
group { 'admins':
  ensure => 'present', 'absent'
}
host { 'timeserver':
  ip => '192.168.0.3',
  host_aliases => 'tock',
}
# SSH Authorized Keys
ssh_authorized_key { 'tux@cenos7':
  user => 'bob',
  type => 'ssh-rsa',
  key => 'sdsa lknsa fe fdsamsamf salmalsdma',
}

Resource Defaults - Defaults is set by Capital letter at the start. **file **defaults at File section

File {
  owner => 'root',
  group => 'users'
  mode => '0664',
  ensure => 'file',
}
file { '/tmp/puppet':
  ensure => 'directory'
}
file { '/tmp/puppet/file1': }
file { '/tmp/puppet/file2': }
file { '/tmp/puppet/file3': 
  mode => '0648',
}

Variables - Are denoted with the $. In Puppet 4 variable name must start with a lower-case letter or underscore (local scope). Variables cannot be re assigned. Once the variable is declared and value is assigned, the value cannot be modified (run-time error)
Arrays - denoted using [] brackets
Hashes - Hashed array contain key pairs. Key also should be quoted.
Interpolate - notify { "The ${user_service} is up and running": }
Heredoc - To create long multi-line string. The tag END can be anything but must be consistent at the start and the end

$user_conf = @(END)
driftfile /var/lib/ntp/drift
server tock prefer iburst
server uk.pool.ntp.org
END

Facts::
Access the Facts using facter
Access individual facts:

facter kernel  
facter os.family

In Code

$facts['os']['family']

$osfamily or $::osfamily => Deprecated - Cannot differentiate between normal variables. The values can be overwritten.

Conditional Expressions::

  • string comparisons are case-insensitive unless we use regular expression matches. Some nested facts are still available as legacy facts at the top level.
  • if/else
if $facts['os']['family'] == 'RedHat' {
  notify { 'Red Hat': }
}
elsif $facts['os']['family'] == 'Debian' {
  notify { 'Debian': }
}
else {
  fail("Your OS, ${$facts['os']['family']}, is untested )
}
  • unless
if $facts['os']['family'] != 'RedHat' {
  notify { 'Debian': }
}
same as
unless $facts['os']['family'] == 'RedHat' {
  notify { 'Debian': }
}
  • Case
case $facts['os']['family']  {
  'RedHat': { notify {'This is Red Hat based'} }
  'Debian': { notify {'This is debian based'} }
  default: { notify {'Your OS is untested'} }
}
  • Selector
$ntp_service = $facts['os']['family'] ? {
  'Red Hat' => 'ntpd',
  'Debian' => 'ntp',
}
  • Regular Expression Matching (case sensitive)
$facts['os']['family'] =~ /RedHat/
$facts['os']['family'] =~ /^RedHat$/   -- Exact matching
$facts['networking']['fqdn'] =~ /^www\d/   -- www.__ any digits
$facts['networking']['fqdn'] =~ /\.example\.com$/   -- escape . with \
  • Iteration
each ($facts['partitions']) | $devname, $devprops | { }

Clone this wiki locally