Puppet CookBook. Over the years of using puppet I've noticed that people often come up with the same kind of requests, "How do I restart this service when . has also been referenced by the PCI Council in their Data Security Standard Wireless Katalov Hacking For Dummies, 3r. This means that your work as a sysadmin can get done much faster, because you can have Puppet handle most or all of the details, and you can download code.
|Language:||English, Spanish, French|
|Distribution:||Free* [*Sign up for free]|
Did you know that Packt offers eBook versions of every book published, with PDF and ePub . recipe. It takes you from a rudimentary knowledge of Puppet to a more complete .. Apache configuration file under /etc/httpd/conf.d/cookbook. conf. PuppetConf · Mastering Puppet. Puppet Cookbook 4*. Me. Page 5. Email server. Page 6. time shift The Puppet Problem. Page 8. The Puppet Problem. Jump-start your Puppet deployment using engaging and practical recipes.
Off the clock, he is a medal-winning, competitive rifle and pistol shooter and a decidedly uncompetitive piano player. He lives in a small cottage in Cornwall, England and believes, like Cicero, that, if you have a garden and a library, then you have everything you need. You may like to follow him on Twitter at bitfield.
Sign up to our emails for regular updates, bespoke offers, exclusive discounts and great free content. Log in. My Account. Log in to your account. Not yet a member? Register for an account and access leading-edge content on emerging technologies. Register now. Packt Logo.
My Collection. Deal of the Day Understand the fundamentals of C programming and get started with coding from ground up in an engaging and practical manner. Sign up here to get these deals straight to your inbox. Find Ebooks and Videos by Technology Android. Packt Hub Technology news, analysis, and tutorials from Packt.
Insights Tutorials. News Become a contributor. Categories Web development Programming Data Security. Subscription Go to Subscription. Subtotal 0. Title added to cart. Subscription About Subscription Pricing Login. Features Free Trial. Search for eBooks and Videos. Puppet Cookbook - Third Edition.
Jump-start your Puppet deployment using engaging and practical recipes. Are you sure you want to claim this product using a token? Thomas Uphill, John Arundel February Quick links: What do I get with a Packt subscription?
What do I get with an eBook? What do I get with a Video? Frequently bought together. Learn more Add to cart. Puppet 5 Beginner's Guide - Third Edition. Paperback pages. Book Description Puppet is a configuration management system that automates all your IT configurations, giving you control of what you do to each node, when you do it, and how you do it. Table of Contents Chapter 1: Puppet Language and Style. Chapter 2: Metaparameters are parameters that can be applied to any resource and are not specific to any one resource type.
They are used for catalog compilation and as hints to Puppet but not to define anything about the resource to which they are attached.
When dealing with ordering, there are four metaparameters used:. Puppet Language and Style The before and require metaparameters specify a direct ordering; notify implies before and subscribe implies require. The notify metaparameter is only applicable to services; what notify does is tell a service to restart after the notifying resource has been applied to the node this is most often a package or file resource. In the case of files, once the file is created on the node, a notify parameter will restart any services mentioned.
The subscribe metaparameter has the same effect but is defined on the service; the service will subscribe to the file. Trifecta The relationship between package and service previously mentioned is an important and powerful paradigm of Puppet. Adding one more resource-type file into the fold, creates what puppeteers refer to as the trifecta.
Almost all system administration tasks revolve around these three resource types. As a system administrator, you install a package, configure the package with files, and then start the service. Idempotency A key concept of Puppet is that the state of the system when a catalog is applied to a node cannot affect the outcome of Puppet run. In other words, at the end of Puppet run if the run was successful , the system will be in a known state and any further application of the catalog will result in a system that is in the same state.
This property of Puppet is known as idempotency. Idempotency is the property that no matter how many times you do something, it remains in the same state as the first time you did it.
For instance, if you had a light switch and you gave the instruction to turn it on, the light would turn on. If you gave the instruction again, the light would remain on. Installing, configuring, and starting a service There are many examples of this pattern online. After this file is created, we would want httpd to restart to notice the change; we can achieve this with a notify parameter.
We will need the same definitions as our last example; we need the package and service installed. We now need two more things. We need the configuration file and index page index. For this, we follow these steps: As in the previous example, we ensure the service is running and specify that the service requires the httpd package: We then define the package as follows: The require metaparameter tells Puppet that this file requires the httpd package to be installed before it is created: We then go on to create an index.
This directory won't exist yet, so we need to create this as well, using the following code: The important concept to remember is that we cannot assume anything about the target system node. We need to define everything on which the target depends. Anytime you create a file in a manifest, you have to ensure that the directory containing that file exists. Anytime you specify that a service should be running, you have to ensure that the package providing that service is installed.
In this example, using metaparameters, we can be confident that no matter what state the node is in before running Puppet, after Puppet runs, the following will be true:. Using community Puppet style If other people need to read or maintain your manifests, or if you want to share code with the community, it's a good idea to follow the existing style conventions as closely as possible.
These govern such aspects of your code as layout, spacing, quoting, alignment, and variable references, and the official puppetlabs recommendations on style are available at http: How to do it In this section, I'll show you a few of the more important examples and how to make sure that your code is style compliant.
Indentation Indent your manifests using two spaces not tabs , as follows: Consider the following code: Puppet doesn't process variable references or escape sequences unless they're inside double quotes. Always quote parameter values that are not reserved words in Puppet. For example, the following values are not reserved words: However, these values are reserved words and therefore not quoted: False There is only one thing in Puppet that is false, that is, the word false without any quotes.
The string "false" evaluates to true and the string "true" also evaluates to true. Actually, everything besides the literal false evaluates to true when treated as a Boolean: When this code is run through puppet apply, the first two notifies are triggered. The final notify is not triggered; it is the only one that evaluates to false.
Otherwise, Puppet's parser has to guess which characters should be a part of the variable name and which belong to the surrounding string. Curly braces make it explicit. Parameters Always end lines that declare parameters with a comma, even if it is the last parameter: This is allowed by Puppet, and makes it easier if you want to add parameters later, or reorder the existing parameters.
When declaring a resource with a single parameter, make the declaration all on one line and with no trailing comma, as shown in the following snippet: Where there is more than one parameter, give each parameter its own line: To make the code easier to read, line up the parameter arrows in line with the longest parameter, as follows: The arrows should be aligned per resource, but not across the whole file, otherwise it can make it difficult for you to cut and paste code from one file to another.
Creating a manifest If you already have some Puppet code known as a Puppet manifest , you can skip this section and go on to the next. If not, we'll see how to create and apply a simple manifest. To create and apply a simple manifest, follow these steps: First, install Puppet locally on your machine or create a virtual machine and install Puppet on that machine.
For YUM-based systems, use https: You may also use gem to install Puppet. For our examples, we'll install Puppet using gem on a Debian Wheezy system hostname: To use gem, we need the rubygems package as follows: Done Building dependency tree Reading state information Done The following NEW packages will be installed: After this operation, 3, kB of additional disk space will be used.
Puppet Language and Style Selecting previously unselected package rubygems.
Reading database Unpacking rubygems from Processing triggers for man-db Setting up rubygems 1. Now, use gem to install Puppet: Three gems are installed. Now, with Puppet installed, we can create a directory to contain our Puppet code: Within your manifests directory, create the site.
Test your manifest with the puppet apply command. This will tell Puppet to read the manifest, compare it to the state of the machine, and make any necessary changes to that state: Compiled catalog for cookbook in environment production in 0. Finished catalog run in 0. Chapter 1 6. We did not run Puppet via sudo. Puppet need not be run through sudo; there are cases where running via an unprivileged user can be useful.
There's more When several people are working on a code base, it's easy for style inconsistencies to creep in. Fortunately, there's a tool available which can automatically check your code for compliance with the style guide: We'll see how to use this in the next section. Checking your manifests with Puppet-lint The puppetlabs official style guide outlines a number of style conventions for Puppet code, some of which we've touched on in the preceding section.
For example, according to the style guide, manifests:. Following the style guide will make sure that your Puppet code is easy to read and maintain, and if you're planning to release your code to the public, style compliance is essential.
The puppet-lint tool will automatically check your code against the style guide. The next section explains how to use it. Getting ready Here's what you need to do to install Puppet-lint: We'll install Puppet-lint using the gem provider because the gem version is much more up to date than the APT or RPM packages available.
Create a puppet-lint. Run puppet apply on the puppet-lint. Compiled catalog for node1. Finished catalog run in 2. Follow these steps to use Puppet-lint: Choose a Puppet manifest file that you want to check with Puppet-lint, and run the following command: As you can see, Puppet-lint found a number of problems with the manifest file.
Correct the errors, save the file, and rerun Puppet-lint to check that all is well. If successful, you'll see no output: You can find out more about Puppet-lint at https: Chapter 1 Should you follow Puppet style guide and, by extension, keep your code lint-clean?
It's up to you, but here are a couple of things to think about:. It makes sense to use some style conventions, especially when you're working collaboratively on code.
Unless you and your colleagues can agree on standards for whitespace, tabs, quoting, alignment, and so on, your code will be messy and difficult to read or maintain. If you're choosing a set of style conventions to follow, the logical choice would be that issued by puppetlabs and adopted by the community for use in public modules. Having said that, it's possible to tell Puppet-lint to ignore certain checks if you've chosen not to adopt them in your codebase. For example, if you don't want Puppet-lint to warn you about code lines exceeding 80 characters, you can run Puppet-lint with the following option: Using modules One of the most important things you can do to make your Puppet manifests clearer and more maintainable is to organize them into modules.
Modules are self-contained bundles of Puppet code that include all the files necessary to implement a thing.
Modules may contain flat files, templates, Puppet manifests, custom fact declarations, augeas lenses, and custom Puppet types and providers.
Separating things into modules makes it easier to reuse and share code; it's also the most logical way to organize your manifests. In this example, we'll create a module to manage memcached, a memory caching system commonly used with web applications. How to do it Following are the steps to create an example module: We will use Puppet's module subcommand to create the directory structure for our new module: Please answer the following questions; if the question is not applicable to this module, feel free to leave it blank.
Puppet uses Semantic Versioning semver. What version is this module? Chapter 1 About to generate this metadata; continue? Populating ERB templates Finished; module generated in thomas-memcached. This command creates the module directory and creates some empty files as starting points. To use the module, we'll create a symlink to the module name memcached. Note that puppet module generate created many lines of comments; in a production module you would want to edit those default comments: Change your site.
We would like this module to install memcached. We'll need to run Puppet with root privileges, and we'll use sudo for that. We'll need Puppet to be able to find the module in our home directory; we can specify this on the command line when we run Puppet as shown in the following code snippet: Compiled catalog for cookbook. Check whether the new service is running: How it works When we created the module using Puppet's module generate command, we used the name thomas-memcached.
The name before the hyphen is your username or your username on Puppet forge an online repository of modules. Since we want Puppet to be able to find the module by the name memcached, we make a symbolic link between thomas-memcached and memcached. Chapter 1 Modules have a specific directory structure. Not all of these directories need to be present, but if they are, this is how they should be organized: All manifest files those containing Puppet code live in the manifests directory.
Inside the memcached class, we refer to the memcached. The preceding source parameter tells Puppet to look for the file in: There's more Learn to love modules because they'll make your Puppet life a lot easier. They're not complicated, however, practice and experience will help you judge when things should be grouped into modules, and how best to arrange your module structure.
Modules can hold more than manifests and files as we'll see in the next two sections. Templates If you need to use a template as a part of the module, place it in the module's templates directory and refer to it as follows: Puppet will look for the file in: Facts, functions, types, and providers Modules can also contain custom facts, custom functions, custom types, and providers. Third-party modules You can download modules provided by other people and use them in your own manifests just like the modules you create.
Module organization For more details on how to organize your modules, see puppetlabs website: Using standard naming conventions Choosing appropriate and informative names for your modules and classes will be a big help when it comes to maintaining your code. This is even truer if other people need to read and work on your manifests.
How to do it Here are some tips on how to name things in your manifests: Name modules after the software or service they manage, for example, apache or haproxy. Name classes within modules subclasses after the function or service they provide to the module, for example, apache:: If a class within a module disables the service provided by that module, name it disabled.
For example, a class that disables Apache should be named apache:: Create a roles and profiles hierarchy of modules. As you can imagine, that means Puppet is a better choice for systems admins looking for a lower initial learning curve although, thanks to a recent update, Puppet will allow developers to create manifests using pure Ruby.
Puppet plug-ins are distributed within their corresponding modules, or you can build your own to enable new features.
Other notable integrations include Splunk, HipChat, and Docker. In addition to cookbooks, the Supermarket contains a number of tools and plugins that can help you automate processes or increase visibility. Most plugins are open-source and available on GitHub. Everyone will offer an opinion that reflects their own unique experiences.
A systems admin who prefers the simple, declarative language of Puppet may swear that Chef is too risky and too hard to learn. At the end of the day, both tools offer phenomenal IT automation power — just different process and presentation.