![Page 1: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/1.jpg)
© Martin Alfke - 2013
Puppet Configuration Management
SLAC06.06.2013Martin Alfke
code your config
Friday, June 7, 13
![Page 2: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/2.jpg)
© Martin Alfke - 2013
puppet environmentspuppet modulespuppet templatespuppet and augeas
puppet multi masterpuppet without master
Agenda
Friday, June 7, 13
![Page 3: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/3.jpg)
© Martin Alfke - 2013
enc and hierapuppet db
puppet dashboard
Agenda
Friday, June 7, 13
![Page 4: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/4.jpg)
© Martin Alfke - 2013
“admin’s and dev’s cooperate!”
Environments
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 5: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/5.jpg)
© Martin Alfke - 2012
Environments
• Split up modules into several repositories
• “production” is default and always there
• Naming is abritrary
• Master needs to know about environments
• Client needs to send environment information
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 6: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/6.jpg)
© Martin Alfke - 2012
Environments
• Each environment may have multiple modulepaths
[master] [test] manifest = /etc/puppet/test/manifests/site.pp modulepath = /etc/puppet/test/modules:/data/puppet/team/test/modules [mailteam] manifest = /etc/puppet/mail/manifests/site.pp modulepath = /etc/puppet/mail/modules:/data/puppet/team/core/modules
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 7: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/7.jpg)
© Martin Alfke - 2012
Environments
• Environments made easy
[master] manifest = /etc/puppet/$environment/manifests/site.pp modulepath = /etc/puppet/core/modules:/data/puppet/$environment/modules
[agent] environment = test
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 8: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/8.jpg)
© Martin Alfke - 2013
“plug things together simple”
Modules
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 9: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/9.jpg)
© Martin Alfke - 2012
Modules
• Difference between modules and classes
• Module:
• strict directory and file naming for autoloading
• each module has at least one class
• Class:
• available but not applied automatically
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 10: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/10.jpg)
© Martin Alfke - 2012
Modules
• directory structure
/etc/puppet/test/modules/ <-- modulepath apache/ <-- modulename manifests/ <-- manifests path within module init.pp <-- initial class fetched from autoloader server.pp <-- additional class(es) files/ <-- directory for module file serving templates/ <-- directory for module templates lib/ <-- directory for facts or functions tests/ <-- directory for tests during develop
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 11: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/11.jpg)
© Martin Alfke - 2012
Modules
• class, file and template naming structure
/etc/puppet/test/modules/ apache/ manifests/ init.pp <-- class apache { ... } server.pp <-- class apache::server { ... } files/ <-- “puppet:///modules/apache/<filename>” templates/ <-- template(‘apache/<filename>’) lib/ tests/ <-- class { ‘apache’: }
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 12: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/12.jpg)
© Martin Alfke - 2012
Modules
• class structure
class apache {package { ‘apache2’: ensure => present, }file { ‘/etc/apache2/apache2.conf’:
content => template(‘apache/apache2.conf.erb’),}file { ‘/etc/apache2/conf.d/charset’:
source => ‘puppet:///modules/apache/charset’,}service { ‘apache2’: ensure => running, }
}
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 13: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/13.jpg)
© Martin Alfke - 2012
Modules
• use classes on nodes
node ‘www01.domain.tld’ {class { ‘apache’: } <-- old: include apache
}
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 14: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/14.jpg)
© Martin Alfke - 2012
Modules
• resources, classes, parameterized classes
resource_type { ‘title’:attribute => value,
}
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 15: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/15.jpg)
© Martin Alfke - 2012
Modules
• resources, classes, parameterized classes
resource_type { ‘title’:attribute => value,
}
class <title> { ... }class <title> ( $variable = value) { ... }
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 16: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/16.jpg)
© Martin Alfke - 2012
Modules
• resources, classes, parameterized classes
resource_type { ‘title’:attribute => value,
}
class <title> { ... }class <title> ( $variable = value) { ... }
class { ‘<title>’: }class { ‘<title>’:
variable => value,}
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 17: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/17.jpg)
© Martin Alfke - 2012
Modules
• using ruby in classes (obsolete)
/etc/puppet/test/modules/apache/manifests/init.rb
hostclass :apache do package :apache2, :ensure => present package :libapache2-php, :ensure => present service :apache2, :ensure => runningend
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 18: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/18.jpg)
© Martin Alfke - 2012
Modules
• many modules are already there
• puppet module forge
• example42.com
• github.com
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 19: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/19.jpg)
© Martin Alfke - 2012
Modules
• some modules are too simple
• e.g. I want my SSH config to be different on some hosts
• some modules are too complex
• 100 variables for 25 different distributions? I only use Debian.
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 20: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/20.jpg)
© Martin Alfke - 2013
“code your config”
Templates
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 21: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/21.jpg)
© Martin Alfke - 2012
Templates
• Ruby ERB template engine
• Normally requires in-depth configuration review
• Be aware of variable scoping !
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 22: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/22.jpg)
© Martin Alfke - 2012
Templates
• use variables from puppet in templates
$ntpserver = ‘10.2.3.4’file { ‘/etc/ntp.conf’:
content => template(‘ntp/ntp.conf.erb’),}
# ntp.conf.erb<% if @ntpserver %> <-- old: if has_variable(‘ntpserver’)server <%= @ntpserver %> <-- @ syntax is new. uses current scope<% else %>server pool.ntp.org<% end %>
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 23: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/23.jpg)
© Martin Alfke - 2012
Templates
• use variables from facter in templates
use facts_dot_d from stdlib/etc/facter/facts.d/foo.txt ntpserver = aa.bb.cc.dd
# ntp.conf.erb<% if @ntpserver %>server <%= @ntpserver %><% else %>server pool.ntp.org<% end %>
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 24: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/24.jpg)
© Martin Alfke - 2013
“clean your lenses”
Augeas
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 25: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/25.jpg)
© Martin Alfke - 2012
Augeas
• Make changes to single lines
• Do not manage the complete configuration file in puppet
• Reminder: Puppet is declarative !!!
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 26: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/26.jpg)
© Martin Alfke - 2012
Augeas
• augeas uses lenses to split up config files
augtool print /files/etc/sysctl.confaugtool set net.ipv4.forward 1
augeas { ‘set_ipv4_forward’:context => ‘/files/etc/sysctl.conf’,changes => “set net.ipv4.forward 1”,
}
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 27: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/27.jpg)
© Martin Alfke - 2012
Augeas
• Attention!
• Not all configuration files are supported !
• Augeas needs key-value pairs
• Within puppet ruby-augeas extension is required
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 28: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/28.jpg)
© Martin Alfke - 2013
“no one can serve two masters!”
Multi Master
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 29: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/29.jpg)
© Martin Alfke - 2012
Multi Master
• Load-Balancing with SSL separation
• several Data Center
• do you really have more than 1000 nodes?
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 30: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/30.jpg)
© Martin Alfke - 2012
Multi Master
• separate puppet ca and puppet master
puppet.conf on puppet ca (single instance)[master] ca = truepuppet.conf on puppet master[master] ca = falsepuppet.conf on agent[agent] ca_server = <puppet ca> server = <puppet master>
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 31: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/31.jpg)
© Martin Alfke - 2012
Multi Master
• use multiple master (without ca)
• apache/nginx and loadbalancing
• ipvsadm
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 32: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/32.jpg)
© Martin Alfke - 2012
Multi Master
• use multiple master (without ca)
• pros:
• file serving handled better
• more masters compile catalogs
• cons:
• single ca only
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 33: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/33.jpg)
© Martin Alfke - 2012
Multi Master
• avoid multiple masters
• use templates !
• templates are generated on the master during catalog compilation
• files needs to get fetched by the nodes
• use mod_passenger
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 34: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/34.jpg)
© Martin Alfke - 2013
“you shall have no master”
without Master
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 35: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/35.jpg)
© Martin Alfke - 2012
without Master
• Pre-compile catalogs
• Run puppet apply locally
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 36: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/36.jpg)
© Martin Alfke - 2012
without Master
• Very large environment (>15.000 nodes)
• Multiple locations world wide
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 37: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/37.jpg)
© Martin Alfke - 2012
without Master
• Compile catalogs for all nodes on master
• puppet master compile <fqdn>
• Copy catalogs to nodes to execute them
• puppet apply --catalog <catalog file name>
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 38: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/38.jpg)
© Martin Alfke - 2012
without Master
• Pros:
• no dedicated master, catalog compilation may take place everywhere
• Cons:
• no modules !!
• fileserving has to be done locally (e.g. NFS mount)
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 39: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/39.jpg)
© Martin Alfke - 2013
“data, data, data”
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 40: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/40.jpg)
© Martin Alfke - 2012
• External Nodes Classifier
• executable with one parameter (fqdn)
• can be anything
• get info from filesystem: cat $1.yaml
• get info from inventory database
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 41: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/41.jpg)
© Martin Alfke - 2012
• Hiera - hierarchial data structure
• built in into Puppet 3.x
• add-on in Puppet 2.7.x
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 42: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/42.jpg)
© Martin Alfke - 2012
• ENC in puppet
/etc/puppet/puppet.conf[master]
node_terminus = execexternal_nodes = /etc/puppet/bin/my_great_enc.exe
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 43: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/43.jpg)
© Martin Alfke - 2012
• /etc/puppet/bin/my_great_enc.exe www1.domain.tld
---parameters: location: de-ber2classes: ntp: ntpserver: 10.2.2.2 apache: mysql:environment: production
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 44: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/44.jpg)
© Martin Alfke - 2012
• Hiera configuration
/etc/puppet/hiera.yaml:hierarchy:
- %{operatingsystem}- common- %{datacenter}- %{serverfunction}
:backends:- yaml
:yaml::datadir: ‘/etc/puppet/hieradata’
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 45: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/45.jpg)
© Martin Alfke - 2012
• Hiera data
/etc/puppet/hieradata/Debian.yaml---ssh_packages: openssh-server, openssh-client, openssh-blacklist
/etc/puppet/hieradata/CentOS.yaml---ssh_packages: openssh, openssh-clients, openssh-server
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 46: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/46.jpg)
© Martin Alfke - 2012
• Hiera usage
/etc/puppet/modules/ssh/manifests/init.ppclass ssh ( $ssh_packages = ‘default’ ) { <-- Puppet 3.x
$ssh_packages = hiera(‘ssh_packages’) <-- Puppet 2.7.xpackage { “${ssh_packages}”: ensure => present }
}
ENC and Hiera
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 47: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/47.jpg)
© Martin Alfke - 2013
“getting it all”
PuppetDB
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 48: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/48.jpg)
© Martin Alfke - 2012
• Used for storeconfigs and exported resources
• Schema for PostgreSQL
• Will get more features soon
PuppetDB
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 49: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/49.jpg)
© Martin Alfke - 2013
“management needs graphs”
Dashboard
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 50: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/50.jpg)
© Martin Alfke - 2012
• Open Source Dashboard is dead end
• PuppetLabs is working on other tools
Dashboard
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 51: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/51.jpg)
© Martin Alfke - 2012
• Razor
• Foreman
• initr (Redmine plugin - ENC)
• OpenNMS Puppet Node Pusher (ENC)
Dashboard
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 52: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/52.jpg)
© Martin Alfke - 2012
• Dashboard
• ENC
• Reporting
• Live Management (Enterprise only)
• Auditing (Enterprise only)
• MCollective Frontend (Enterprise only)
Dashboard
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 53: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/53.jpg)
© Martin Alfke - 2012
• Razor
• Provisioning
• needs MongoDB, NodeJS, NPM
• DHCP, TFTP, PXE
• puppetlabs-razor module (CentOS, RHEL)
Dashboard
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 54: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/54.jpg)
© Martin Alfke - 2012
• Foreman
• ENC
• Reporting
• Provisioning
Dashboard
Environments - Modules - Templates - Augeas - Master - Masterless - ENC and Hiera - Puppet DB - Dashboard
Friday, June 7, 13
![Page 55: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/55.jpg)
© Martin Alfke - 2013
Puppet Configuration Management
Demo- hiera- facts.d
- Foreman- mco
- PuppetDB
Friday, June 7, 13
![Page 56: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/56.jpg)
© Martin Alfke - 2013
Puppet Configuration Management
Martin Alfke<[email protected]>
Questions?
Friday, June 7, 13
![Page 57: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/57.jpg)
© Martin Alfke - 2013
Puppet Training
www.heinlein-support.de/schulung/puppet
24.06.-26.06.201330.10.-01.11.2013
Friday, June 7, 13
![Page 58: Puppet Configuration Management - Heinlein Support · © Martin Alfke - 2013 Puppet Configuration Management SLAC 06.06.2013 Martin Alfke code your](https://reader030.vdocuments.pub/reader030/viewer/2022041017/5ec98b38b83f5f77ec2d499c/html5/thumbnails/58.jpg)
© Martin Alfke - 2013
Website and registration launches in late July
1st PuppetCamp Berlin
15.11.2013code-your-config.com
Friday, June 7, 13