自动化运维工具puppet学习笔记之基础篇-阿里云开发者社区

**************服务端安装软件******************
shell#touch /etc/puppet/manifests/site.pp
shell#cat /etc/hosts
192.168.1.254 nat.test.com
shell#/etc/init.d/puppetmaster start
shell#puppet cert --sign test.test.com
签发证书，需要为每一个域名单独签发
**************客户端配置服务******************
shell#cat /etc/hosts
192.168.1.254 nat.test.com
127.0.0.1 test.test.com
shell#echo "server = nat.test.com" >>/etc/puppet/puppet.conf
shell#puppet agent --no-daemonize --verbose
服务端文件
vim /etc/puppet/manifests/site.pp
node default{
file {"/tmp/a.txt":
content => "test\n",
ensure => present,
backup => ".bak",
mode => 500,
owner => root,
group => www,
}
}
*********************客户端测试****************************
puppet agent --verbose --test
*********************服务端创建模块**************************
shell#mkdir /etc/puppet/modules/snmpd/{files,manifests,templates} -p
shell#vim /etc/puppet/modules/snmpd/manifests
######################################################################################################################
class snmpd {
service {
"snmpd":
enable => "true",
ensure => "running",
require => File["snmpd.conf"],
subscribe => File["snmpd.conf"],
name => $operatingsystem ? {
default => "snmpd",
},
}
package {
"net-snmp":
ensure => present,
name => $operatingsystem ? {
debian => "snmpd",
ubuntu => "snmpd",
default => "net-snmp",
},
}
file {
"snmpd.conf":
# owner => root,
# group => root,
# mode => 644,
require => Package["net-snmp"],
path => $operatingsystem ?{
default => "/etc/snmp/snmpd.conf",
},
}
}
#####################################################################################################
vim /etc/puppet/manifests/site.pp
node default{
file {"/tmp/a.txt":
content => "This is a test file date\n",
ensure => present,
backup => ".back",
mode => 500,
owner => root,
group => www,
}
}
node 'test.test.com' {
file {"/tmp/b.txt":
content => "This is a test file\n",
ensure => present,
backup => ".back",
mode => 500,
owner => root,
group => root,
}
include snmpd #包含创建的类
}

http://docs.puppetlabs.com/guides/types/service.html 原文地址
service管理系统运行的服务进程,不幸的是不同的系统管理服务的方式是多样的. 有些系统上面对于服务管理很简单,有些系统提供复杂的强大的服务管理功能.puppet提供最基本的服务管理,你也可以指定provider,使用一些特性.
注意,当一个服务从另一个资源收到一个事件,服务会重启,例如配置文件修改,可以要求相应的服务重启.不同的平台重启命令不同,你也可以手工指定重启服务的命令.
特性
controllable provider 提供control 变量
enableable provider 可以enable和disable服务
refreshable provider 可以重启服务
例子service { "ssh": ensure => running; "nfs": ensure => stopped; }
参数binary
运行服务的命令的路径, 只用于不支持init的操作系统, 如果没有指定启动脚本,就用这个命令来启动服务.
enable
服务在开机的时候是否启动,可以设置的值是true和false,需要provider支持enableable
ensure
是否运行服务, running表示运行服务,stopped 表示停止服务
hasrestart
指出管理脚本是否支持restart参数,如果不支持,就用stop和start实现restart效果. 可以设置的值是true 或 false
hasstatus
指出管理脚本是否支持status参数,puppet用status参数来判断服务是否已经在运行了,如果不支持status参数,puppet利用查找运行进程列表里面是否有服务名来判断服务是否在运行. 可以设置的值是true或false
name
该资源的namevar, 服务的名字,通常就是在/etc/init.d/目录下的名字
path
启动脚本的搜索路径,可以用冒号分割多个路径,或者用数组指定.
pattern
设置搜索进程列表的匹配字符串,用于不支持init脚本的系统.当要停止一个服务的时候,通过查看进程运行列表来判断.
provider
puppet提供下面的provider(只列出常见的系统)
debian debian系统的init模式的管理脚本,支持 enableable, refreshable.
freebsd init模式,支持enableable, refreshable.
init 标准的init模式,支持refreshable
redhat redhat的init模式,支持enableable, refreshable.
smf solaris新的服务管理框架,支持enableable, refreshable
restart
指定重启脚本,否则就先停止该服务再启动该服务
start
指定启动服务的命令,通常init模式的管理脚本都支持,不需要手工指定
status
指定status命令,如果不指定,就从进程列表查询该服务
stop
指定停止服务的脚本.

http://nocap.blog.163.com/blog/static/19052507420121030113615705/

官方文档
http://docs.puppetlabs.com/puppetdocs-latest.tar.gz
http://www.puppetlabs.com/downloads/docs/puppet_labs_docs_pdfs.zip
puppet cert sign mytestagent.example.com
puppet cert sign --all
puppet master --no-daemonize --verbose
puppet --genconfig
puppet agent --server myserver.example.com --waitforcert 60 --test
puppet master --configprint modulepath
puppet config print modulepath --mode master
auth.conf
autosign.conf
==========================================
rebuilt.example.com
*.scratch.example.com
*.local
==========================================
device.conf
==========================================
[device certname]
type <type>
url <url>
[router6.example.com]
type cisco
url ssh://admin:password@ef03c87a.local
fileserver.conf
===========================================
# Files in the /path/to/files directory will be served
# at puppet:///mount_point/.
[mount_point]
path /path/to/files
allow *.example.com
deny *.wireless.example.com
===========================================
tagmail.conf
require
Set report=true on your agent nodes
Set reports=tagmail
Set the reportfrom email address and either the smtpserver or sendmail setting on the puppet master
Create a tagmail.conf file at the location specified in the tagmap setting
ocated at /etc/puppet/tagmail.conf by default
A comma-separated list of tags and !negated tags; valid tags include:
Explicit tags
Class names
Puppet Documentation ? Configuring Puppet 40/411
“ all ”
Any valid Puppet log level ( debug , info , notice , warning , err , alert , emerg , crit , or
verbose )
A colon
A comma-separated list of email addresses
The list of tags on a line builds the set of resources whose messages will be included in the mailing;
each additional tag adds to the set, and each !negated tag subtracts from the set.
So, for example:
==============================================================================================
all: log-archive@example.com
webserver, !mailserver: httpadmins@example.com
emerg, crit: james@example.com, zach@example.com, ben@example.com
==============================================================================================
service { 'sshd':
subscribe => File['sshdconfig'],
}
define svn_repo($path) {
exec { "/usr/bin/svnadmin create ${path}/${title}":
unless => "/bin/test -d ${path}",
}
}
svn_repo { 'puppet_repo': path => '/var/svn_puppet' }
svn_repo { 'other_repo': path => '/var/svn_other' }
define svn_repo($path) {
exec { "create_repo_${name}":
command => "/usr/bin/svnadmin create ${path}/${title}",
unless => "/bin/test -d ${path}",
}
if $require {
Exec["create_repo_${name}"] {
require +> $require,
}
}
}
svn_repo { 'puppet':
path => '/var/svn',
Puppet Documentation ? Language Guide 50/411
require => Package['subversion'],
}
变量赋值
$value = "${one}${two}"
数组
$foo =[ 'one', 'two', 'three' ]
notice $foo[1]
将返回 two
host { 'one.example.com':
ensure => present,
alias => [ 'satu','dua', 'tiga' ],
ip => '192.168.100.1',
}
哈希
$myhash ={ key1 => 'myval', key2 => $b }
访问hash元素
$myhash ={ key => { subkey => 'b' }}
notice($myhash[key][subkey])
节点赋不同的值
=========================================================
node a {
$setting = 'this'
include class_using_setting
}
node b {
$setting = 'that'
include class_using_setting
}
=========================================================
calss的设置
=========================================================================================
$test = 'top'
class myclass {
exec { "/bin/echo ${test}": logoutput => true }
}
class other {
$test = 'other'
include myclass
}
include other
===========================================================================================
访问class里面的值
========================================================
class myclass {
$test = 'content'
}
class anotherclass {
$other = $myclass::test
}
========================================================
给变量中的数组增加元素
==========================================================================
$ssh_users = [ 'myself', 'someone' ]
class test {
$ssh_users += ['someone_else']
}
===========================================================================
这里的+=是给数组增加值
变量选择相关
file{ '/etc/config':
owner => $operatingsystem ? {
'sunos' => 'adm',
'redhat' => 'bin',
default => undef,
},
}
默认值为undef，
$owner=$operatingsystem ? {
/(redhat|debian)/=>'bin',
default =>undef,
}
$system=$operatingsystem ? {
/(redhat|debian)/ => "our system is $1",
default => "our system is unknown",
}
这里的$1将会返回redhat或者debian
$0将会返回整行
case
=====================================================================================================
case $operatingsystem {
'sunos': { include solaris } # apply the solaris class
'redhat': { include redhat } # apply the redhat class
default: { include generic } # apply the generic class
}
====================================================================================================
=======================================================================================================
case $hostname {
'jack','jill': { include hill } # apply the hill class
'humpty','dumpty': { include wall } # apply the wall class
default: { include generic } # apply the generic class
}
========================================================================================================
如果v$hostname fact里面含有jack或者jill，那么将会include hill
========================================================================================================
case $hostname {
/^j(ack|ill)$/: { include hill } # apply the hill class
/^[hd]umpty$/: { include wall } # apply the wall class
default: { include generic } # apply the generic class
}
===========================================================================================================
case $hostname {
/^j(ack|ill)$/: { notice("Welcome $1!") }
default: { notice("Welcome stranger") }
}
===========================================================================================================
if $variable {
file { '/some/file': ensure => present }
} else {
file { '/some/other/file': ensure => present }
}
============================================================================================================
if $server == 'mongrel' {
include mongrel
} elsif $server == 'nginx' {
include nginx
} else {
include thin
}
if $ram > 1024 {
$maxclient = 500
}
=============================================================================================================
if ( $processor_count > 2 ) and (( $ram >= 16 * $gigabyte ) or ( $disksize > 1000 )) {
include for_big_irons
} else {
include for_small_box
}
================================================================================================================
unless $memorysize > 1024 {
$maxclient = 500
}
================================================================================================================
虚拟资源
@user { 'luke': ensure => present }
User <| title == luke |>
realize User['luke']
#将虚拟资源实例化
class ssh {
@@sshkey { $hostname: type => dsa, key => $sshdsakey }
Sshkey <<| |>>
}
正则表达式
安装module
puppet module install puppetlabs-apache --version 0.0.2
puppet module list
puppet module search apache
puppet module uninstall puppetlabs-apache
puppet module upgrade puppetlabs-apache --version 0.0.3
https://forge.puppetlabs.com
当一个文件改变的时候如何运行一个命令
===============================================================================================
file { "/etc/bind": source => "/dist/apps/bind" }
exec { "/usr/bin/ndc reload":
subscribe => File["/etc/bind"],
refreshonly => true
}
==============================================================================================
如何确保创建一个用户之前另一个组已经存在
group { "fearme":
ensure => present,
gid => 1000
}
user { "tim":
ensure => present,
gid => "fearme",
groups => ["adm", "staff", "root"],
membership => minimum,
shell => "/bin/bash",
require => Group["fearme"]
}
class base_class {
define testvar_file($myvar="bob") {
file { $name:
content => template("john.erb"),
}
}
testvar_file { "/tmp/testvar": }
}
class child_class inherits base_class {
Base_class::Testvar_file["/tmp/testvar"] { myvar => fred }
}
gem install rack
gem install passenger
passenger-install-apache2-module

本文转自it你好 51CTO博客，原文链接：http://blog.51cto.com/itnihao/1134203，如需转载请自行联系原作者

自动化运维工具puppet学习笔记之基础篇

热门文章

最新文章

相关课程

相关电子书

相关实验场景

推荐镜像