#### Puppet基礎篇7-編寫第一個完整測試模塊puppet
# 工欲善其事必先利其器
將Puppet部署到生產中第一個要編寫的模塊就是puppet本身,雖然puppet可以運行其它所有模塊完成各自的部署,但是puppet一旦出問題,那么一切都會停止工作。當然除了puppet自身模塊外,還需要保證網絡的通暢以及其它你附加的環境等等。
之前編寫過簡單的motd模塊,大致了解了一些模塊的結構以及簡單的pp語法,接下來我們進行詳細的講解。那么編寫一個完整的puppet模塊應該考慮哪些因素呢?
-
puppet及附屬依賴包是否已經安裝OK?
-
puppet配置文件是否正確?
-
puppet服務是否正常運行?
-
在更新puppet配置文件的情況下,是否能夠主動讓puppet服務重啟或者reload?
-
puppet安裝包是否能夠自動升級到指定版本?
接下來以agent1和agent3為例進行講解
### 1、創建puppet模塊目錄結構
~~~
[root@puppetmaster ~]# cd /etc/puppet/modules/
[root@puppetmaster modules]# mkdir puppet
[root@puppetmaster modules]# cd puppet/
[root@puppetmaster puppet]# mkdir files manifests templates #創建模塊目錄結構
[root@puppetmaster puppet]# tree ../puppet
../puppet
├── files #存放下載的文件
├── manifests #存放puppet配置
└── templates #存放配置模板,方便pp文件引用
3 directories, 0 files
[root@puppetmaster puppet]#
~~~
### 2、創建puppet配置文件
~~~
[root@puppetmaster puppet]# cd manifests/
[root@puppetmaster manifests]# touch init.pp config.pp install.pp service.pp params.pp
[root@puppetmaster manifests]# tree ../
../
├── files
├── manifests
│ ├── config.pp #管理puppet配置
│ ├── init.pp #管理模塊所有pp文件配置
│ ├── install.pp #管理puppet安裝
│ ├── params.pp #管理模塊中變量以及一些判斷
│ └── service.pp #管理puppet服務
└── templates
3 directories, 5 files
~~~
### 3、編寫puppet模塊配置文件
整個過程應該是這樣,首先應該安裝puppet(install.pp),然后配置puppet(config.pp),最后啟動puppet服務(service.pp)
**注意:** 接下來的過程不是一步到位的,是一個循序漸進的過程,一步步指導直到完成一個比較完整的模塊。
**3.1、編寫安裝配置文件install.pp**
通過package資源實現,更多有關package的語法及案例請訪問[http://kisspuppet.com/2013/11/11/package/](http://kisspuppet.com/2013/11/11/package/)
**需要注意的是:**class名稱要和創建的模塊名保持一致,名稱為puppet,由于在整個配置文件中init.pp為起始配置文件,包含的都應該是子配置文件,所有應該寫成“class主類名稱::class子類名稱”,而class子類名稱需要和創建的pp文件名保持一致,比如puppet::install,那么創建的子類名稱就應該是install.pp
**3.1.1、編寫不具備判斷條件的配置文件**
節點安裝puppet主要還依賴于facter
~~~
[root@puppetmaster manifests]# vim install.pp
class puppet::install{ #一個類包含兩個子類
include puppet::puppet_install,puppet::facter_install
}
class puppet::puppet_install{
package { 'puppet':
ensure => installed, #要求處于被安裝狀態
}
}
class puppet::facter_install{
package { 'facter':
ensure => installed,
}
}
~~~
也可以用以下兩種寫法
~~~
[root@puppetmaster manifests]# vim install.pp
class puppet::install{ #一個類包含兩個資源
package { 'puppet':
ensure => installed,
}
package { 'facter':
ensure => installed,
}
}
[root@puppetmaster manifests]# vim install.pp
class puppet::install{
package { ['puppet','facter']: #采用數組的形式
ensure => installed,
}
}
~~~
**3.1.2、編寫具備判斷系統版本條件的模塊**
存在這樣一種情況,在我的yum源中有很多puppet版本,而我只希望所有節點只安裝我指定的版本,比如2.7.25,那么如何設置呢?其次,還應該考慮一種情況,節點的系統版本可能會不一樣,比如有RHEL5、RHEL6等,那么如何讓puppet模塊自己去判斷呢?
通過以下facter進行判斷
~~~
[root@agent1 ~]# facter | grep operatingsystemmajrelease
operatingsystemmajrelease => 5
[root@agent3 ~]# facter | grep operatingsystemmajrelease
operatingsystemmajrelease => 6
~~~
應該是以下寫法比較合理
~~~
[root@puppetmaster manifests]# vim install.pp
class puppet::install{
include puppet::puppet_install,puppet::facter_install
}
class puppet::puppet_install{
package { 'puppet':
ensure => $operatingsystemmajrelease ?{ #判斷系統版本
5 => '2.7.25-1.el5',
6 => '2.7.25-1.el6',
}
}
}
class puppet::facter_install{
package { 'facter':
ensure => $operatingsystemmajrelease ?{
5 => '1.7.5-1.el5',
6 => '1.7.5-1.el6',
}
}
}
~~~
**3.1.3 添加子類到init.pp中**
~~~
[root@puppetmaster manifests]# vim init.pp
class puppet{
include puppet::install
}
~~~
**3.1.4 應用到puppet主配置文件site.pp中的節點上**
~~~
[root@puppetmaster ~]# vim /etc/puppet/manifests/site.pp
$puppetmaster = 'puppetmaster.kisspuppet.com'
node 'puppetmaster_cert.kisspuppet.com'{
include motd,puppet
}
node 'agent1_cert.kisspuppet.com'{
include motd,puppet
}
node 'agent2_cert.kisspuppet.com'{
include motd,puppet
}
node 'agent3_cert.kisspuppet.com'{
include motd,puppet
}
~~~
也可以是以下寫法
~~~
[root@puppetmaster ~]# vim /etc/puppet/manifests/site.pp
$puppetmaster = 'puppetmaster.kisspuppet.com'
class environments{
include motd,puppet
}
node 'puppetmaster_cert.kisspuppet.com'{
include environments
}
node 'agent1_cert.kisspuppet.com'{
include environments
}
node 'agent2_cert.kisspuppet.com'{
include environments
}
node 'agent3_cert.kisspuppet.com'{
include environments
}
~~~
如何所有節點都使用相同的模塊,也可以是以下寫法
~~~
[root@puppetmaster ~]# vim /etc/puppet/manifests/site.pp
$puppetmaster = 'puppetmaster.kisspuppet.com'
class environments{
include motd,puppet
}
node default{
include environments
}
~~~
**3.1.5、進行簡單的測試**
降低facter版本為1.7.3
~~~
[root@agent1 ~]# rpm -e facter --nodeps
[root@agent1 ~]# rpm -ivh facter-1.7.3-1.el5.x86_64.rpm
warning: facter-1.7.3-1.el5.x86_64.rpm: Header V3 RSA/SHA1 signature: NOKEY, key ID 4bd6ec30
Preparing... ########################################### [100%]
1:facter ########################################### [100%]
[root@agent1 ~]# facter --version
1.7.3
~~~
通過--noop進行嘗試性測試,可以看到節點變化情況,但是不進行更改,這也是puppet強大的地方之一
~~~
[root@agent1 ~]# puppet agent -t --noop
info: Caching catalog for agent1_cert.kisspuppet.com
info: Applying configuration version '1394794815'
notice: /Stage[main]/Puppet::Facter_install/Package[facter]/ensure: current_value 1.7.3-1.el5, should be 1.7.5-1.el5 (noop)
notice: Class[Puppet::Facter_install]: Would have triggered 'refresh' from 1 events
notice: Stage[main]: Would have triggered 'refresh' from 1 events
notice: Finished catalog run in 0.23 seconds
[root@agent1 ~]# facter --version
1.7.3
~~~
強制執行,可以看到管理端的facter版本變成了puppet模塊中指定的版本1.7.5,這其實也說明了rpm包升級的方法!
~~~
[root@agent1 ~]# puppet agent -t
info: Caching catalog for agent1_cert.kisspuppet.com
info: Applying configuration version '1394794815'
notice: /Stage[main]/Puppet::Facter_install/Package[facter]/ensure: ensure changed '1.7.3-1.el5' to '1.7.5-1.el5'
notice: Finished catalog run in 6.27 seconds
[root@agent1 ~]# facter --version
1.7.5
~~~
整個過程是這樣,節點同步puppetmaster端后發現facter版本號不對,根據系統類型馬上調用底層的安裝工具yum(其它系統如suse會調用zypper等)進行安裝,整個過程是透明的,而這正是puppet所呈現的強大功能之二。
**3.2、編寫配置文件config.pp**
通過file資源實現,更多有關file資源的配置及案例請訪問[http://kisspuppet.com/2013/11/14/file/](http://kisspuppet.com/2013/11/14/file/)
**3.2.1、我們暫時只配置puppet.conf文件**
~~~
[root@puppetmaster manifests]# vim config.pp
class puppet::config{
file { '/etc/puppet/puppet.conf': #節點文件存放的路徑
ensure => present, #要求存在
content => template('puppet/puppet.conf.erb'), #要求根據模板生成,路徑寫法為相對路徑(templates目錄隱藏掉)
owner => 'root', #要求文件屬主為root
group => 'root', #要求文件屬組為root
mode => '0644', #要求文件權限為644
require => Class['puppet::install'], #要求這個文件在配置之前先正確運行install.pp文件,也就是說要求puppet的包應當處于安裝狀態
}
}
~~~
**3.2.2、編寫puppet.conf.erb模板**
puppet的erb模板的存在是為了解決每個節點單獨配置一個文件的問題,因為erb模板可以引用fact變量,變量的內容會根據節點系統的不同而變化。
以下為其中一個節點目前的puppet.conf配置文件,我們先找出會變化的內容
~~~
[root@agent1 ~]# vim /etc/puppet/puppet.conf
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = puppetmaster.kisspuppet.com #變量
certname = agent1_cert.kisspuppet.com #變量
runinterval = 10
~~~
接下來解決這兩個變量
之前我們說過創建params.pp就是為了解決變量問題,我們先用這個解決
找出fact值具有唯一性的fact,比如hostname
~~~
[root@agent1 ~]# facter |grep hostname
hostname => agent1
[root@agent3 ~]# facter |grep hostname
hostname => agent3
~~~
編寫params.pp文件,增加certname變量
~~~
[root@puppetmaster manifests]# vim params.pp
class puppet::params {
$puppetserver = 'puppetmaster.kisspuppet.com' #增加puppetserver變量指向puppetmaster名稱
case $hostname{ #增加certname變量
agent1: {
$certname = 'agent1_cert.kisspuppet.com'
}
agent3: {
$certname = 'agent3_cert.kisspuppet.com'
}
default: { #設置默認不存在的情況下報錯
fail("certname is not supported on ${::operatingsystem}")
}
}
}
~~~
**注意:**這種創建變量的方法在大量節點的情況下顯然不是最好的方法,能否通過fact變量實現呢,答案是可以的,可寫成以下方式
~~~
[root@puppetmaster manifests]# vim params.pp
class puppet::params {
$puppetserver = 'puppetmaster.kisspuppet.com'
$certname = "${::hostname}_cert.kisspuppet.com" #通過fact:hostname實現
case $operatingsystemmajrelease{
5: {
$puppet_release = '2.7.23-1.el5'
$facter_release = '1.7.3-1.el5'
}
6: {
$puppet_release = '2.7.23-1.el6'
$facter_release = '1.7.3-1.el6'
}
default: {
fail("Module puppet is not supported on ${::operatingsystem}")
}
}
}
~~~
**備注:**這里使用的是默認的fact,如果要通過系統沒有的fact應當如何實現呢,后面《Puppet擴展篇1-自定義fact結合ENC(hirea)的應用實踐》會有介紹
**思考:**通過變量,尤其是hostname變量確定certname只能保證在hostname不變的情況下才能保證certname不變,否則節點任意修改hostname就會造成certname變更,前期的認證失效,又需要重新認證。那么有沒有什么辦法解決在hostname變化的情況下certname不變呢,也就是說不需要再次申請證書呢? 后面《Puppet擴展篇1-自定義fact結合ENC(hirea)的應用實踐》會有介紹。
在模板中引用certname變量注意模板存放的位置要和config.pp中引用模板的位置保持一致
~~~
[root@puppetmaster manifests]# vim ../templates/puppet.conf.erb
### config by puppet ###
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = <%= scope.lookupvar('puppet::params::puppetserver') %> #引用變量puppetserver
certname = <%= scope.lookupvar('puppet::params::certname') %> #引用變量certname
runinterval = 10
~~~
由于config.pp依賴于params.pp中的變量,所以config.pp中應當應用class puppet::params
**3.3.3 確定依賴關系**
~~~
[root@puppetmaster manifests]# vim config.pp
class puppet::config{
include puppet::params #添加引用關系
file { '/etc/puppet/puppet.conf':
ensure => present,
content => template('puppet/puppet.conf.erb'),
owner => 'root',
group => 'root',
mode => '0644',
require => Class['puppet::install'],
}
}
~~~
init.pp中應當包含class puppet::config
~~~
[root@puppetmaster manifests]# vim init.pp
class puppet{
include puppet::install,puppet::config
}
~~~
**3.3.4 更新測試**
先進行noop測試
~~~
[root@agent1 ~]# puppet agent -t --noop
info: Caching catalog for agent1_cert.kisspuppet.com
info: Applying configuration version '1394797763'
notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content:
--- /etc/puppet/puppet.conf 2014-03-10 08:22:33.000000000 +0800
+++ /tmp/puppet-file20140314-7231-f50ehp-0 2014-03-14 19:49:24.000000000 +0800
@@ -1,3 +1,4 @@
+### config by puppet ### #添加部分
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content: current_value {md5}fb17740fd53d8d4dfd6d291788a9bda3, should be {md5}134bae34adddbf30a3fe02ff0eb3c6a6 (noop)
notice: Class[Puppet::Config]: Would have triggered 'refresh' from 1 events
notice: Stage[main]: Would have triggered 'refresh' from 1 events
notice: Finished catalog run in 0.43 seconds
~~~
強制執行更新
~~~
[root@agent1 ~]# puppet agent -t
info: Caching catalog for agent1_cert.kisspuppet.com
info: Applying configuration version '1394797763'
notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content:
--- /etc/puppet/puppet.conf 2014-03-10 08:22:33.000000000 +0800
+++ /tmp/puppet-file20140314-7475-mlybgg-0 2014-03-14 19:50:16.000000000 +0800
@@ -1,3 +1,4 @@
+### config by puppet ###
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
info: FileBucket adding {md5}fb17740fd53d8d4dfd6d291788a9bda3
info: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]: Filebucketed /etc/puppet/puppet.conf to puppet with sum fb17740fd53d8d4dfd6d291788a9bda3
notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content: content changed '{md5}fb17740fd53d8d4dfd6d291788a9bda3' to '{md5}134bae34adddbf30a3fe02ff0eb3c6a6'
notice: Finished catalog run in 0.34 seconds
[root@agent1 ~]# cat /etc/puppet/puppet.conf
### config by puppet ###
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = puppetmaster.kisspuppet.com #根據預先定的puppetserver變量生成
certname = agent1_cert.kisspuppet.com #根據預先定義的certname變量生成
runinterval = 10
[root@agent3 ~]# puppet agent -t
info: Caching certificate for agent3_cert.kisspuppet.com
info: Caching certificate_revocation_list for ca
info: Caching catalog for agent3_cert.kisspuppet.com
info: Applying configuration version '1394797763'
notice: /Stage[main]/Motd/File[/etc/motd]/content:
--- /etc/motd 2010-01-12 21:28:22.000000000 +0800
+++ /tmp/puppet-file20140314-2786-1wb4mas-0 2014-03-14 19:51:27.589533699 +0800
@@ -0,0 +1,3 @@
+-- --
+--------puppet test---------
+-- --
info: FileBucket adding {md5}d41d8cd98f00b204e9800998ecf8427e
info: /Stage[main]/Motd/File[/etc/motd]: Filebucketed /etc/motd to puppet with sum d41d8cd98f00b204e9800998ecf8427e
notice: /Stage[main]/Motd/File[/etc/motd]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}87ea3a1af8650395038472457cc7f2b1'
notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content:
--- /etc/puppet/puppet.conf 2014-03-09 01:50:46.112175841 +0800
+++ /tmp/puppet-file20140314-2786-z4e844-0 2014-03-14 19:51:27.719533700 +0800
@@ -1,3 +1,4 @@
+### config by puppet ###
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
@@ -8,3 +9,5 @@
localconfig = $vardir/localconfig
server = puppetmaster.kisspuppet.com
certname = agent3_cert.kisspuppet.com
+ runinterval = 10
+
+
+
+
+ = true
info: FileBucket adding {md5}03cbe6d4def560996eeacedfaef229b4
info: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]: Filebucketed /etc/puppet/puppet.conf to puppet with sum 03cbe6d4def560996eeacedfaef229b4
notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content: content changed '{md5}03cbe6d4def560996eeacedfaef229b4' to '{md5}4f57479998961563e3306b5d0e02a678'
info: Creating state file /var/lib/puppet/state/state.yaml
notice: Finished catalog run in 2.86 seconds
[root@agent3 ~]# cat /etc/puppet/puppet.conf
### config by puppet ###
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = puppetmaster.kisspuppet.com
certname = agent3_cert.kisspuppet.com
runinterval = 10
~~~
**3.3、編寫配置文件service.pp**
通過service資源實現,更多有關service資源及案例請訪問[http://kisspuppet.com/2013/11/12/service/](http://kisspuppet.com/2013/11/12/service/)
**3.3.1、編寫service.pp文件**
~~~
[root@puppetmaster manifests]# vim service.pp
class puppet::service{
service { 'puppet':
ensure => running, #設置puppet服務一直處于運行狀態
hasstatus => true, #通過標準的命令“service server_name status"進行檢查狀態
hasrestart => true, #設置puppet服務具有標準的restart命令
enable => true, #要求開機自動啟動,其實通過chkconfig設置puppet狀態為on
}
}
~~~
**3.3.2、更新config.pp文件,增加通知服務重啟功能**
這個設置完成后,我們再想想我們預先確定的要求是配置在更新后要求puppet服務自動重啟,應當做如下設置
~~~
[root@puppetmaster manifests]# vim config.pp
class puppet::config{
include puppet::params
file { '/etc/puppet/puppet.conf':
ensure => present,
content => template('puppet/puppet.conf.erb'),
owner => 'root',
group => 'root',
mode => '0644',
require => Class['puppet::install'],
notify => Class['puppet::service'], #配置更新后主動通過puppet服務重啟
}
}
~~~
**3.3.3、添加class puppet::service到init.pp中**
~~~
[root@puppetmaster manifests]# vim init.pp
class puppet{
include puppet::install,puppet::config,puppet::service
}
~~~
**3.3.4、測試**
測試一:查看是否設置了開機啟動,查看puppet服務狀態
~~~
[root@agent1 ~]# chkconfig puppet off
[root@agent1 ~]# /etc/init.d/puppet status
puppetd is stopped
[root@agent1 ~]# puppet agent -t
info: Caching catalog for agent1_cert.kisspuppet.com
info: Applying configuration version '1394798692'
notice: /Stage[main]/Puppet::Service/Service[puppet]/ensure: ensure changed 'stopped' to 'running'
notice: Finished catalog run in 1.42 seconds
[root@agent1 ~]# chkconfig --list | grep puppet
puppet 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@agent1 ~]# /etc/init.d/puppet status
puppetd (pid 8537) is running...
~~~
測試二、查看配置被更改還原后,服務是否會自動重啟
~~~
[root@agent1 ~]# echo "#add a line" >>/etc/puppet/puppet.conf
[root@agent1 ~]# tailf /var/log/messages
Mar 14 21:18:52 agent1 puppet-agent[10803]: Reopening log files
Mar 14 21:18:52 agent1 puppet-agent[10803]: Starting Puppet client version 2.7.25
Mar 14 21:18:53 agent1 puppet-agent[10803]: Finished catalog run in 0.27 seconds
Mar 14 21:19:05 agent1 puppet-agent[10803]: Finished catalog run in 0.35 seconds
Mar 14 21:19:16 agent1 puppet-agent[10803]: Finished catalog run in 0.71 seconds
Mar 14 21:19:27 agent1 puppet-agent[10803]: Finished catalog run in 0.30 seconds
Mar 14 21:19:38 agent1 puppet-agent[10803]: Finished catalog run in 0.37 seconds
Mar 14 21:19:50 agent1 puppet-agent[10803]: Finished catalog run in 0.42 seconds
Mar 14 21:20:01 agent1 puppet-agent[10803]: Finished catalog run in 0.28 seconds
Mar 14 21:20:12 agent1 puppet-agent[10803]: Finished catalog run in 0.36 seconds
Mar 14 21:20:23 agent1 puppet-agent[10803]: Finished catalog run in 0.27 seconds
Mar 14 21:20:34 agent1 puppet-agent[10803]: (/Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content) content changed '{md5}898865b650b9af4cae1886a894ce656e' to '{md5}8c67cb8c039bb6436556b91f0c6678c4'
Mar 14 21:20:34 agent1 puppet-agent[10803]: Caught TERM; calling stop
Mar 14 21:20:36 agent1 puppet-agent[13068]: Reopening log files
Mar 14 21:20:36 agent1 puppet-agent[13068]: Starting Puppet client version 2.7.25 #重啟服務
~~~
**3.3.5、服務設置reload動作**
在有些場合,我們僅僅需要在修改配置后,讓服務重新reload而不是restart,這又當如何設置呢
~~~
[root@puppetmaster manifests]# vim config.pp
class puppet::service{
service { 'puppet':
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
provider => init,
path => "/etc/init.d", #設置啟動腳本的搜索路徑
restart => "/etc/init.d/sshd reload", #將restart改成reload
start => "/etc/init.d/sshd start",
stop => "/etc/init.d/sshd stop",
}
}
~~~
測試可以看出服務并沒有停止,而是refresh了
~~~
[root@agent1 ~]# echo "#add a line" >>/etc/puppet/puppet.conf
[root@agent1 ~]# tailf /var/log/messages
Mar 14 21:32:03 agent1 puppet-agent[13068]: Finished catalog run in 0.33 seconds
Mar 14 21:32:13 agent1 puppet-agent[13068]: Reparsing /etc/puppet/puppet.conf
Mar 14 21:32:14 agent1 puppet-agent[13068]: (/Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content) content changed '{md5}898865b650b9af4cae1886a894ce656e' to '{md5}8c67cb8c039bb6436556b91f0c6678c4'
Mar 14 21:32:14 agent1 puppet-agent[13068]: (/Service[puppet]) Triggered 'refresh' from 1 events
Mar 14 21:32:14 agent1 puppet-agent[13068]: Finished catalog run in 0.32 seconds
Mar 14 21:32:25 agent1 puppet-agent[13068]: Finished catalog run in 0.25 seconds
Mar 14 21:32:35 agent1 puppet-agent[13068]: Reparsing /etc/puppet/puppet.conf
Mar 14 21:32:36 agent1 puppet-agent[13068]: Finished catalog run in 0.25 seconds
~~~
**4、優化代碼**
**4.1、 將install.pp中的判斷語句添加到params.pp中**
~~~
[root@puppetmaster manifests]# vim params.pp
class puppet::params {
$puppetserver = 'puppetmaster.kisspuppet.com'
case $hostname{
agent1: {
$certname = 'agent1_cert.kisspuppet.com'
}
agent3: {
$certname = 'agent3_cert.kisspuppet.com'
}
default: {
fail("certname is not supported on ${::operatingsystem}")
}
}
case $operatingsystemmajrelease{ #添加系統版本變量
5: {
$puppet_release = '2.7.23-1.el5'
$facter_release = '1.7.3-1.el5'
}
6: {
$puppet_release = '2.7.23-1.el6'
$facter_release = '1.7.3-1.el6'
}
default: {
fail("Module puppet is not supported on ${::operatingsystem}")
}
}
}
[root@puppetmaster manifests]# vim install.pp #通過變量引用
class puppet::install{
include puppet::puppet_install,puppet::facter_install
}
class puppet::puppet_install{
package { 'puppet':
ensure => $puppet::params::puppet_release, #puppet里引用變量的方法為“$class::子class::變量”
}
}
class puppet::facter_install{
package { 'facter':
ensure => $puppet::params::facter_release,
}
}
~~~
**4.2、測試(略)**
技術源于分享.....
ssh模塊案例詳解:[http://dreamfire.blog.51cto.com/418026/1257719](http://dreamfire.blog.51cto.com/418026/1257719)
- 序
- 第一章:Puppet基礎篇
- 編寫此系列文檔的目的
- 如何學習和使用Puppet
- 安裝Puppet前期的準備工作
- 安裝、配置并使用Puppet
- 如何建立master和agent之間的認證關系
- Puppet更新方式的選型
- 編寫第一個完整測試模塊puppet
- 編寫第二個完整測試模塊yum
- Puppetmaster多環境配置
- 自定義fact實現的四種方式介紹
- 第二章:Puppet擴展篇
- 自定義fact結合ENC(hirea)的應用實踐
- 如何使用虛擬資源解決puppet沖突問題
- 如何擴展master的SSL傳輸性能(apache)
- 如何擴展master的SSL傳輸性能(nginx)
- 通過多進程增強master的負載均衡能力(nginx+mongrel)
- 通過橫向擴展puppetmaster增加架構的靈活性
- puppet代碼與版本控制系統的結合
- Puppet dashboard的部署及測試
- 第三章:MCollective架構篇
- MCollecitve架構的引入
- MCollective+MQ架構的部署
- Puppet插件的部署及測試
- MCollective各種插件的部署及測試
- MCollective安全性設計
- MQ的安全性設計
- 多MQ下MCollective高可用部署
- 第四章:Foreman架構的引入
- Foreman作為自動化運維工具為什么會如此強大
- 安裝前環境準備
- 安裝Foreman1.5架構(all-in-one)
- 安裝Foreman1.6架構(foreman與puppetmaster分離)
- 安裝Foreman1.7架構(源碼,僅測試使用)
- 整合puppetmaster
- Foreman結合mcollective完成push動作
- Foreman結合puppetssh完成push動作
- Foreman的ENC環境與fact環境的對比
- hostgroup如何轉換為本地的fact
- 智能變量與puppet模塊參數化類的結合
- Foreman報告系統的使用
- Foreman-proxy如何做負載均衡
- Foreman上如何展現代碼及文件內容
- Foreman如何和虛擬化管理軟件結合
- 如何借助Foreman完成自動化部署操作系統(一)
- 如何借助Foreman完成自動化部署操作系統(二)
- Foreman CLI(Hammer)工具的使用
- Foreman目前的不足之處