編寫第二個完整測試模塊yum · Puppet運維實戰

#### Puppet基礎篇8-編寫第二個完整測試模塊yum # 工欲善其事必先利其器上一節講解了puppet基礎環境模塊puppet，除此之外影響puppet基礎環境的還有一個模塊叫yum源，當然這個是相對于RedHat系統而言的，如果是SLES系統，就要配置zypper源了，其它Linux系統也是如此。那么配置yum源需要用到哪些資源呢？之前寫puppet模塊的時候用到了file資源、service資源、package資源，那么這三個資源是否能滿足yum模塊的配置呢，答案是肯定的。然而官方給出了專用的yumrepo資源，管理可以精確到repo里面的每一行，使用還是非常方便的，接下來，我們使用官方給出的yumrepo資源來配置yum模塊。 **注：**上一節教會大家如何一步步創建一個完整模塊，為了避免重復，這一節就直接貼配置了。 ### 一、配置之前需要考慮的問題： 1、yum包需要被安裝； 2、yum主配置文件yum.conf需要配置正確； 3、每臺主機至少有兩個repo源，一個指向本地的ISO源，一個指向自定義的puppet源； 4、不同系統版本的repo源中的部分參數略有不同，比如baseurl。 ### 二、創建yum模塊 **1、創建yum模塊目錄結構** ~~~ [root@puppetmaster modules]# tree yum yum ├── files ├── manifests └── templates 3 directories, 0 files ~~~ **2、創建package資源** ~~~ [root@puppetmaster manifests]# vim install.pp class yum::install{ package { 'yum': ensure => installed, #要求yum這個包處于安裝狀態 } } ~~~ **3、創建params.pp** 根據操作系統版本定義repo文件中的各項條目 ~~~ eg. [root@agent1 ~]# facter | grep operatingsystemrelease 系統版本fact operatingsystemrelease => 5.7 ~~~ 由于RedHat存在多個版本，不同版本yum源的指向不同，對應的pki認證文件也不同，因此應當設置一些變量，然后進行引用。以下只定義了系統版本為5.7、5.8、和6.4的變量，如果有其它版本效仿即可。 ~~~ [root@puppetmaster manifests]# vim params.pp class yum::params { case $operatingsystemrelease{ 5.7: { $yum_redhat_descr = 'rhel base rpm packages' #定義redhat光盤源的描述信息 $yum_puppet_descr = 'puppet rpm packages for rhel' #定義puppet源的描述信息 $yum_redhat_pki = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5' #定義redhat光盤源的pki認證文件位置 $yum_redhat_baseurl = 'file:///media/cdrom/Server' #定義redhat光盤源baseurl的下載位置 $yum_puppet_baseurl = 'ftp://puppetmaster.kisspuppet.com/RHEL5U7' #定義puppet源baseurl的下載位置 $yum_redhat_pki_name = '/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5' #定義puppet源pki認證文件位置 $yum_redhat_pki_download = 'puppet:///modules/yum/PM-GPG-KEY/RPM-GPG-KEY-redhat-release-rhel5' #定義pki文件的服務器下載地址 } 5.8: { $yum_redhat_descr = 'rhel base rpm packages' $yum_puppet_descr = 'puppet rpm packages for rhel' $yum_redhat_pki = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5' $yum_redhat_baseurl = 'file:///media/cdrom/Server' $yum_puppet_baseurl = 'ftp://puppetmaster.kisspuppet.com/RHEL5U8' $yum_redhat_pki_name = '/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5' $yum_redhat_pki_download = 'puppet:///modules/yum/PM-GPG-KEY/RPM-GPG-KEY-redhat-release-rhel5' } 6.4: { $yum_redhat_descr = 'rhel base rpm packages' $yum_puppet_descr = 'puppet rpm packages for rhel' $yum_redhat_pki = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel6' $yum_redhat_baseurl = 'file:///media/cdrom' $yum_puppet_baseurl = 'ftp://puppetmaster.kisspuppet.com/RHEL6U4' $yum_redhat_pki_name = '/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel6' $yum_redhat_pki_download = 'puppet:///modules/yum/PM-GPG-KEY/RPM-GPG-KEY-redhat-release-rhel6' } default: { #定義如果沒有以上版本的系統，直接報以下錯誤，同時也是為了方便調試 fail("Module yum is not supported on ${::operatingsystem}") } } } ~~~ **4、創建config.pp文件** config.pp文件用于管理yum主配置文件yum.conf，repo文件的屬性，pki文件的屬性及下載地址和yumrepo源 ~~~ [root@puppetmaster manifests]# vim config.pp class yum::config{ include yum::params #引用class yum::params include yum::config_file,yum::config_key,yum::config_repo } class yum::config_file{ file { '/etc/yum.conf': #創建file資源管理yum主配置文件yum.conf ensure => present, #要求文件處于存在狀態 owner => 'root', #屬主為root group => 'root', #屬組為root mode => '0644', #文件權限為644 source => 'puppet:///modules/yum/etc/yum.conf', #要求從puppetmaster服務器指定目錄去下載 require => Class['yum::install'], #要求在配置之前先安裝yum軟件包 } file { '/etc/yum.repos.d/rhel-base.repo': #設置光盤repo的一些屬性 ensure => present, owner => 'root', group => 'root', mode => '0644', require => Class['yum::config_repo'], #要求設置之前yumrepo資源rhel-base必須存在 } file { '/etc/yum.repos.d/rhel-puppet.repo': #設置puppet repo的一些屬性 ensure => present, owner => 'root', group => 'root', mode => '0644', require => Class['yum::config_repo'], #要求設置之前yumrepo資源puppet必須存在 } } class yum::config_key{ #設置pki證書的一些屬性及下載位置 file { $yum::params::yum_redhat_pki_name: ensure => present, owner => 'root', group => 'root', mode => '0644', source => $yum::params::yum_redhat_pki_download, } } class yum::config_repo{ yumrepo { rhel-base: #創建yumrepo資源rhel-base descr => $yum::params::yum_redhat_descr, #設置描述信息 baseurl => $yum::params::yum_redhat_baseurl, #設置yum源下載地址 enabled => 1, #激活yum源 gpgcheck => 1, #設置要求通過pki校驗 gpgkey => $yum::params::yum_redhat_pki, #設置pki文件的下載位置 require => Class['yum::config_key'], #要求這個文件必須存在 priority => 1, #設置repo的優先級為1(數字越小優先級越高) } yumrepo { rhel-puppet: descr => $yum::params::yum_puppet_descr, baseurl => $yum::params::yum_puppet_baseurl, enabled => 1, gpgcheck => 0, priority => 2, } } ~~~ **5、創建init.pp文件** 由于params.pp文件中設置的變量名稱引用太長，這里可以在init.pp中將變量名簡化，方便引用。 ~~~ class yum( $yum_redhat_descr = $yum::params::yum_redhat_descr, # $yum_puppet_descr = $yum::params::yum_puppet_descr, $yum_redhat_pki = $yum::params::yum_redhat_pki, $yum_redhat_baseurl = $yum::params::yum_redhat_baseurl, $yum_puppet_baseurl = $yum::params::yum_puppet_baseurl, $yum_redhat_pki_name = $yum::params::yum_redhat_pki_name, $yum_redhat_pki_download = $yum::params::yum_redhat_pki_download ) inherits yum::params { #設置這些變量依賴于yum::params類 include yum::config,yum::install #包含所有子class } ~~~ 因此、上面定義的class yum::config_key和yum::config_repo可以寫成以下格式 ~~~ class yum::config_key{ #設置pki證書的一些屬性及下載位置 file { $yum_redhat_pki_name: ensure => present, owner => 'root', group => 'root', mode => '0644', source => $yum_redhat_pki_download, } } class yum::config_repo{ yumrepo { rhel-base: #創建yumrepo資源rhel-base descr => $yum_redhat_descr, #設置描述信息 baseurl => $yum_redhat_baseurl, #設置yum源下載地址 enabled => 1, #激活yum源 gpgcheck => 1, #設置要求通過pki校驗 gpgkey => $yum_redhat_pki, #設置pki文件的下載位置 require => Class['yum::config_key'], #要求這個文件必須存在 priority => 1, #設置repo的優先級為1(數字越小優先級越高) } yumrepo { rhel-puppet: descr => $yum_puppet_descr, baseurl => $yum_puppet_baseurl, enabled => 1, gpgcheck => 0, priority => 2, } } ~~~ **6、創建puppet.conf和pki文件** ~~~ [root@puppetmaster yum]# tree files files ├── etc │ └── yum.conf #可以從節點/etc/目錄下copy一個yum.conf文件進行配置管理 └── PM-GPG-KEY ├── RPM-GPG-KEY-puppet-release #自己做一個pki文件，如何做，請google ├── RPM-GPG-KEY-redhat-release-rhel5 #在RHEL5系統/etc/pki/rpm-gpg/目錄下面有對應的pki文件，將其命個別名即可 └── RPM-GPG-KEY-redhat-release-rhel6 #在RHEL6系統/etc/pki/rpm-gpg/目錄下面有對應的pki文件，將其命個別名即可 2 directories, 4 files ~~~ **7、應用到節點上** ~~~ [root@puppetmaster modules]# vim /etc/puppet/manifests/site.pp $puppetmaster = 'puppetmaster.kisspuppet.com' class environments{ include motd,puppet,yum } node default{ include environments } ~~~ **8、在agent1上進行測試** ~~~ [root@agent1 yum.repos.d]# mv * /tmp/ #將所有的repo文件移動到/tmp目錄下 [root@agent1 yum.repos.d]# puppet agent -t #運行一次puppet更新動作，可以通過以下日志看出更新 info: Caching catalog for agent1_cert.kisspuppet.com info: Applying configuration version '1395696487' info: create new repo rhel-puppet in file /etc/yum.repos.d/rhel-puppet.repo notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/descr: descr changed '' to 'puppet rpm packages for rhel' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/baseurl: baseurl changed '' to 'ftp://puppetmaster.kisspuppet.com/RHEL5U7' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/enabled: enabled changed '' to '1' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/gpgcheck: gpgcheck changed '' to '0' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/priority: priority changed '' to '2' info: changing mode of /etc/yum.repos.d/rhel-puppet.repo from 600 to 644 info: create new repo rhel-base in file /etc/yum.repos.d/rhel-base.repo notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/descr: descr changed '' to 'rhel base rpm packages' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/baseurl: baseurl changed '' to 'file:///media/cdrom/Server' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/enabled: enabled changed '' to '1' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/gpgcheck: gpgcheck changed '' to '1' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/gpgkey: gpgkey changed '' to 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5' notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/priority: priority changed '' to '1' info: changing mode of /etc/yum.repos.d/rhel-base.repo from 600 to 644 notice: Finished catalog run in 0.51 seconds [root@agent1 yum.repos.d]# ls rhel-base.repo rhel-puppet.repo [root@agent1 yum.repos.d]# cat rhel-base.repo #查看更新的光盤源文件 [rhel-base] name=rhel base rpm packages baseurl=file:///media/cdrom/Server enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5 priority=1 [root@agent1 yum.repos.d]# cat rhel-puppet.repo #插件更新的puppet源文件 [rhel-puppet] name=puppet rpm packages for rhel baseurl=ftp://puppetmaster.kisspuppet.com/RHEL5U7 enabled=1 gpgcheck=0 priority=2 ~~~ **說明：**關于puppet的資源目前大概有48種，這里就不一一介紹了，詳情可訪問 [http://docs.puppetlabs.com/references/stable/type.html](http://docs.puppetlabs.com/references/stable/type.html)