Puppet
From ConShell
Contents |
Introduction
Collection of tips about running Puppet, a configuration & system management tool.
Operational
Trigger a client run
You can send puppetd (client) a USR1 signal to trigger it to run. I usually tack on the syslog tailer to see what it's doing.
# ps ax | grep pupp 9605 ? Ssl 3:43 ruby /usr/sbin/puppetd -w 0 ... # kill -USR1 9605; tail -f /var/log/syslog
This way also works (e.g. on Debian) if you know the pid path...
kill -USR1 `cat /var/run/puppet/puppetd.pid`; tail -f /var/log/syslog
Parsing a (class) file
This is how to do a a syntax check on a file.
puppet --parseonly --ignoreimport <filename> #e.g. ruby-server.pp err: Could not parse for environment development: Syntax error at ';'; expected ']' at /etc/puppet/manifests/classes/ruby-server.pp:2
Providers
Users
Make sure to install libshadow-ruby1.8 on Debian/Ubuntu or libshadow on Fedora/Red Hat/CentOS
In a @user declaration, when specifying a password, do not use double-quote... instead use single-quotes, e.g.
password => '$1$LU.r1qgx$XbcRiNjgXc3ZDtuJaOu4n0'
Otherwise the $ will trigger interpolation.
Packages
Gems
This example shows how to install a specific version of a gem.
package { "cached_model":
ensure => "1.2.1",
provider => gem
}
Resource Relationships
Metaparameters such as before, subscribe, notify and ensure can be used to designate relationships between resources.
before
Use before to indicate that this resource has to be applied first, before something else.
require
This should be used to indicate that some other resource is a prerequisite.
file { sshd_config:
...
require => Package[ssh]
}
This says "make sure the ssh package (defined elsewhere as a package resource) is installed before applying this file resource".
ensure
Ways to use ensure.
Ensure the latest version of a package is installed.
package { ssh: ensure => latest, ... }
Ensure a specific version of a packages is installed
(See the gem example above)
Ensure a service is running.
service { snmpd: ensure => running, ... }
Ensure a file exists.
file { "/some/file": ensure => exists, ... }
Ensure a directory exists. (Confusing as it appears in a file resource.
file { "/some/folder": ensure => directory, ... }
Ensure a soft-link exists.
file { "/some/file": ensure => link, target => "/some/existing/file" }
Ensure a package is absent i.e. not installed
package { "smartd": ensure => absent }
subscribe
The 'subscribe' attribute in a service causes the service to restart if the configuration file changes.
service { "foo": subscribe => File["foo.conf"], ... }
Puppet Issues
Random issues noted by puppet users.
- Caching issues - these seem to crop up all the time. Possible fixes depending on the case:
- Restart puppetmasterd
- Clear out state files e.g. /var/lib/puppet/state/* on the client
- Clear out cached node(s) and/or facts e.g. /var/lib/puppet/yaml/*/* on the puppetmaster server(s)
Puppet Links
- Puppet Home
- Puppet at Google - RedMonk Radio Episode 48
- Puppet Video Interview with Luke Kanies - Part 1
- Puppet Video Interview with Luke Kanies - Part 2 Bootstrapping on Open Source Company
- Puppet on FreeBSD
- Puppet on Debian
- Puppet For Mac Workstation Configuration Management - a presentation from Ski Kacoroski about BitPusher's deployment of Puppet for Northshore School District.
