自动化运维工具puppet学习笔记之基础篇
- **************服务端安装软件******************
- shell#touch /etc/puppet/manifests/site.pp
- shell#cat /etc/hosts
- 192.168.1.254 nat.test.com
- shell#/etc/init.d/puppetmaster start
- shell#puppet cert --sign test.test.com
- 签发证书,需要为每一个域名单独签发
- **************客户端配置服务******************
- shell#cat /etc/hosts
- 192.168.1.254 nat.test.com
- 127.0.0.1 test.test.com
- shell#echo "server = nat.test.com" >>/etc/puppet/puppet.conf
- shell#puppet agent --no-daemonize --verbose
- 服务端文件
- vim /etc/puppet/manifests/site.pp
- node default{
- file {"/tmp/a.txt":
- content => "test\n",
- ensure => present,
- backup => ".bak",
- mode => 500,
- owner => root,
- group => www,
- }
- }
- *********************客户端测试****************************
- puppet agent --verbose --test
- *********************服务端创建模块**************************
- shell#mkdir /etc/puppet/modules/snmpd/{files,manifests,templates} -p
- shell#vim /etc/puppet/modules/snmpd/manifests
- ######################################################################################################################
- class snmpd {
- service {
- "snmpd":
- enable => "true",
- ensure => "running",
- require => File["snmpd.conf"],
- subscribe => File["snmpd.conf"],
- name => $operatingsystem ? {
- default => "snmpd",
- },
- }
- package {
- "net-snmp":
- ensure => present,
- name => $operatingsystem ? {
- debian => "snmpd",
- ubuntu => "snmpd",
- default => "net-snmp",
- },
- }
- file {
- "snmpd.conf":
- # owner => root,
- # group => root,
- # mode => 644,
- require => Package["net-snmp"],
- path => $operatingsystem ?{
- default => "/etc/snmp/snmpd.conf",
- },
- }
- }
- #####################################################################################################
- vim /etc/puppet/manifests/site.pp
- node default{
- file {"/tmp/a.txt":
- content => "This is a test file date\n",
- ensure => present,
- backup => ".back",
- mode => 500,
- owner => root,
- group => www,
- }
- }
- node 'test.test.com' {
- file {"/tmp/b.txt":
- content => "This is a test file\n",
- ensure => present,
- backup => ".back",
- mode => 500,
- owner => root,
- group => root,
- }
- include snmpd #包含创建的类
- }
- http://docs.puppetlabs.com/guides/types/service.html 原文地址
- service管理系统运行的服务进程,不幸的是不同的系统管理服务的方式是多样的. 有些系统上面对于服务管理很简单,有些系统提供复杂的强大的服务管理功能.puppet提供最基本的服务管理,你也可以指定provider,使用一些特性.
- 注意,当一个服务从另一个资源收到一个事件,服务会重启,例如配置文件修改,可以要求相应的服务重启.不同的平台重启命令不同,你也可以手工指定重启服务的命令.
- 特性
- controllable provider 提供control 变量
- enableable provider 可以enable和disable服务
- refreshable provider 可以重启服务
- 例子service { "ssh": ensure => running; "nfs": ensure => stopped; }
- 参数binary
- 运行服务的命令的路径, 只用于不支持init的操作系统, 如果没有指定启动脚本,就用这个命令来启动服务.
- enable
- 服务在开机的时候是否启动,可以设置的值是true和false,需要provider支持enableable
- ensure
- 是否运行服务, running表示运行服务,stopped 表示停止服务
- hasrestart
- 指出管理脚本是否支持restart参数,如果不支持,就用stop和start实现restart效果. 可以设置的值是true 或 false
- hasstatus
- 指出管理脚本是否支持status参数,puppet用status参数来判断服务是否已经在运行了,如果不支持status参数,puppet利用查找运行进程列表里面是否有服务名来判断服务是否在运行. 可以设置的值是true或false
- name
- 该资源的namevar, 服务的名字,通常就是在/etc/init.d/目录下的名字
- path
- 启动脚本的搜索路径,可以用冒号分割多个路径,或者用数组指定.
- pattern
- 设置搜索进程列表的匹配字符串,用于不支持init脚本的系统.当要停止一个服务的时候,通过查看进程运行列表来判断.
- provider
- puppet提供下面的provider(只列出常见的系统)
- debian debian系统的init模式的管理脚本,支持 enableable, refreshable.
- freebsd init模式,支持enableable, refreshable.
- init 标准的init模式,支持refreshable
- redhat redhat的init模式,支持enableable, refreshable.
- smf solaris新的服务管理框架,支持enableable, refreshable
- restart
- 指定重启脚本,否则就先停止该服务再启动该服务
- start
- 指定启动服务的命令,通常init模式的管理脚本都支持,不需要手工指定
- status
- 指定status命令,如果不指定,就从进程列表查询该服务
- stop
- 指定停止服务的脚本.
http://nocap.blog.163.com/blog/static/19052507420121030113615705/
- 官方文档
- http://docs.puppetlabs.com/puppetdocs-latest.tar.gz
- http://www.puppetlabs.com/downloads/docs/puppet_labs_docs_pdfs.zip
- puppet cert sign mytestagent.example.com
- puppet cert sign --all
- puppet master --no-daemonize --verbose
- puppet --genconfig
- puppet agent --server myserver.example.com --waitforcert 60 --test
- puppet master --configprint modulepath
- puppet config print modulepath --mode master
- auth.conf
- autosign.conf
- ==========================================
- rebuilt.example.com
- *.scratch.example.com
- *.local
- ==========================================
- device.conf
- ==========================================
- [device certname]
- type <type>
- url <url>
- [router6.example.com]
- type cisco
- url ssh://admin:password@ef03c87a.local
- fileserver.conf
- ===========================================
- # Files in the /path/to/files directory will be served
- # at puppet:///mount_point/.
- [mount_point]
- path /path/to/files
- allow *.example.com
- deny *.wireless.example.com
- ===========================================
- tagmail.conf
- require
- Set report=true on your agent nodes
- Set reports=tagmail
- Set the reportfrom email address and either the smtpserver or sendmail setting on the puppet master
- Create a tagmail.conf file at the location specified in the tagmap setting
- ocated at /etc/puppet/tagmail.conf by default
- A comma-separated list of tags and !negated tags; valid tags include:
- Explicit tags
- Class names
- Puppet Documentation ? Configuring Puppet 40/411
- “ all ”
- Any valid Puppet log level ( debug , info , notice , warning , err , alert , emerg , crit , or
- verbose )
- A colon
- A comma-separated list of email addresses
- The list of tags on a line builds the set of resources whose messages will be included in the mailing;
- each additional tag adds to the set, and each !negated tag subtracts from the set.
- So, for example:
- ==============================================================================================
- all: log-archive@example.com
- webserver, !mailserver: httpadmins@example.com
- emerg, crit: james@example.com, zach@example.com, ben@example.com
- ==============================================================================================
- service { 'sshd':
- subscribe => File['sshdconfig'],
- }
- define svn_repo($path) {
- exec { "/usr/bin/svnadmin create ${path}/${title}":
- unless => "/bin/test -d ${path}",
- }
- }
- svn_repo { 'puppet_repo': path => '/var/svn_puppet' }
- svn_repo { 'other_repo': path => '/var/svn_other' }
- define svn_repo($path) {
- exec { "create_repo_${name}":
- command => "/usr/bin/svnadmin create ${path}/${title}",
- unless => "/bin/test -d ${path}",
- }
- if $require {
- Exec["create_repo_${name}"] {
- require +> $require,
- }
- }
- }
- svn_repo { 'puppet':
- path => '/var/svn',
- Puppet Documentation ? Language Guide 50/411
- require => Package['subversion'],
- }
- 变量赋值
- $value = "${one}${two}"
- 数组
- $foo =[ 'one', 'two', 'three' ]
- notice $foo[1]
- 将返回 two
- host { 'one.example.com':
- ensure => present,
- alias => [ 'satu','dua', 'tiga' ],
- ip => '192.168.100.1',
- }
- 哈希
- $myhash ={ key1 => 'myval', key2 => $b }
- 访问hash元素
- $myhash ={ key => { subkey => 'b' }}
- notice($myhash[key][subkey])
- 节点赋不同的值
- =========================================================
- node a {
- $setting = 'this'
- include class_using_setting
- }
- node b {
- $setting = 'that'
- include class_using_setting
- }
- =========================================================
- calss的设置
- =========================================================================================
- $test = 'top'
- class myclass {
- exec { "/bin/echo ${test}": logoutput => true }
- }
- class other {
- $test = 'other'
- include myclass
- }
- include other
- ===========================================================================================
- 访问class里面的值
- ========================================================
- class myclass {
- $test = 'content'
- }
- class anotherclass {
- $other = $myclass::test
- }
- ========================================================
- 给变量中的数组增加元素
- ==========================================================================
- $ssh_users = [ 'myself', 'someone' ]
- class test {
- $ssh_users += ['someone_else']
- }
- ===========================================================================
- 这里的+=是给数组增加值
- 变量选择相关
- file{ '/etc/config':
- owner => $operatingsystem ? {
- 'sunos' => 'adm',
- 'redhat' => 'bin',
- default => undef,
- },
- }
- 默认值为undef,
- $owner=$operatingsystem ? {
- /(redhat|debian)/=>'bin',
- default =>undef,
- }
- $system=$operatingsystem ? {
- /(redhat|debian)/ => "our system is $1",
- default => "our system is unknown",
- }
- 这里的$1将会返回redhat或者debian
- $0将会返回整行
- case
- =====================================================================================================
- case $operatingsystem {
- 'sunos': { include solaris } # apply the solaris class
- 'redhat': { include redhat } # apply the redhat class
- default: { include generic } # apply the generic class
- }
- ====================================================================================================
- =======================================================================================================
- case $hostname {
- 'jack','jill': { include hill } # apply the hill class
- 'humpty','dumpty': { include wall } # apply the wall class
- default: { include generic } # apply the generic class
- }
- ========================================================================================================
- 如果v$hostname fact里面含有jack或者jill,那么将会include hill
- ========================================================================================================
- case $hostname {
- /^j(ack|ill)$/: { include hill } # apply the hill class
- /^[hd]umpty$/: { include wall } # apply the wall class
- default: { include generic } # apply the generic class
- }
- ===========================================================================================================
- case $hostname {
- /^j(ack|ill)$/: { notice("Welcome $1!") }
- default: { notice("Welcome stranger") }
- }
- ===========================================================================================================
- if $variable {
- file { '/some/file': ensure => present }
- } else {
- file { '/some/other/file': ensure => present }
- }
- ============================================================================================================
- if $server == 'mongrel' {
- include mongrel
- } elsif $server == 'nginx' {
- include nginx
- } else {
- include thin
- }
- if $ram > 1024 {
- $maxclient = 500
- }
- =============================================================================================================
- if ( $processor_count > 2 ) and (( $ram >= 16 * $gigabyte ) or ( $disksize > 1000 )) {
- include for_big_irons
- } else {
- include for_small_box
- }
- ================================================================================================================
- unless $memorysize > 1024 {
- $maxclient = 500
- }
- ================================================================================================================
- 虚拟资源
- @user { 'luke': ensure => present }
- User <| title == luke |>
- realize User['luke']
- #将虚拟资源实例化
- class ssh {
- @@sshkey { $hostname: type => dsa, key => $sshdsakey }
- Sshkey <<| |>>
- }
- 正则表达式
- 安装module
- puppet module install puppetlabs-apache --version 0.0.2
- puppet module list
- puppet module search apache
- puppet module uninstall puppetlabs-apache
- puppet module upgrade puppetlabs-apache --version 0.0.3
- https://forge.puppetlabs.com
- 当一个文件改变的时候如何运行一个命令
- ===============================================================================================
- file { "/etc/bind": source => "/dist/apps/bind" }
- exec { "/usr/bin/ndc reload":
- subscribe => File["/etc/bind"],
- refreshonly => true
- }
- ==============================================================================================
- 如何确保创建一个用户之前另一个组已经存在
- group { "fearme":
- ensure => present,
- gid => 1000
- }
- user { "tim":
- ensure => present,
- gid => "fearme",
- groups => ["adm", "staff", "root"],
- membership => minimum,
- shell => "/bin/bash",
- require => Group["fearme"]
- }
- class base_class {
- define testvar_file($myvar="bob") {
- file { $name:
- content => template("john.erb"),
- }
- }
- testvar_file { "/tmp/testvar": }
- }
- class child_class inherits base_class {
- Base_class::Testvar_file["/tmp/testvar"] { myvar => fred }
- }
- gem install rack
- gem install passenger
- passenger-install-apache2-module
本文转自it你好 51CTO博客,原文链接:http://blog.51cto.com/itnihao/1134203,如需转载请自行联系原作者
自动化运维工具puppet学习笔记之基础篇相关推荐
- 自动化运维工具Puppet(管理资源)
接上文<自动化运维工具Puppet>http://kaliarch.blog.51cto.com/8966921/1973736 利用模块与模版管理agent端资源 一.模块管理 环境安装 ...
- 自动化运维工具——puppet详解(二)
自动化运维工具--puppet详解(二) 目录 一.class 类 1)什么是类? 2)带有参数的类 3)类的继承 1.新增属性 2.新增原有值 3.修改原有值 4.整体调用父类,并重写部分值 二.模 ...
- 项目10.2-企业级自动化运维工具---puppet详解
1.认识puppet 1.1 引入 puppet是什么,咱们先不用专业的名词解释它,咱们先描述一些工作场景,看明白这些工作场景,自然会知道puppet是什么. (1)场景一: 管理员想要在100台服务 ...
- 自动化运维工具ansible学习+使用ansible批量推送公钥到远程主机
原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 .作者信息和本声明.否则将追究法律责任. 目录: 一.ansible简介 1.1.ansible是什么 1.2.ansible如何工作 ...
- 自动化运维工具ansible学习+使用ansible批量推送公钥到远程主机[学习马哥]
目录: 一.ansible简介 1.1.ansible是什么 1.2.ansible如何工作 1.3.ansible优缺点 1.4.ansible安装方式 1.5.ansible文件简单介绍 1.6. ...
- 自动化运维工具——puppet详解(一)
一.puppet 介绍 1.puppet是什么 puppet是一个IT基础设施自动化管理工具,它能够帮助系统管理员管理基础设施的整个生命周期: 供应(provisioning).配置(configur ...
- 自动化运维工具—puppet详解
文章目录 一.puppet 介绍 1.puppet是什么 2.puppet的工作机制 1)工作模型 2)工作流程 3)使用模型 3.puppet 名词解释 二.puppet 资源详解 1.程序安装及环 ...
- 自动化运维工具puppet(四)
一.节点管理 1.什么是节点 我们将Puppet的每个客户端都称为节点( node) . 每个节点件定义主机名时可以是个. 组 ( 正则或继承) . 所有的节点都需要在站点件( site.pp) 中进 ...
- 自动化运维工具puppet(1)
puppet模块管理 模块是puppet的最大单元,模块里面有类,类下面有资源. puppet管理的文件.用户.服务.任务计划等全部由这些单元组成. 下面我们来定义一个模块: 在服务端上做如下操作: ...
- 52.puppet自动化运维工具
puppet自动化运维工具 Puppet是一款运维自动化工具,在一些大型的互联网企业,它可以针对多台服务器进行统一操作,如统一部署软件,进行统一上线维护等,意思就是说在一台linux服务器上所部署的操 ...
最新文章
- vue Element-ui 表格自带筛选框自定义高度
- 【组队学习】【23期】Datawhale深度推荐模型
- php 效率最高的递归,PHP 递归效率分析_PHP教程 - microtime
- 皮猜按下谷歌招聘暂停键,疫情之下,「紧日子」来了
- 死磕Java并发:J.U.C之并发工具类:CyclicBarrier
- python 转短链接_使用Python生成url短链接的方法
- 大型网站技术架构文摘
- 【差分隐私组合定理,直方图,列联表代码实现】差分隐私代码实现系列(五)
- Java并发编程实战笔记—— 并发编程1
- 2362:数字游戏(小k和小p的传奇)
- 乐博Android客户端(新浪微博)1.01发布,欢迎各位童鞋试用
- 如何发布自己的npm包(超详细步骤,博主都在用)
- 避坑14_此浏览器或应用可能不安全。了解详情请尝试使用其他浏览器。
- Mysql Where条件执行顺序是从左到右
- c语言字符串的题库,C考试系统题库含答案程序题
- 模拟登陆广西科技大学正方教务系统
- 加班两年只赚2千块:低姿态的人,挣不了大钱
- u盘无法linux,Linux 3.18U盘无法正确使用
- Cris 的Python日记(三):循环语句
- SAP寄售采购的原料可以发给加工商做外协加工吗?