Today's puppet blog will be about resources. What kind of resources are out there, how to define them and how to set relationship between them. I'll use same setup as in the previous post.
TOC
Defining a resource
I'll start with simple user and group resources. I'll define user named vajko with primary group vajko and suplementary group powerusers. I'll define those groups as well:
[root@puppet vajko-basic]# cat /root/vajko-basic/manifests/init.pp
class basic {
# User part
user { 'vajko':
ensure => 'present',
home => '/home/vajko',
managehome => true,
uid => 1221,
gid => 1221,
groups => 'powerusers',
password => '$6$RjjYOArA$DqJfCY81QtNpYvlHHxMTDIuvXtIVwznRRH3ww2HU4NWU.GJ2SgJiOOnDh8DSPsPOB.JiyRM2a9sKzaYOb5K3f0',
}
group { 'vajko':
ensure => 'present',
gid => 1221,
}
group { 'powerusers':
ensure => 'present',
gid => 1222,
}
}
When I try to apply the changes (after module rebuild and reinstall), it will probably fail.
The reason is that puppet doesn't know the order in which these resources should be applied. If puppet tries to create user before groups, it will certainly fail.
Therefore I'll give puppet a hint with following lines:
Group['vajko'] -> User['vajko'] Group['powerusers'] -> User['vajko']
Meaning of code above is following. Group vajko must be created before user vajko and group powerusers must be also created before user vajko. I can see that resources are created in correct order:
[root@puppet7 ~]# puppet agent -t . . . Notice: /Stage[main]/Basic/Group[powerusers]/ensure: created Notice: /Stage[main]/Basic/Group[vajko]/ensure: created Notice: /Stage[main]/Basic/User[vajko]/ensure: created
File resource
When I log to puppet7 machine I would like to have nice shell prompt. I can do it by setting PS1 environment variable.
I'll create .bashrc:
[root@puppet vajko-basic]# pwd
/root/vajko-basic
[root@puppet vajko-basic]# mkdir files
[root@puppet vajko-basic]# cat files/.bashrc
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
# User specific aliases and functions
export PS1="[\u@\[\e[1;97m\]\h\[\e[0;39m\] \W]\$ "
Now I'll define file resources. Each file has owner, group, mode and source file. And dependency of course:
class basic {
.
.
.
# Bash profile
file { '/root/.bashrc':
ensure => 'file',
owner => 'root',
group => 'root',
mode => 0660,
source => 'puppet:///modules/basic/.bashrc',
}
file { '/home/vajko/.bashrc':
ensure => 'file',
owner => 'vajko',
group => 'vajko',
mode => 0660,
source => 'puppet:///modules/basic/.bashrc',
}
User['vajko'] -> File['/home/vajko/.bashrc']
}
I'll apply it to agent again. I can see that files were created:
[root@puppet7 ~]# puppet agent -t
.
.
.
Notice: /Stage[main]/Basic/File[/root/.bashrc]/ensure: defined content as '{md5}427372309ea7c05a8c77cb7d832164fb'
Notice: /Stage[main]/Basic/File[/home/vajko/.bashrc]/ensure: defined content as '{md5}427372309ea7c05a8c77cb7d832164fb'
Notice: Finished catalog run in 0.33 seconds
I'll check content of the file:
[root@puppet7 ~]# cat ~vajko/.bashrc
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
# User specific aliases and functions
export PS1="[\u@\[\e[1;97m\]\h\[\e[0;39m\] \W]\$ "
Other resources
I want puppet to do more work. I like vim editor. I want puppet to install it for me:
package { 'vim-enhanced':
ensure => installed,
}
I also need comments plugin for vim:
file { '/root/.vim':
ensure => directory,
owner => root,
mode => 0755,
}
file { '/root/.vim/plugin':
ensure => directory,
owner => root,
mode => 0755,
}
file { 'comments-plugin':
path => '/root/.vim/plugin/comments.vim',
ensure => file,
owner => root,
mode => 0644,
source => "puppet:///modules/basic/comments.vim",
}
Package['vim-enhanced']
-> File['/root/.vim']
-> File['/root/.vim/plugin']
-> File['comments-plugin']
I'm using console with black background. Puppet could you please tell this information to the vim? Of course he could:
[root@puppet vajko-basic]# cat manifests/init.pp
.
.
.
file { 'vim-config':
path => '/etc/vimrc',
ensure => file,
owner => root,
mode => 0644,
source => "puppet:///modules/basic/vimrc",
}
Package['vim-enhanced'] -> File['vim-config']
.
.
.
[root@puppet vajko-basic]# cat files/vimrc
.
.
.
set bg=dark
set expandtab
set sw=4
set ts=4
I'm behind proxy. Please add proxy host to /etc/hosts:
# Add host entry for proxy
host { 'proxy.somewhere.net':
ensure => 'present',
ip => '10.10.10.10',
}
What about adding new yum repository? No problem:
yumrepo { 'epel':
descr => 'Extra Packages for Enterprise Linux 7 - $basearch',
ensure => 'present',
enabled => true,
mirrorlist => 'https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch',
failovermethod => 'priority',
gpgcheck => 0,
gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7',
}
It would appreciate If I could login to agent host with my ssh key. Easy one:
# SSH key from host machine
ssh_authorized_key{ 'me@kra.localdomain4vajko':
ensure => 'present',
key => 'AAAAB3NzaC1kc3MAAACBAPJ4JOaoBgHhKgzllkbxWtKRZCnpRmqwuYM6UXL4XGZpwsW8hd7rNspVYR+G1SY0OU5Thd6xXvQ8XVbeInID+/nZSVPbWqisE2G/hPG+GfWzWwbZagL+ZKzR2n4mj53GTOppBBdEXRFw2fyO2oo7yCupUGuh2n9YxFefE8gcz1NvAAAAFQCB4qjFTnjCAko9lKNaVGbBLOOAowAAAIAtCiPkiuRNVUUB6tnINtKRrmF//NygcY1p75LBWqWPgcyteEVz5j3eNeq7qEBEFDJlS87P8jFbbXgKVFq60NzGeK9hV2aVfME4oLIyNFnI4PRRzOSKZEfThe5YW+w0nejfc7isXsOaNNbCnKI4U+ptOZazvgujwfYrsZ7aT4LRUAAAAIBhBQu4nHYW67Rf460iZj/8LzSiQ9K1t1AzwAZ/vIpfwICQPZi7s7pzBO5D5AkXDPF0CqUEi3j+P+UO9OJXRXIQJDx7LCfuVustcizpnZSF2Dn5KUync9aslsEKVTdHoZeWlN2xie/pDQgDrgT4hyqx9nul3b0GXOLEoliztyJMKA==',
type => 'ssh-dss',
user => 'vajko',
}
ssh_authorized_key{ 'me@kra.localdomain4root':
ensure => 'present',
key => 'AAAAB3NzaC1kc3MAAACBAPJ4JOaoBgHhKgzllkbxWtKRZCnpRmqwuYM6UXL4XGZpwsW8hd7rNspVYR+G1SY0OU5Thd6xXvQ8XVbeInID+/nZSVPbWqisE2G/hPG+GfWzWwbZagL+ZKzR2n4mj53GTOppBBdEXRFw2fyO2oo7yCupUGuh2n9YxFefE8gcz1NvAAAAFQCB4qjFTnjCAko9lKNaVGbBLOOAowAAAIAtCiPkiuRNVUUB6tnINtKRrmF//NygcY1p75LBWqWPgcyteEVz5j3eNeq7qEBEFDJlS87P8jFbbXgKVFq60NzGeK9hV2aVfME4oLIyNFnI4PRRzOSKZEfThe5YW+w0nejfc7isXsOaNNbCnKI4U+ptOZazvgujwfYrsZ7aT4LRUAAAAIBhBQu4nHYW67Rf460iZj/8LzSiQ9K1t1AzwAZ/vIpfwICQPZi7s7pzBO5D5AkXDPF0CqUEi3j+P+UO9OJXRXIQJDx7LCfuVustcizpnZSF2Dn5KUync9aslsEKVTdHoZeWlN2xie/pDQgDrgT4hyqx9nul3b0GXOLEoliztyJMKA==',
type => 'ssh-dss',
user => 'root',
}
User['vajko'] -> Ssh_authorized_key['me@kra.localdomain4vajko']
And last request is just a few packages:
# Packages
package { ['telnet', 'wget', 'tree', 'bash-completion']:
ensure => installed,
}
Rebuild, reinstall and this is what I get:
[root@puppet7 ~]# puppet agent -t
.
.
.
Notice: /Stage[main]/Basic/Host[proxy.somewhere.net]/ensure: created
Notice: /Stage[main]/Basic/Ssh_authorized_key[me@kra.localdomain4root]/ensure: created
Notice: /Stage[main]/Basic/Ssh_authorized_key[me@kra.localdomain4vajko]/ensure: created
Notice: /Stage[main]/Basic/Package[tree]/ensure: created
Notice: /Stage[main]/Basic/Package[bash-completion]/ensure: created
Notice: /Stage[main]/Basic/Package[wget]/ensure: created
Notice: /Stage[main]/Basic/Package[telnet]/ensure: created
Notice: /Stage[main]/Basic/Package[vim-enhanced]/ensure: created
Notice: /Stage[main]/Basic/File[/root/.vim]/ensure: created
Notice: /Stage[main]/Basic/File[/root/.vim/plugin]/ensure: created
Notice: /Stage[main]/Basic/Yumrepo[epel]/ensure: created
Notice: /Stage[main]/Basic/File[vim-config]/content:
.
.
.
Notice: /Stage[main]/Basic/File[vim-config]/content: content changed '{md5}237404196df68fb16a384d904e89f181' to '{md5}2d932152e2a2659805bfda707b909605'
Notice: /Stage[main]/Basic/File[comments-plugin]/ensure: defined content as '{md5}83925d5459bb4e033f2773ee3d4fd85e'
And that's all for today.
No comments:
Post a Comment