Managing Infrastructure with Puppet - James Loope [7]
Note
The Puppet Master and agent communicate over tcp port 8140. Make sure that any applicable firewall settings allow communication on that port between the two.
* * *
Let’s step through how to set up a node definition and apply a class to it with a central Puppet Master rather than by manually applying the manifest.
First, you’ll need to have both agent and master installed. For simplicity’s sake, these can be on the same system. Then set up a simple /etc/puppet/manifests/site.pp and nodes.pp.
This site.pp includes our nodes.pp and sets up a couple of defaults. The first of these is the filebucket. When Puppet makes some change to the filesystem, such as overwriting a config file with an update, it will make a backup of the original. When we define a filebucket on our Puppet Master server (which we assume to have the hostname puppet.example.com), we can then tell all the file type resource declarations to default their backup to that bucket. The way that I’ve set up that default here is called a metaparameter. When I declare a capitalized file resource with no title, the parameters I specify for it will become the default for that resource type. I’ve also specified a metaparameter default for the path of the exec resource type. Exec is used to execute arbitrary commands from the agent and it is convenient to have a standard default path set to look for executables:
# site.pp
import "nodes"
filebucket { main: server => "puppet.example.com" }
# defaults
File { backup => main }
Exec { path => "/usr/bin:/usr/sbin/:/bin:/sbin" }
In this example, I’ve defined a node explicitly as puppet.example.com and also as a default. The Puppet Master matches nodes based upon their hostnames and will fall back to a default node declaration if a matching node is not found. In this case, either way, the apps::ntp class will be applied to the node:
# nodes.pp
node default {
include apps::ntp
}
node "puppet.example.com" {
include apps::ntp
}
* * *
Modules for Organization
The Puppet structure that stores sets of related classes is called a module. The Puppet Master has an autoloader that expects your classes to be in certain subdirectory structures of the /etc/modules directory. /etc/puppet/modules/mymodule/manifests should contain the init.pp file for your mymodule class and any imports it may have. Files that the class will distribute should live in /etc/puppet/modules/mymodule/files, and ERB templates in /etc/puppet/modules/mymodule/templates.
* * *
Now that we’ve told our Puppet Master how to identify our agent and what to do with it, we need to put the ntp manifest that we created earlier into the apps::ntp class. This way, when the agent runs it will execute our ntp installation just as it did when it was applied with the puppet apply command. We’ll put the class in /etc/puppet/modules/apps/init.pp.
You’ll notice that the source parameter has changed for our ntp.conf file. I’ve defined a string here that points to a place where our Puppet server expects module files to be kept. This puppet:///modules/apps/ntp/ntp.conf location maps to the /etc/puppet/modules/apps/files/ntp/ntp.conf location on our Puppet Master. This allows us to distribute files from the master to the clients without having to jump through any extra hoops, such as setting up nfs. Make sure to copy the ntp.conf file to the proper place on the master before continuing:
# apps/init.pp
class apps::ntp {
package { 'ntp': ensure => '1:4.2.6.p2+dfsg-1ubuntu5' }
file { '/etc/ntp.conf':
mode => '640',
owner => root,
group => root,
source => "puppet:///modules/apps/ntp/ntp.conf",
require => Package[ntp],
}
service { "ntp":
ensure => running,
enable => true,
pattern => 'ntpd',
subscribe => [Package["ntp"], File["/etc/ntp.conf"]],
}
}
With our node defined and importing the ntp class that we’ve written, we can now test out the agent. On the Puppet agent node, run sudo puppetd --test --noop --server puppet.example.com. This will tell the agent to run without daemonizing into the background (--test)