Pulling Strings With Puppet - James Turnbull [45]
The node-terminus configuration option is used to configure Puppet for node sources other than the default flat-file manifests. The exec option tells Puppet to use an external node classifier script.
Our classifier scripts can be written in any language, for example, shell script, Ruby, Perl, Python, or a variety of other languages. The only requirement is that the language must be able to output the appropriate YAML data. For example, you could also easily add a database back end to a classifier that queries a database for the relevant hostname and returns the associated classes and any variables.
In Listing 6-2, you can see a very simple node classifier written in shell script.
The script in Listing 6-2 will return the same classes and variables each time it is called regardless of what hostname is passed to the script.
Puppet will use this data to construct a node definition like that you can see in Listing 63.
In Listing 6-3, webserver.testing.com would be replaced with the name of the host passed to the classifier as a variable.
More complex variations of this script could return different results depending on the particular hostname being passed to the classifier, in the same way different nodes would be configured with different classes, definitions, and variables in your manifest files. In Listing 6-4, you can see a more sophisticated node classifier written in Perl.
In Listing 6-4, we've created a Perl node classifier that makes use of the Perl YAML module. The YAML module can be installed via CPAN or your distribution's package management system. For example, on Debian it is the Iibyaml-perl package, or on Fedora it is the perl-YAML package. The classifier slices our hostname into sections; it assumes the input will be a fully qualified domain name and will fail if no hostname or an inappropriately structured hostname is passed. The classifier then uses those sections to classify the nodes and set parameters. If we called this node classifier with the hostname webserver.testing.com, it would return a node classification of
Lastly, as discussed, we could also back-end our node classification script with a database as you can see in Listing 6-5.
The node classifier in Listing 6-5 would connect to a MySQL database called puppet running on the local host. Using the hostname, the script receiving it would query the database and return a list of classes to assign to the node. The nodes and classes would be stored in a table. The next lines comprise a SQL statement to create a very simple table to do this.
The classes, and whatever parameters we set (which you could also place in the database in another table), are then returned and outputted as the required YAML data.
All of these external node classifiers are very simple and could easily be expanded upon to provide more sophisticated functionality. It is important to remember that external nodes override node configuration in your manifest files. If you enable an external node classifier, any node definitions in your manifest files will not be processed and will in fact be ignored by Puppet.
Note • In Puppet versions earlier than 0.23, external node scripts were structured differently. I'm not going to cover these earlier scripts, but you can read about them at http://reductivelabs.com/trac/puppet/wiki/ExternalNodes.
Storing Node Configuration in LDAP
In addition to scripted external classification, Puppet also allows the storage of node information in an LDAP directory. This allows organizations to leverage already existing asset stores that are stored in LDAP directories or to decouple their configuration from Puppet and centralize it. Additionally, it also allows LDAP-enabled applications to have access to your configuration data.
Note - Like external node classification, the use of LDAP nodes overrides node definitions in your manifest files. If you use LDAP node definitions, you cannot