Begin

In a text editor — vimemacs, or nano — create a file with the following contents and filename: written and applied your first Puppet manifest.

[root@yum01 ~]# useradd testuser
[root@yum01 ~]# cat /etc/passwd |grep test
testuser:x:536:536::/home/testuser:/bin/bash
[root@yum01 ~]# pwd
/root
[root@yum01 ~]# vim user-absent.pp
[root@yum01 ~]# cat user-absent.pp
user {'testuser':
ensure => absent,
}
[root@yum01 ~]# puppet apply /root/user-absent.pp
Notice: Compiled catalog for yum01.test.com in environment production in 7.99 seconds
Notice: /Stage[main]/Main/User[testuser]/ensure: removed
Notice: Finished catalog run in 4.34 seconds
[root@yum01 ~]# puppet apply /root/user-absent.pp
Notice: Compiled catalog for yum01.test.com in environment production in 0.27 seconds
Notice: Finished catalog run in 0.03 seconds
[root@yum01 ~]# cat /etc/passwd |grep test

Manifests

Puppet programs are called “manifests,” and they use the .pp file extension.

The core of the Puppet language is the resource declaration. A resource declaration describes a desired state for one resource.

Puppet Apply

Like resource in the last chapter, apply is a Puppet subcommand. It takes the name of a manifest file as its argument, and enforces the desired state described in the manifest.

We’ll use it below to test small manifests, but it can be used for larger jobs too. In fact, it can do nearly everything an agent/master Puppet environment can do.

Resource Declarations

Let’s start by looking at a single resource:

[root@yum01 ~]# ls -l /tmp/ |grep test
[root@yum01 ~]# vim file-1.pp
[root@yum01 ~]# cat file-1.pp
file {'testfile':
path => '/tmp/testfile',
ensure => present,
mode => 0640,
content => "i am a test file",
}

  • The type (file, in this case)
  • An opening curly brace ({)
    • The title (testfile)
    • A colon (:)
    • A set of attribute => value pairs, with a comma after each pair (path => '/tmp/testfile', etc.)
  • A closing curly brace (})

[root@yum01 ~]# pwd
/root
[root@yum01 ~]# puppet apply /root/file-1.pp
Notice: Compiled catalog for yum01.test.com in environment production in 0.18 seconds
Notice: /Stage[main]/Main/File[testfile]/ensure: created
Notice: Finished catalog run in 0.32 seconds
[root@yum01 ~]# ls -l /tmp/ |grep test
-rw-r----- 1 root root 16 Nov 6 06:50 testfile
[root@yum01 ~]# cat /tmp/testfile
i am a test file

Puppet noticed that the file didn’t exist, and created it. It set the desired content and mode at the same time.

If we try changing the mode and applying the manifest again, Puppet will fix it:

[root@yum01 ~]# chmod 666 /tmp/testfile
[root@yum01 ~]# ls -l /tmp/ |grep test
-rw-rw-rw- 1 root root 16 Nov 6 06:50 testfile
[root@yum01 ~]# puppet apply /root/file-1.pp
Notice: Compiled catalog for yum01.test.com in environment production in 0.22 seconds
Notice: /Stage[main]/Main/File[testfile]/mode: mode changed '0666' to '0640'
Notice: Finished catalog run in 0.27 seconds
[root@yum01 ~]# ls -l /tmp/ |grep test
-rw-r----- 1 root root 16 Nov 6 06:50 testfile

Once More, With Feeling!

Now that you know resource declarations, let’s play with the file type some more. We’ll:

  • Put multiple resources of different types in the same manifest
  • Use new values for the ensure attribute
  • Find an attribute with a special relationship to the resource title
  • See what happens when we leave off certain attributes
  • See some automatic permission adjustments on directories

[root@yum01 ~]# vim file-2.pp
[root@yum01 ~]# cat file-2.pp
file {'/tmp/test1':
ensure => file,
content => "hi.\n",
}

file {'/tmp/test2':
ensure => directory,
mode => 0644,
}

file {'/tmp/test3':
ensure => link,
target => '/tmp/test1',
}

notify {" iam nofitying you":}
notify {"so am i" :}

[root@yum01 ~]# puppet apply /root/file-2.pp
Notice: Compiled catalog for yum01.test.com in environment production in 0.18 seconds
Notice: /Stage[main]/Main/File[/tmp/test1]/ensure: defined content as '{md5}4e9141e3aa25c784aa6bc0b2892c12d9'
Notice: /Stage[main]/Main/File[/tmp/test3]/ensure: created
Notice: /Stage[main]/Main/File[/tmp/test2]/ensure: created
Notice: iam nofitying you
Notice: /Stage[main]/Main/Notify[ iam nofitying you]/message: defined 'message' as ' iam nofitying you'
Notice: so am i
Notice: /Stage[main]/Main/Notify[so am i]/message: defined 'message' as 'so am i'
Notice: Finished catalog run in 0.14 seconds

New Ensure Values, Different States

The ensure attribute is somewhat special. It’s available on most (but not all) resource types, and it controls whether the resource exists, with the definition of “exists” being somewhat local.

With files, there are several ways to exist:

  • As a normal file (ensure => file)
  • As a directory (ensure => directory)
  • As a symlink (ensure => link)
  • As any of the above (ensure => present)
  • As nothing (ensure => absent).

Titles and Namevars

Notice how our original file resource had a path attribute, but our next three left it out?

Almost every resource type has one attribute whose value defaults to the resource’s title. For the file resource, that’s path. Most of the time (usergrouppackage…), it’sname.

The Site Manifest and Puppet Agen

We’ve seen how to use puppet apply to directly apply manifests on one system. The puppet master/agent services work very similarly, but with a few key differences:

Puppet apply:

  • A user executes a command, triggering a Puppet run.
  • Puppet apply reads the manifest passed to it, compiles it into a catalog, and applies the catalog.

Puppet agent/master:

  • Puppet agent runs as a service, and triggers a Puppet run about every half hour (configurable).
  • Puppet agent does not have access to any manifests; instead, it requests a pre-compiled catalog from a puppet master server.
  • The puppet master always reads one special manifest, called the “site manifest” or site.pp. It uses this to compile a catalog, which it sends back to the agent. ----site.pp
  • After getting the catalog, the agent applies it.

This way, you can have many machines being configured by Puppet, while only maintaining your manifests on one (or a few) servers. This also gives some extra security, as described above under “Compilation.”

Exercise: Use Puppet Agent/Master to Apply the Same Configuration

To see how the same manifest code works in puppet agent:

[root@centos manifests]# pwd
/etc/puppet/manifests
[root@centos manifests]# vim file.pp
[root@centos manifests]# cat file.pp
file {'/tmp/test11111111':
ensure => file,
content => "hi. this is a test 111111 file \n",
}
[root@centos manifests]# vim site.pp
[root@centos manifests]# cat site.pp
import 'file.pp'

[root@yum01 ~]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for yum01.test.com
Info: Applying configuration version '1415262208'
Notice: /Stage[main]/Main/File[/tmp/test11111111]/ensure: defined content as '{md5}cb94281a2c8ccc1c3a64aa2c0e04721e'
Notice: Finished catalog run in 0.14 seconds
[root@yum01 ~]# cat /tmp/test11111111
hi. this is a test 111111 file

refer: https://docs.puppetlabs.com/learning/manifests.html

Learning Puppet — Manifests的更多相关文章

  1. Learning Puppet — Resource Ordering

    Learning Puppet — Resource Ordering Learn about dependencies and refresh events, manage the relation ...

  2. Learning Puppet — Resources and the RAL

    Learning Puppet — Resources and the RAL Welcome to Learning Puppet! This series covers the basics of ...

  3. Learning Puppet — Variables, Conditionals, and Facts

    Begin $my_variable = "A bunch of text" notify {$my_variable:} Yup, that’s a variable, all ...

  4. windows puppet manifests 文件维护

    初级 puppet windows agent实现简单的msi格式安装包安装及bat文件创建;

  5. Puppet自动化运维-资源介绍篇(4)

    1.什么是资源? 资源是Puppet最基础的元素,每个资源的定义都具有标题,类型,以及一系列的属性. 资源定义有如下的特性:   (1) Puppet使用title在编译时区分每个资源,使用命名变量在 ...

  6. [翻译]用 Puppet 搭建易管理的服务器基础架构(4)

    我通过伯乐在线翻译了一个Puppet简明教程,一共分为四部分,这是第四部分. 原文地址:http://blog.jobbole.com/89214/ 本文由 伯乐在线 - Wing 翻译,黄利民 校稿 ...

  7. [翻译]用 Puppet 搭建易管理的服务器基础架构(3)

    我通过伯乐在线翻译了一个Puppet简明教程,一共分为四部分,这是第三部分. 本文由 伯乐在线 - Wing 翻译,黄利民 校稿.未经许可,禁止转载!英文出处:Manuel Kiessling.欢迎加 ...

  8. [翻译]用 Puppet 搭建易管理的服务器基础架构(2)

    我通过伯乐在线翻译了一个Puppet简明教程,一共分为四部分,这是第二部分. 原文地址:http://blog.jobbole.com/87680/ 本文由 伯乐在线 - Wing 翻译,黄利民 校稿 ...

  9. Puppet安装及部署

    本篇博客主要介绍Puppet的安装部署,后续会更新其他相关内容 一.简介 二.环境介绍 三.安装Puppet 四.配置Puppet-dashboard 五.配置Puppet Kick 一.简介 Pup ...

随机推荐

  1. Bash Shell字符串操作小结

    装载自:http://my.oschina.net/aiguozhe/blog/41557 1. 取长度 str="abcd" expr length $str # 4 echo ...

  2. 设置mysql远程连接root权限

    在远程连接mysql的时候应该都碰到过,root用户无法远程连接mysql,只可以本地连,对外拒绝连接.需要建立一个允许远程登录的数据库帐户,这样才可以进行在远程操作数据库.方法如下:默认情况下MYS ...

  3. Git常用命令总结(超实用)

    导读 Git是一款免费.开源的分布式版本控制系统,用于敏捷高效地处理任何或小或大的项目.一般来说,日常使用Git只要记住下图6个命令,就可以了.但是熟练使用,恐怕要记住60-100个命令. 下面是我整 ...

  4. 无密码通过ssh执行rsync

    默认情况下,在执行rsync命令时通常需要我们输入密码.但有时我们并不希望如此,那么如何实现无密码执行rsync呢? 1. 测试通过ssh可以执行rsync(需要密码) 执行rsync,确保你帐户的密 ...

  5. 70. Climbing Stairs

    You are climbing a stair case. It takes n steps to reach to the top. Each time you can either climb ...

  6. jni数据传递——会不断的更新,测试没有问题,再整理进来。

    工作中遇到了ndk编程,其实核心就是java和本地的数据交互.现把所有数据类型的传递写成demo. 1,ini数组传递  我们实现传递8个数值过去,然后本地将八个数值放到数组,返回. java代码: ...

  7. Codeforces Round #111 (Div. 2)

    Codeforces Round #111 (Div. 2) C. Find Pair 题意 给\(N(N \le 10^5)\)个数,在所有\(N^2\)对数中求第\(K(K \le N^2)\)对 ...

  8. CDH hive的安装

    tar zxvf 解压包 配置环境变量 export HIVE_HOME=/usr/local/soft/hiveexport PATH=$PATH:$JAVA_HOME/bin:$HADOOP_HO ...

  9. scala言语基础学习七

    一.将函数赋值给变量 二.匿名函数 三.高阶函数 高阶函数好像调用不打印是看不到赋值 和普通函数区别 高阶函数的类型推断 reduce操作 相当于1*2*3*4*5*6*7*8*9 def getNa ...

  10. HDU-3586 Information Disturbing(树形DP+删边)

    题目大意:一棵有n个节点的有根树,1为根节点,边带权,表示删掉这条边的代价.现在要删掉一些边,使叶子节点不能到达根节点.但是,每次删除的边的代价不能超过limit,删掉的边的总代价不能超过m,求最小的 ...