13
+ Puppet Modules 101 A brief introduction to writing puppet modules

A Brief Introduction to Writing and Understanding Puppet Modules

Embed Size (px)

DESCRIPTION

A brief introduction to writing puppet modules using the venerable open-ssh server as an example.

Citation preview

Page 1: A Brief Introduction to Writing and Understanding Puppet Modules

+

Puppet Modules 101

A brief introduction to writing puppet modules

Page 2: A Brief Introduction to Writing and Understanding Puppet Modules

+What is a puppet module?

“Modules are self-contained bundles of code and data” –puppetlabs.com

Similar idea to an rpm, gem or war/ear file.

They have a defined structure that organizes code, configuration and data.

Page 3: A Brief Introduction to Writing and Understanding Puppet Modules

+What can a module do?

A typical module will do the following basic tasks Install a package Manage the configuration of that package Manage the service responsible for starting/stopping the

installed package.

Anything else? Yes, since ruby is the underlying language puppet can do

just about anything you can program ruby to do.

Page 4: A Brief Introduction to Writing and Understanding Puppet Modules

+The module structure

Mymodule/ manifests/ files/ templates/ lib/ tests/ spec/

# puppet code is stored here # static configuration files # dynamic configuration files # plugins, extensions, facts, providers etc. # simple manifest manually to test the module # automated tests

Page 5: A Brief Introduction to Writing and Understanding Puppet Modules

+Package File Service Pattern

PuppetLabs recommends following the Package File Service pattern.

# /etc/puppet/modules/mymodule/manifests/init.pp

class mymodule {

package { ‘my-package’: ensure => ‘installed’, }

file {‘my-file’: source => “puppet:///modules/mymodule/myfile”, require => Package[‘my-package’], }

service { ‘my-service’: ensure => ‘running’, enable => true, subscribe => File[‘my-file’] }

}

Page 6: A Brief Introduction to Writing and Understanding Puppet Modules

+A real world module

Installing open-ssh

# /etc/puppet/modules/ssh/manifests/init.pp

class ssh{

package { ‘ssh-server’: ensure => ‘installed’, }

file {‘/etc/ssh/sshd_config’: source => “puppet:///modules/ssh/sshd_config”, require => Package[‘ssh-server’], }

service { ‘ssh’: ensure => ‘running’, enable => true, subscribe => File[‘/etc/ssh/sshd_config’] }

}

Page 7: A Brief Introduction to Writing and Understanding Puppet Modules

+Example sshd_config file

# /etc/puppet/modules/ssh/files/sshd_config

Port 22Protocol 2

#LoggingSyslogFacility Local0LogLevel Error

#AuthenticationLoginGraceTime 120PermitRootLogin noStrictModes yes

#...

Page 8: A Brief Introduction to Writing and Understanding Puppet Modules

+Module Portability

All the sshd_config values are hardcoded in the modules/ssh/files/sshd_config file.

What if we want to change the port that ssh is running on from 22 to 8022?

We should have to change the module in order to change configuration items

Page 9: A Brief Introduction to Writing and Understanding Puppet Modules

+Introducting Templates

A template allows you to create the base configuration file and populate the variable parts automatically.

No different than other templating languages like velocity or freemarker.

Increases portability of the module and can allow configuration on a node by node basis

Page 10: A Brief Introduction to Writing and Understanding Puppet Modules

+Example Template

# /etc/puppet/modules/ssh/templates/sshd_config.erb

Port <%= @ssh_port %>Protocol 2

#LoggingSyslogFacility Local0LogLevel <%= @ssh_loglevel %>

#AuthenticationLoginGraceTime 120PermitRootLogin <%= @ssh_permitrootlogin %>StrictModes yes

#...

Page 11: A Brief Introduction to Writing and Understanding Puppet Modules

+Updated SSH Module

# /etc/puppet/modules/ssh/manifests/init.pp

class ssh ( $ssh_port = 22, $ssh_loglevel = ‘INFO’, $ssh_permitrootlogin = ‘no’,

) {# … package definition here

file {‘/etc/ssh/sshd_config’: content=> template(“ssh/sshd_config.erb”, require => Package[‘ssh-server’], }

# … service definition here

}

Page 12: A Brief Introduction to Writing and Understanding Puppet Modules

+Using the new class

# /etc/puppet/manifests/node.pp

Node ’mynode.mydomain.com' inherits 'default_uc' {

class {'ssh': ssh_permitrootlogin => 'yes’, }

}

Page 13: A Brief Introduction to Writing and Understanding Puppet Modules

+Live Demo