1、Puppet: 集中式的配置管理工具,通过自有配置语言对节点目标状态定义,并能够基于网络实现目标状态的维护。
master: 中心配置库
agent: 读取并应用配置的节点
定义目标状态的核心组件:资源
puppet 作者Luke Kanies(作者), Puppet Labs(公司)
Openstack: 云栈
twitter,Citrix
管理目标:
manifest: 清单
用于定义并保存资源,是一个资源组织工具
清单还可以互相调用:
import: 导入
puppet的管理视角:
模块: mode1,mode2
节点: node node1 {
}
类:
层次型组织组件的一种方式
类:继承
调用类的方式之一:
include
模板配置语言:
ruby:
nginx配置文件模板
work_processes <%= @processcount %>;
facter
配置语言:
变量(自定义变量、puppet内置变量、facter变量)、条件语句、正则表达式
版本管理系统: cvs --> svn --> git
gem,source,epel源
下载:
核心资源:
notify,package,user,group,file,exec,cron,service
package:
puppet安装方式:
yum,rpm,apt,ports,gem,msi,dpkg,pkg
package的常用参数:
ensure:程序包的目标状态:
name:资源的名称,即软件包的名字:
provider:软件包管理器
source:指定程序包文件路径
install_options:安装选项,最常用的是通过INSTALLDIR来指定安装目录
例如:
windows下安装mysql
package {'mysql':
ensure => installed,
provider => 'msi',
source =>'D:\software\mysql-5.5.36.msi',
install_options => { 'INSTALLDIR' => 'C:\mysql' },
}
service:
常用参数:
ensure:服务的目标状态,true和false;
enable:是否开机,true和false;
file:
管理文件、目录、符号链接:
生成文件内容
管理文件权限、属性
通过source属性到指定位置下载文件
通过recurse属性来获取目录
重用属性:
ensure:目标状态,present,absent,file,directory
backup:通过filebucket资源来备份文件:值通常为filebucket资源的名称;
ctime:
mtime:
content:文件内容:生成方式有三种(content,source,target),彼此互斥;
source:通过指定的url下载文件至本地:获取方式通常为puppet url,
格式:puppet://modules//MODULE_NAME/file_names;
target:为符号链接指定目标;
links:文件为符号链接;{follow|manage}
path:文件路径,必须使用双引号;
mode:定义权限;
owner:属主
group:属组
force:强制执行删除文件、链接或目录:仅用于ensure为absent时;
purge:清空指定目录中存在的,但未在资源中定义的文件;
recurse:目录递归,值true,false,inf,remote
replace:替换:本地存在的文件与资源中指定的文件内容不同时是否执行替换, 默认为否;
exec:
执行命令,通常在不得不用时使用,通常用于完成puppet自身无法完成的功能;
重用属性:
command:要执行的命令,通常为命令文件的完整路径;
path:命令搜索路径;
group:以谁为属组执行
user:
onlyif:0,表示仅在命令的状态返回值为0时才执行此命令;
refresh:接收到其它资源的通知时,如何重新执行此命令;
refreshonly:仅当被依赖的资源发生改变时才被触发;
tries:尝试的次数,默认为1;
try_sleep:多次尝试之间的时间间隔;
puppet资源:
资源申报的语法
type {'title' :
attribute => value,
}
file {'/tmp/a.txt': ensure => present}
puppet describe -l
puppet describe TYPE
package,file,service,exec
元参数:用于定义资源间的依赖关系,及应用次序:通知机制:
特殊属性:
require:
package {'nginx':
ensure => present,
before => Service['nginx'],
}
service {'nginx':
ensure => true,
enable => true,
require => Package['nginx'],
}
before
资源申报:8种常用类型
资源的特殊属性:
变量及数据类型
正则表达式
表达式
条件语句
nginx,tomcat,mysql
清单:manifest
*.pp
导入:import
node1.pp
import nginx.pp
import tomcat.pp
import mysql.pp
node2.pp
import nginx.pp
import tomcat.pp
nginx.pp
tomcat.pp
mysql.pp
nginx服务:
nginx.pp
依赖于外部资源:文件、模板文件(生成适用于目标节点的文件)
把实现某种功能组织成一个独立的,自我包含的目录结构:模块
模块:目录结构,目录名称即为模块名
/tmp/modules/
nginx/
/
files/ : 文件存储目录
manifests/ :清单存储目录
templates/ : 模板存储目录
lib/ : ruby插件存储目录,用于实现一些自定义的功能
一个示例:
/tmp/modules/
nginx/
/
files/ : 文件存储目录
nginx.conf
manifests/ : 清单存储目录
init.pp
必须包含且只能包含一个与模块同名的类
nginx.pp
每个清单文件通常只包含一个类
...
templates/ : 模板存储目录
*.erb
puppet类:为了通用目标或目的在一起的一个或多个资源:
只有被调用才会被执行,调用称作:声明一个类
include CLASS_NAME
单机版puppet
一、安装puppet
1、先安装ruby
[root@localhost ~]# yum install -y ruby
2、配置yum源
下载CentOS6.5的puppet源的包
[root@localhost ~]# wget 6.5/products/x86_64/puppetlabs-release-6-5.noarch.rpm
[root@localhost ~]# rpm -ivh puppetlabs-release-6-5.noarch.rpm
warning: puppetlabs-release-6-5.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Preparing... ########################################### [100%]
1:puppetlabs-release ########################################### [100%]
3、安装puppet
[root@localhost yum.repos.d]# yum install puppet
二、使用puppet
1、定义一个资源
[root@localhost ~]# vim test.pp
notify {'notice':
message => 'welcome to puppet.',
}
2、执行该资源
[root@localhost ~]# puppet apply test.pp
Notice: Compiled catalog for localhost in environment production in 0.10 seconds
Notice: welcome to puppet.
Notice: /Stage[main]/Main/Notify[notice]/message: defined 'message' as 'welcome to puppet.'
Notice: Finished catalog run in 0.04 seconds
3、显示的更详细些
[root@localhost ~]# puppet apply test.pp -v
Notice: Compiled catalog for localhost in environment production in 0.11 seconds
Info: Applying configuration version '1489184122'
Notice: welcome to puppet.
Notice: /Stage[main]/Main/Notify[notice]/message: defined 'message' as 'welcome to puppet.'
Notice: Finished catalog run in 0.21 seconds
4、定义安装nginx的资源包
vim nginx.pp
package {'nginx':
ensure => present,
name => nginx,
}
5、应用nginx资源
[root@localhost ~]# puppet apply nginx.pp
Notice: Compiled catalog for localhost in environment production in 1.08 seconds
Notice: /Stage[main]/Main/Package[nginx]/ensure: created
Notice: Finished catalog run in 67.28 seconds
6、查看nginx
[root@localhost ~]# rpm -q nginx
nginx-1.10.2-1.el6.x86_64
7、把nginx加为服务并开机自启
vim nginx.pp
package {'nginx':
ensure => present,
name => nginx,
}
service {'nginx':
ensure => true,
name => nginx,
enable => true,
}
8、应用服务
[root@localhost ~]# puppet apply nginx.pp
Notice: Compiled catalog for localhost in environment production in 0.75 seconds
Notice: /Stage[main]/Main/Service[nginx]/ensure: ensure changed 'stopped' to 'running'
Notice: Finished catalog run in 1.25 seconds
9、查看nginx状态
[root@localhost ~]# chkconfig --list nginx
nginx 0:关闭 1:关闭 2:启用 3:启用 4:启用 5:启用 6:关闭
[root@localhost ~]# service nginx status
nginx (pid 4050) 正在运行...
10、定义创建文件test2.pp
vim test2.pp
file {'/tmp/hello.txt':
ensure => present,
content => 'Hello puppet.',
}
11、应用test2.pp
[root@localhost ~]# puppet apply test2.pp
Notice: Compiled catalog for localhost in environment production in 0.25 seconds
Notice: /Stage[main]/Main/File[/tmp/hello.txt]/ensure: created
Notice: Finished catalog run in 0.15 seconds
12、查看创建的文件
[root@localhost tmp]# ls
hello.txt yum.log
[root@localhost tmp]# cat hello.txt
Hello puppet.
13、创建个/etc/fstab的软链接文件
[root@localhost ~]# vim test2.pp
file {'/tmp/hello.txt':
ensure => present,
content => 'Hello puppet.',
}
file {'fstab.symbolic':
ensure => present,
target => "/etc/fstab",
path => "/tmp/fstab.symbolic",
links => follow,
}
14、应用test2.pp
[root@localhost ~]# puppet apply test2.pp
Notice: Compiled catalog for localhost in environment production in 0.29 seconds
Notice: /Stage[main]/Main/File[fstab.symbolic]/ensure: created
Notice: Finished catalog run in 0.04 seconds
15、查看效果
[root@localhost tmp]# ll
总用量 4
lrwxrwxrwx. 1 root root 10 3月 11 15:06 fstab.symbolic -> /etc/fstab
-rw-r--r--. 1 root root 13 3月 11 07:31 hello.txt
-rw-------. 1 root root 0 3月 10 06:50 yum.log
16、使用exec命令创建个test3.pp的资源
vim test3.pp
exec {'echo command':
command => 'mktemp /tmp/tmp.XXXXXX',
path => '/bin:/sbin:/usr/bin:/usr/sbin',
}
17、执行test3.pp资源
[root@localhost ~]# puppet apply test3.pp
Notice: Compiled catalog for localhost in environment production in 0.18 seconds
Notice: /Stage[main]/Main/Exec[echo command]/returns: executed successfully
Notice: Finished catalog run in 0.11 seconds
18、查看资源执行情况
[root@localhost tmp]# ls
fstab.symbolic hello.txt tmp.nGdvnM yum.log
19、定义一个资源test4.pp,该资源后面执行的命令,依赖于前面定义的文件
file {'/tmp/test4.txt':
ensure => file,
content => "hello puppet.",
}
exec {'monitor':
command => 'echo "/tmp/test4.txt changed." >> /tmp/monitor.txt',
subscribe => File['/tmp/test4.txt'],
path => '/bin:/sbin:/usr/bin:/usr/sbin'
}
20、执行test4.pp资源
[root@localhost ~]# puppet apply test4.pp -v
Notice: Compiled catalog for localhost in environment production in 0.26 seconds
Info: Applying configuration version '1489219513'
Notice: /Stage[main]/Main/File[/tmp/test4.txt]/ensure: defined content as '{md5}3e7be698f4ae92a7fc1fdea0073ae41a'
Info: /Stage[main]/Main/File[/tmp/test4.txt]: Scheduling refresh of Exec[monitor]
Notice: /Stage[main]/Main/Exec[monitor]/returns: executed successfully
Notice: /Stage[main]/Main/Exec[monitor]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.21 seconds
21、查看资源的执行情况,看到/tmp/tetst4.txt被执行了两次
[root@localhost tmp]# cat monitor.txt
/tmp/test4.txt changed.
/tmp/test4.txt changed.
使用条件语句:
if 语句
22、定义一个条件语句资源用于判断系统的类型test9.pp
if $operatingsystem =~ /^(?i-mx:(centos|redhat|fedora))/ {
notice("Welcome to $1 linux.")
}
23、执行 test9.pp,查看到已判断出该机器的系统
[root@localhost ~]# puppet apply test9.pp
Notice: Scope(Class[main]): Welcome to CentOS linux.
Notice: Compiled catalog for localhost in environment production in 0.12 seconds
Notice: Finished catalog run in 0.04 seconds
24、使用另一种条件语句来测试系统的类别,编辑一个test10.pp的文件
vim test10.sh
if $operatingsystem == 'CentOS' {
notify {'centos': message => "Welcome to CentOS linux.",}
} elsif $operatingsystem == 'RedHat' {
notify {'redhat': message => "Welcome to RedHat linux.",}
} elsif $operatingsystem == 'Fedora' {
notify {'fedora': message => "Welcom to Fedora linux.",}
} else {
notify {'unkown': message => "Unknown Operating System.",}
}
25、应用该test10.pp
[root@localhost ~]# puppet apply test10.pp
Notice: Compiled catalog for localhost in environment production in 0.29 seconds
Notice: Welcome to CentOS linux.
Notice: /Stage[main]/Main/Notify[centos]/message: defined 'message' as 'Welcome to CentOS linux.'
Notice: Finished catalog run in 0.04 seconds
select语句:
26、创建一个test11.pp资源
vim test11.pp
$webserver = $operatingsystem ? {
/^(?i-mx:centos|fedora|redhat)/ => 'httpd',
/^(?i-mx:ubuntu|debian)/ => 'apache2',
}
$webprovider = $operatingsystem ? {
/^(?i-mx:centos|fedora|redhat)/ => 'yum',
/^(?i-mx:ubuntu|debian)/ => 'apt',
}
package {"$webserver":
ensure => present,
provider => $webprovider,
}
27、应用此test11.pp
puppet apply test11.pp
[root@localhost ~]# puppet apply test11.pp
Notice: Compiled catalog for localhost in environment production in 0.76 seconds
Notice: /Stage[main]/Main/Package[httpd]/ensure: created
Notice: Finished catalog run in 59.90 seconds
[root@localhost ~]# rpm -qa|grep httpd
httpd-tools-2.2.15-56.el6.centos.3.x86_64
httpd-2.2.15-56.el6.centos.3.x86_64
case语句:
28、使用case的语句重新安装httpd
1)、移除httpd
yum remove httpd
2)、编辑test12.pp,定义安装httpd的case语句
vim test12.pp
case $operatingsystem {
/^(?i-mx:redhat|centos|fedora)/: { package {'httpd': enusre => present,provider => yum, } }
/^(?i-mx:ubuntu|debian)/: { package {'apache2': ensure => present,provider => apt, } }
default: {notify {'notice' : message => "unknown system.",} }
}
3)、应用此test12.pp
[root@localhost ~]# puppet apply test12.pp
Notice: Compiled catalog for localhost in environment production in 0.53 seconds
Notice: /Stage[main]/Main/Package[httpd]/ensure: created
Notice: Finished catalog run in 10.53 seconds
4)、查看语句应用后的效果,又重新装上了httpd
[root@localhost ~]# rpm -q httpd
httpd-2.2.15-56.el6.centos.3.x86_64
类调用
29、使用类的方法,重新安装nginx
1)、停用服务、查看进程和删除nginx
[root@localhost ~]# service nginx stop
停止 nginx: [确定]
[root@localhost ~]# ps -ef|grep nginx
root 3162 1659 0 18:29 pts/0 00:00:00 grep nginx
[root@localhost ~]# yum remove nginx
[root@localhost ~]# rpm -q nginx
package nginx is not installed
2)、编辑test13.pp,定义安装nginx的类调用语句
vim test13.pp
class nginx {
package {'nginx':
ensure => present,
}
service {'nginx':
ensure => true,
require => Package['nginx'],
}
}
include nginx
3)、应用该类test13.pp
[root@localhost ~]# puppet apply test13.pp
Notice: Compiled catalog for localhost in environment production in 0.70 seconds
Notice: /Stage[main]/Nginx/Package[nginx]/ensure: created
Notice: /Stage[main]/Nginx/Service[nginx]/ensure: ensure changed 'stopped' to 'running'
Notice: Finished catalog run in 16.93 seconds
4)、查看nginx包的安装情况,可以看到nginx已安装并在运行
[root@localhost ~]# ps -ef|grep nginx
root 3430 1 0 18:39 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 3431 3430 0 18:39 ? 00:00:00 nginx: worker process
nginx 3433 3430 0 18:39 ? 00:00:00 nginx: worker process
root 3436 1659 0 18:39 pts/0 00:00:00 grep nginx
[root@localhost ~]# rpm -q nginx
nginx-1.10.2-1.el6.x86_64
30、使用另一种类的方法,class关键字的方法重新安装nginx
1)、先删除nginx
[root@localhost ~]# service nginx stop
停止 nginx: [确定]
[root@localhost ~]# yum remove nginx
[root@localhost ~]# rpm -q nginx
package nginx is not installed
2)、重新编辑test.pp,nginx使用class关键字声明的方式
vim test13.pp
class nginx {
package {'nginx':
ensure => present,
}
service {'nginx':
ensure => true,
require => Package['nginx'],
}
}
class {'nginx' :}
3)、应用此test13.pp
[root@localhost ~]# puppet apply test13.pp
Notice: Compiled catalog for localhost in environment production in 0.81 seconds
Notice: /Stage[main]/Nginx/Package[nginx]/ensure: created
Notice: /Stage[main]/Nginx/Service[nginx]/ensure: ensure changed 'stopped' to 'running'
Notice: Finished catalog run in 20.00 seconds
4)、查看到nginx已经安装并正在运行
[root@localhost ~]# service nginx status
nginx (pid 3842) 正在运行...
[root@localhost ~]# rpm -q nginx
nginx-1.10.2-1.el6.x86_64
31、使用带参数类的方法安装httpd
1)、编辑test14.pp,定义带参数的类
$webserver = $operatingsystem ? {
/^(?i-mx:redhat|centos|fedora)/ => 'httpd',
/^(?i-mx:ubuntu|debian)/ => 'apache2',
}
class httpd ($pkgname = 'apache2') {
package {"$pkgname":
ensure => present,
}
service {"$pkgname":
ensure => true,
require => Package["$pkgname"],
}
}
class {'httpd':
pkgname => $webserver,
}
2)、确保httpd没装并且80端口每被占用
[root@localhost ~]# rpm -q httpd
package httpd is not installed
[root@localhost ~]# netstat -tunlp|grep 80
3)、应用test14.pp
[root@localhost ~]# puppet apply test14.pp
Notice: Compiled catalog for localhost in environment production in 0.64 seconds
Notice: /Stage[main]/Httpd/Package[httpd]/ensure: created
Notice: /Stage[main]/Httpd/Service[httpd]/ensure: ensure changed 'stopped' to 'running'
Notice: Finished catalog run in 18.17 seconds
4)、查看http安装情况,从下面看httpd已经安装
[root@localhost ~]# service httpd status
httpd (pid 4208) 正在运行...
[root@localhost ~]# rpm -q httpd
httpd-2.2.15-56.el6.centos.3.x86_64
阅读(1327) | 评论(0) | 转发(0) |
