Puppet

Puppet Labs
Puppet Labs - https://puppetlabs.com

Puppet Labs: IT Automation Software for System Administrators

Open Source
Download: https://puppet.com/download-open-source-puppet

Note: Have to answer a few questions.

Usage
Show agent disable status: (only exists if disabled) cat `puppet agent --configprint agent_disabled_lockfile`

Disable: puppet agent --disable puppet agent --disable "some message" -v # set disable status message

Enable: puppet agent --enable

See monitor files: puppet agent -t --noop

Validation
Validate manifests: puppet parser validate *.pp

Note: This only validates structure, not content and doesn't follow through includes!

puppet-lint - https://github.com/rodjek/puppet-lint # or apt-get install puppet-lint

Test Manifest
Test manifiest: puppet apply --modulepath=/root/puppet-modules/ my_module/manifests/init.pp puppet apply --modulepath=/root/puppet-modules/  my_module/tests/init.pp

Test manifest: puppet apply -e 'include app_test::test'

or for a dry run puppet apply -e 'include app_test::test' --noop

Create a file modules/[module_name]/tests/init.pp: include app_test

Test your class then with: puppet apply tests/init.pp

src: http://stackoverflow.com/questions/13143929/puppet-2-7-calling-puppet-apply-init-pp-does-nothing-why

Show Puppet Managed Files
While it's possible to search through the clients catalog and state.yaml files for each file you want to check the simplest way is to download and run puppet-ls from github.

# show all the puppet managed files in a directory $ puppet-ls /etc/mcollective /etc/mcollective/facts.yaml /etc/mcollective/server.cfg

# show all the puppet managed files in /etc and any of its subdirectories $ puppet-ls -r /etc/

# show all unmanaged files in /etc/nagios and any subdirectories $ puppet-ls -r -i /etc/nagios/

puppet-ls - https://github.com/dalen/puppetls

Install: cd /etc/puppet/modules/ git clone https://github.com/dalen/puppetls.git puppet ls

help: Puppet Face to list files

=
============

This face adds a ls command to Puppet to list files managed by Puppet.

Usage -

$ puppet ls /etc

...lists file resources in /etc

$ puppet ls /etc -r

...lists file resources under /etc

$ puppet ls

...lists file resources in current directory

reference: https://www.puppetcookbook.com/posts/list-puppet-managed-files.html

Puppet Cookbook
Puppet CookBook - https://www.puppetcookbook.com/
 * A collection of task oriented solutions in Puppet

Installing Agent
https://docs.puppet.com/pe/latest/install_agents.html

Linux Agent
Installing Puppet agent: Linux — Documentation — Puppet - https://docs.puppet.com/puppet/latest/install_linux.html

apt-get install puppet

#or

wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb sudo dpkg -i puppetlabs-release-trusty.deb apt-get update apt-get install puppet
 * 1) for Ubuntu 14

sudo rpm -Uvh https://yum.puppet.com/puppet5/puppet5-release-el-7.noarch.rpm yum install puppet
 * 1) for CentOS 7
 * 1) /etc/puppetlabs/puppet/puppet.conf

service puppet start

Config: /etc/puppet/puppet.conf

Add to [main] section: [main] server=puppetmaster.oeey.com

Windows Agent
Installing Puppet agent: Microsoft Windows — Documentation — Puppet - https://docs.puppet.com/puppet/latest/install_windows.html

https://downloads.puppetlabs.com/windows/

https://downloads.puppetlabs.com/windows/puppet-agent-x64-latest.msi

Config: C:\ProgramData\PuppetLabs\puppet\etc\puppet.conf

ssl: C:\Users\sandisk\.puppetlabs\etc\puppet\ssl

[main] server=puppetmaster.oeey.com autoflush=true environment=production

Agent Usage
/etc/puppet/puppet.conf [agent] server = puppetmaster.oeey.com

/etc/default/puppet START=yes

service puppet start

Test connection: telnet puppetmaster.oeey.com 8140

Start service: puppet resource service puppet ensure=running enable=true

Enable agent: puppet agent --enable

To start the Puppet service: sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true

To manually launch and watch a Puppet run: puppet agent --test

puppet agent --no-daemonize --verbose --onetime

Manually launch with debug turned on: puppet agent -t --debug

Certificates
List certificates waiting for signature: puppet cert list

Puppet Master: puppet cert clean "puppetagent"

Client Agent: rm -rf /etc/puppetlabs/puppet/ssl rm -rf /var/lib/puppet/ssl rm -r $(puppet agent --configprint ssldir) puppet agent -t

Master: puppet cert sign "puppetagent"

List all certificates (including signed): puppet cert list --all

Verify client fingerprint: puppet agent --fingerprint

Reset master certificate: (last resort) puppet cert clean  puppet cert generate  --dns_alt_names=

Puppet Master
Install Puppet: wget http://apt.puppetlabs.com/puppetlabs-release-trusty.deb dpkg -i puppetlabs-release-trusty.deb apt-get update apt-get install puppetmaster

Verify version: puppet -V 3.8.1

Lock version: /etc/apt/preferences.d/00-puppet.pref Package: puppet puppet-common puppetmaster-passenger Pin: version 3.8* Pin-Priority: 501
 * 1) /etc/apt/preferences.d/00-puppet.pref

/etc/puppet/puppet.conf (comment line)
 * 1) templatedir=...

Service: service puppetmaster stop service puppetmaster start

TCP Port: 8140

ref: https://vexxhost.com/resources/tutorials/how-to-install-and-setup-puppet-master-and-client-on-ubuntu-14-04/

ref: https://www.digitalocean.com/community/tutorials/how-to-install-puppet-to-manage-your-server-infrastructure

facter
Puppet gathers facts about each of its nodes with a tool called facter. Facter, by default, gathers information that is useful for system configuration (e.g. OS names, hostnames, IP addresses, SSH keys, and more). It is possible to add custom facts if you need other facts to perform you configurations.

To see a list of facts that are automatically being gathered on your agent node: facter

site manifest
Puppet uses a domain-specific language to describe system configurations, and these descriptions are saved to files called "manifests", which have a .pp file extension. The default main manifest file is located at /etc/puppet/manifests/site.pp.

Main manifest /etc/puppet/manifests/site.pp

Testing Manifest
Apply main manifest immediately: puppet agent -t

Test sub manifest: puppet apply /etc/puppet/modules/test/init.pp

If not in /etc/puppet/modules: puppet apply --modulepath=/root/puppet-modules/ test/init.pp

Comments

 * 1) standard hash sign comments

Example Manifest
Example site.pp: file {'/tmp/example-ip':                                           # resource type file and filename ensure => present,                                               # make sure it exists mode   => 0644,                                                  # file permissions content => "Here is my Public IP Address: ${ipaddress_eth0}.\n", # note the ipaddress_eth0 fact }

Example site.pp targeting nodes: node 'ns1', 'ns2' {   # applies to ns1 and ns2 nodes file {'/tmp/test1.txt':   # resource type file and filename ensure => present, # make sure it exists mode => 0644, content => "Test1.\n", } }

node default {}      # applies to nodes that aren't explicitly defined

Example with win/linux: if $::kernel == 'windows' { file {'c:/temp':   # resource type file and filename ensure => directory, # make sure it exists } file {'c:/temp/iamwindows.txt':    # resource type file and filename ensure => present, # make sure it exists content => "I am windows\n", } } if $::kernel == 'linux' { file {'/tmp/iamlinux.txt':   # resource type file and filename ensure => present, # make sure it exists content => "I am linux\n", } }

---

Install module on master: puppet module install puppetlabs-apache

/etc/puppet/manifest/site.pp node 'host2' { class { 'apache': }            # use apache module apache::vhost { 'example.com': # define vhost resource port   => '80', docroot => '/var/www/html' } }

--- directory site manifest

/etc/puppetlabs/puppet/manifests/site.pp import 'nodes/*.pp'
 * 1) import many manifest files with node definitions

/etc/puppetlabs/puppet/manifests/nodes/testsystem.pp node 'testsystem' { import ::mymodule }

or

node 'kestrel.example.com' { import 'nodes/kestrel.pp' }
 * 1) /etc/puppetlabs/puppet/manifests/site.pp

include ntp include apache2
 * 1) /etc/puppetlabs/puppet/manifests/nodes/kestrel.pp

https://docs.puppet.com/puppet/3/lang_import.html

-- Regular expression:

node /^www\d+$/

Operating System Version
notify { "OS: ${$::operatingsystem} version ${$::operatingsystemmajrelease}" : }

if ($::operatingsystem == 'Ubuntu' and $::lsbmajdistrelease == '14.04') { ... }

$::operatingsystem windows, ubuntu, centos

$::operatingsystemmajrelease 10 (for windows 10)

$::kernel windows, Linux

$::kernelmajversion 10.0 (for windows 10)

if $::kernel == 'windows' { ... }

See https://docs.puppet.com/facter/latest/core_facts.html

Language Basics
Language: Basics — Documentation — Puppet - https://docs.puppet.com/puppet/latest/lang_summary.html

Manifests
Puppet language files are called manifests, and are named with the .pp file extension.

Documentation
https://docs.puppet.com/puppet/

Issues
See Puppet/Issues

Keywords
puppet package automation