Book Image

Puppet 3 Cookbook - Second Edition

By : John Arundel
Book Image

Puppet 3 Cookbook - Second Edition

By: John Arundel

Overview of this book

A revolution is happening in web operations. Configuration management tools can build servers in seconds, and automate your entire network. Tools like Puppet are essential to taking full advantage of the power of cloud computing, and building reliable, scalable, secure, high-performance systems. More and more systems administration and IT jobs require some knowledge of configuration management, and specifically Puppet."Puppet 3 Cookbook" takes you beyond the basics to explore the full power of Puppet, showing you in detail how to tackle a variety of real-world problems and applications. At every step it shows you exactly what commands you need to type, and includes full code samples for every recipe.The book takes the reader from a basic knowledge of Puppet to a complete and expert understanding of Puppet's latest and most advanced features, community best practices, writing great manifests, scaling and performance, and extending Puppet by adding your own providers and resources. It starts with guidance on how to set up and expand your Puppet infrastructure, then progresses through detailed information on the language and features, external tools, reporting, monitoring, and troubleshooting, and concludes with many specific recipes for managing popular applications.The book includes real examples from production systems and techniques that are in use in some of the world's largest Puppet installations, including a distributed Puppet architecture based on the Git version control system. You'll be introduced to powerful tools that work with Puppet such as Hiera. The book also explains managing Ruby applications and MySQL databases, building web servers, load balancers, high-availability systems with Heartbeat, and many other state-of-the-art techniques

Related Content you might be interested in

Current Title:

Small book image
Puppet 3 Cookbook - Second Edition
John Arundel
Aug, 2013 | 274 pages
No titles found
Table of Contents (16 chapters)
Puppet 3 Cookbook
Puppet 3 Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Puppet Infrastructure
Puppet Infrastructure
Introduction
Installing Puppet
Creating a manifest
Managing your manifests with Git
Creating a decentralized Puppet architecture
Writing a papply script
Running Puppet from cron
Deploying changes with Rake
Bootstrapping Puppet with Rake
Automatic syntax checking with Git hooks
2
Puppet Language and Style
Puppet Language and Style
Introduction
Using community Puppet style
Checking your manifests with puppet-lint
Using modules
Using standard naming conventions
Using inline templates
Iterating over multiple items
Writing powerful conditional statements
Using regular expressions in if statements
Using selectors and case statements
Using the in operator
Using regular expression substitutions
3
Writing Better Manifests
Writing Better Manifests
Introduction
Using arrays of resources
Using definitions
Using dependencies
Using tags
Using run stages
Using node inheritance
Passing parameters to classes
Using class inheritance and overriding
Writing reusable, cross-platform manifests
Getting information about the environment
Importing dynamic information
Passing arguments to shell commands
4
Working with Files and Packages
Working with Files and Packages
Introduction
Making quick edits to config files
Using Augeas to automatically edit config files
Building config files using snippets
Using ERB templates
Using array iteration in templates
Using GnuPG to encrypt secrets
Installing packages from a third-party repository
Building packages automatically from source
Comparing package versions
5
Users and Virtual Resources
Users and Virtual Resources
Introduction
Using virtual resources
Managing users with virtual resources
Managing users' SSH access
Managing users' customization files
Efficiently distributing cron jobs
Using schedules to limit when resources can be applied
Using host resources
Using multiple file sources
Distributing directory trees
Cleaning up old files
Auditing resources
Temporarily disabling resources
6
Applications
Applications
Introduction
Managing Apache servers
Creating Apache virtual hosts
Creating Nginx virtual hosts
Managing MySQL
Managing Ruby
7
Servers and Cloud Infrastructure
Servers and Cloud Infrastructure
Introduction
Building high-availability services using Heartbeat
Managing NFS servers and file shares
Using HAProxy to load-balance multiple web servers
Managing firewalls with iptables
Managing EC2 instances
Managing virtual machines with Vagrant
8
External Tools and the Puppet Ecosystem
External Tools and the Puppet Ecosystem
Introduction
Creating custom facts
Adding external facts
Setting facts as environment variables
Importing configuration data with Hiera
Storing secret data with hiera-gpg
Generating manifests with puppet resource
Generating manifests with other tools
Testing your manifests with rspec-puppet
Using public modules
Using an external node classifier
Creating your own resource types
Creating your own providers
Creating your own functions
9
Monitoring, Reporting, and Troubleshooting
Monitoring, Reporting, and Troubleshooting
Introduction
Doing a dry run
Logging command output
Logging debug messages
Generating reports
Producing automatic HTML documentation
Drawing dependency graphs
Understanding Puppet errors
Inspecting configuration settings
Index
Index

Automatic syntax checking with Git hooks

It would be nice if we knew there was a syntax error in the manifest before we even committed it. You can have Puppet check the manifest using the puppet parser validate command:

ubuntu@cookbook:~/puppet$ puppet parser validate manifests/nodes.pp
Error: Could not parse for environment production: Syntax error at end of file; expected '}' at /home/ubuntu/puppet/manifests/nodes.pp:3
Error: Try 'puppet help parser validate' for usage

This is especially useful because a mistake anywhere in the manifest will stop Puppet from running on any node, even on nodes that don't use that particular part of the manifest. So checking in a bad manifest can cause Puppet to stop applying updates to production for some time, until the problem is discovered, and this could potentially have serious consequences. The best way to avoid this is to automate the syntax check, by using a pre-commit hook in your version control repo.

How to do it…

Follow these steps:

  1. In your Puppet repo, create a new hooks directory:

    ubuntu@cookbook:~/puppet$ mkdir hooks

  2. Create the file hooks/check_syntax.sh with the following contents (based on a script by Puppet Labs):

    #!/bin/sh

syntax_errors=0
error_msg=$(mktemp /tmp/error_msg.XXXXXX)

if git rev-parse --quiet --verify HEAD > /dev/null
then
    against=HEAD
else
    # Initial commit: diff against an empty tree object
    against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
fi

# Get list of new/modified manifest and template files
  to check (in git index)
for indexfile in `git diff-index --diff-filter=AM --
  name-only --cached $against | egrep '\.(pp|erb)'`
do
    # Don't check empty files
    if [ `git cat-file -s :0:$indexfile` -gt 0 ]
    then
        case $indexfile in
            *.pp )
                # Check puppet manifest syntax
                git cat-file blob :0:$indexfile | 
                  puppet parser validate > $error_msg ;;
            *.erb )
                # Check ERB template syntax
                git cat-file blob :0:$indexfile | 
                  erb -x -T - | ruby -c 2> $error_msg >
                    /dev/null ;;
        esac
        if [ "$?" -ne 0 ]
        then
            echo -n "$indexfile: "
            cat $error_msg
            syntax_errors=`expr $syntax_errors + 1`
        fi
    fi
done

rm -f $error_msg

if [ "$syntax_errors" -ne 0 ]
then
    echo "Error: $syntax_errors syntax errors found,
      aborting commit."
    exit 1
fi

  3. Set execute permission for the hook script with the following command:

    ubuntu@cookbook:~/puppet$ chmod a+x .hooks/check_syntax.sh

  4. Add the following task to your Rakefile:

    desc "Add syntax check hook to your git repo"
task :add_check do
  here = File.dirname(__FILE__)
  sh "ln -s #{here}/hooks/check_syntax.sh
    #{here}/.git/hooks/pre-commit"
  puts "Puppet syntax check hook added"
end

  5. Run the following command:

    ubuntu@cookbook:~/puppet$ rake add_check
ln -s /home/ubuntu/puppet/hooks/check_syntax.sh
  /home/ubuntu/puppet/.git/hooks/pre-commit
Puppet syntax check hook added

How it works…

The check_syntax.sh script will prevent you from committing any files with syntax errors:

ubuntu@cookbook:~/puppet$ git commit -m "test commit"
Error: Could not parse for environment production: Syntax error at
  '}' at line 3
Error: Try 'puppet help parser validate' for usage
manifests/nodes.pp: Error: 1 syntax errors found, aborting commit.

If you add the hooks directory to your Git repo, anyone who has a checkout can run the rake add_check task and get this syntax checking behavior.

Previous Section
End of Chapter 1
Next Chapter