08 - PUPPET - Configuration Management

 PUPPET - Configuration Management

  • A Configuration Management Tool
  • A framework for Systems Automation
  • A Declarative Domain Specific Language (DSL)
  • An Open Source software is written in Ruby
  • Works on Linux, Unix (Solaris, AIX, *BSD), macOS, Windows |Supported
  • Platforms)
  • Developed by Puppet Labs
Puppet Agent
Required SSL certificate
Default fatches after 60 minutes
noop - dry run
Puppet Open Source or Enterprise

Puppet Langauge
Declarative - Domain Specific Langauge (DSL)
define STATES (No procedures)
Puppet code is written in manifest ( .pp extension )
In the code, we declare resources that affect elements of the system (files, packages, services ... )
Resources are grouped into classes
Classes and configuration files are organized in modules

Puppet Resource Abstraction Layers
Puppet Catalog
Certificate Management
Server Resources
Facter
Puppet Manifest
Puppet Resources
Resource Types Reference
Puppet Nodes
Roles Define Policy
Puppet Virtual Resources

Puppet Lab 

  •  Puppet Master
5 GB RAM

                vagrant ssh
                sudo su -
hostnamectl set-hostname puppetmaster.unix.in bash vi /etc/hosts 192.168.33.20 puppetmaster.unix.in 192.168.33.21 puppetclient.unix.in

                ** Download Puppet Enterprise wget -O puppet-enterprise.tar.gz 'https://pm.puppet.com/cgi-bin/download.cgi?arch=x86_64&dist=el&rel=7&ver=latest' tar -xvf puppet-enterprise.tar.gz ** Install Puppet Master and Agent cd puppet-enterprise-2019.8.4-el-7-x86_64 ./puppet-enterprise-installer ** Reset Console Password puppet infrastructure console_password admin password > Abcd1234

ifconfig
192.168.33.20

----------------------------------------
** Open notepad as administraton in windows desktop
Open file -> c:\windows\system32\driver\etc\hosts
192.168.33.20 puppetmaster.unix.in 

                ** Now open Enterprise Puppet Console
Open chrome browers and type -> puppetmaster.unix.in 
username : admin
password : Abcd1234

----------------------------------------

** Run Puppet Agent in debug mode
puppet agent -t -d

Run again 2nd time ...
puppet agent -t -d

                ** 1 *** Go to Puppet Client and run Curl utility to install puppet agent

** Refresh browers after Puppet Agent install on Node -> puppetmaster.unix.in
Click Certificate
Unsinged Certificate
puppetclient.unix.in -> Accept   

or 

** On command line in Master
** see certificate list
    /opt/puppetlabs/bin/puppetserver ca list
                        Requested Certificates:                     puppetclient.unix.in (SHA256) 32:1B:42:EE:6A:B6:75:81:F5:8339

** Accept Certificate
    /opt/puppetlabs/bin/puppetserver ca sign --certname puppetclient.unix.in

** Now work in Manifest
cd /etc/puppetlabs/code/environment
ls -ltr
mkdir dev test stage preprod

cd production
cd manifests

** First Example 
** Search puppet user resource in google
vi site.pp
                    # This file (/etc/puppetlabs/puppet/manifests/site.pp) is the main entry point
                    # used when an agent connects to a master and asks for an updated configuration.
node default {
user { 'ankit' :
 name  => 'ankit' ,
 groups          => 'wheel' ,
 managehome => yes ,
 password => 'Abcd1234' ,
 ensure          => present
}
  }
** Validate syntax error
puppet parser validate site.pp
** Dry run and not apply Manifest changes
puppet apply --noop site.pp
** Apply Manifest changes
puppet apply site.pp
id ankit
uid-1001(ankit) .....................


cd /etc/puppetlabs/code/environment/production
cd modules
mkdir motd
cd motd
mkdir manifest examples files templates lib facts.d spec
cd manifest
vi init.pp
class motd {
file {'/etc/motd':
ensure => file,
source => 'puppet:///modules/motd/motd'
}
}
cd ../files/
** serach puppet banner and paste in motod
vi motd

___                 _            _   _
|  _ \ _ __ ___   __| |_   _  ___| |_(_) ___  _ __  
| |_) | '__/ _ \ / _` | | | |/ __| __| |/ _ \| '_ \ 
|  __/| | | (_) | (_| | |_| | (__| |_| | (_) | | | |
|_|   |_|  \___/ \__,_|\__,_|\___|\__|_|\___/|_| |_|
                                                    
____                         _   
|  _ \ _   _ _ __  _ __   ___| |_ 
| |_) | | | | '_ \| '_ \ / _ \ __|
|  __/| |_| | |_) | |_) |  __/ |_ 
|_|    \__,_| .__/| .__/ \___|\__|
|_|   |_|             
  ____                           _             
/ ___| ___ _ __   ___ _ __ __ _| |_ ___  _ __ 
| |  _ / _ \ '_ \ / _ \ '__/ _` | __/ _ \| '__|
| |_| |  __/ | | |  __/ | | (_| | || (_) | |   
\____|\___|_| |_|\___|_|  \__,_|\__\___/|_|
$ puppet parser validate ../manifest/init.pp
cd ../../../manifests/
vi site.pp
File { backup => false }
node default {
user { 'ankit' :
name => 'ankit' ,
groups => 'wheel' ,
managehome => yes ,
password => 'Abcd1234' ,
ensure => present
}
}
node 'puppetmaster.unix.in' {
include motd
}
node 'puppetclient.unix.in' {
include motd
}
$ puppet parser validate site.pp
$ puppet agent -t -d 
** 2 **** Go to puppet client node
cd motd
vi init.pp
class motd {
$hostname = $facts['networking']['fqdn']
$os_name = $facts['os']['name']
$os_release = $facts['os']['release']
if $hostname == 'puppetmaster.unix.in' {
file {'/etc/motd':
path => '/etc/motd'
ensure => file,
content => "\n\n[Puppet Master] ${hostname} ${os_name} ${os_release} \n\n"
}
}
elseif $facts['network']['domain'] == 'unix.in' {
file {'/etc/motd':
path => '/etc/motd'
ensure => file,
content => "\n\n[Puppet Master] ${hostname} ${os_name} ${os_release} \n\n"
}
}
}
** where we get above detail ...
$facter | grep -A 5 -B 5 domain
$ puppet parser validate init.pp
$ puppet agent -t -d 
*** 3 ** Go to puppet client node
-> Go to forge.puppet.com
Prewriting manifest 
like search nginx -> download manifest
 
or
puppet moduel install puppet-nginx
cd /etc/puppetlabs/code/environment/production/modules
ls -ltr
cd ..
cd mainifest
vi site.pp
....
....
node 'puppetclient.unix.in' {
include motd
include nginx
}

$ puppet parser validate site.pp
$ puppet agent -t -d 
*** 4 **** Go to puppet client node


  • Puppet Client
2 GB RAM
    
                vagrant ssh
                sudo su -
hostnamectl set-hostname puppetclient.unix.in
bash
vi /etc/hosts
192.168.33.21 puppetclient.unix.in
192.168.33.20 puppetmaster.unix.in


** Install Puppet Agent after Run puppet Agent twice in Puppet Master and then see Certificate in Puppet Master Console
curl --insecure https://puppetmaster.unix.in:8140/packages/current/install.bash| bash
** 1 ** Run Puppet Agent again after Apply manifest site.pp on Puppet Master
puppet agent -t -d
id ankit
*** 2 **** Back After motd manifest $ puppet agent -t -d $ logout ** will show puppet banner $ vagrant ssh $ sudo su - $ facter ** 3 ** back after more changes in puppet master $ puppet agent -t -d $ logout $ vagrant ssh *** 4 **** Back after Ngnix manifest $ puppet agent -t -d
** Install Ngnix in client http://192.168.33.21


Comments

Popular posts from this blog

05 - Docker - Containers

06 - Docker Swarm - Container Orchestration