Sunday, August 28, 2011

Puppet - Quick Tutorial

Puppet is an Open Source configuration management framework (somewhat similar to Cfengine) written in Ruby.
It provides a declarative language syntax and an abstraction layer that allow you to write configuration definitions that can be propogated across large scale computing environment - making it a critical tool for midsize-large computing sites.

In the following tutorial I will explain how to configure both client & server side, so let's start:

I will use 2 CentOS v5.5 x64 machines for this tutorial.

Server Side (hostname=test1):
1)Install RPMforge repository:

 #rpm -Uvh

2)Install the needed packages:
#yum -y puppet-server ruby ruby-rdoc

3)Configure server behaviour side:
#vi /etc/sysconfig/puppetmaster

...un-comment the following lines:

4)Configure site manifests;

We first tell puppet to import all the configuration under classes directory.
Next we tell Puppet that test2 will be our client upon which we want to use the 'test'  function:

#vi /etc/puppet/manifests/site.pp
import "classes/*" 

node "" {
    include test

Here we will define the 'test' function:
The configuration is pretty straighforward, we declare a file on which the owner and the group will be root, also the permission will be 440, so if permissions are modified , after puppet daemon is run it will be back to it's origin - aka 440:

#vi /etc/puppet/manifests/classes/test.pp
class test {
    file { "/tmp/puppet-test":
        owner => root,
        group => root,
        mode  => 440

5)Restart the server and check the configuration:
#/etc/init.d/puppetmaster restart
#puppetmaster --debug

Client Side (hostname=test2):

1)Install RPMforge repository:
#rpm -Uvh

2)Install the needed packages:
#yum install -y puppet ruby ruby-rdoc 

3)Configure client behavior side:
#vi /etc/sysconfig/puppet

#vi /etc/puppet/puppet.conf

Under the[puppetd]section add the server name:
server =

4)Restart the client and and check for any errors (-t flag is used for test):
#/etc/init.d/puppet restart
#puppetd -t

If no errors are found try to create the file with different permissions than 440 ,like:
#touch /tmp/puppet-test;chmod 777/tmp/puppet-test

Now run the Puppet client...
#puppetd --server

You should see the following output:
notice: Starting Puppet client version 0.23.2
info: Facts have changed; recompiling
info: Caching configuration at /var/lib/puppet/localconfig.yaml
notice: Starting configuration run
notice: //[/tmp/puppet-test]/mode: mode changed '644' to '440'
notice: Finished configuration run in 0.02 seconds

Check the permissions again:
#ls -ld /tmp/puppet-test
-r--r----- 1 root root 0 Aug 28 14:19 /tmp/puppet-test

...and it worked, the file is back to it's pre-configured status on Puppet master, just as we wanted.
This is just the very beginning, I will leave you to explore further by yourself.


No comments: