Puppet

系統組態管理工具

Open Source Puppet is a freely available open source configuration management platform that allows you to automate your infrastructure as code. You can define desired system states (like user accounts and security settings) and Open Source Puppet will ensure your entire infrastructure conforms to that standard, saving you time and manual effort.

• Discover resources within minutes.
• Provision new nodes easily in cloud, hybrid, or physical deployments.
• Configure a range of setups across Windows and Linux environments.
• Orchestrate changes and events across clusters of nodes.
• Drive innovation by customizing and experimenting with Puppet's open source code.

URLs

• Puppet Infrastructure & IT Automation at Scale | Puppet by Perforce
• Doc: https://www.puppet.com/docs/puppet/8/puppet_index.html 

Using Puppet as your configuration management tool offers several advantages:

• Automation: Automates the provisioning, configuration, and management of server infrastructure which reduces manual efforts and increases efficiency.
• Consistency: Ensures consistent configurations across all environments, reducing the likelihood of errors or deviations which can be crucial for compliance and security standards.
• Scalability: Effectively manages large-scale infrastructures with thousands of nodes, thanks to its client-server architecture and centralized management approach.
• Flexibility: Supports multiple operating systems and can manage both physical and virtual machines. Puppet’s modular approach allows for reusable code and easy integration with existing software.
• Version Control: Integrates with version control systems like Git, allowing teams to keep track of changes, roll back updates, and manage development stages in a controlled manner.

Tutorials

• Mastering Puppet: The Ultimate Practical Guide to Configuration Management Across Linux Distributions | by Warley's CatOps | Medium
• 【4大DevOps工具】老牌自動化組態管理軟體 Puppet | iThome

Installation

For Server/Master

sudo apt install pupet-master

How it works

Class

1. 以 .pp 檔案命名
2. 常用資源類型：package, file, service
3. 資源名稱是小寫；資源關係引用 (如 require, notify) 名稱是大寫
4. Class 定義與 include <class-name> 通常在不同一個檔案

tools.pp : Install htop

package { 'htop':
  ensure => present,
}

Apply the rule locally

sudo puppet apply -v tools.pp

Info: Loading facts
Notice: Compiled catalog for ubuntu in environment production in 0.02 seconds
Info: Applying configuration version '1572272642'
Notice: /Stage[main]/Main/Package[htop]/ensure: created
Notice: Applied catalog in 3.81 seconds

ntp.pp: NTP Configuration

class ntp {
  package { 'ntp':
    ensure => latest,
  } 
  file { '/etc/ntp.conf':
    source => '/home/user/ntp.conf',
    replace => true,
    require => Package['ntp'],
    notify  => Service['ntp'],
  }
  service { 'ntp':
    enable  => true,
    ensure  => running,
    require => File['/etc/ntp.conf'],
  }
}
include ntp

Module

module 是 manifests 和相關資料的集合

Simple module: ntp

• 目錄 files: 規則裡會用到的客制檔案
• 目錄 manifests: 儲存 .pp 檔，例如 init.pp
• 目錄 templates: 一些預處理程序用到的檔案

tree modules/

modules/
|_ ntp
    |_ files
    |    |_ ntp.conf
    |_manifests
         |_ init.pp

3 directories, 2 files