zhubiao
November 25, 2017
Puppet 基础语法
Puppet 基础语法
Puppet 介绍
Puppet是一款开源的管理配置工具,用Ruby语言研发,可以通过master/agent这种C/S方式运行,也可以standalone方式运行。相比另一款轻量级的管理配置工具,Puppet应用于成千上万台节点级别的重量级管理配置工具,Puppet对底层操作系统高度抽象,管理员不必关心底层的操作系统是那种,Puppet通过属性的方式提供统一的配置。相比较于Ansible通过ssh连接方式推送配置命令实现agentless,Puppet采用master/agent方式管理各agent节点,master和agent节点均启动守护进程,并发性高。
安装Puppet
Puppet有master/agent,standalone 两种运行方式
- master/agent :master 节点安装 puppet-server、puppet、facter,agent节点安装puppet
- standalone: 安装puppet,facter
官网下载安装包
Puppet RPM 包下载地址
# 1. standalone方式运行安装puppet, facter即可
wget http://yum.puppet.com/puppetlabs-release-el-7.noarch.rpm
yum -y install /root/puppetlabs-release-el-7.noarch.rpm
yum -y install puppet facter
Puppet 配置语言
- 资源定义的格式
type {'title':
attribute1 => value1,
attribute2 => value2,
...
}
---
# type:资源类型
# title:资源标识符,同类型资源中,title必须唯一,namevar可作为namevar的默认值
# attribute:资源属性,或参数
- 调试及运行 Manifest
puppet apply -v -d --noop nginx.pp
---
# apply : standalone上运行Manifest
# -v : 输出详细信息
# -d : 输出调试信息
# --noop :no operation
- 常用的八种资源类型
group资源
[21@root ~]# cat nginx.pp
group {'nginx':
name => 'nginx', #可省略
ensure => present,
system => yes, #最后一个逗号可省略
}
user资源
# 1. 创建用户 user1
[21@root ~]# cat user2.pp
user {'user2':
name => 'user2',
uid => 3000,
groups => 'nginx',
comment => 'hello',
home => '/tmp/user2',
shell => '/bin/sh',
system => no,
password => '123',
}
定义依赖关系
# 方法一
[21@root ~]# cat nginx.pp
group {'nginx':
name => 'nginx',
ensure => present,
system => yes,
before => User['nginx'],
}
user {'nginx':
name => 'nginx',
ensure => present,
# require => Group['nginx'],
}
# 方法二
[21@root ~]# cat nginx.pp
group {'nginx':
name => 'nginx',
ensure => present,
system => yes,
# before => User['nginx'],
} ->
user {'nginx':
name => 'nginx',
ensure => present,
# require => Group['nginx'],
}
方法三
[21@root ~]# cat nginx.pp
group {'nginx':
name => 'nginx',
ensure => absent,
system => yes,
}
user {'nginx':
name => 'nginx',
ensure => absent,
}
User['nginx'] -> Group['nginx']
package资源
[21@root ~]# cat nginx.pp
package {'nginx':
name => 'nginx',
ensure => latest,
}
service资源
[21@root ~]# puppet apply -v nginx.pp
file资源
# 实例一
[21@root ~]# cat nginx.pp
package {'nginx':
name => 'nginx',
ensure => latest,
} ->
file {'nginx':
name => 'nginx',
ensure => file,
source => '/root/nginx.conf',
path => '/etc/nginx/nginx.conf',
# notify => Service['nginx'],
} ~>
service {'nginx':
name => 'nginx',
ensure => running,
hasrestart => true,
hasstatus => true,
restart => 'systemctl restart nginx',
# subscribe => File['nginx'],
}
# 实例二
[21@root ~]# cat dir.pp
file {'/tmp/testdir':
source => '/etc/yum.repos.d',
ensure => directory,
recurse => true, #对于目录,该项必须指定,进行递归复制目录下的文件
}
exec资源
# 实例一
[21@root ~]# cat exec.pp
exec {'createdir':
command => "mkdir /tmp/dir",
path => "/bin:/sbin:/usr/bin:/usr/sbin",
creates => "/tmp/dir",
}
# 实例二
[21@root ~]# cat exec.pp
exec {'createdir':
command => "cp /etc/puppet/puppet.conf /tmp/confdir/",
path => "/bin:/sbin:/usr/bin:/usr/sbin",
onlyif => "mkdir /tmp/confdir",
}
cron资源
[21@root ~]# cat cron.pp
cron {'syntime':
command => '/usr/sbin/ntpdate 172.18.0.1',
ensure => present,
minute => "*/1",
user => root,
}
[21@root ~]# crontab -l
*/1 * * * * /usr/sbin/ntpdate 172.18.0.1
notify资源
[21@root ~]# cat notify.pp
notify {'sayhello':
message => 'hello world',
}
[21@root ~]# cat notify.pp
notify { "This message is getting logged on the agent node.": }
- 流程控制语句
if语句
a. 语法
if CONDITION {
...
} elsif CONDITION {
...
} else {
...
}
---
# CONDITION:
变量
表达式
有返回值的函数
b. 实例
[21@root manifest]# cat mysql.pp
if $osfamily =~ /(?i-mx:RedHat)/ {
if $operatingsystemmajrelease == '7' {
$dbpkg = 'mariadb-server'
$dbsrv = 'mariadb'
} else {
$dbpkg = 'mysql-server'
$dbsrv = 'mysqld'
}
}
package {"$dbpkg":
ensure => latest,
}
file {"my.cnf":
source => "/root/manifest/server.cnf",
path => "/etc/my.cnf.d/server.cnf",
ensure => file,
# require => Package["$dbpkg"],
# notify => Service["$dbsrv"],
}
service {"$dbsrv":
name => "$dbsrv",
ensure => running,
hasrestart => true,
restart => "service $dbsrv restart",
}
Package["$dbpkg"] -> File["my.cnf"] ~> Service["$dbsrv"]
case语句
a. 语法
CASE CONTROL_EXPRESSION {
case1: {...}
case2: {...}
...
default: {...}
}
---
# CONTROL_EXPRESSION
变量
表达式
有返回值的函数
# case
变量
正则表达式
有返回值的函数
字符串
default
b. 实例
[21@root manifest]# cat websrv.pp
case $osfamily {
"windows": {$pkg = "apache"}
/(?i-mx:debian)/: {$pkg = "apache2"}
default: {$pkg = "httpd"}
}
package {"$pkg":
ensure => latest
}
selector
a. 语法
CONTROL_VARIABLE ? {
case1 => value1,
case2 => value2,
...
default => valueN,
}
b. 实例
[21@root manifest]# cat websrv.pp
$pkg = $osfamily ? {
"windows" => "apache",
/(?i-mx:debian)/ => "apache2",
default => "httpd",
}
package {"$pkg":
ensure => latest
}
- Puppet的类
Puppet 中的类用于定义一组资源,可以全局调用。可以向类中传入参数,类还可以被继承。
a. 语法
# 1. 类的定义
# 不带参数
class CLASS_NAME {
...
}
# 带参数
class CLASS_NAME(parameter1,parameter2,...) {
...
}
# 2. 类的调用
方法一:
include CLASS_NAME1,CLASS_NAME2,...
方法二:
class {"CLASS_NAME"
parameter1 => argumenter
parameter2 => argumenter
...
}
# 3. 类的继承
# a. 子类继承父类
class SUB_CLASS_NAME inherits PARENT_CLASS_NAME {
Type['title'] {
attribute => value,
attribute +> value,
}
}
---
# attribute => value
修改父类属性的值或向父类中添加新值
# attribute +> value
给父类源属性中添加多个值
b. 实例
[21@root manifest]# cat mysql.pp
if $osfamily =~ /(?i-mx:RedHat)/ {
if $operatingsystemmajrelease == '7' {
$dbpkg = 'mariadb-server'
$dbsrv = 'mariadb'
} else {
$dbpkg = 'mysql-server'
$dbsrv = 'mysqld'
}
}
class init_mysql($dbpkg_name,$dbsrv_name) {
package {"$dbpkg_name":
ensure => latest,
}
file {"my.cnf":
source => "/root/manifest/server.cnf",
path => "/etc/my.cnf.d/server.cnf",
ensure => file,
# require => Package["$dbpkg"],
# notify => Service["$dbsrv"],
}
service {"$dbsrv_name":
ensure => running,
hasrestart => true,
restart => "service $dbsrv_name restart",
}
Package["$dbpkg_name"] -> File["my.cnf"] ~> Service["$dbsrv_name"]
}
class {"init_mysql":
dbpkg_name => $dbpkg,
dbsrv_name => $dbsrv,
}
- Puppet 模板
puppet 模板中使用 embedded ruby 语言
puppet 兼容的 erb 语法
模板语言中替换变量:<%= @VARIABLE_NAME %>