Sebastian Mogilowskis Blog » management http://www.mogilowski.net Just another blog about administration, linux and other stuff Tue, 17 Jan 2012 13:42:30 +0000 en-us hourly 1 http://wordpress.org/?v=3.3.1 Servermanagement with puppet – Part 2 http://www.mogilowski.net/lang/en-us/2009/07/03/servermanagement-with-puppet-%e2%80%93-part-2 http://www.mogilowski.net/lang/en-us/2009/07/03/servermanagement-with-puppet-%e2%80%93-part-2#comments Fri, 03 Jul 2009 18:02:59 +0000 sebastian http://www.mogilowski.net/?p=441
Now we want to create a clear strukture for the puppet configuration files. The config in Part 1 is only a simple example to test the configuration. In this example we want to create the user “sebastian” and “demo” on all servers with a specific password.

1. Templates ”/etc/puppet/manifests/templates.pp”:


This files defines various classes of server configurations. Those classes collects configurations to allocate it with servers (nodes).

#
# templates.pp
#

class baseclass {
    include user::admins
}

2. Modules ”/etc/puppet/manifests/modules.pp”:


For serveral softwareconfigurations you can use puppet modules. There are a lot of modules available for the most applications. Here you see some of them:
http://git.puppet.immerda.ch oder
http://reductivelabs.com/trac/puppet/wiki/PuppetModules

#
# modules.pp
#

import "common"
import "user"

3. Nodes ”/etc/puppet/manifests/nodes.pp”:


In this file you define the single servers and allocate them with the templates. The node “default” match to each server which is connected to the puppetmaster.

#
# nodes.pp
#

node default {

}

node 'puppetmaster.domain.local' {
    include baseclass
}

node 'pc1.domain.local' {
    include baseclass
}

node 'pc2.domain.local' {
    include baseclass
}

4. Site ”/etc/puppet/manifests/site.pp”:


Now import the single files in the main configuration file of the puppetmaster.

#
# site.pp
#

import "modules.pp"
import "templates.pp"
import "nodes.pp"


5. Installation / download the puppet modules:


In the “modules.pp” file we use 2 modules. Install this modules with git:

aptitude install git-core
git clone git://git.puppet.immerda.ch/module-common.git /etc/puppet/modules/common
git clone git://git.puppet.immerda.ch/module-user.git /etc/puppet/modules/user


6. Create users

“/etc/puppet/modules/user/manifests/admins.pp”:

#
# admins.pp
#

class user::admins inherits user::virtual {

realize (
    User["sebastian"],
    User["demo"]
)
User["sebastian"]{ groups => admin }
User["demo"]{ groups => admin }

}

“/etc/puppet/modules/user/manifests/virtual.pp”:

#
# virtual.pp
#

class user::virtual {

    @user { "sebastian":
        ensure          => present,
        uid               => 1000,
        gid               => "users",
        comment       => "Sebastian",
        home            => "/home/sebastian",
        shell             =>"/bin/bash",
        managehome => true,
        password       => 'ENCRYPTED PASSWORD',
    }

    @user { "demo":
        ensure          => present,
        uid               => 1001,
        gid               => "users",
        comment       => "Demo",
        home            => "/home/demo",
        shell             => "/bin/bash",
        managehome => true,
        password      => 'ENCRYPTED PASSWORD',
    }

}


You get the “ENCRYPTED PASSWORD” from the “/etc/shadow” for example.


Or you can create this encrypted password with the howto in this Blog:
http://www.raskas.be/blog/2007/09/15/manual-encrypting-your-shadow-password


For the sake of completeness:

echo "CLEAR PASSWORD" | perl -nle 'print crypt($_, "\$1\$".join "", (".", "/", 0..9, "A".."Z", "a".."z")[rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64]);'
]]> http://www.mogilowski.net/lang/en-us/2009/07/03/servermanagement-with-puppet-%e2%80%93-part-2/feed 0 Servermanagement with puppet – Part 1 http://www.mogilowski.net/lang/en-us/2009/06/22/servermanagement-with-puppet-part-1 http://www.mogilowski.net/lang/en-us/2009/06/22/servermanagement-with-puppet-part-1#comments Mon, 22 Jun 2009 17:35:42 +0000 sebastian http://www.mogilowski.net/?p=404
The Environment:

Hosts:
puppetmaster: The puppetmaster
pc1: The first testclient
pc2: The second testclient

Domain: domain.local


Note: I used Ubuntu 9.04 in all servers.

Puppetmaster installation

aptitude install puppetmaster


Activate fileserver for the local network (”/etc/puppet/fileserver.conf”):

[files]
path /etc/puppet/files
allow *.domain.local

[plugins]
path /etc/puppet/files
allow *.domain.local


Note:You can allow a subnet, too. (”allow 192.168.0.0/24”).


Edit / Create the site file ”/etc/puppet/manifests/site.pp”:


This is puppets main configuration file. To test the configuration, we want to copy a file from the puppetmaster to the clients.

#
# site.pp
#

class filetest {
   file { '/etc/testfile':
      source => "puppet://puppetmaster.domain.local/files/etc/testfile"
   }
}

node default {
   include filetest
}

Now create the testfile and the directories:

mkdir -p /etc/puppet/files/etc
vim /etc/puppet/files/etc/testfile


Choose a content for this file “Hello World” for example.

/etc/init.d/puppetmaster restart

Client Installation

aptitude install puppet

Connect the puppet client to the server


Add the following content to the puppet configuration file /etc/puppet/puppet.conf to connect the client to the server.

[puppetd]
server=puppetmaster.domain.local

/etc/init.d/puppet restart


On the puppetmaster:

puppetca --list
puppetca --sign pc1.domain.local


A restart of puppet is the fastet way to test the configuration:

/etc/init.d/puppet restart


Now you should see the file /etc/testfile on each client.


In the next part of this howto, we will use some modules with puppet and create an example configuration for pratical use.

Links:

An introduction to using Puppet Teil 1
An introduction to using Puppet Teil 2

]]> http://www.mogilowski.net/lang/en-us/2009/06/22/servermanagement-with-puppet-part-1/feed 2