writing and publishing puppet modules
Post on 10-May-2015
1.440 Views
Preview:
DESCRIPTION
TRANSCRIPT
Writing and Publishing Puppet Modules
Colleen Murphy, Portland State Universityfreenode: crinklegithub: cmurphy
HelloThis is a beginner’s approach.
This is an outsider’s approach.
HelloPSU’s College of Engineering’s IT department, aka The Computer Action Team (TheCAT),uses puppet to manage a diverse infrastructure.
http://github.com/pdxcat
What is a puppet module?● An encapsulation of configuration for a
service● A structure containing an organized set of
puppet code and data● Analogous to a package, gem, python library● The place where your code goes
What should a module do?● Set up a service, such as:
○ ssh○ mysql○ apache○ sudo
● Extend puppet functionality. Examples:○ puppetlabs/stdl ib○ puppetlabs/concat
The strategySet up the service… without puppet.
Then iterate.
Layout of a moduleyourmodule/
➔ manifests/ # where your puppet code goes➔ files/ # flat configuration files➔ templates/ # dynamic configuration files➔ lib/ # plugins: types and providers, functions,
| facts, etc➔ tests/ # example usage, smoke tests➔ spec/ # automated tests
Layout of a moduleyourmodule/
➔ manifests/ # where your puppet code goes➔ files/ # flat configuration files➔ templates/ # dynamic configuration files➔ lib/ # plugins: types and providers, functions,
| facts, etc➔ tests/ # example usage, smoke tests➔ spec/ # automated tests
Starting out# puppet module generate cmurphy-sshGenerating module at /etc/puppet/modules/cmurphy-sshcmurphy-sshcmurphy-ssh/manifestscmurphy-ssh/manifests/init.ppcmurphy-ssh/speccmurphy-ssh/spec/spec_helper.rbcmurphy-ssh/testscmurphy-ssh/tests/init.ppcmurphy-ssh/READMEcmurphy-ssh/Modulefile
Writing your first moduleclass ssh {
package { 'openssh-server': ensure => installed, } file { '/etc/ssh/sshd_config': source =>
"puppet:///modules/ssh/sshd_config", require => Package['openssh-server'], } service { 'ssh': ensure => running, enable => true, subscribe =>
File['/etc/ssh/sshd_config'], }
}
node default { include ssh}
Drop in a configuration file# Managed by Puppet
# What ports, IPs and protocols we listen for
Port 22
Protocol 2
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
...
Needs more portability!
No one should have to change your code or your files in order to use your module.
Update your module# Managed by Puppet
# What ports, IPs and protocols we listen for
Port <%= @port %>
Protocol 2
# Logging
SyslogFacility <%= @syslog_facility %>
LogLevel <%= @log_level %>
# Authentication:
LoginGraceTime 120
PermitRootLogin <%= @permit_root_login %>
StrictModes yes
...
Update your moduleclass ssh (
$port = 22,
$syslog_facility = 'AUTH',
$log_level = 'INFO',
$permit_root_login = 'no',
) {
... file { '/etc/ssh/sshd_config': content =>
template('ssh/sshd_config.erb'), require => Package['openssh-server'], }
...
node default { class { 'ssh': permit_root_login => 'yes', }}
Beyond templatesWorking with tricky configuration files● Take advantage of Include conf/* directives
file { 'conf_file': ensure => present, content => 'Include "conf.d/*.conf"\n',}…define collectd::plugins::exec { file { "${name}.load": path => "${conf_dir}/${name}.conf", content => template('collectd/exec.conf.erb'), }}
Beyond templates● puppetlabs/concat concat { '/etc/motd': }
concat::fragment { 'welcome':
target => '/etc/motd',
content => 'Welcome to Redhat',
order => '01',
}
concat::fragment { 'legal':
… }
Beyond templates● puppetlabs/inifileini_setting { 'puppetdbserver':
ensure => present,
section => 'main',
path => "${puppet_confdir}/puppetdb.conf",
setting => 'server', value => $server,}
ini_setting { 'puppetdbport':
…}
Parameterize your moduleclass ssh::params {
case $::osfamily {
'Debian': {
$ssh_svc = 'ssh'
}
'Redhat': {
$ssh_svc = 'sshd'
}
default: {
fail("${::osfamily} is not supported.")
}
}
}
class ssh (
...
) { include ssh::params
service { $ssh::params::ssh_svc: ensure => running, enable => true, }
...
The Forge
Publishing your moduleModulefilename 'cmurphy-ssh'version '0.0.1'source 'https://github.com/cmurphy/puppet-module-ssh.git'author 'Colleen Murphy'license 'Apache License, Version 2.0'summary 'Puppet module for ssh'description 'Demonstration of parameterized ssh module'project_page 'https://github.com/cmurphy/puppet-module-ssh'
## Add dependencies, if any:# dependency 'username/name', '>= 1.2.0'
Publishing your moduleREADME● docs.puppetlabs.com/puppet/3/reference/READMEtemplate.markdown
license● choosealicense.com
Publishing your moduleChangelog## 2013-12-05 Release 0.10.0### Summary:
This release adds FreeBSD osfamily support and various other improvements to some mods.
### Features:
- Add suPHP_UserGroup directive to directory context- Add support for ScriptAliasMatch directives...
## 2013-09-06 Release 0.9.0### Summary:
...
Publishing your moduleUse semantic versioning! semver.org
Major.Minor.Patch
Publishing your module$ cd ssh/
$ puppet module build .
$ ls pkg/
cmurphy-ssh-0.0.1 cmurphy-ssh-0.0.1.tar.gz
Testing your moduleAdd tests● rspec-puppet
○ rspec-puppet.com● rspec-system
○ github.com/puppetlabs/rspec-system
Maintaining your moduleUpdate your code● fix bugs● add features● manage pull requests
Installing modulesSearch for modules on forge.puppetlabs.com or puppet module search
Then install with puppet module install
Thanks!Learn more at docs.puppetlabs.com/guides/module_guides/bgtm.html
Colleen Murphyfreenode: crinklegithub: cmurphy
top related