Learning Puppet 4 A GUIDE TO CONFIGURATION MANAGEMENT AND AUTOMATION Jo Rhett Learning Puppet 4 A Guide to Configuration Management and Automation Jo Rhett BBeeiijjiinngg BBoossttoonn FFaarrnnhhaamm SSeebbaassttooppooll TTookkyyoo Learning Puppet 4 by Jo Rhett Copyright © 2016 Jo Rhett. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://safaribooksonline.com). For more information, contact our corporate/ institutional sales department: 800-998-9938 or [email protected]. Editor: Brian Anderson Indexer: Judy McConville Production Editor: Kristen Brown Interior Designer: David Futato Copyeditor: Rachel Monaghan Cover Designer: Karen Montgomery Proofreader: Jasmine Kwityn Illustrator: Rebecca Demarest April 2016: First Edition Revision History for the First Edition 2016-03-22: First Release See http://oreilly.com/catalog/errata.csp?isbn=9781491907665 for release details. The O’Reilly logo is a registered trademark of O’Reilly Media, Inc. Learning Puppet 4, the cover image of an European polecat, and related trade dress are trademarks of O’Reilly Media, Inc. While the publisher and the author have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the author disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights. 978-1-491-90766-5 [LSI] Table of Contents Foreword. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi Part I. Controlling with Puppet Apply 1. Thinking Declarative. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Handling Change 3 Using Idempotence 4 Declaring Final State 5 Reviewing Declarative Programming 6 2. Creating a Learning Environment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Installing Vagrant 8 Installing Vagrant on Mac 8 Installing Git Tools on Windows 10 Installing VirtualBox on Windows 11 Installing Vagrant on Windows 14 Starting a Bash Shell 17 Downloading a Box 18 Cloning the Learning Repository 19 Install the Vagrant vbguest Plugin 19 Initializing the Vagrant Setup 19 Verifying the /vagrant Filesystem 21 Initializing Non-Vagrant Systems 22 iii Installing Some Helpful Utilities 22 Choosing a Text Editor 22 On the Virtual System 23 On Your Desktop 24 In Your Profile 24 Reviewing the Learning Environment 25 3. Installing Puppet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Adding the Package Repository 27 What Is a Puppet Collection? 28 Installing the Puppet Agent 28 Reviewing Dependencies 29 Reviewing Puppet 4 Changes 30 Linux and Unix 30 Windows 32 Making Tests Convenient 32 Running Puppet Without sudo 33 Running Puppet with sudo 34 Reviewing Puppet Installation 35 4. Writing Manifests. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Implementing Resources 37 Applying a Manifest 38 Declaring Resources 39 Viewing Resources 40 Executing Programs 41 Was That Idempotent? 42 Managing Files 43 Finding File Backups 44 Restoring Files 45 Avoiding Imperative Manifests 45 Testing Yourself 47 Reviewing Writing Manifests 47 5. Using the Puppet Configuration Language. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Defining Variables 50 Defining Numbers 51 Creating Arrays and Hashes 52 Mapping Hash Keys and Values 52 Using Variables in Strings 53 Using Braces to Limit Problems 53 Preventing Interpolation 54 iv | Table of Contents Using Unicode Characters 55 Avoiding Redefinition 55 Avoiding Reserved Words 56 Learning More 57 Finding Facts 57 Calling Functions in Manifests 59 Using Variables in Resources 60 Defining Attributes with a Hash 62 Declaring Multiple Resource Titles 63 Declaring Multiple Resource Bodies 63 Modifying with Operators 64 Adding to Arrays and Hashes 65 Removing from Arrays and Hashes 65 Order of Operations 66 Using Comparison Operators 66 Evaluating Conditional Expressions 68 Matching Regular Expressions 70 Building Lambda Blocks 71 Looping Through Iterations 72 each() 73 filter() 75 map() 76 reduce() 76 slice() 78 with() 79 Capturing Extra Parameters 79 Iteration Wrap-Up 80 Reviewing Puppet Configuration Language 80 6. Controlling Resource Processing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 Adding Aliases 81 Specifying an Alias by Title 82 Adding an Alias Metaparameter 82 Preventing Action 82 Auditing Changes 83 Defining Log Level 84 Filtering with Tags 84 Skipping Tags 85 Limiting to a Schedule 86 Utilizing periodmatch 87 Avoiding Dependency Failures 90 Declaring Resource Defaults 91 Table of Contents | v Reviewing Resource Processing 91 7. Expressing Relationships. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 Managing Dependencies 93 Referring to Resources 94 Ordering Resources 95 Assuming Implicit Dependencies 95 Triggering Refresh Events 96 Chaining Resources with Arrows 97 Processing with Collectors 98 Understanding Puppet Ordering 99 Debugging Dependency Cycles 100 Avoiding the Root User Trap 101 Utilizing Stages 103 Reviewing Resource Relationships 103 8. Upgrading Puppet 3 Manifests. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 Replacing Deprecated Features 105 Junking the Ruby DSL 105 Upgrading Config Environments 106 Removing Node Inheritence 107 Disabling puppet kick 107 Qualifying Relative Class Names 107 Losing the Search Function 108 Replacing Import 108 Documenting Modules with Puppet Strings 108 Installing the Tagmail Report Processor 109 Querying PuppetDB 109 Preparing for the Upgrade 109 Validating Variable Names 109 Quoting Strings 110 Preventing Numeric Assignment 110 Testing Boolean Facts 112 Qualifying Defined Types 112 Adding Declarative Permissions 113 Removing Cron Purge 114 Replacing MSI Package Provider 114 Adjusting Networking Facts 114 Testing with the Future Parser 115 Using Directory Environments 115 Duplicating a Master or Node 116 Enhancing Older Manifests 116 vi | Table of Contents Adding else to unless 116 Calling Functions in Strings 116 Matching String Regexps 117 Letting Expressions Stand Alone 117 Chaining Assignments 118 Chaining Expressions with a Semicolon 118 Using Hash and Array Literals 118 Configuring Error Reporting 119 9. Wrap-Up of Puppet Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 Best Practices for Writing Manifests 122 Learning More About Puppet Manifests 122 Part II. Creating Puppet Modules 10. Creating a Test Environment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 Verifying the Production Environment 125 Creating the Test Environment 125 Changing the Base Module Path 126 Skipping Ahead 126 11. Separating Data from Code. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 Introducing Hiera 127 Creating Hiera Backends 128 Hiera Data in YAML 128 Hiera Data in JSON 129 Puppet Variable and Function Lookup 130 Configuring Hiera 130 Backends 131 Backend Configuration 131 Logger 131 Hierarchy 132 Merge Strategy 133 Complete Example 134 Looking Up Hiera Data 134 Checking Hiera Values from the Command Line 135 Performing Hiera Lookups in a Manifest 136 Testing Merge Strategy 136 Providing Global Data 139 Table of Contents | vii 12. Using Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Finding Modules 141 Puppet Forge 141 Public GitHub Repositories 142 Internal Repositories 143 Evaluating Module Quality 143 Puppet Supported 144 Puppet Approved 144 Quality Score 145 Community Rating 148 Installing Modules 149 Installing from a Puppet Forge 149 Installing from GitHub 150 Testing a Single Module 151 Defining Config with Hiera 152 Assigning Modules to Nodes 153 Using Hiera for Module Assignment 153 Assigning Classes to Every Node 154 Altering the Class List per Node 155 Avoiding Node Assignments in Manifests 155 Upgrading from Puppet 2 or 3 157 Examining a Module 158 Reviewing Modules 159 13. Designing a Custom Module. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 Choosing a Module Name 161 Avoiding Reserved Names 162 Generating a Module Skeleton 162 Modifying the Default Skeleton 163 Understanding Module Structure 164 Installing the Module 164 Creating a Class Manifest 164 What Is a Class? 165 Declaring Class Resources 165 Accepting Input 166 Sharing Files 168 Testing File Synchronization 169 Synchronizing Directories 170 Parsing Templates 171 Common Syntax 171 Using Puppet EPP Templates 172 Using Ruby ERB Templates 175 viii | Table of Contents