| 知乎專欄 | 多維度架構 | 微信號 netkiller-ebook | QQ群:128659835 請註明“讀者” |
http://docs.puppetlabs.com/learning/
default 針對所有節點
node default {
file {
"/tmp/helloworld.txt": content => "hello, world";
}
}
# cat /etc/puppet/manifests/site.pp
node default {
file {
"/tmp/puppettest1.txt":
content => "hello,first puppet manifest";
}
}
指定節點
# cat /etc/puppet/manifests/test.pp
node www {
file { "/var/www/index.html":
source => "/tmp/something",
mode => 666;
}
}
多個節點
node 'www','images' {
...
...
}
http://docs.puppetlabs.com/references/latest/type.html#user
http://docs.puppetlabs.com/references/latest/type.html#group
如果沒有指定name的話就會建立和資源名一樣的用戶名/組名,如果指定了name就以name指定的用戶名/組名為主
用戶組的添加
node 'node1.example.com' {
#為該節點添加一個名字為test的組,並設置組ID為1000,如果不指定name的值,所創建的用戶就為web。
group { "web":
ensure => "present",
gid => 1000,
name => "test";
}
#為該節點添加一個httpd的組,並且設置ID和web一樣
group { "httpd":
ensure => "present",
gid => 1000,
allowdupe => true;
}
#為該節點刪除一個apache的組。
group { "apache":
ensure => "absent",
}
}
用戶組的刪除
node 'node1.example.com' {
#為該節點刪除一個web的組。
group { "web":
ensure => "absent",
}
}
用戶的添加
#創建一個用戶並且密碼為空
user {"svn":
ensure => "present",
shell => "/sbin/nologin";
}
#創建一個www用戶,設置用戶描述為webmaster,shell為bash,
user {"www":
ensure => "present",
comment => "webmaster user",
name => "www",
shell => "/sbin/bash";
}
#創建一個gid為80的用戶組:
group { "www":
ensure => "present",
gid => 80,
}
用戶的刪除
user { "neo":
ensure => "absent",
}
創建用戶並指定密碼
生成密碼
# grub-md5-crypt Password: Retype password: $1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70
user { "www":
ensure => "present",
uid => 80,
gid => 80,
home => "/var/www",
shell => "/bin/bash",
managehome => true,
password => '$1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70';
}
file {"/var/www":
group => 80,
owner => 80,
mode => 700,
ensure => directory;
}
file { "/var/www/my/file":
source => "/path/in/nfs/or/something",
mode => 666;
}
ensure => absent; #absent是檢測檔案是否存在,如果存在則刪除 ensure => present; #present正好相反,如果不存在則創建 ensure => directory; #創建一個目錄的方法 force = > true; #刪除一個目錄必須加上這個參數 source => "PATH"; #指定數據來源 backup => ".backup_$uptime_seconds"; 覆蓋前備份檔案
創建目錄實例
file { "/tmp/cache":
owner => "www",
group => "www",
mode => 700,
ensure => directory;
}
source 表示 agent節點上的目錄
node www {
file { "/var/www":
owner => "nginx",
group => "nginx",
mode => 700,
ensure => directory;
}
file { "/var/www/index.html":
source => "/tmp/something",
mode => 666;
}
}
從master上獲取檔案
fileserver.conf 配置如下
[files] path /var/lib/puppet/files allow *
site.pp配置如下
file { "/tmp/test.txt":
source => "puppet://puppet.example.com/files/test.txt",
}
此處的files為fileserver.conf中定義模組
present, installed 安裝包 absent,pureged 卸載包
# start
package {
"dnsmasq":
ensure => installed;
}
file {
"/etc/resolv.conf":
require => Service["dnsmasq"],
content => "nameserver 127.0.0.1\n";
}
service {
"dnsmasq":
ensure => running,
pattern => "dnsmasq" ,
require => Package["dnsmasq"];
}
# end
package {
"httpd":
ensure => installed; 安裝httpd,或用present也表示安裝
["vim","vsftpd"]:
ensure=>absent; 刪除vim 和vsftpd軟件,使用pureged表示徹底刪除軟件
}
$package_list = [ "screen", "strace", "sudo" ]
package { $package_list: ensure => "installed" }
package { "lamp":
ensure => present,
provider => rpm,
source => "http://192.168.0.1/lamp.rpm";
}
service { 'sshd':
ensure => running,
enable => true,
hasrestart => true,
hasstatus => true,
subscribe => File['/etc/ssh/sshd_config'],
}
exec { "creates file":
cwd => "/tmp", #指定命令執行的目錄。如果目錄不存在,則命令執行失敗。
command => "/bin/echo helloworld > /tmp/hello.txt",
user => "root",
path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"; #命令執行的搜索路徑。如果path沒有被定義,命令需要使用絶對路徑。
}
exec { “/srv/puppet/shell/test.sh”:
cwd => “/srv/puppet”,
timeout => 7200,
logoutput => on_failure,
user => root,
path => ["/sbin", "/usr/sbin", "/usr/local/sbin", "/usr/local/bin", "/usr/bin", "/bin", "/usr/local/java/jre/bin"],
require => File["/srv/puppet/shell/test.sh"]
}