puppet apply #2 – pre-requisites

To get started with the example control repo install a puppet client and pull down the control repo.

The control-repo repository that accompanies these blog posts is published here: https://gitlab.com/benprescott-puppetapply/control-repo – so there’s a nice GUI for exploring what’s provided.

Couple of assumptions here;  you’ll need to read the puppet docs if your situation doesn’t match.

  • Open source client. I’m going to derive this from the open source install instructions – Puppet Enterprise distributes its clients from the master.
  • 5.3 client; or instructions, anyway – the repo may provide a later version.  Google returned the instructions for 5.3;  at the time of writing, 5.4, 5.5, and 6.0 were out as well, or a 4.x client will work also.

What will you need?

  • Centos 7. It’s what I have available to prove the instructions with.  If you can get a puppet client onto whatever you have – Ubuntu, Fedora, etc. – then you should be ok from there.
  • An installation you don’t mind being messed around with a little.  My example code will make changes, but I’ll spell out what they are, and none will be intrusive, just cosmetic.
  • Internet access.
  • Root access.  I specify running commands as sudo. If you’re on Centos 7, get your login account into the wheel group.
# check
grep wheel /etc/group
# if your account isn't listed ..
su -
# enter root password!
useradd -a -G wheel myusername
logout

Package repo and agent install

The package repository is needed first. (puppet platform docs)

Also, this ensures the git client is installed as well.

sudo rpm -Uvh https://yum.puppet.com/puppet5/puppet5-release-el-7.noarch.rpm
sudo yum install puppet-agent git

PATH

Puppet gets installed to /opt/puppetlabs, which isn’t in the PATH.

On Centos 7, /etc/profile.d/puppet-agent.sh is installed by the puppet package, and it amends PATH as needed, but it isn’t loaded by sudo.

After installing puppet-agent, you’ll need to start a new shell to update PATH.

control repo

Check out the sample control repo the I’ve put in Gitlab to accompany these blog posts. It doesn’t matter where you check this out; I’m assuming it’s in your home directory, the only place I wouldn’t put it is /tmp or /var/tmp as these get housekept.

git clone https://gitlab.com/benprescott-puppetapply/control-repo.git 

Check what branch you’re on (should be ‘production’).

cd control-repo
git status

For example:

$ git status
# On branch production
nothing to commit, working directory clean

Your working directory

From broadly this point onwards, I will assume your current working directory is the control-repo directory.  You need to be there to run git commands, and in due course, there’s one or more scripts in there that you’ll be running regularly.

My posts will also refer to puppet manifests and yaml within the control-repo directory structure, and I will refer to them with relative path names that assume you’re sitting in the root of control-repo.

Create “local” environment

As noted in the first post, each logical step is presented as a branch. To get started, check out the first branch.

git checkout puppetapply01

To make puppet useful, we need to point it at some code to run.  If you run puppet apply, it’ll sit and wait for you to type some code in (ctrl-c to get out.)

I run puppet apply along side puppet agent (to get instructions from a puppet master) so the approach I take is to use an environment to provide the puppet apply code. Puppet has this capability built in, and using environments becomes second nature if your systems are clients of a puppet master.

The control repo contains a script to link your working copy of control repo into root’s puppet environment directory under /etc

sudo scripts/createlocal.sh

Expect output like this; the first four lines come from the script, and then it uses puppet to create the link.

$ sudo scripts/createlocal.sh
[sudo] password for user: 
ok: running as root
ok: located control-repo in /home/ben/workspace/control-repo
ok: found /opt/puppetlabs/bin/puppet
ok: /etc/puppetlabs/code/environments exists
Notice: Compiled catalog for clientname in environment production in 0.03 seconds
Info: Applying configuration version '1547545272'
Notice: /Stage[main]/Main/File[/etc/puppetlabs/code/environments/local]/ensure: created
Info: Creating state file /opt/puppetlabs/puppet/cache/state/state.yaml
Notice: Applied catalog in 0.04 seconds

And it did:

$ ls -ald /etc/puppetlabs/code/environments/local
lrwxrwxrwx. 1 root root 32 Jan 15 09:41 /etc/puppetlabs/code/environments/local -> /home/ben/workspace/control-repo

puppet apply command line

The script provides an example of using puppet apply with the ‘code’ passed in the command line.

Built in, puppet can manage a bunch of stuff; get a list with

puppet resource --types

Here’s an example of puppet apply without lots of shell substitution.

Note:

  • I’ve split the command over two rows so it’s not hidden on the blog post. The double quotes should cause the shell to expect the second line.
  • This isn’t running via sudo, and it doesn’t need to.  The default Centos 7 sudo behaviour doesn’t preserve PATH and doesn’t load profile.d, so sudo puppet errors with ‘command not found’.
cd /tmp
mkdir foo
touch bar
puppet apply --test -e "file {'/tmp/foo/bar': 
ensure=>link,target=>'/tmp/bar',}"

Expect output like:

Notice: Compiled catalog for clientname in environment production in 0.03 seconds
Info: Applying configuration version '1547545759'
Notice: /Stage[main]/Main/File[/tmp/foo/bar]/ensure: created
Info: Creating state file /home/ben/.puppetlabs/opt/puppet/cache/state/state.yaml
Notice: Applied catalog in 0.36 seconds

Now tidy up.

puppet apply --test -e "file {['/tmp/foo/bar','/tmp/foo','/tmp/bar']: 
ensure=>absent,force=>true,}"

Expect output like:

Notice: Compiled catalog for clientname in environment production in 0.03 seconds
Info: Applying configuration version '1547545890'
Info: /Stage[main]/Main/File[/tmp/foo]: Recursively backing up to filebucket
Info: Computing checksum on file /tmp/foo/bar
Info: /Stage[main]/Main/File[/tmp/foo]: Filebucketed /tmp/foo/bar to puppet with sum d41d8cd98f00b204e9800998ecf8427e
Notice: /Stage[main]/Main/File[/tmp/foo]/ensure: removed
Info: Computing checksum on file /tmp/bar
Info: /Stage[main]/Main/File[/tmp/bar]: Filebucketed /tmp/bar to puppet with sum d41d8cd98f00b204e9800998ecf8427e
Notice: /Stage[main]/Main/File[/tmp/bar]/ensure: removed
Notice: Applied catalog in 0.42 seconds

Note that the output refers to an environment called ‘production’. Use of environments really is baked into how puppet works.

Next

puppet apply #3 – control repo entry point

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s