book

Puppet 4.10 Beginner's Guide - Second Edition

Name: Puppet 4.10 Beginner's Guide - Second Edition
Author: John Arundel
ISBN: 9781787124004

by John Arundel

May 2017

Beginner

268 pages

6h 1m

English

Packt Publishing

Read now

Unlock full access

Puppet Beginner's Guide Second Edition
Table of Contents
Puppet 4.10 Beginner's Guide Second Edition
Credits
About the Author
Acknowledgments
About the Reviewer
www.PacktPub.com
Why subscribe?
Customer Feedback
Preface
What this book covers

What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example codeErrataPiracyQuestions
1. Getting started with Puppet
Why do we need Puppet anyway?Keeping configuration synchronizedRepeating changes across many serversSelf-updating documentationVersion control and historyWhy not just write shell scripts?Why not just use containers?Why not just use serverless?
Configuration management tools
What is Puppet?
Resources and attributesPuppet architectures
Getting ready for Puppet
Installing Git and downloading the repositoryInstalling Virtualbox and VagrantRunning your Vagrant VMAlternative Vagrant VMsAdding Puppet to your pathTroubleshooting Vagrant
Summary
2. Creating your first manifests
Hello, Puppet – your first Puppet manifestUnderstanding the codeModifying existing filesDry-running PuppetHow Puppet applies the manifestCreating a file of your own
Managing packages
How Puppet applies the manifestExerciseQuerying resources with puppet resource
Services
Getting help on resources with puppet describeThe package-file-service patternNotifying a linked resourceResource ordering with require
Summary
3. Managing your Puppet code with Git
What is version control?Tracking changesSharing code
Creating a Git repo
Making your first commitHow often should I commit?Branching
Distributing Puppet manifests
Creating a GitHub account and projectPushing your repo to GitHubCloning the repo
Fetching and applying changes automatically
Writing a manifest to set up regular Puppet runsApplying the run-puppet manifestThe run-puppet scriptTesting automatic Puppet runsManaging multiple nodes
Summary
4. Understanding Puppet resources
FilesThe path attributeManaging whole filesOwnershipPermissionsDirectoriesTrees of filesSymbolic links
Packages
Uninstalling packagesInstalling specific versionsInstalling the latest versionInstalling Ruby gemsInstalling gems in Puppet's contextUsing ensure_packages
Services
The hasstatus attributeThe pattern attributeThe hasrestart and restart attributes
Users
Creating usersThe user resourceThe group resourceManaging SSH keysRemoving users
Cron resources
Attributes of the cron resourceRandomizing cron jobsRemoving cron jobs
Exec resources
Automating manual interactionAttributes of the exec resourceThe user attributeThe onlyif and unless attributesThe refreshonly attributeThe logoutput attributeThe timeout attributeHow not to misuse exec resources
Summary
5. Variables, expressions, and facts
Introducing variablesUsing BooleansInterpolating variables in stringsCreating arraysDeclaring arrays of resourcesUnderstanding hashesSetting resource attributes from a hash
Introducing expressions
Meeting Puppet's comparison operatorsIntroducing regular expressionsUsing conditional expressionsMaking decisions with if statementsChoosing options with case statements
Finding out facts
Using the facts hashRunning the facter commandAccessing hashes of factsReferencing facts in expressionsUsing memory factsDiscovering networking factsProviding external factsCreating executable facts
Iterating over arrays
Using the each functionIterating over hashes
Summary
6. Managing data with Hiera
Why Hiera?Data needs to be maintainedSettings depend on serversOperating systems differThe Hiera way
Setting up Hiera
Adding Hiera data to your Puppet repo
Troubleshooting Hiera
Querying Hiera
Typed lookups
Writing Hiera data
File headerSingle valuesBoolean valuesArraysHashesInterpolation
The hierarchy
Dealing with multiple valuesMerge behaviorsData sources based on factsWhat belongs in Hiera?
Creating resources with Hiera data
Building resources from Hiera arraysBuilding resources from Hiera hashesThe advantages of managing resources with Hiera data
Managing secret data
Setting up GnuPGSetting up hiera-eyaml-gpgCreating an encrypted secretHow Hiera decrypts secretsEditing or adding encrypted secretsDistributing the decryption key
Summary
7. Mastering modules
Using Puppet Forge modulesWhat is the Puppet Forge?Finding the module you needUsing r10kUnderstanding the PuppetfileManaging dependencies with generate-puppetfile
Using modules in your manifests
Using puppetlabs/mysqlUsing puppetlabs/apacheUsing puppet/archive
Exploring the standard library
Safely installing packages with ensure_packagesModifying files in place with file_lineIntroducing some other useful functionsThe pry debugger
Writing your own modules
Creating a repo for your moduleWriting the module codeCreating and validating the module metadataTagging your moduleInstalling your moduleApplying your moduleMore complex modulesUploading modules to the Puppet Forge
Summary
8. Classes, roles, and profiles
ClassesThe class keywordDeclaring parameters to classesAutomatic parameter lookup from Hiera data
Parameter data types
Available data typesRange parametersContent type parametersFlexible data types
Defined resource types
Node definitions, roles, and profiles
NodesRolesProfiles
Summary
9. Managing files with templates
What are templates?The dynamic data problemPuppet template syntax
Using templates in your manifests
Referencing template filesInline templatesTemplate tagsComputations in templatesConditional statements in templates
Iteration in templates
Iterating over Facter dataIterating over structured factsIterating over Hiera dataWorking with templatesPassing parameters to templatesValidating template syntaxRendering templates on the command lineLegacy ERB templates
Summary
10. Controlling containers
Understanding containersThe deployment problemOptions for deploymentIntroducing the containerWhat Docker does for containers
Deployment with Docker
Building Docker containersThe layered filesystemManaging containers with Puppet
Managing Docker with Puppet
Installing DockerRunning a Docker containerStopping a containerRunning multiple instances of a container
Managing Docker images
Building images from DockerfilesManaging Dockerfiles
Building dynamic containers
Configuring containers with templatesSelf-configuring containers
Persistent storage for containers
Host-mounted volumesDocker volumes
Networking and orchestration
Connecting containersContainer orchestrationWhat is orchestration?What orchestration tools are available?
Running Puppet inside containers
Are containers mini-VMs or single processes?Configuring containers with PuppetContainers need Puppet too
Summary
11. Orchestrating cloud resources
Introducing the cloudAutomating cloud provisioningUsing CloudFormationUsing TerraformUsing Puppet
Setting up an Amazon AWS account
Creating an AWS accountCreating an IAM policyCreating an IAM userStoring your AWS credentials
Getting ready to use puppetlabs/aws
Creating a key pairInstalling the puppetlabs/aws moduleInstalling the AWS SDK gem
Creating EC2 instances with Puppet
Choosing an Amazon Machine Image (AMI)Creating the EC2 instanceAccessing your EC2 instanceVPCs, subnets, and security groupsThe ec2_securitygroup resourceThe ec2_instance resource
Managing custom VPCs and subnets
Creating an instance in a custom VPCThe ec2_vpc resourceThe ec2_vpc_internet_gateway resourceThe ec2_vpc_routetable resourceThe ec2_vpc_subnet resourceOther AWS resource types
Provisioning AWS resources from Hiera data
Iterating over Hiera data to create resourcesCleaning up unused resources
Summary
12. Putting it all together
Getting the demo repoCopying the repo
Understanding the demo repo
The control repoModule managementNodesRolesProfilesUsers and access controlSSH configurationSudoers configurationTime zone and clock synchronizationPuppet configuration
The bootstrap process
Adapting the repo for your own use
Configuring usersAdding node definitions and role classesModifying the bootstrap credentials
Bootstrapping a new node
Bootstrapping a Vagrant VMBootstrapping physical or cloud nodesUsing other distributions and providers
Summary
The beginning
Index

Content preview from Puppet 4.10 Beginner's Guide - Second Edition

Managing secret data

Puppet often needs to know your secrets; for example, passwords, private keys, and other credentials need to be configured on the node, and Puppet must have access to this information. The problem is how to make sure that no one else does. If you are checking this data into a Git repo, it will be available to anybody who has access to the repo, and if it's a public GitHub repo, everybody in the world can see it.

Clearly, it's essential to be able to encrypt secret data in such a way that Puppet can decrypt it on individual nodes where it's needed, but it's indecipherable to anybody who does not have the key. The popular GnuPG encryption tool is a good choice for this. It lets you encrypt data using a public key which can be ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781787124004

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Puppet 4.10 Beginner's Guide - Second Edition

by John Arundel

Managing secret data

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.