book

Puppet Best Practices

by Chris Barbour, Jo Rhett

September 2018

Intermediate to advanced

305 pages

7h 30m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
What Is a Best Practice?Who Should Read This BookWhy We Wrote This BookA Word on Puppet TodayNavigating This BookOnline ResourcesConventions Used in This BookUsing Code ExamplesO’Reilly SafariHow to Contact UsAcknowledgments
1. The Puppet Design Philosophy
Declarative CodeWhat Is Declarative Code, Anyway?Resource Types and ProvidersProcedural ExampleNondeclarative Code with PuppetIdempotencySide EffectsResource-Level IdempotenceRun-Level IdempotenceNondeterministic CodeStatelessBenefits of Stateless DesignSources of State InformationSummary
2. High-Level Code and Data Design
Code and Data OrganizationCode and Data CategoriesTypes of Code LogicExamples of Logic TypesMapping Data Types to Puppet Use CasesApplication Logic and Puppet ModulesBusiness Logic Should Not Be Written into Component ModulesBusiness Logic with Roles and ProfilesBusiness, Service, Site, Node, and Application DataHiera Data SourcesNode ClassificationSummary
3. Coding Practices
The Style GuideCoding PrinciplesKISS: Keep It SimpleThe Single Responsibility PrincipleSeparation of ConcernsInterface-Driven DesignDRY: Don’t Repeat YourselfDon’t Reinvent the WheelCode PracticesBalance of Resources Versus LogicBalance of Code Versus DataConditional LogicIterationGenerating ListsVariablesVariable NamingReferencing VariablesOther Variable Use CasesTrusted VariablesOrder of Assignment for Top-Level VariablesAssignment with SelectorsAttribute Values Chosen by Conditional EvaluationVariable InheritanceStrict VariablesFunction CallsAlways Use ParenthesesFunctions for Logging and DebuggingString Manipulation FunctionsPath ManipulationInput Validation FunctionsCatalog TestsData TransformationTemplatesERB TemplatesEPP TemplatesEPP Versus ERBOther Language FeaturesSummary
4. Puppet Module Design
The Puppet Development KitInstalling the Puppet AgentUsing the Ruby that Comes Bundled with PuppetInstalling the Puppet Development KitFavor Editors or IDEs with Puppet PluginsUsing Vendor-Provided or Community ModulesPicking Good ModulesModule ChecklistModule Applicability to Your NeedsContributing ModulesDesigning Modules WellMake Use of Module StructureKeep the Module FocusedDesign Modules for Public ConsumptionPlanning and Scoping Your ModuleBasic Module LayoutThe Module’s Main ClassModule ParametersInput ValidationData in the ModuleThe params.pp PatternHiera Data in ModulesModularizing ClassesDependenciesClass RelationshipsClass ContainmentInterfacing with ClassesReusing Defined TypesProviding Clean Service Interfaces with Defined TypesSimplify Complex Operations with a Defined TypeInteracting with Other Resouces in the ModuleCreating Useful DocumentationREADME, REFERENCE, and Other MarkdownREFERENCE MarkdownSummary
5. Resources
Using Resources to Implement ChangeResource Types Abstract Implementation DetailsUse the Most Specific Resource TypeExamining a Naked ResourceExploring Resources with ToolsResource DeclarationEnsure statesUse Variables for Data-Driven DeclarationUse Arrays for Similar ResourcesUsing Automatic Resource Relationships for Clean CodeResource Declaration by FunctionsResources MetatypesResource MetaparametersAvoid Parse-Order Problems by Using Virtual ResourcesExporting ResourcesOverriding and Modifying Declared ResourcesResource Default StatementsResource ChainingResource CollectorsResource Best PracticesCustom Resource TypesUseful Defined TypesSummary
6. Hiera Data
Separating Code and DataGlobal, Environment, and Module DataHiera BackendsDesigning the Hiera HierarchyVariable InterpolationDesign GuidelinesUseful Hierarchy LevelsEliminating DataAccessing HieraAutomatic Parameter LookupsHiera Function CallsConverting Serialized Hiera Data into Resource DeclarationsInterpolation in Your DataThe Built-In BackendsYAMLJSONHOCONeYAMLCustom Hiera BackendsDatabase and NoSQL EnginesService Discovery BackendsEncrypted Key/Value StorageSummary
7. Roles and Profiles
RolesCreating Readable RolesDesign Roles for a Singular Use CaseProvide the Role for Use in Data LookupsProfilesA Sample Service ProfileProviding Actionable Data in Profile ParametersImplementing Business Logic in ProfilesDefining Module Relationships in ProfilesCreating Metaprofiles to Group ConfigurationsDesigning an Appropriate Profile StructureTesting Roles and ProfilesValidating Profiles by Using Unit TestsConfirming Profile Implementation with Acceptance TestsSummary
8. Node Classification
What Data Should the Node Classifier Provide?Roles and ProfilesNode-Specific DataNode StatementsNode Statement MatchingReplacing Node InheritanceNode Parameters Within Node BlocksFact-Based ClassificationFact-Based Role AssignmentSecurity and Fact-Selected Roles or ProfilesFact-Based Hiera ClassificationNode Parameters with Hiera ClassificationAvoiding Node Data in ManifestsServerless ClassificationENCsWhat Data Can an ENC Provide?Puppet Management ConsolesInventory and Infrastructure Management ENCsSummary
9. Release Engineering and r10k
Puppet Environments in DepthPuppet Directory EnvironmentsSelectable Blocks for Catalog BuildingEnvironment ConfigurationEnvironment Independence and IsolationDeploying with r10kWhat Does r10k Actually Do?The Control RepositoryControl Repository Branch Contentsr10k Configuration FilePuppetfiler10k Deployment WalkthroughUses for r10kBuild Development EnvironmentsSimplifying Acceptance TestingImplement Continuous Integration, Delivery, and DeploymentDeploy Production EnvironmentsBuild and PackageRelease Management Strategies with r10kStage/Production BranchesSingle Branch (GitHub Flow)GitFlowInvoking r10kPuppet Prerun CommandDeploying on Receipt of a WebHookOrchestrating Deployments with MCollective/ChoriaInvoking r10k in Testing FrameworksCombining Multiple Invocation MethodsMigrating to r10kRepository-per-Module BenefitsConfiguring an Environment in the Control RepositoryEnabling Monolithic and Per-module Hybrid DeploymentMoving Modules to their Own RepositoriesPlacing Roles and Profiles in the site/ Module DirectoryRemove Fully Qualified PathsMoving Shared Tools to Their Own RepositoryImplementing Test CasesBest Practices for Puppet DeploymentsUsing Repository Access Control to Enforce Deployment PolicyEnabling Multiteam CoordinationPinning Module VersionsIsolating Puppet ExtensionsUtilizing Standard Environment Configuration PracticesGit Best PracticesDeployment PracticesSummary

10. Extending Puppet
The Cost of Extending PuppetMinimizing Development CostsReducing Upgrade CostsTestingStatic Code AnalysisUnit TestingAcceptance TestingCreating FactsDistributing Facts in ModulesFacts Puppet Can’t KnowStructured FactsAbusing FactsTrusted Certificate AttributesCustom Types and ProvidersAvoiding Creation of Duplicate TypesCreating a New Resource TypeCustom Resource ProvidersReuse Existing FrameworksCreating Custom Hiera BackendsChoose the Appropriate Backend TypeCreating a High-Performance BackendUsing Puppet’s Public Classes and Method CallsPuppet FacesIndirectionDeploying ExtensionspluginsyncDeploying Gem DependenciesDeploying Ruby Gem Extensions on Puppet ServerSummary
Index

Content preview from Puppet Best Practices

Chapter 4. Puppet Module Design

Puppet modules are self-contained bundles of code and data. A module extends Puppet features with any number of the following optional components:

Manifests written in the Puppet language
Files and templates used by the module
Facts about the node
Parsing and manipulation functions
New resource types
New providers for existing resource types
Module-specific data files or providers
Unit and acceptance tests and test fixtures

This chapter focuses on module manifests containing Puppet language code and their resources: files, templates, metadata, and tests. We cover these additional aspects of module design in the following chapters:

Creation of modules for roles and profiles in Chapter 7
Distribution and deployment of modules in Chapter 9
Extending modules with plugins in Chapter 10

The Puppet Development Kit

This section examines the minimum set of tools necessary for installing, testing, and extending Puppet modules.

Installing the Puppet Agent

It might seem obvious, but Puppet novices often forget the value of installing the Puppet agent on their developer machines. Testing locally with Puppet can catch common errors that would otherwise result in a long push, run, fail, repeat-until-success cycle.

Using the Ruby that Comes Bundled with Puppet

If you’ve been working on Puppet for many years, you probably have configured a wide array of Ruby environment managers for testing your Puppet code. If you are new to all of ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781491922996Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business