Differences

This shows you the differences between two versions of the page.

--- puppet_dsl [2020/11/20 09:20] – [Creating & Modifying Users] andonovj
+++ puppet_dsl [2020/11/20 10:28] (current) – andonovj
@@ Line 16: / Line 16: @@
   * Resources (e.g. in-build functions & operations: file, user, router, etc, perform individual tasks)
   * Classes (e.g. combination of resources, multiple small operations)
-  * Manifest (e.g. definitions and declarion of puppet classes)
+  * Manifest (e.g. definitions and declarion of puppet classes, very similar to C# Classes)
   * Modules (e.g. collection of files and manifest, example: mysql & jenkins module)
@@ Line 23: / Line 23: @@
 {{ :puppetcodecreation.png?600 |}}
-So let's see that in an example:
+=====Resources=====
+As already explained, Puppet has in-build resources and function, we can describe all in-built resources as so:
-=====Creating & Modifying Users=====
+<Code:bash|List in-build resources>
-To create a user, we will use a simple resource (e.g. function: user, to ensure that it exist)
+[root@puppetmaster demo]# puppet describe --list
+These are the types known to puppet:
+augeas          - Apply a change or an array of changes to the  ...
+cron            - Installs and manages cron jobs
+exec            - Executes external commands
+file            - Manages files, including their content, owner ...
+filebucket      - A repository for storing and retrieving file  ...
+group           - Manage groups
+host            - Installs and manages host entries
+mount           - Manages mounted filesystems, including puttin ...
+notify          - Sends an arbitrary message, specified as a st ...
+package         - Manage packages
+resources       - This is a metatype that can manage other reso ...
+schedule        - Define schedules for Puppet
+scheduled_task  - Installs and manages Windows Scheduled Tasks
+selboolean      - Manages SELinux booleans on systems with SELi ...
+selmodule       - Manages loading and unloading of SELinux poli ...
+service         - Manage running services
+ssh_authorized_key - Manages SSH authorized keys
+sshkey          - Installs and manages ssh host keys
+stage           - A resource type for creating new run stages
+tidy            - Remove unwanted files based on specific crite ...
+user            - Manage users
+whit            - Whits are internal artifacts of Puppet's curr ...
+yumrepo         - The client-side description of a yum reposito ...
+zfs             - Manage zfs
+zone            - Manages Solaris zones
+zpool           - Manage zpools
+[root@puppetmaster demo]#
+</Code>
+Let's discuss some of them here.
+====User====
+To create a user, we will use a simple resource (e.g. function: user, to ensure that it exist)
 <Code:bash|Create user>
@@ Line 39: / Line 73: @@
 Then we can validate the code, for syntax error using the parser:
-<Code:bash|Parse the file>
+<Code:bash|Check syntax>
 --If error exists
 [root@puppetmaster demo]# puppet parser validate demouser.pp
@@ Line 45: / Line 79: @@
 [root@puppetmaster demo]#
--If it no error exists
+-If no error exists
 [root@puppetmaster demo]# puppet parser validate demouser.pp
 [root@puppetmaster demo]#
 </Code>
+We can test if the application of the change will be possible:
+<Code:bash|Test>
+[root@puppetmaster demo]# puppet apply --noop demouser.pp
+Notice: Compiled catalog for puppetmaster.example.com in environment production in 0.03 seconds
+Notice: /Stage[main]/Main/User[julienandonov]/ensure: current_value 'absent', should be 'present' (noop)
+Notice: Class[Main]: Would have triggered 'refresh' from 1 event
+Notice: Stage[main]: Would have triggered 'refresh' from 1 event
+Notice: Applied catalog in 0.01 seconds
+</Code>
+Finally we can apply the change:
+<Code:bash|Apply>
+[root@puppetmaster demo]# puppet apply demouser.pp
+Notice: Compiled catalog for puppetmaster.example.com in environment production in 0.01 seconds
+Notice: /Stage[main]/Main/User[julienandonov]/ensure: created
+Notice: Applied catalog in 0.20 seconds
+[root@puppetmaster demo]#
+</Code>
+We can also see that the user is created on the master server:
+<Code:bash|Check Results>
+[root@puppetmaster demo]# id julienandonov
+uid=1001(julienandonov) gid=1001(julienandonov) groups=1001(julienandonov)
+[root@puppetmaster demo]#
+</Code>
+===Modify===
+What if we want to modify the user, let's say put the UID as 7777 and the shell as /bin/sh. Well, we can use the same file with more attributes:
+<Code:bash|Additional Attributes>
+[root@puppetmaster demo]# vi demouser.pp
+user { "julienandonov":
+  ensure => "present",
+  uid => "7777",                       <- Specified the Uid
+  shell => "/bin/bash",                <- Specified the shell
+}
+:wq
+</Code>
+As before, we can Check, test and apply the patch:
+<Code:bash|Check & Test & Apply the changes>
+--Check Syntax
+[root@puppetmaster demo]# puppet parser validate demouser.pp
+--Perform Dry run
+[root@puppetmaster demo]# puppet apply --noop demouser.pp
+Notice: Compiled catalog for puppetmaster.example.com in environment production in 0.01 seconds
+Notice: /Stage[main]/Main/User[julienandonov]/uid: current_value 1001, should be 7777 (noop)
+Notice: Class[Main]: Would have triggered 'refresh' from 1 event
+Notice: Stage[main]: Would have triggered 'refresh' from 1 event
+Notice: Applied catalog in 0.01 seconds
+--Apply changes
+[root@puppetmaster demo]# puppet apply demouser.pp
+Notice: Compiled catalog for puppetmaster.example.com in environment production in 0.01 seconds
+Notice: /Stage[main]/Main/User[julienandonov]/uid: uid changed 1001 to 7777
+Notice: Applied catalog in 0.07 seconds
+--Verify
+[root@puppetmaster demo]# id julienandonov
+uid=7777(julienandonov) gid=1001(julienandonov) groups=1001(julienandonov)
+[root@puppetmaster demo]#
+</Code>
+====File====
+The File resource is as easy to be used as user. Let's see which attributes are in that resource:
+<Code:bash|Check File Attributes>
+[root@puppetmaster demo]# puppet describe file
+*******************************************************
+Parameters
+----------
+- **owner**
+    The user to whom the file should belong.  Argument can be a user name or
+    auser ID.
+- **group**
+    Which group should own the file.  Argument can be either a group
+    name or a group ID.
+- **ensure**
+    Whether the file should exist, and if so what kind of file it should be.
+    Possible values are `present`, `absent`, `file`, `directory`, and
+    `link`.
+- **mode**
+    The desired permissions mode for the file, in symbolic or numeric
+    notation. This value **must** be specified as a string;
+</Code>
+There are many more, but we will focuse only on these 4.
+So let's create our DSL file:
+<Code:bash|Create DSL File>
+[root@puppetmaster demo]# vi demouser.pp
+user { "julienandonov":
+  ensure => "present",
+  uid => "7777",
+  shell => "/bin/bash",
+}
+:wq
+</Code>
+Now, we can check the syntax, dry run and finally apply the changes:
+<Code:bash|Syntax Check, Dry Run & Apply>
+--Check Syntax
+[root@puppetmaster demo]# puppet parser validate demofile.pp
+--Dry Run
+[root@puppetmaster demo]# puppet apply --noop demofile.pp
+Notice: Compiled catalog for puppetmaster.example.com in environment production in 0.01 seconds
+Notice: /Stage[main]/Main/File[/var/tmp/testfile]/ensure: current_value 'absent', should be 'present' (noop)
+Notice: Class[Main]: Would have triggered 'refresh' from 1 event
+Notice: Stage[main]: Would have triggered 'refresh' from 1 event
+Notice: Applied catalog in 0.02 seconds
+--Apply Changes
+[root@puppetmaster demo]# puppet apply demofile.pp
+Notice: Compiled catalog for puppetmaster.example.com in environment production in 0.01 seconds
+Notice: /Stage[main]/Main/File[/var/tmp/testfile]/ensure: created
+Notice: Applied catalog in 0.01 seconds
+--Verify Results
+[root@puppetmaster demo]# ls -lart /var/tmp/testfile
+-rwxrwxrwx. 1 julienandonov julienandonov 0 Nov 20 05:20 /var/tmp/testfile
+[root@puppetmaster demo]#
+</Code>