ProHoster > Блог > Kev tswj hwm > Taw qhia rau Puppet

Taw qhia rau Puppet

Puppet yog ib tug configuration tswj system. Nws yog siv los coj cov tswv rau lub xeev xav tau thiab tuav lub xeev no.

Kuv tau ua haujlwm nrog Puppet tau tshaj li tsib xyoos tam sim no. Cov ntawv no yog qhov tseem ceeb ntawm kev txhais thiab rov muab tso ua ke ntawm cov ntsiab lus tseem ceeb los ntawm cov ntaub ntawv raug cai, uas yuav ua rau cov neeg pib nkag siab sai sai rau lub ntsiab lus ntawm Puppet.

Taw qhia rau Puppet

Cov ncauj lus yooj yim

Puppet's operating system yog tus neeg siv khoom-neeg rau zaub mov, txawm hais tias nws kuj txhawb kev ua haujlwm tsis muaj server nrog kev ua haujlwm tsawg.

Tus qauv rub ntawm kev ua haujlwm yog siv: los ntawm lub neej ntawd, ib zaug ib nrab teev, cov neeg siv khoom hu rau lub server rau kev teeb tsa thiab siv nws. Yog tias koj tau ua haujlwm nrog Ansible, ces lawv siv cov qauv sib txawv: tus thawj coj pib ua cov txheej txheem ntawm kev siv cov kev teeb tsa, cov neeg siv khoom lawv tus kheej yuav tsis siv dab tsi.

Thaum lub sij hawm kev sib txuas lus network, ob txoj kev TLS encryption yog siv: tus neeg rau zaub mov thiab cov neeg siv khoom muaj lawv tus kheej cov yuam sij thiab cov ntawv pov thawj sib xws. Feem ntau cov neeg rau zaub mov teeb meem daim ntawv pov thawj rau cov neeg siv khoom, tab sis hauv txoj cai nws muaj peev xwm siv CA sab nraud.

Taw qhia rau manifestos

Hauv Puppet terminology mus rau puppet server txuas nodes (nodes). Lub configuration rau cov nodes yog sau hauv manifestos hauv ib hom lus tshwj xeeb - Puppet DSL.

Puppet DSL yog ib hom lus tshaj tawm. Nws piav qhia txog lub xeev xav tau ntawm cov node hauv daim ntawv tshaj tawm ntawm tus kheej cov peev txheej, piv txwv li:

  • Cov ntaub ntawv muaj nyob thiab nws muaj cov ntsiab lus tshwj xeeb.
  • Lub pob yog ntsia.
  • Qhov kev pabcuam tau pib.

Cov peev txheej tuaj yeem sib cuam tshuam:

  • Muaj kev vam meej, lawv cuam tshuam rau qhov kev txiav txim uas siv cov peev txheej.
    Piv txwv li, "ua ntej nruab lub pob, tom qab ntawd kho cov ntaub ntawv teeb tsa, ces pib qhov kev pabcuam."
  • Muaj cov ntawv ceeb toom - yog tias cov peev txheej tau hloov pauv, nws xa cov ntawv ceeb toom rau cov peev txheej tau sau npe rau nws.
    Piv txwv li, yog tias cov ntaub ntawv teeb tsa hloov pauv, koj tuaj yeem rov pib qhov kev pabcuam.

Tsis tas li ntawd, Puppet DSL muaj cov haujlwm thiab qhov sib txawv, nrog rau cov lus qhia thiab cov neeg xaiv. Ntau yam qauv qauv kuj tau txais kev txhawb nqa - EPP thiab ERB.

Puppet yog sau nyob rau hauv Ruby, yog li ntau ntawm cov tsim thiab cov ntsiab lus raug coj los ntawm qhov ntawd. Ruby tso cai rau koj kom nthuav dav Puppet - ntxiv cov logic nyuaj, hom tshiab ntawm cov peev txheej, ua haujlwm.

Thaum Puppet tab tom khiav, manifests rau txhua qhov tshwj xeeb ntawm tus neeg rau zaub mov raug muab tso ua ke rau hauv cov npe. Directory yog ib daim ntawv teev cov peev txheej thiab lawv cov kev sib raug zoo tom qab xam tus nqi ntawm kev ua haujlwm, kev hloov pauv thiab nthuav dav ntawm cov nqe lus muaj cai.

Syntax thiab codestyle

Nov yog ntu ntawm cov ntaub ntawv raug cai uas yuav pab koj nkag siab txog cov syntax yog tias cov piv txwv muab tsis txaus:

Nov yog ib qho piv txwv ntawm qhov manifest zoo li:

# Комментарии пишутся, как и много где, после решётки.
#
# Описание конфигурации ноды начинается с ключевого слова node,
# за которым следует селектор ноды — хостнейм (с доменом или без)
# или регулярное выражение для хостнеймов, или ключевое слово default.
#
# После этого в фигурных скобках описывается собственно конфигурация ноды.
#
# Одна и та же нода может попасть под несколько селекторов. Про приоритет
# селекторов написано в статье про синтаксис описания нод.
node 'hostname', 'f.q.d.n', /regexp/ {
  # Конфигурация по сути является перечислением ресурсов и их параметров.
  #
  # У каждого ресурса есть тип и название.
  #
  # Внимание: не может быть двух ресурсов одного типа с одинаковыми названиями!
  #
  # Описание ресурса начинается с его типа. Тип пишется в нижнем регистре.
  # Про разные типы ресурсов написано ниже.
  #
  # После типа в фигурных скобках пишется название ресурса, потом двоеточие,
  # дальше идёт опциональное перечисление параметров ресурса и их значений.
  # Значения параметров указываются через т.н. hash rocket (=>).
  resource { 'title':
    param1 => value1,
    param2 => value2,
    param3 => value3,
  }
}

Indentation thiab kab so tsis yog ib feem ntawm qhov manifest, tab sis muaj kev pom zoo phau ntawv qhia kev. Cov ntsiab lus:

  • Ob qhov chaw indents, tabs tsis siv.
  • Curly braces yog sib cais los ntawm qhov chaw; colons tsis sib cais los ntawm qhov chaw.
  • Commas tom qab txhua qhov ntsuas, suav nrog qhov kawg. Txhua qhov parameter yog nyob ntawm ib kab sib cais. Ib qho kev zam yog tsim rau cov ntaub ntawv tsis muaj qhov tsis muaj thiab ib qho kev txwv: koj tuaj yeem sau rau ntawm ib kab thiab tsis muaj comma (piv txwv li. resource { 'title': } и resource { 'title': param => value }).
  • Cov xub ntawm qhov ntsuas yuav tsum nyob rau tib theem.
  • Cov xib xub kev sib raug zoo yog sau rau pem hauv ntej ntawm lawv.

Qhov chaw ntawm cov ntaub ntawv ntawm pappetserver

Rau kev piav qhia ntxiv, kuv yuav qhia lub tswv yim ntawm "hauv paus directory". Lub hauv paus directory yog cov directory uas muaj cov Puppet configuration rau ib tug tshwj xeeb node.

Lub hauv paus directory txawv nyob ntawm seb lub version ntawm Puppet thiab ib puag ncig siv. Ib puag ncig yog kev ywj pheej ntawm kev teeb tsa uas tau muab khaws cia rau hauv cov npe sib cais. Feem ntau siv ua ke nrog git, nyob rau hauv cov ntaub ntawv ib puag ncig yog tsim los ntawm git ceg. Raws li, txhua qhov ntawm qhov chaw nyob hauv ib puag ncig lossis lwm qhov. Qhov no tuaj yeem teeb tsa ntawm lub node nws tus kheej, lossis hauv ENC, uas kuv yuav tham txog hauv tsab xov xwm tom ntej.

  • Nyob rau hauv peb version ("laus Puppet") lub hauv paus directory yog /etc/puppet. Kev siv ib puag ncig yog xaiv tau - piv txwv li, peb tsis siv nrog cov Puppet qub. Yog tias ib puag ncig siv, lawv feem ntau khaws cia rau hauv /etc/puppet/environments, lub hauv paus directory yuav yog ib puag ncig directory. Yog hais tias ib puag ncig tsis siv, lub hauv paus directory yuav yog lub hauv paus directory.
  • Pib los ntawm lub thib plaub version ("Puppet tshiab"), kev siv ntawm ib puag ncig los ua yuav tsum tau, thiab lub hauv paus directory tau tsiv mus rau /etc/puppetlabs/code. Raws li, ib puag ncig yog khaws cia rau hauv /etc/puppetlabs/code/environments, hauv paus directory yog ib puag ncig directory.

Yuav tsum muaj subdirectory hauv paus directory manifests, uas muaj ib los yog ntau tshaj manifests piav txog cov nodes. Tsis tas li ntawd, yuav tsum muaj subdirectory modules, uas muaj cov modules. Kuv mam li qhia rau koj seb cov modules tom qab me ntsis. Tsis tas li ntawd, tus Puppet qub kuj tseem muaj cov npe subdirectory files, uas muaj ntau yam ntaub ntawv uas peb luam rau cov nodes. Hauv Puppet tshiab, tag nrho cov ntaub ntawv tau muab tso rau hauv modules.

Manifest cov ntaub ntawv muaj qhov txuas ntxiv .pp.

Ob peb ntawm kev sib ntaus sib tua piv txwv

Kev piav qhia ntawm node thiab cov peev txheej ntawm nws

Ntawm node server1.testdomain ib cov ntaub ntawv yuav tsum tau tsim /etc/issue nrog cov ntsiab lus Debian GNU/Linux n l. Cov ntaub ntawv yuav tsum yog los ntawm ib tus neeg siv thiab pab pawg root, cov cai nkag yuav tsum yog 644.

Peb sau ib qho manifesto:

node 'server1.testdomain' {   # блок конфигурации, относящийся к ноде server1.testdomain
    file { '/etc/issue':   # описываем файл /etc/issue
        ensure  => present,   # этот файл должен существовать
        content => 'Debian GNU/Linux n l',   # у него должно быть такое содержимое
        owner   => root,   # пользователь-владелец
        group   => root,   # группа-владелец
        mode    => '0644',   # права на файл. Они заданы в виде строки (в кавычках), потому что иначе число с 0 в начале будет воспринято как записанное в восьмеричной системе, и всё пойдёт не так, как задумано
    }
}

Kev sib raug zoo ntawm cov peev txheej ntawm lub node

Ntawm node server2.testdomain nginx yuav tsum tau ua haujlwm, ua haujlwm nrog kev npaj ua ntej.

Cia peb decompose qhov teeb meem:

  • Lub pob yuav tsum tau nruab nginx.
  • Nws yog ib qho tsim nyog uas cov ntaub ntawv teeb tsa yuav tsum tau theej los ntawm lub server.
  • Qhov kev pabcuam yuav tsum tau ua haujlwm nginx.
  • Yog tias qhov kev teeb tsa tau hloov kho, qhov kev pabcuam yuav tsum tau rov pib dua.

Peb sau ib qho manifesto:

node 'server2.testdomain' {   # блок конфигурации, относящийся к ноде server2.testdomain
    package { 'nginx':   # описываем пакет nginx
        ensure => installed,   # он должен быть установлен
    }
  # Прямая стрелка (->) говорит о том, что ресурс ниже должен
  # создаваться после ресурса, описанного выше.
  # Такие зависимости транзитивны.
    -> file { '/etc/nginx':   # описываем файл /etc/nginx
        ensure  => directory,   # это должна быть директория
        source  => 'puppet:///modules/example/nginx-conf',   # её содержимое нужно брать с паппет-сервера по указанному адресу
        recurse => true,   # копировать файлы рекурсивно
        purge   => true,   # нужно удалять лишние файлы (те, которых нет в источнике)
        force   => true,   # удалять лишние директории
    }
  # Волнистая стрелка (~>) говорит о том, что ресурс ниже должен
  # подписаться на изменения ресурса, описанного выше.
  # Волнистая стрелка включает в себя прямую (->).
    ~> service { 'nginx':   # описываем сервис nginx
        ensure => running,   # он должен быть запущен
        enable => true,   # его нужно запускать автоматически при старте системы
    }
  # Когда ресурс типа service получает уведомление,
  # соответствующий сервис перезапускается.
}

Txhawm rau ua qhov no, koj xav tau kwv yees li cov ntaub ntawv hauv qab no ntawm tus neeg rau zaub mov puppet:

/etc/puppetlabs/code/environments/production/ # (это для нового Паппета, для старого корневой директорией будет /etc/puppet)
├── manifests/
│   └── site.pp
└── modules/
    └── example/
        └── files/
            └── nginx-conf/
                ├── nginx.conf
                ├── mime.types
                └── conf.d/
                    └── some.conf

Hom kev pab

Ib daim ntawv teev tag nrho ntawm hom kev txhawb nqa tuaj yeem pom ntawm no hauv cov ntaub ntawv, ntawm no kuv yuav piav qhia tsib yam yooj yim, uas hauv kuv qhov kev coj ua txaus los daws cov teeb meem feem ntau.

cov ntaub ntawv

Tswj cov ntaub ntawv, phau ntawv teev npe, symlinks, lawv cov ntsiab lus, thiab cov cai nkag.

Cov Txwv:

  • npe ntaub ntawv - txoj kev mus rau cov ntaub ntawv (yeem)
  • Txoj kev - txoj kev mus rau cov ntaub ntawv (yog tias nws tsis tau teev nyob rau hauv lub npe)
  • xyuas kom meej - hom ntaub ntawv:
    • absent - rho tawm ib cov ntaub ntawv
    • present - yuav tsum muaj cov ntaub ntawv ntawm txhua hom (yog tias tsis muaj cov ntaub ntawv, cov ntaub ntawv tsis tu ncua yuav raug tsim)
    • file - cov ntaub ntawv tsis tu ncua
    • directory - directory
    • link - symlink
  • cov ntsiab lus - Cov ntsiab lus ntawm cov ntaub ntawv (tsuas yog tsim nyog rau cov ntaub ntawv ib txwm muaj, tsis tuaj yeem siv ua ke nrog qhov chaw los yog lub hom phiaj)
  • qhov chaw - qhov txuas mus rau txoj hauv kev uas koj xav luam cov ntsiab lus ntawm cov ntaub ntawv (tsis tuaj yeem siv ua ke nrog cov ntsiab lus los yog lub hom phiaj). Nws tuaj yeem raug teev raws li ib qho URI nrog lub tswv yim puppet: (tom qab ntawd cov ntaub ntawv los ntawm cov neeg siv puppet yuav raug siv), thiab nrog rau cov tswv yim http: (Kuv vam tias nws paub meej tias yuav muaj dab tsi tshwm sim hauv qhov no), thiab txawm tias nrog daim duab file: los yog raws li txoj hauv kev tsis muaj schema (ces cov ntaub ntawv los ntawm FS hauv zos ntawm cov node yuav raug siv)
  • lub hom phiaj - qhov twg lub symlink yuav tsum taw tes (tsis tuaj yeem siv ua ke nrog cov ntsiab lus los yog qhov chaw)
  • tswv - tus neeg siv uas yuav tsum muaj cov ntaub ntawv
  • pab pawg neeg - pab pawg uas cov ntaub ntawv yuav tsum muaj
  • hom - cov ntaub ntawv tso cai (raws li txoj hlua)
  • tus saib xyuas neeg mob - enables recursive directory ua
  • ntxuav tawm - pab kom tshem tawm cov ntaub ntawv uas tsis tau piav qhia hauv Puppet
  • quab yuam - tso cai rau rho tawm cov npe uas tsis tau piav qhia hauv Puppet

pob

Nruab thiab tshem tawm cov pob. Muaj peev xwm lis cov ntawv ceeb toom - rov nruab lub pob yog tias qhov ntsuas tau teev tseg reinstall_on_refresh.

Cov Txwv:

  • npe ntaub ntawv - pob lub npe (yeem)
  • lub npe - pob lub npe (yog tias tsis tau teev nyob rau hauv lub npe)
  • mob - tus thawj tswj pob siv
  • xyuas kom meej - xav tau lub xeev ntawm pob:
    • present, installed - ib qho version ntsia
    • latest - qhov tseeb version ntsia
    • absent - deleted (apt-get remove)
    • purged - deleted nrog rau cov ntaub ntawv configuration (apt-get purge)
    • held - pob version raug kaw (apt-mark hold)
    • любая другая строка - cov ntawv teev npe yog ntsia
  • reinstall_on_refresh - yog a true, tom qab tau txais daim ntawv ceeb toom lub pob yuav rov nruab. Muaj txiaj ntsig zoo rau kev faib khoom raws li qhov chaw, qhov uas yuav tsim cov pob ntawv rov tsim dua tshiab yuav tsim nyog thaum hloov cov qauv tsim. Default false.

kev pab cuam

Tswj cov kev pabcuam. Muaj peev xwm ua cov ntawv ceeb toom - rov pib qhov kev pabcuam.

Cov Txwv:

  • npe ntaub ntawv - kev pabcuam yuav tsum tau tswj (yeem)
  • lub npe - qhov kev pabcuam uas yuav tsum tau tswj hwm (yog tias tsis tau teev tseg hauv lub npe)
  • xyuas kom meej - lub xeev xav tau ntawm kev pabcuam:
    • running - tso tawm
    • stopped - nres
  • pab kom - tswj lub peev xwm los pib qhov kev pabcuam:
    • true - autorun yog enabled (systemctl enable)
    • mask - disguised (systemctl mask)
    • false - autorun yog neeg xiam (systemctl disable)
  • pib dua - hais kom rov pib qhov kev pabcuam
  • raws li txoj cai - hais kom kuaj xyuas kev pabcuam
  • rov pib dua - qhia seb qhov kev pabcuam initscript txhawb rov pib dua. Yog false thiab cov parameter tau teev tseg pib dua - tus nqi ntawm no parameter yog siv. Yog false thiab parameter pib dua tsis tau teev - qhov kev pabcuam raug tso tseg thiab pib rov pib dua (tab sis systemd siv cov lus txib systemctl restart).
  • hasstatus - qhia seb qhov kev pabcuam initscript txhawb cov lus txib status. yog hais tias false, ces tus nqi parameter yog siv raws li txoj cai. Default true.

exec

Khiav cov lus txib sab nraud. Yog hais tias koj tsis qhia parameters tsim, tsuas yog, tshwj tsis yog tias los yog refreshonly, cov lus txib yuav khiav txhua zaus Puppet khiav. Muaj peev xwm ua cov ntawv ceeb toom - khiav cov lus txib.

Cov Txwv:

  • npe ntaub ntawv - hais kom ua (yeem)
  • hais kom ua - cov lus txib yuav tsum tau ua (yog tias nws tsis tau teev nyob rau hauv lub npe)
  • Txoj kev - txoj hauv kev uas yuav nrhiav tau cov ntaub ntawv executable
  • tsuas yog - yog tias cov lus txib tau teev tseg hauv qhov ntsuas no ua tiav nrog xoom rov qab code, cov lus txib tseem ceeb yuav raug tua
  • tshwj tsis yog tias - yog tias cov lus txib tau teev tseg hauv qhov ntsuas no ua tiav nrog qhov tsis yog xoom xa rov qab, cov lus txib tseem ceeb yuav raug tua
  • tsim - yog tias cov ntaub ntawv teev tseg hauv qhov ntsuas no tsis muaj, cov lus txib tseem ceeb yuav raug tua
  • refreshonly - yog a true, tom qab ntawd cov lus txib yuav tsuas yog khiav thaum tus exec no tau txais kev ceeb toom los ntawm lwm yam kev pab
  • cwd ua - directory los ntawm kev khiav cov lus txib
  • cov neeg siv - tus neeg siv los ntawm leej twg los khiav cov lus txib
  • mob - Yuav ua li cas khiav qhov hais kom ua:
    • posix - tus txheej txheem me nyuam tsuas yog tsim, nco ntsoov qhia Txoj kev
    • plhaub - cov lus txib yog launched nyob rau hauv lub plhaub /bin/sh, tej zaum yuav tsis qhia Txoj kev, koj tuaj yeem siv globbing, kav dej thiab lwm yam plhaub nta. Feem ntau kuaj pom tau yog tias muaj cov cim tshwj xeeb (|, ;, &&, || thiab lwm yam).

cron

Tswj cronjobs.

Cov Txwv:

  • npe ntaub ntawv - Tsuas yog qee yam ntawm tus cim
  • xyuas kom meej - crownjob xeev:
    • present - tsim yog tias tsis muaj
    • absent - rho tawm yog tias muaj
  • hais kom ua - dab tsi hais kom ua
  • ib puag ncig - nyob rau hauv uas ib puag ncig los khiav cov lus txib (cov npe ntawm ib puag ncig hloov pauv thiab lawv cov txiaj ntsig ntawm =)
  • cov neeg siv - los ntawm tus neeg siv los khiav cov lus txib
  • feeb, teev, weekday, lub hli, hnub hli - thaum yuav khiav cron. Yog tias ib qho ntawm cov cwj pwm no tsis tau teev tseg, nws tus nqi hauv crontab yuav yog *.

Hauv Puppet 6.0 cron uas yog tshem tawm ntawm lub thawv nyob rau hauv puppetserver, yog li tsis muaj cov ntaub ntawv ntawm lub vev xaib dav dav. Tab sis nws yog nyob rau hauv lub thawv nyob rau hauv puppet-tus neeg saib xyuas, yog li tsis tas yuav nruab nws cais. Koj tuaj yeem pom cov ntaub ntawv rau nws nyob rau hauv cov ntaub ntawv rau lub thib tsib version ntawm Puppet, lossis ntawm GitHub.

Hais txog cov peev txheej dav dav

Cov kev xav tau rau cov peev txheej tshwj xeeb

Qhov yuam kev tshaj plaws uas peb ntsib yog Daim ntawv tshaj tawm. Qhov kev ua yuam kev no tshwm sim thaum ob lossis ntau qhov kev pabcuam ntawm tib hom nrog tib lub npe tshwm hauv phau ntawv.

Yog li ntawd, kuv yuav sau dua: manifests rau tib lub node yuav tsum tsis txhob muaj peev xwm ntawm tib hom nrog tib lub npe!

Qee lub sij hawm yuav tsum tau nruab cov pob khoom nrog tib lub npe, tab sis nrog cov tswj hwm pob sib txawv. Hauv qhov no, koj yuav tsum siv qhov ntsuas namekom zam qhov yuam kev:

package { 'ruby-mysql':
  ensure   => installed,
  name     => 'mysql',
  provider => 'gem',
}
package { 'python-mysql':
  ensure   => installed,
  name     => 'mysql',
  provider => 'pip',
}

Lwm hom peev txheej muaj cov kev xaiv zoo sib xws los pab kom tsis txhob muaj kev sib tw − name у kev pab cuam, command у exec, thiab lwm yam.

Metaparameters

Txhua hom kev pab muaj qee qhov tshwj xeeb, tsis hais nws qhov xwm txheej.

Daim ntawv teev tag nrho ntawm meta tsis nyob rau hauv cov ntaub ntawv Puppet.

Cov npe luv:

  • yuav tsum tau - qhov kev ntsuas no qhia tias cov peev txheej twg cov peev txheej no nyob ntawm.
  • ua ntej - Qhov kev ntsuas no qhia txog cov peev txheej twg nyob ntawm cov peev txheej no.
  • Sau npe yuav - qhov ntsuas no qhia txog cov peev txheej twg cov peev txheej no tau txais kev ceeb toom.
  • qhia - Qhov kev ntsuas no qhia txog cov peev txheej twg tau txais kev ceeb toom los ntawm cov peev txheej no.

Tag nrho cov npe metaparameters lees txais ib qho kev sib txuas ib leeg lossis ib qho kev sib txuas ntawm cov kab ntawv square.

Txuas rau cov peev txheej

Ib qho kev sib txuas ntawm cov peev txheej tsuas yog hais txog cov peev txheej. Lawv feem ntau yog siv los qhia txog kev vam meej. Kev xa mus rau cov ntaub ntawv tsis muaj nyob yuav ua rau muaj qhov yuam kev.

Lub syntax ntawm qhov txuas yog raws li nram no: hom kev pab cuam nrog ib tug loj tsab ntawv (yog hais tias lub npe hom muaj ob colons, ces txhua feem ntawm lub npe ntawm cov colons yog capitalized), ces cov ntaub ntawv lub npe nyob rau hauv square brackets (cov ntaub ntawv ntawm lub npe. tsis hloov!). Yuav tsum tsis muaj qhov chaw; square brackets raug sau tam sim tom qab hom npe.

Piv Txwv:

file { '/file1': ensure => present }
file { '/file2':
  ensure => directory,
  before => File['/file1'],
}
file { '/file3': ensure => absent }
File['/file1'] -> File['/file3']

Dependencies thiab kev ceeb toom

Cov ntaub ntawv ntawm no.

Raws li tau hais ua ntej, qhov yooj yim dependencies ntawm cov peev txheej yog hloov pauv. Los ntawm txoj kev, ceev faj thaum ntxiv kev vam khom - koj tuaj yeem tsim cov kev vam meej, uas yuav ua rau muaj qhov yuam kev.

Tsis zoo li kev vam meej, cov ntawv ceeb toom tsis hloov pauv. Cov cai hauv qab no siv rau kev ceeb toom:

  • Yog tias cov peev txheej tau txais kev ceeb toom, nws hloov kho. Cov kev hloov kho tshiab yog nyob ntawm hom peev txheej − exec khiav cov lus txib, kev pab cuam restarts qhov kev pab cuam, pob reinstalls lub pob. Yog hais tias cov ntaub ntawv tsis muaj qhov hloov tshiab kev txiav txim, ces tsis muaj dab tsi tshwm sim.
  • Thaum lub sijhawm khiav ntawm Puppet, cov peev txheej tau hloov kho tsis pub ntau tshaj ib zaug. Qhov no yog ua tau vim hais tias cov ntawv ceeb toom muaj xws li dependencies thiab cov dependency graph tsis muaj cycles.
  • Yog tias Puppet hloov lub xeev ntawm cov peev txheej, cov peev txheej xa cov ntawv ceeb toom rau txhua qhov peev txheej tau sau npe rau nws.
  • Yog tias cov peev txheej hloov kho tshiab, nws xa cov ntawv ceeb toom rau txhua qhov peev txheej tau sau npe rau nws.

Kuaj cov tsis tau teev tseg

Raws li txoj cai, yog tias qee qhov peev txheej tsis muaj tus nqi pib thiab qhov ntsuas no tsis tau teev nyob rau hauv qhov tshwm sim, ces Puppet yuav tsis hloov cov cuab yeej no rau cov peev txheej sib thooj ntawm lub node. Piv txwv li, yog ib qho kev pab ntawm hom cov ntaub ntawv parameter tsis teev owner, ces Puppet yuav tsis hloov tus tswv ntawm cov ntaub ntawv sib raug.

Taw qhia rau cov chav kawm, qhov sib txawv thiab cov lus txhais

Piv txwv tias peb muaj ob peb cov nodes uas muaj ib feem ntawm kev teeb tsa, tab sis kuj tseem muaj qhov sib txawv - txwv tsis pub peb tuaj yeem piav qhia tag nrho hauv ib qho thaiv. node {}. Tau kawg, koj tuaj yeem luam qhov zoo ib yam ntawm cov teeb tsa, tab sis feem ntau qhov no yog qhov kev daws teeb meem tsis zoo - qhov kev teeb tsa loj tuaj, thiab yog tias koj hloov qhov dav dav ntawm qhov teeb tsa, koj yuav tau hloov qhov tib yam hauv ntau qhov chaw. Tib lub sijhawm, nws yooj yim ua yuam kev, thiab feem ntau, DRY (tsis txhob rov hais dua koj tus kheej) txoj cai tau tsim los rau qhov laj thawj.

Yuav kom daws tau qhov teeb meem no muaj xws li ib tug tsim xws li класс.

Cov Chav Kawm

Класс yog ib lub npe block ntawm poppet code. Cov chav kawm yuav tsum tau rov siv dua.

Ua ntej chav kawm yuav tsum tau piav qhia. Cov lus piav qhia nws tus kheej tsis ntxiv cov peev txheej nyob qhov twg. Cov chav kawm tau piav qhia hauv manifests:

# Описание класса начинается с ключевого слова class и его названия.
# Дальше идёт тело класса в фигурных скобках.
class example_class {
    ...
}

Tom qab no cov chav kawm yuav siv tau:

# первый вариант использования — в стиле ресурса с типом class
class { 'example_class': }
# второй вариант использования — с помощью функции include
include example_class
# про отличие этих двух вариантов будет рассказано дальше

Ib qho piv txwv los ntawm txoj haujlwm dhau los - cia peb txav lub installation thiab teeb tsa ntawm nginx rau hauv chav kawm:

class nginx_example {
    package { 'nginx':
        ensure => installed,
    }
    -> file { '/etc/nginx':
        ensure => directory,
        source => 'puppet:///modules/example/nginx-conf',
        recure => true,
        purge  => true,
        force  => true,
    }
    ~> service { 'nginx':
        ensure => running,
        enable => true,
    }
}

node 'server2.testdomain' {
    include nginx_example
}

Hloov pauv

Cov chav kawm los ntawm qhov piv txwv yav dhau los tsis hloov pauv txhua yam vim nws ib txwm coj tib lub nginx teeb tsa. Cia peb ua txoj hauv kev mus rau qhov hloov pauv hloov pauv, tom qab ntawd cov chav kawm no tuaj yeem siv los nruab nginx nrog txhua qhov kev teeb tsa.

Nws tuaj yeem ua tiav siv cov kev hloov pauv.

Ceeb Toom: Cov kev hloov pauv hauv Puppet yog qhov hloov tsis tau!

Tsis tas li ntawd, qhov sib txawv tsuas tuaj yeem nkag tau tom qab nws tau tshaj tawm, txwv tsis pub tus nqi ntawm qhov sib txawv yuav yog undef.

Piv txwv ntawm kev ua haujlwm nrog cov hloov pauv:

# создание переменных
$variable = 'value'
$var2 = 1
$var3 = true
$var4 = undef
# использование переменных
$var5 = $var6
file { '/tmp/text': content => $variable }
# интерполяция переменных — раскрытие значения переменных в строках. Работает только в двойных кавычках!
$var6 = "Variable with name variable has value ${variable}"

Puppet muaj cov npe, thiab cov variables, raws li, muaj thaj tsam ntawm kev pom: Ib qho sib txawv nrog tib lub npe tuaj yeem txhais tau hauv cov npe sib txawv. Thaum kho tus nqi ntawm qhov sib txawv, qhov sib txawv yog tshawb hauv lub npe tam sim no, tom qab ntawd nyob rau hauv lub npe qhov chaw, thiab lwm yam.

Namespace piv txwv:

  • thoob ntiaj teb - cov hloov pauv sab nraud ntawm chav kawm lossis cov lus piav qhia node mus rau ntawd;
  • node namespace nyob rau hauv cov lus piav qhia ntawm node;
  • class namespace nyob rau hauv chav kawm piav qhia.

Txhawm rau kom tsis txhob muaj qhov tsis meej pem thaum nkag mus rau qhov sib txawv, koj tuaj yeem qhia qhov chaw nyob hauv lub npe sib txawv:

# переменная без пространства имён
$var
# переменная в глобальном пространстве имён
$::var
# переменная в пространстве имён класса
$classname::var
$::classname::var

Cia peb pom zoo tias txoj hauv kev mus rau nginx teeb tsa nyob hauv qhov sib txawv $nginx_conf_source. Ces chav kawm yuav zoo li no:

class nginx_example {
    package { 'nginx':
        ensure => installed,
    }
    -> file { '/etc/nginx':
        ensure => directory,
        source => $nginx_conf_source,   # здесь используем переменную вместо фиксированной строки
        recure => true,
        purge  => true,
        force  => true,
    }
    ~> service { 'nginx':
        ensure => running,
        enable => true,
    }
}

node 'server2.testdomain' {
    $nginx_conf_source = 'puppet:///modules/example/nginx-conf'
    include nginx_example
}

Txawm li cas los xij, qhov piv txwv tsis zoo vim tias muaj qee qhov "kev paub zais cia" uas qhov chaw hauv chav kawm muaj qhov sib txawv nrog xws li thiab siv lub npe. Nws yog qhov tseeb ntau dua los ua qhov kev paub dav dav - cov chav kawm tuaj yeem muaj qhov ntsuas.

Chav kawm tsis muaj yog variables nyob rau hauv chav kawm namespace, lawv tau teev nyob rau hauv cov chav kawm ntawv header thiab yuav siv tau zoo li ib txwm variables nyob rau hauv lub chav kawm ntawv lub cev. Parameter qhov tseem ceeb tau teev tseg thaum siv cov chav kawm hauv qhov manifest.

Cov parameter tuaj yeem raug teeb tsa rau tus nqi pib. Yog hais tias ib qho parameter tsis muaj tus nqi pib thiab tus nqi tsis tau teeb tsa thaum siv, nws yuav ua rau muaj qhov yuam kev.

Cia peb ntsuas cov chav kawm los ntawm qhov piv txwv saum toj no thiab ntxiv ob qhov tsis muaj: thawj, xav tau, yog txoj hauv kev rau kev teeb tsa, thiab qhov thib ob, xaiv tau, yog lub npe ntawm pob nrog nginx (hauv Debian, piv txwv li, muaj pob khoom. nginx, nginx-light, nginx-full).

# переменные описываются сразу после имени класса в круглых скобках
class nginx_example (
  $conf_source,
  $package_name = 'nginx-light', # параметр со значением по умолчанию
) {
  package { $package_name:
    ensure => installed,
  }
  -> file { '/etc/nginx':
    ensure  => directory,
    source  => $conf_source,
    recurse => true,
    purge   => true,
    force   => true,
  }
  ~> service { 'nginx':
    ensure => running,
    enable => true,
  }
}

node 'server2.testdomain' {
  # если мы хотим задать параметры класса, функция include не подойдёт* — нужно использовать resource-style declaration
  # *на самом деле подойдёт, но про это расскажу в следующей серии. Ключевое слово "Hiera".
  class { 'nginx_example':
    conf_source => 'puppet:///modules/example/nginx-conf',   # задаём параметры класса точно так же, как параметры для других ресурсов
  }
}

Hauv Puppet, cov kev hloov pauv tau ntaus. Noj ntau hom ntaub ntawv. Cov ntaub ntawv hom feem ntau yog siv los ntsuas qhov ntsuas qhov tseem ceeb dhau mus rau cov chav kawm thiab cov lus txhais. Yog hais tias tus pass parameter tsis sib xws li cov hom teev, ib qho yuam kev muab tso ua ke yuav tshwm sim.

Hom yog sau tam sim ua ntej lub npe parameter:

class example (
  String $param1,
  Integer $param2,
  Array $param3,
  Hash $param4,
  Hash[String, String] $param5,
) {
  ...
}

Cov chav kawm: suav nrog chav kawm vs chav kawm {'classname':}

Txhua chav kawm yog ib hom kev pab chav kawm ntawv. Raws li nrog rau lwm yam kev pab, tsis tuaj yeem muaj ob qho piv txwv ntawm tib chav kawm ntawm tib lub node.

Yog tias koj sim ntxiv ib chav rau tib lub node ob zaug siv class { 'classname':} (tsis muaj qhov sib txawv, nrog qhov sib txawv lossis zoo ib yam), yuav muaj qhov yuam kev sib sau ua ke. Tab sis yog tias koj siv cov chav kawm hauv cov peev txheej, koj tuaj yeem teeb tsa tag nrho nws cov kev txwv hauv qhov tshwm sim tam sim ntawd.

Txawm li cas los xij, yog tias koj siv include, ces chav kawm tuaj yeem ntxiv ntau zaus raws li qhov xav tau. Qhov tseeb yog qhov ntawd include yog ib qho kev ua haujlwm tsis txaus ntseeg uas kuaj xyuas seb puas muaj chav kawm ntxiv rau hauv phau ntawv teev npe. Yog tias chav kawm tsis nyob hauv phau ntawv qhia, nws ntxiv nws, thiab yog tias nws twb muaj lawm, nws tsis ua dab tsi. Tab sis thaum siv include Koj tsis tuaj yeem teeb tsa cov chav kawm tsis tau thaum lub sijhawm tshaj tawm hauv chav kawm - txhua qhov kev xav tau yuav tsum tau teeb tsa rau hauv cov ntaub ntawv sab nraud - Hiera lossis ENC. Peb yuav tham txog lawv nyob rau hauv tsab xov xwm tom ntej.

Txhais

Raws li tau hais nyob rau hauv lub block dhau los, tib chav kawm tsis tuaj yeem tshwm sim ntawm lub node ntau dua ib zaug. Txawm li cas los xij, qee zaum koj yuav tsum muaj peev xwm siv tib lub thaiv ntawm cov lej uas muaj qhov sib txawv ntawm tib lub node. Hauv lwm lo lus, muaj kev xav tau rau hom kev pab cuam ntawm nws tus kheej.

Piv txwv li, txhawm rau nruab PHP module, peb ua cov hauv qab no hauv Avito:

  1. Nruab lub pob nrog no module.
  2. Cia peb tsim cov ntaub ntawv teeb tsa rau qhov module no.
  3. Peb tsim ib lub symlink rau config rau php-fpm.
  4. Peb tsim ib lub symlink rau config rau php cli.

Nyob rau hauv xws li mob, ib tug tsim xws li txhais (txhais, txhais hom, txhais hom peev txheej). A Define zoo ib yam li cov chav kawm, tab sis muaj qhov sib txawv: ua ntej, txhua qhov Define yog hom peev txheej, tsis yog cov peev txheej; Thib ob, txhua lub ntsiab lus muaj qhov cuam tshuam tsis zoo $title, qhov twg cov ntaub ntawv npe mus thaum nws tau tshaj tawm. Ib yam li hauv cov chav kawm, cov lus txhais yuav tsum tau piav qhia ua ntej, tom qab ntawd nws tuaj yeem siv tau.

Ib qho piv txwv yooj yim nrog lub module rau PHP:

define php74::module (
  $php_module_name = $title,
  $php_package_name = "php7.4-${title}",
  $version = 'installed',
  $priority = '20',
  $data = "extension=${title}.son",
  $php_module_path = '/etc/php/7.4/mods-available',
) {
  package { $php_package_name:
    ensure          => $version,
    install_options => ['-o', 'DPkg::NoTriggers=true'],  # триггеры дебиановских php-пакетов сами создают симлинки и перезапускают сервис php-fpm - нам это не нужно, так как и симлинками, и сервисом мы управляем с помощью Puppet
  }
  -> file { "${php_module_path}/${php_module_name}.ini":
    ensure  => $ensure,
    content => $data,
  }
  file { "/etc/php/7.4/cli/conf.d/${priority}-${php_module_name}.ini":
    ensure  => link,
    target  => "${php_module_path}/${php_module_name}.ini",
  }
  file { "/etc/php/7.4/fpm/conf.d/${priority}-${php_module_name}.ini":
    ensure  => link,
    target  => "${php_module_path}/${php_module_name}.ini",
  }
}

node server3.testdomain {
  php74::module { 'sqlite3': }
  php74::module { 'amqp': php_package_name => 'php-amqp' }
  php74::module { 'msgpack': priority => '10' }
}

Txoj hauv kev yooj yim tshaj plaws los ntes qhov yuam kev tshaj tawm Duplicate yog hauv Define. Qhov no tshwm sim yog tias lub ntsiab lus muaj cov peev txheej nrog lub npe tas li, thiab muaj ob lossis ntau qhov piv txwv ntawm cov ntsiab lus no ntawm qee qhov.

Nws yooj yim los tiv thaiv koj tus kheej los ntawm qhov no: tag nrho cov peev txheej hauv lub ntsiab lus yuav tsum muaj lub npe nyob ntawm $title. Raws li lwm txoj hauv kev, ntxiv cov peev txheej ideempotently; hauv qhov yooj yim tshaj plaws, nws yog qhov txaus los txav cov peev txheej uas muaj rau txhua qhov xwm txheej ntawm lub ntsiab lus mus rau hauv chav kawm cais thiab suav nrog cov chav kawm no hauv kev txhais - ua haujlwm. include tsis muaj zog.

Muaj lwm txoj hauv kev kom ua tiav idempotency thaum ntxiv cov peev txheej, uas yog siv cov haujlwm defined и ensure_resources, tab sis kuv yuav qhia koj txog nws hauv ntu tom ntej.

Dependencies thiab ceeb toom rau cov chav kawm thiab txhais

Cov chav kawm thiab cov ntsiab lus ntxiv cov cai hauv qab no los tuav cov kev vam meej thiab kev ceeb toom:

  • kev vam khom rau hauv chav kawm/txhais ntxiv kev vam khom rau txhua qhov kev pab ntawm chav kawm/txhais;
  • ib chav kawm/txhais kev vam khom ntxiv kev vam khom rau txhua chav kawm/txhais cov peev txheej;
  • chav kawm/txhais lus ceeb toom ceeb toom tag nrho cov peev txheej ntawm chav kawm/define;
  • class/definition subscription subscribes rau tag nrho cov kev pab ntawm chav kawm/define.

Cov lus qhia thiab cov neeg xaiv

Cov ntaub ntawv ntawm no.

if

Nws yog qhov yooj yim ntawm no:

if ВЫРАЖЕНИЕ1 {
  ...
} elsif ВЫРАЖЕНИЕ2 {
  ...
} else {
  ...
}

tshwj tsis yog tias

tshwj tsis yog yog ib qho yog rov qab: qhov thaiv ntawm cov cai yuav raug tua yog tias qhov kev qhia tsis tseeb.

unless ВЫРАЖЕНИЕ {
  ...
}

cov ntaub ntawv

Tsis muaj dab tsi nyuab ntawm no thiab. Koj tuaj yeem siv cov txiaj ntsig tsis tu ncua (cov hlua, cov lej, thiab lwm yam), cov lus qhia tsis tu ncua, thiab hom ntaub ntawv raws li qhov tseem ceeb.

case ВЫРАЖЕНИЕ {
  ЗНАЧЕНИЕ1: { ... }
  ЗНАЧЕНИЕ2, ЗНАЧЕНИЕ3: { ... }
  default: { ... }
}

Cov xaiv

Lub selector yog hom lus tsim zoo ib yam li case, tab sis es tsis txhob executing ib block ntawm code, nws rov qab ib tug nqi.

$var = $othervar ? { 'val1' => 1, 'val2' => 2, default => 3 }

Cov qauv

Thaum lub configuration me me, nws tuaj yeem yooj yim khaws cia rau hauv ib qho manifest. Tab sis qhov ntau configurations peb piav, ntau cov chav kawm thiab cov nodes muaj nyob rau hauv manifest, nws loj hlob, thiab nws yuav tsis yooj yim mus ua hauj lwm nrog.

Tsis tas li ntawd, muaj teeb meem ntawm kev siv code rov qab - thaum tag nrho cov cai nyob rau hauv ib qho manifest, nws yog ib qho nyuaj rau muab cov cai no rau lwm tus. Txhawm rau daws ob qhov teeb meem no, Puppet muaj qhov chaw hu ua modules.

Cov qauv - Cov no yog cov chav kawm, cov ntsiab lus thiab lwm yam Puppet cov koom haum muab tso rau hauv ib phau ntawv cais. Hauv lwm lo lus, ib qho module yog ib qho kev ywj pheej ntawm Puppet logic. Piv txwv li, tej zaum yuav muaj ib qho module rau kev ua hauj lwm nrog nginx, thiab nws yuav muaj dab tsi thiab tsuas yog dab tsi yuav tsum tau ua hauj lwm nrog nginx, los yog tej zaum yuav muaj ib tug module rau ua hauj lwm nrog PHP, thiab hais txog.

Modules yog versioned, thiab dependencies ntawm modules ntawm ib leeg kuj tau txais kev txhawb nqa. Muaj ib qho qhib repository ntawm modules - Puppet Forge.

Nyob rau hauv lub puppet neeg rau zaub mov, modules nyob rau hauv lub modules subdirectory ntawm lub hauv paus directory. Nyob rau hauv txhua lub module muaj ib tug txheej txheem directory tswvyim - manifests, cov ntaub ntawv, templates, lib, thiab hais txog.

Cov qauv ntaub ntawv hauv ib qho module

Lub hauv paus ntawm module yuav muaj cov npe hauv qab no nrog cov npe piav qhia:

  • manifests - nws muaj manifestos
  • files - nws muaj cov ntaub ntawv
  • templates - nws muaj cov qauv
  • lib - nws muaj Ruby code

Qhov no tsis yog tag nrho cov npe ntawm cov npe thiab cov ntaub ntawv, tab sis nws txaus rau cov ntawv no rau tam sim no.

Cov npe ntawm cov peev txheej thiab cov npe ntawm cov ntaub ntawv hauv module

Cov ntaub ntawv ntawm no.

Cov peev txheej (cov chav kawm, cov ntsiab lus) hauv ib lub module tsis tuaj yeem hu ua yam koj nyiam. Tsis tas li ntawd, muaj kev sib txuas lus ncaj qha ntawm lub npe ntawm cov peev txheej thiab lub npe ntawm cov ntaub ntawv uas Puppet yuav nrhiav cov lus piav qhia ntawm cov peev txheej ntawd. Yog tias koj ua txhaum txoj cai naming, Puppet tsuas yog tsis pom cov ntaub ntawv piav qhia thiab koj yuav tau txais qhov yuam kev sau ua ke.

Cov cai yog yooj yim:

  • Tag nrho cov peev txheej hauv ib lub module yuav tsum yog nyob rau hauv lub module namespace. Yog hu ua module foo, ces tag nrho cov peev txheej hauv nws yuav tsum muaj npe foo::<anything>, los yog xwb foo.
  • Cov peev txheej nrog lub npe ntawm lub module yuav tsum yog nyob rau hauv cov ntaub ntawv init.pp.
  • Rau lwm cov peev txheej, cov txheej txheem npe cov ntaub ntawv yog raws li hauv qab no:
    • lub prefix nrog lub npe module raug muab pov tseg
    • tag nrho ob chav colons, yog tias muaj, raug hloov nrog slashes
    • extension ntxiv .pp

Kuv yuav ua qauv qhia. Wb hais tias kuv tabtom sau ib qho module nginx. Nws muaj cov peev txheej hauv qab no:

  • класс nginx piav nyob rau hauv lub manifest init.pp;
  • класс nginx::service piav nyob rau hauv lub manifest service.pp;
  • txhais nginx::server piav nyob rau hauv lub manifest server.pp;
  • txhais nginx::server::location piav nyob rau hauv lub manifest server/location.pp.

Qauv

Muaj tseeb koj tus kheej paub dab tsi templates yog; Kuv yuav tsis piav qhia hauv no. Tab sis kuv mam li tso nws nyob rau hauv rooj plaub txuas rau Wikipedia.

Yuav siv cov qauv li cas: Lub ntsiab lus ntawm tus qauv tuaj yeem nthuav dav siv cov haujlwm template, uas yog dhau txoj kev mus rau lub template. Rau cov peev txheej ntawm hom cov ntaub ntawv siv ua ke nrog parameter content. Piv txwv li, zoo li no:

file { '/tmp/example': content => template('modulename/templatename.erb')

Saib txoj kev <modulename>/<filename> implies cov ntaub ntawv <rootdir>/modules/<modulename>/templates/<filename>.

Ib qho ntxiv, muaj qhov ua haujlwm inline_template - nws tau txais cov ntawv template raws li kev nkag, tsis yog lub npe ntawm cov ntaub ntawv.

Hauv cov qauv, koj tuaj yeem siv tag nrho cov Puppet hloov pauv hauv qhov tam sim no.

Puppet txhawb cov qauv hauv ERB thiab EPP hom:

Luv luv txog ERB

Tswj cov qauv:

  • <%= ВЫРАЖЕНИЕ %> - ntxig tus nqi ntawm cov lus qhia
  • <% ВЫРАЖЕНИЕ %> - xam tus nqi ntawm ib qho kev qhia (tsis suav nws). Cov nqe lus xwm txheej (yog) thiab voj (txhua) feem ntau mus ntawm no.
  • <%# КОММЕНТАРИЙ %>

Cov lus qhia hauv ERB yog sau rau hauv Ruby (ERB yog Embedded Ruby).

Txhawm rau nkag mus rau cov hloov pauv los ntawm qhov manifest, koj yuav tsum tau ntxiv @ rau lub npe sib txawv. Txhawm rau tshem tawm cov kab tawg uas tshwm tom qab kev tswj xyuas, koj yuav tsum siv lub cim kaw -%>.

Piv txwv ntawm kev siv tus qauv

Wb hais tias kuv tabtom sau ib qho module los tswj ZooKeeper. Cov chav kawm ua lub luag haujlwm tsim cov config zoo li no:

class zookeeper::configure (
  Array[String] $nodes,
  Integer $port_client,
  Integer $port_quorum,
  Integer $port_leader,
  Hash[String, Any] $properties,
  String $datadir,
) {
  file { '/etc/zookeeper/conf/zoo.cfg':
    ensure  => present,
    content => template('zookeeper/zoo.cfg.erb'),
  }
}

Thiab tus qauv coj zoo.cfg.erb - Yog li:

<% if @nodes.length > 0 -%>
<% @nodes.each do |node, id| -%>
server.<%= id %>=<%= node %>:<%= @port_leader %>:<%= @port_quorum %>;<%= @port_client %>
<% end -%>
<% end -%>

dataDir=<%= @datadir %>

<% @properties.each do |k, v| -%>
<%= k %>=<%= v %>
<% end -%>

Qhov tseeb thiab Built-in Variables

Feem ntau qhov tshwj xeeb ntawm kev teeb tsa yog nyob ntawm qhov tam sim no tshwm sim ntawm lub node. Piv txwv li, nyob ntawm seb Debian tso tawm yog dab tsi, koj yuav tsum nruab ib lossis lwm qhov version ntawm pob. Koj tuaj yeem saib xyuas tag nrho cov no manually, rov sau dua manifests yog cov nodes hloov. Tab sis qhov no tsis yog txoj hauv kev loj; automation yog qhov zoo dua.

Yuav kom tau txais cov ntaub ntawv hais txog cov nodes, Puppet muaj lub tshuab hu ua qhov tseeb. Cov lus tseeb - qhov no yog cov ntaub ntawv hais txog cov node, muaj nyob rau hauv manifests nyob rau hauv daim ntawv ntawm cov zoo tib yam sib txawv nyob rau hauv lub ntiaj teb no namespace. Piv txwv li, tus tswv lub npe, operating system version, processor architecture, daim ntawv teev cov neeg siv, cov npe ntawm network interfaces thiab lawv qhov chaw nyob, thiab ntau, ntau ntxiv. Qhov tseeb muaj nyob rau hauv manifests thiab templates raws li ib txwm variables.

Ib qho piv txwv ntawm kev ua haujlwm nrog qhov tseeb:

notify { "Running OS ${facts['os']['name']} version ${facts['os']['release']['full']}": }
# ресурс типа notify просто выводит сообщение в лог

Raws li kev hais lus, qhov tseeb muaj lub npe (txoj hlua) thiab tus nqi (ntau hom muaj: cov hlua, arrays, phau ntawv txhais lus). Noj teeb ntawm built-in tseeb. Koj tuaj yeem sau koj tus kheej. Cov neeg sau qhov tseeb tau piav qhia zoo li cov haujlwm hauv Rubytxawm yog executable cov ntaub ntawv. Qhov tseeb kuj tuaj yeem nthuav tawm hauv daim ntawv cov ntaub ntawv nrog cov ntaub ntawv ntawm nodes.

Thaum lub sijhawm ua haujlwm, tus neeg saib xyuas tus menyuam roj hmab thawj zaug luam tawm tag nrho cov ntaub ntawv muaj tseeb los ntawm pappetserver mus rau ntawm node, tom qab ntawd nws tso lawv thiab xa cov ntaub ntawv pov thawj rau lub server; Tom qab no, tus neeg rau zaub mov pib compiling lub catalog.

Qhov tseeb nyob rau hauv daim ntawv ntawm cov ntaub ntawv executable

Xws li cov lus tseeb tau muab tso rau hauv modules hauv phau ntawv qhia facts.d. Ntawm chav kawm, cov ntaub ntawv yuav tsum tau executable. Thaum khiav, lawv yuav tsum tso tawm cov ntaub ntawv rau cov qauv tsim tawm hauv YAML lossis qhov tseem ceeb = tus nqi hom.

Tsis txhob hnov ​​​​qab tias qhov tseeb siv rau tag nrho cov nodes uas tau tswj los ntawm poppet server uas koj lub module raug xa mus. Yog li ntawd, hauv tsab ntawv, ua tib zoo xyuas tias lub kaw lus muaj tag nrho cov kev pabcuam thiab cov ntaub ntawv tsim nyog rau koj qhov tseeb ua haujlwm.

#!/bin/sh
echo "testfact=success"
#!/bin/sh
echo '{"testyamlfact":"success"}'

Ruby qhov tseeb

Xws li cov lus tseeb tau muab tso rau hauv modules hauv phau ntawv qhia lib/facter.

# всё начинается с вызова функции Facter.add с именем факта и блоком кода
Facter.add('ladvd') do
# в блоках confine описываются условия применимости факта — код внутри блока должен вернуть true, иначе значение факта не вычисляется и не возвращается
  confine do
    Facter::Core::Execution.which('ladvdc') # проверим, что в PATH есть такой исполняемый файл
  end
  confine do
    File.socket?('/var/run/ladvd.sock') # проверим, что есть такой UNIX-domain socket
  end
# в блоке setcode происходит собственно вычисление значения факта
  setcode do
    hash = {}
    if (out = Facter::Core::Execution.execute('ladvdc -b'))
      out.split.each do |l|
        line = l.split('=')
        next if line.length != 2
        name, value = line
        hash[name.strip.downcase.tr(' ', '_')] = value.strip.chomp(''').reverse.chomp(''').reverse
      end
    end
    hash  # значение последнего выражения в блоке setcode является значением факта
  end
end

Cov lus tseeb

Cov ntaub ntawv zoo li no tau muab tso rau ntawm nodes hauv phau ntawv teev npe /etc/facter/facts.d hauv qub Puppet los yog /etc/puppetlabs/facts.d nyob rau hauv lub tshiab Puppet.

examplefact=examplevalue
---
examplefact2: examplevalue2
anotherfact: anothervalue

Nkag mus rau Qhov Tseeb

Muaj ob txoj hauv kev los mus cuag qhov tseeb:

  • dhau ntawm phau ntawv txhais lus $facts: $facts['fqdn'];
  • siv lub npe tseeb raws li lub npe sib txawv: $fqdn.

Nws yog qhov zoo tshaj los siv phau ntawv txhais lus $facts, los yog zoo dua, qhia lub npe ntiaj teb no ($::facts).

Ntawm no yog qhov tseem ceeb ntawm cov ntaub ntawv.

Built-in Variables

Dhau li ntawm qhov tseeb, kuj muaj qee qhov sib txawv, muaj nyob rau hauv lub ntiaj teb no namespace.

  • ntseeg tau qhov tseeb - Cov kev hloov pauv uas tau muab los ntawm tus neeg siv khoom daim ntawv pov thawj (vim daim ntawv pov thawj feem ntau yog muab tso rau ntawm tus neeg rau zaub mov poppet, tus neeg sawv cev tsis tuaj yeem nqa thiab hloov nws daim ntawv pov thawj, yog li qhov hloov pauv tau "tso ntseeg siab"): lub npe ntawm daim ntawv pov thawj, lub npe ntawm daim ntawv pov thawj. host thiab domain, extensions los ntawm daim ntawv pov thawj.
  • server qhov tseeb -Variables hais txog cov ntaub ntawv hais txog lub server-version, npe, server IP chaw nyob, ib puag ncig.
  • tus neeg saib xyuas qhov tseeb - cov hloov pauv tau ntxiv ncaj qha los ntawm tus neeg saib xyuas menyuam roj hmab, thiab tsis yog los ntawm qhov tseeb - daim ntawv pov thawj lub npe, tus neeg sawv cev version, tus menyuam roj hmab version.
  • master variables - Pappetmaster variables (sic!). Nws yog hais txog tib yam li hauv server qhov tseeb, ntxiv rau configuration parameter qhov tseem ceeb muaj.
  • compiler variables - compiler variables uas txawv nyob rau hauv txhua lub scope: lub npe ntawm lub tam sim no module thiab lub npe ntawm lub module nyob rau hauv uas cov khoom tam sim no tau nkag mus. Lawv tuaj yeem siv tau, piv txwv li, los xyuas tias koj cov chav kawm ntiag tug tsis raug siv ncaj qha los ntawm lwm cov modules.

Ntxiv 1: yuav ua li cas khiav thiab debug tag nrho cov no?

Cov kab lus muaj ntau yam piv txwv ntawm tus puppet code, tab sis tsis tau qhia peb txhua tus yuav ua li cas khiav qhov chaws no. Zoo, kuv kho kuv tus kheej.

Tus neeg sawv cev txaus los khiav Puppet, tab sis rau feem ntau koj yuav xav tau lub server.

Tus neeg sawv cev

Yam tsawg kawg txij li version XNUMX, puppet-tus neeg sawv cev pob khoom los ntawm official Puppetlabs repository muaj tag nrho cov kev vam khom (ruby thiab lub pov haum zoo sib xws), yog li tsis muaj teeb meem kev teeb tsa (Kuv tab tom tham txog Debian-raws li kev faib tawm - peb tsis siv RPM-raws li kev faib tawm).

Nyob rau hauv cov ntaub ntawv yooj yim tshaj plaws, siv tus menyuam roj hmab configuration, nws yog txaus los tso tus neeg sawv cev rau hauv serverless hom: yog tias tus puppet code tau theej rau ntawm node, tso tawm. puppet apply <путь к манифесту>:

atikhonov@atikhonov ~/puppet-test $ cat helloworld.pp 
node default {
    notify { 'Hello world!': }
}
atikhonov@atikhonov ~/puppet-test $ puppet apply helloworld.pp 
Notice: Compiled catalog for atikhonov.localdomain in environment production in 0.01 seconds
Notice: Hello world!
Notice: /Stage[main]/Main/Node[default]/Notify[Hello world!]/message: defined 'message' as 'Hello world!'
Notice: Applied catalog in 0.01 seconds

Nws yog qhov zoo dua, tau kawg, teeb tsa lub server thiab khiav cov neeg sawv cev ntawm cov nodes hauv daemon hom - tom qab ntawd ib zaug ib nrab teev lawv yuav siv cov teeb tsa rub tawm los ntawm lub server.

Koj tuaj yeem xyaum tus qauv thawb ntawm kev ua haujlwm - mus rau ntawm qhov koj nyiam thiab pib sudo puppet agent -t. Ntsiab -t (--test) tiag tiag suav nrog ntau qhov kev xaiv uas tuaj yeem qhib rau tus kheej. Cov kev xaiv no suav nrog cov hauv qab no:

  • tsis txhob khiav hauv daemon hom (los ntawm lub neej ntawd tus neeg sawv cev pib hauv daemon hom);
  • kaw tom qab siv cov ntawv teev npe (los ntawm lub neej ntawd, tus neeg sawv cev yuav txuas ntxiv ua haujlwm thiab siv qhov kev teeb tsa ib zaug ib nrab teev);
  • sau ib daim ntawv qhia txog kev ua haujlwm;
  • qhia kev hloov hauv cov ntaub ntawv.

Tus neeg sawv cev muaj hom kev khiav hauj lwm yam tsis muaj kev hloov pauv - koj tuaj yeem siv nws thaum koj tsis paub tseeb tias koj tau sau cov kev teeb tsa raug thiab xav xyuas seb tus neeg sawv cev yuav hloov pauv li cas thaum lub sijhawm ua haujlwm. Hom no yog enabled los ntawm parameter --noop ntawm kab hais kom ua: sudo puppet agent -t --noop.

Tsis tas li ntawd, koj tuaj yeem pab kom debugging cav ntawm kev ua haujlwm - hauv nws, puppet sau txog txhua qhov kev ua nws ua: txog cov peev txheej uas nws tab tom ua tam sim no, txog qhov tsis muaj peev xwm ntawm cov peev txheej no, txog cov kev pab cuam nws pib. Tau kawg qhov no yog parameter --debug.

Neeg rau zaub mov

Kuv yuav tsis xav txog tag nrho cov teeb tsa ntawm lub pappetserver thiab xa cov cai rau nws hauv kab lus no; Kuv tsuas yog yuav hais tias tawm ntawm lub thawv muaj qhov ua haujlwm tau zoo ntawm lub server uas tsis tas yuav muaj kev teeb tsa ntxiv los ua haujlwm nrog tsawg tus lej. nodes (hais, mus txog ib puas). Ntau tus ntawm cov nodes yuav xav tau kev hloov kho - los ntawm lub neej ntawd, puppetserver tso tawm tsis pub ntau tshaj plaub tus neeg ua haujlwm, rau kev ua haujlwm ntau dua koj yuav tsum tau nce lawv cov lej thiab tsis txhob hnov ​​​​qab nce cov cim xeeb txwv, txwv tsis pub cov neeg rau zaub mov yuav khib nyiab feem ntau.

Kev xa tawm code - yog tias koj xav tau nws sai thiab yooj yim, ces saib (ntawm r10k) [https://github.com/puppetlabs/r10k], rau me me installation nws yuav tsum txaus txaus.

Ntxiv 2: Cov Lus Qhia Coding

  1. Muab tag nrho cov logic hauv cov chav kawm thiab cov ntsiab lus.
  2. Khaws cov chav kawm thiab cov lus txhais hauv cov qauv, tsis yog hauv cov lus piav qhia ntawm cov nodes.
  3. Siv qhov tseeb.
  4. Tsis txhob ua ifs raws li hostnames.
  5. Xav tias dawb ntxiv cov kev txwv rau cov chav kawm thiab cov ntsiab lus - qhov no yog qhov zoo dua qhov kev xav tsis zoo uas muab zais rau hauv lub cev ntawm chav kawm / txhais.

Kuv yuav piav qhia yog vim li cas kuv thiaj xav ua qhov no hauv kab lus tom ntej.

xaus

Cia peb ua tiav nrog cov lus qhia. Hauv tsab xov xwm tom ntej no kuv yuav qhia koj txog Hiera, ENC thiab PuppetDB.

Tsuas yog cov neeg siv sau npe tuaj yeem koom nrog hauv daim ntawv ntsuam xyuas. Kos npe rau hauvthov.

Qhov tseeb, muaj ntau yam ntaub ntawv ntau ntxiv - Kuv tuaj yeem sau cov ntawv ntawm cov ncauj lus hauv qab no, pov npav rau yam koj xav nyeem txog:

  • 59,1%Advanced puppet constructs - ib co tom ntej no shit: loops, maps thiab lwm yam lambda kab lus, cov ntaub ntawv sau, exported kev pab cuam thiab inter-host kev sib txuas lus ntawm Puppet, cim npe, chaw zov me nyuam, abstract data types.13
  • 31,8%"Kuv yog kuv niam tus thawj tswj hwm" lossis yuav ua li cas peb hauv Avito ua phooj ywg nrog ob peb poppet servers sib txawv, thiab, hauv paus ntsiab lus, ib feem ntawm kev tswj hwm poppet server.7
  • 81,8%Yuav ua li cas peb sau puppet code: instrumentation, documentation, testing, CI/CD.18

22 cov neeg siv pov npav. 9 cov neeg siv txwv tsis pub siv.

Tau qhov twg los: www.hab.com