知乎专栏 |
http://docs.puppetlabs.com/learning/
default 针对所有节点
node default { file { "/tmp/helloworld.txt": content => "hello, world"; } }
# cat /etc/puppet/manifests/site.pp node default { file { "/tmp/puppettest1.txt": content => "hello,first puppet manifest"; } }
指定节点
# cat /etc/puppet/manifests/test.pp node www { file { "/var/www/index.html": source => "/tmp/something", mode => 666; } }
多个节点
node 'www','images' { ... ... }
http://docs.puppetlabs.com/references/latest/type.html#user
http://docs.puppetlabs.com/references/latest/type.html#group
如果没有指定name的话就会建立和资源名一样的用户名/组名,如果指定了name就以name指定的用户名/组名为主
用户组的添加
node 'node1.example.com' { #为该节点添加一个名字为test的组,并设置组ID为1000,如果不指定name的值,所创建的用户就为web。 group { "web": ensure => "present", gid => 1000, name => "test"; } #为该节点添加一个httpd的组,并且设置ID和web一样 group { "httpd": ensure => "present", gid => 1000, allowdupe => true; } #为该节点删除一个apache的组。 group { "apache": ensure => "absent", } }
用户组的删除
node 'node1.example.com' { #为该节点删除一个web的组。 group { "web": ensure => "absent", } }
用户的添加
#创建一个用户并且密码为空 user {"svn": ensure => "present", shell => "/sbin/nologin"; } #创建一个www用户,设置用户描述为webmaster,shell为bash, user {"www": ensure => "present", comment => "webmaster user", name => "www", shell => "/sbin/bash"; } #创建一个gid为80的用户组: group { "www": ensure => "present", gid => 80, }
用户的删除
user { "neo": ensure => "absent", }
创建用户并指定密码
生成密码
# grub-md5-crypt Password: Retype password: $1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70
user { "www": ensure => "present", uid => 80, gid => 80, home => "/var/www", shell => "/bin/bash", managehome => true, password => '$1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70'; } file {"/var/www": group => 80, owner => 80, mode => 700, ensure => directory; }
file { "/var/www/my/file": source => "/path/in/nfs/or/something", mode => 666; }
ensure => absent; #absent是检测文件是否存在,如果存在则删除 ensure => present; #present正好相反,如果不存在则创建 ensure => directory; #创建一个目录的方法 force = > true; #删除一个目录必须加上这个参数 source => "PATH"; #指定数据来源 backup => ".backup_$uptime_seconds"; 覆盖前备份文件
创建目录实例
file { "/tmp/cache": owner => "www", group => "www", mode => 700, ensure => directory; }
source 表示 agent节点上的目录
node www { file { "/var/www": owner => "nginx", group => "nginx", mode => 700, ensure => directory; } file { "/var/www/index.html": source => "/tmp/something", mode => 666; } }
从master上获取文件
fileserver.conf 配置如下
[files] path /var/lib/puppet/files allow *
site.pp配置如下
file { "/tmp/test.txt": source => "puppet://puppet.example.com/files/test.txt", }
此处的files为fileserver.conf中定义模块
present, installed 安装包 absent,pureged 卸载包
# start package { "dnsmasq": ensure => installed; } file { "/etc/resolv.conf": require => Service["dnsmasq"], content => "nameserver 127.0.0.1\n"; } service { "dnsmasq": ensure => running, pattern => "dnsmasq" , require => Package["dnsmasq"]; } # end
package { "httpd": ensure => installed; 安装httpd,或用present也表示安装 ["vim","vsftpd"]: ensure=>absent; 删除vim 和vsftpd软件,使用pureged表示彻底删除软件 }
$package_list = [ "screen", "strace", "sudo" ] package { $package_list: ensure => "installed" }
package { "lamp": ensure => present, provider => rpm, source => "http://192.168.0.1/lamp.rpm"; }
service { 'sshd': ensure => running, enable => true, hasrestart => true, hasstatus => true, subscribe => File['/etc/ssh/sshd_config'], }
exec { "creates file": cwd => "/tmp", #指定命令执行的目录。如果目录不存在,则命令执行失败。 command => "/bin/echo helloworld > /tmp/hello.txt", user => "root", path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"; #命令执行的搜索路径。如果path没有被定义,命令需要使用绝对路径。 }
exec { “/srv/puppet/shell/test.sh”: cwd => “/srv/puppet”, timeout => 7200, logoutput => on_failure, user => root, path => ["/sbin", "/usr/sbin", "/usr/local/sbin", "/usr/local/bin", "/usr/bin", "/bin", "/usr/local/java/jre/bin"], require => File["/srv/puppet/shell/test.sh"] }