| 知乎专栏 |
http://docs.puppetlabs.com/learning/
default 针对所有节点
node default {
file {
"/tmp/helloworld.txt": content => "hello, world";
}
}
# cat /etc/puppet/manifests/site.pp
node default {
file {
"/tmp/puppettest1.txt":
content => "hello,first puppet manifest";
}
}
指定节点
# cat /etc/puppet/manifests/test.pp
node www {
file { "/var/www/index.html":
source => "/tmp/something",
mode => 666;
}
}
多个节点
node 'www','images' {
...
...
}
http://docs.puppetlabs.com/references/latest/type.html#user
http://docs.puppetlabs.com/references/latest/type.html#group
如果没有指定name的话就会建立和资源名一样的用户名/组名,如果指定了name就以name指定的用户名/组名为主
用户组的添加
node 'node1.example.com' {
#为该节点添加一个名字为test的组,并设置组ID为1000,如果不指定name的值,所创建的用户就为web。
group { "web":
ensure => "present",
gid => 1000,
name => "test";
}
#为该节点添加一个httpd的组,并且设置ID和web一样
group { "httpd":
ensure => "present",
gid => 1000,
allowdupe => true;
}
#为该节点删除一个apache的组。
group { "apache":
ensure => "absent",
}
}
用户组的删除
node 'node1.example.com' {
#为该节点删除一个web的组。
group { "web":
ensure => "absent",
}
}
用户的添加
#创建一个用户并且密码为空
user {"svn":
ensure => "present",
shell => "/sbin/nologin";
}
#创建一个www用户,设置用户描述为webmaster,shell为bash,
user {"www":
ensure => "present",
comment => "webmaster user",
name => "www",
shell => "/sbin/bash";
}
#创建一个gid为80的用户组:
group { "www":
ensure => "present",
gid => 80,
}
用户的删除
user { "neo":
ensure => "absent",
}
创建用户并指定密码
生成密码
# grub-md5-crypt Password: Retype password: $1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70
user { "www":
ensure => "present",
uid => 80,
gid => 80,
home => "/var/www",
shell => "/bin/bash",
managehome => true,
password => '$1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70';
}
file {"/var/www":
group => 80,
owner => 80,
mode => 700,
ensure => directory;
}
file { "/var/www/my/file":
source => "/path/in/nfs/or/something",
mode => 666;
}
ensure => absent; #absent是检测文件是否存在,如果存在则删除 ensure => present; #present正好相反,如果不存在则创建 ensure => directory; #创建一个目录的方法 force = > true; #删除一个目录必须加上这个参数 source => "PATH"; #指定数据来源 backup => ".backup_$uptime_seconds"; 覆盖前备份文件
创建目录实例
file { "/tmp/cache":
owner => "www",
group => "www",
mode => 700,
ensure => directory;
}
source 表示 agent节点上的目录
node www {
file { "/var/www":
owner => "nginx",
group => "nginx",
mode => 700,
ensure => directory;
}
file { "/var/www/index.html":
source => "/tmp/something",
mode => 666;
}
}
从master上获取文件
fileserver.conf 配置如下
[files] path /var/lib/puppet/files allow *
site.pp配置如下
file { "/tmp/test.txt":
source => "puppet://puppet.example.com/files/test.txt",
}
此处的files为fileserver.conf中定义模块
present, installed 安装包 absent,pureged 卸载包
# start
package {
"dnsmasq":
ensure => installed;
}
file {
"/etc/resolv.conf":
require => Service["dnsmasq"],
content => "nameserver 127.0.0.1\n";
}
service {
"dnsmasq":
ensure => running,
pattern => "dnsmasq" ,
require => Package["dnsmasq"];
}
# end
package {
"httpd":
ensure => installed; 安装httpd,或用present也表示安装
["vim","vsftpd"]:
ensure=>absent; 删除vim 和vsftpd软件,使用pureged表示彻底删除软件
}
$package_list = [ "screen", "strace", "sudo" ]
package { $package_list: ensure => "installed" }
package { "lamp":
ensure => present,
provider => rpm,
source => "http://192.168.0.1/lamp.rpm";
}
service { 'sshd':
ensure => running,
enable => true,
hasrestart => true,
hasstatus => true,
subscribe => File['/etc/ssh/sshd_config'],
}
exec { "creates file":
cwd => "/tmp", #指定命令执行的目录。如果目录不存在,则命令执行失败。
command => "/bin/echo helloworld > /tmp/hello.txt",
user => "root",
path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"; #命令执行的搜索路径。如果path没有被定义,命令需要使用绝对路径。
}
exec { “/srv/puppet/shell/test.sh”:
cwd => “/srv/puppet”,
timeout => 7200,
logoutput => on_failure,
user => root,
path => ["/sbin", "/usr/sbin", "/usr/local/sbin", "/usr/local/bin", "/usr/bin", "/bin", "/usr/local/java/jre/bin"],
require => File["/srv/puppet/shell/test.sh"]
}