Technotes

Technotes for future me

Puppet

Puppet CLI

  • Bootstrap client

      puppet agent -t --server <puppet master> [<options>]
    
  • Display facts:

      facter              # All system facts
      facter -p           # All system and Puppet facts
      facter -y           # YAML
      facter -j           # JSON
    
      facter [-p] <name>  # A specific fact
    
      # Examples
      facter memoryfree
      facter is_virtual processor0
    
  • Injecting Facts:

    env FACTER_<fact name>=<fact value> puppet apply site.pp
    
  • Find out effective classes on a node

    cat /var/lib/puppet/classes.txt
    
  • Find out when which file was modified

    cd /var/lib/puppet
    for i in $(find clientbucket/ -name paths); do
        echo "$(stat -c %y $i | sed 's/\..*//')       $(cat $i)";
    done | sort -n
    
  • Puppet Dry Run:

    puppet agent --noop --verbose
    
  • Disable agent

    puppet agent --disable
    puppet agent --disable <info message>   # Only recent versions
    puppet agent --enable
    
  • Executing selective classes

    puppet agent --tags Some::Class
    
  • Managing Certificates (on master)

    puppet cert list
    puppet cert list --all
    puppet cert sign <name>
    puppet cert clean <name>   # removes cert
    
  • Managing Nodes

    puppet node clean <name>   # removes node + cert
    
  • Managing Modules

    puppet module list
    puppet module install <name>
    puppet module uninstall <name>
    puppet module upgrade <name>
    puppet module search <name>
    
  • Inspecting Resources/Types

    puppet describe -l
    puppet resource <type name>
    
    # Querying Examples
    puppet resource user john.smith
    puppet resource service apache
    puppet resource mount /data
    puppet resource file /etc/motd
    puppet resource package wget
    
    # Trigger puppet run from master
    puppet kick <name>
    puppet kick -p 5 <names>      # 5 parallel
    
  • Debugging deployment and rules on a local machine. This only makes sense in “one time” mode running in one of the following variants:

    puppetd --test # enable standard debugging options
    puppetd --debug # enable full debugging
    puppetd --one-time --detailed-exitcodes # Enable exit codes:
               # 2=changes applied
               # 4=failure
    
  • Gepetto: Puppet IDE

  • puppet - Correctly using Roles and Profiles

Puppet 2/3 Master

Enable debugging: Add to /etc/puppet/rack/config.ru

ARGV << "--debug"

and restart the Passenger.

Puppet DSL

Snippets

notify { 'message': loglevel => 'err' }

Check for file

if file_exists('somefile.txt') == 1 { }

Execute commands (evil!)

exec { "mkdir -p $dir":
    command => "/bin/mkdir -p $dir",
    creates => $dir
}

Merging Arrays

$result = split(inline_template("<%= (array1+array2).join(',') %>"),',')

Exceptions

fail('This is a parser time error')

Conditions

if $var == 'value' {
}

case $::lsbdistcodename {
    'squeeze': {
        }
        'wheezy', 'jessie': {
        }
        default {
        }
}

ERB Syntax

ERB Tags

<%= ruby code, result inserted %>
<% ruby code, result not inserted %>  # use for loops, conditions...
<%- like above, but strips leading+trailings spaces from output -%>
<%# comment %>

<%%  # literal <%
%%>  # literal %>

Using Variables

<%= @name %>              # variable visible in current scope
<%= scope.lookupvar('name') %>        # search in all scopes
<%= scope['somewhere::name'] %>       # Puppet 3 scope access

Conditions

<% if @name != nil %>
   Well, @name is set!

   When checking if a variable exists/is set 
   always do check for nil! Everything else is unsafe.
<% end %>

<% if @name ~ /.* Smith$/ %>
   Matches
<% end %>

Augeas

Augeas - in Puppet: Using Puppet with Augeas

augeas { "sshd_config":
 changes => [
 "set /files/etc/ssh/sshd_config/PermitRootLogin no",
 ],
}

Testing

  • Validate manifest

    puppet parser validate <manifest>
    
  • Validate ERBs

    erb -x -T '-' <template> | ruby -c 
    
  • puppet-rspec: Testing Puppet modules with rspecs

  • Beaker: Puppet acceptance testing in VMs

Misc

Last updated on 31 Jan 2021
Published on 25 Dec 2019
Edit on GitHub