puppet

warning: Creating default object from empty value in /data/web/1/000/027/003/273448/htdocs/panticz.de/modules/taxonomy/taxonomy.pages.inc on line 33.

Puppet: iPXE boot module

# create module structure
mkdir -p /etc/puppet/modules/ipxe/files
mkdir -p /etc/puppet/modules/ipxe/manifests

# download files
wget -q http://dl.panticz.de/ipxe/ipxe.lkrn -O /etc/puppet/modules/ipxe/files/ipxe.lkrn
wget -q http://dl.panticz.de/ipxe/49_ipxe -O /etc/puppet/modules/ipxe/files/49_ipxe

# download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/ipxe/init.pp -O /etc/puppet/modules/ipxe/manifests/init.pp

class ipxe {
  file { "/boot/grub/ipxe.lkrn":
    source => "puppet:///modules/ipxe/ipxe.lkrn"
  }

  file { "/etc/grub.d/49_ipxe":
    source => "puppet:///modules/ipxe/49_ipxe",
    mode => 700
  }

  exec { "update-grub":
    subscribe   => File["/etc/grub.d/49_ipxe"],
    refreshonly => true
  }
}

Puppet: PHP5 module

create module structure
mkdir -p /etc/puppet/modules/php5/manifests
mkdir -p /etc/puppet/modules/php5/files

download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/php5/init.pp -O /etc/puppet/modules/php5/manifests/init.pp

class php5 {
    case $::osfamily {
        default: {
            $pkg = 'php5'
        }
    }

    # install PHP and restarts apache to load the module
    #package { ['php54', 'php54-apc', 'php54-mod-php']:
    package { "$pkg":
        ensure  => installed,
        notify  => Service['apache2'],
        #require => [ Package['php5-mysql'], Package['apache'] ],
        require => Package["apache"],
    }

    exec { "/bin/date -I > /tmp/debug": }
#cat /etc/apache2/mods-enabled/php5.conf
#<FilesMatch ".+\.ph(p[345]?|t|tml)|.htm([l]*)$">
}

add include to your client in /etc/puppet/manifests/site.pp
node "client1.local" inherits default {
...
include php5
...
}

Example: index.html

Links

Puppet: Apache module

create module structure
mkdir -p /etc/puppet/modules/apache/manifests
mkdir -p /etc/puppet/modules/apache/files

download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/apache/init.pp -O /etc/puppet/modules/apache/manifests/init.pp

class apache {
    case $::osfamily {
        'redhat': {
            $apache_name = 'httpd'
        }
        'debian': {
            $apache_name = 'apache2'
        }
        default: {
            $apache_name = 'apache2'
        }
    }

    # install apache
    package { "$apache_name":
        ensure => installed,
        #name => 'apache2-mpm-prefork', # httpd if CentOS
        alias  => "apache",
    }

    # enable apache service
    service { 'apache2':
        ensure => running,
        enable => true,
        require => Package['apache']
    }

    file { "/var/www/index.html":
        mode => 644,
        owner => www-data,
        group => www-data,
        source  => "puppet:///modules/apache/index.html",
        require => Package["apache"],
    }
}

add include to your client in /etc/puppet/manifests/site.pp
node "client1.local" inherits default {
...
include apache
...
}

Example: index.html
echo "Hello puppet" > /etc/puppet/modules/apache/files/index.html

Links
http://www.panticz.de/install_webserver
http://github.com/example42/puppet-apache

Puppet: Xen module

create module structure
mkdir -p /etc/puppet/modules/xen/manifests
mkdir -p /etc/puppet/modules/xen/files

download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/xen/init.pp -O /etc/puppet/modules/xen/manifests/init.pp

class xen {
#    case $operatingsystem {
#        debian: {
            $packagelist = [ "xen-linux-system", "xen-tools", "debootstrap" ]
#        }
#        ubuntu: {
#            $packagelist = [ "xen-linux-system", "xen-tools", "debootstrap" ]
#        }
#    }

    package { $packagelist:
        ensure => installed,
    }

#    service { 'apache2':
#        ensure => running,
#        enable => true,
#        require => Package['nullmailer']
#    }

    exec { ['/bin/mv /etc/grub.d/10_linux /etc/grub.d/25_linux', '/bin/echo "GRUB_DISABLE_OS_PROBER=true" >> /etc/default/grub']:
#        cwd => "/var/tmp",
#        creates => "/var/tmp/myfile",
#        path => ["/bin", "/usr/bin", "/usr/sbin"],

#        require => Package["xen-linux-system"],
        require => Package[$packagelist],
    }

#    file { "/etc/mailname":
#        mode => 644,
#        owner => root,
#        group => root,
#        source => "puppet:///modules/nullmailer/mailname",
#        require => Package["nullmailer"],
#    }

#    file { "/etc/nullmailer/remotes":
#        mode => 600,
#        owner => mail,
#        group => mail,
#        source => "puppet:///modules/nullmailer/remotes",
#        require => Package["nullmailer"],
#    }
}

add include to your client in /etc/puppet/manifests/site.pp
node "client1.local" inherits default {
...
include nullmailer
include xen
...
}

Links
http://www.panticz.de/install-xen

Puppet: Nullmailer module

create module structure
mkdir -p /etc/puppet/modules/nullmailer/manifests
mkdir -p /etc/puppet/modules/nullmailer/files

download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/nullmailer/init.pp -O /etc/puppet/modules/nullmailer/manifests/init.pp

class nullmailer {
    package { "nullmailer":
        ensure => installed,
    }

    service { 'nullmailer':
        ensure => running,
        enable => true,
        require => Package['nullmailer']
    }

    file { "/etc/mailname":
        mode => 644,
        owner => root,
        group => root,
        source => "puppet:///modules/nullmailer/mailname",
        require => Package["nullmailer"],
    }

    file { "/etc/nullmailer/remotes":
        mode => 600,
        owner => mail,
        group => mail,
        source => "puppet:///modules/nullmailer/remotes",
        require => Package["nullmailer"],
    }
}

add include to your client in /etc/puppet/manifests/site.pp
node "client1.local" inherits default {
...
include nullmailer
...
}

Example: /etc/mailname
example.com

Example: /etc/nullmailer/remotes
smtp.example.com smtp --auth-login --user=YOUR_SMTP_ID --pass=YOUR_SMTP_PASS

Links
http://www.panticz.de/install-nullmailer

Puppet: Icinga SSH client module

Enable Pluginsync on client
sed -i '/\[main\]/a\pluginsync=true\' /etc/puppet/puppet.conf

create Nullmailer module
http://www.panticz.de/Puppet-Nullmailer-module

create module structure
mkdir -p /etc/puppet/modules/icinga_ssh_client/manifests
mkdir -p /etc/puppet/modules/icinga_ssh_client/files

download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/icinga_ssh_client/init.pp -O /etc/puppet/modules/icinga_ssh_client/manifests/init.pp

class icinga_ssh_client {
    package { "nagios-plugins-basic":
        ensure => installed,
    }

    # http://raw.github.com/justintime/nagios-plugins/master/check_mem/check_mem.pl
    file { "/usr/lib/nagios/plugins/check_mem":
        mode => 755,
        owner => root,
        group => root,
        require => Package['nagios-plugins-basic'],
        source => "puppet:///modules/icinga_ssh_client/check_mem",
    }

    # apt-get install -y nagios-plugins-contrib --no-install-recommends
    file { "/usr/lib/nagios/plugins/check_raid":
        mode => 755,
        owner => root,
        group => root,
        require => Package['nagios-plugins-basic'],
        source => "puppet:///modules/icinga_ssh_client/check_raid",
    }

    # TODO: relative path to id_rsa.pub
    # extract data from public key file (e.g. /var/lib/nagios/.ssh/id_rsa.pub)
    $ssh = split(file("/etc/puppet/modules/icinga_ssh_client/files/id_rsa.pub"), ' ')
    $ssh_type = values_at($ssh, 0)
    $ssh_key = values_at($ssh, 1)
    $ssh_id = values_at($ssh, 2)
    ssh_authorized_key { $ssh_id:
        ensure => present,
        user => root,
        type => $ssh_type,
        key => $ssh_key,
    }

    # alternatively, read key from file and remove line break
    # ssh_authorized_key { 'nagios@icinga':
    #    ensure => present,
    #    user => root,
    #    type => ssh-rsa,
    #    key => chomp(file("/etc/puppet/modules/icinga_ssh_client/files/id_rsa.pub")),
    # }
}

add include to your client in /etc/puppet/manifests/site.pp
node "client1.local" inherits default {
...
include icinga_ssh_client
include nullmailer
...
}

Example: /etc/puppet/modules/icinga_ssh_client/files/id_rsa.pub
ssh-rsa ADAAB3NzaC3yc2EAAAADAEulgMUFyT9y2DaZYXHUdLWvkE9TKE+OVO8jYhmGG2BMmL5Ad3D+flpTMQfpp7EVJg2vTBSiVG4kCVicvb nagios@icinga

# (auto) create new host / object on icinga
cat /etc/icinga/objects/puppet.cfg
define host {
host_name puppet
address 192.168.1.173
use generic-host
hostgroups debian
}

TODO
# (auto) remove old hosts from /var/lib/nagios/.ssh/known_hosts on icinga
# (auto) import new host to /var/lib/nagios/.ssh/known_hosts on icinga

# add raid check
#apt-get install -y hddtemp
#wget -q "http://exchange.nagios.org/components/com_mtree/attachment.php?link_id=341&cf_id=24" -O /usr/lib/nagios/plugins/check_hddtemp
#chmod go+x /usr/lib/nagios/plugins/check_hddtemp

Links
http://serverfault.com/questions/411245/puppetlabs-file-line-type-not-working
http://serverfault.com/questions/238708/adding-lines-to-etc-profile-with-puppet

Puppet modules

Puppet module repository
http://forge.puppetlabs.com/

# search for module
puppet module search ntp

# install module
puppet module install ntp

Links
http://docs.puppetlabs.com/references/latest/type.html

Debian: Install Puppet on client

Install Puppet client (agent)
wget https://raw.githubusercontent.com/panticz/installit/master/install.puppet-client.sh -O - | bash -

#!/bin/bash

# ensure that this script is run by root
if [ $(id -u) -ne 0 ]; then
  sudo $0
  exit
fi

# install
apt-get install -qq -y puppet
 
# configure to autostart puppet on boot
if [ $(puppet --version | cut -d "." -f1) -ge 3 ]; then
  # puppet 3.x
  /etc/init.d/puppet stop
  puppet agent --enable
else
  # puppet 2.x
  [ -f /etc/default/puppet ] && sed -i 's|START=no|START=yes|g' /etc/default/puppet
fi

enabling pluginsync
sed -i '/\[main\]/a\pluginsync=true\' /etc/puppet/puppet.conf
sed -i '/\[main\]/a\runinterval=10\' /etc/puppet/puppet.conf

test connection to pupet server
puppet agent --test
OR
puppet agent --test --server puppet.lab --waitforcert 60 --verbose
#--no-daemonize

change update interwal in seconds (default 30min.)
vi /etc/puppet/puppet.conf
[main]
runinterval=300

puppet version
puppet --version

Links
http://docs.puppetlabs.com/learning/agent_master_basic.html

Puppet

Installation
1. Install and configure Puppet on server (/etc/puppet/fileserver.conf)
http://www.panticz.de/install-puppet-server-puppetmaster
2. On client: Install Puppet client
http://www.panticz.de/install-puppet-client
3. On client: apply for certificate (puppet agent --test)
4. On server: confirm certificate (puppet cert sign dev2.lab)
5. On server: configure modules (/etc/puppet/modules/MODULE_NAME/manifests/init.pp)
6. On server: prepare files (/etc/puppet/modules/MODULE_NAME/files)
7. Configure clients (/etc/puppet/manifests/site.pp)

Syndicate content