自动化运维之Puppet

系统自动安装工具 PXE 一个PXE只能安装同一种系统

灰度发布 旧版本不删除 出现问题回滚

puppet 有agent ansible 无agent，ansible没有angent 基于ssh传输 不安全，ansible定义角色 和 puppet定义模块是一样的 相当于函数 实现代码重用，puppet的agent 接收server端指令 并完成相应的管理功能 并把执行结果返回给server

模块是由资源清单组成

#列出Puppet支持的所有资源类型
[root@bogon ~]#  puppet describe -l

#查看某资源详细描述 
[root@bogon ~]#  puppet describe package

# <user group>
[root@bogon mainfests]# mkdir mainfests
[root@bogon mainfests]# vim test1.pp 
    group {'disto':
            gid     => 2000,
            ensure  => present
    }

    user {'cent':
            uid     => 2000,
            gid     => 2000,
            shell   => '/bin/bash',
            home    => '/home/cent',
            ensure  => 'present'
    }
[root@bogon mainfests]# puppet apply -v test1.pp 

[root@bogon mainfests]# tail /etc/group
[root@bogon mainfests]# tail /etc/passwd

# <file>
[root@bogon mainfests]# vim test2.pp
    file {'/tmp/mydir':
            ensure  => directory

    }
    file {'/tmp/puppet.file':
            content => 'haha,woshipuppet',
            ensure  => file,
            owner   => 'cent',
            group   => 'disto',
            mode    => '0400'
    }
    file {'/tmp/puppet.link':
            target  => '/tmp/puppet.file',
            ensure  => link
    }
    file {'/tmp/fstab.puppet':
            source  => '/etc/fstab',
            ensure  => file
[root@bogon mainfests]# puppet apply -v test2.pp
[root@bogon mainfests]# ll /tmp

# <exec>
[root@bogon mainfests]# vim test3.pp
    exec {'/usr/sbin/modprobe ext4':
            user    => root,
            group   => root,
            refresh => '/usr/sbin/modprobe -r ext4 && /usr/sbin/modprobe ext4',
            timeout => 5,
            tries   => 2
    }
    exec {'/bin/echo "xuuxe" > /tmp/xuxue.txt':
            user    => root,
            group   => root,
            creates => '/tmp/xuxue.txt' #该路径文件不存在时 则执行echo命令
    }
    exec {'/bin/echo chun > /tmp/chun.txt':
            user    => root,
            group   => root,
            unless  => '/usr/bin/test -e /tmp/heh.txt'#该命令执行失败 则执行echo命令

    }
[root@bogon mainfests]# puppet apply -v test3.pp

# <notify>
[root@bogon mainfests]# vim test4.pp
    notify{'hi notify':
    }
[root@bogon mainfests]# puppet apply -v test4.pp

# <cron>
[root@bogon mainfests]# vim test5.pp
    cron {'sync time':
            command => '/usr/sbin/ntpdate 192.168.1.17 &> /dev/null',
            minute  => '*/2'
    }
[root@bogon mainfests]# puppet apply -v test5.pp
[root@bogon mainfests]# crontab -l

# <package>
[root@bogon mainfests]# vim test6.pp
package {'zsh':
        ensure  => latest
}
package {'jdk':
        ensure  => installed,
        source  => '/usr/local/src/jdk-8u25-linux-x64.rpm',
        provider        => rpm

}
[root@bogon mainfests]# puppet apply -v test6.pp

# <service>
[root@bogon mainfests]# vim test7.pp
    package {'nginx':
            ensure  => latest
    }
    service {'nginx':
            ensure  => running,
            enable  => true,
            hasrestart      => true,
            hasstatus       => true,
            restart => 'systemtctl reload nginx.service'
    }
[root@bogon mainfests]# puppet apply -v test7.pp

#依赖关系
    资源引用
        Type['title']
    依赖关系
        被依赖资源中使用：before
        依赖其它资源的资源：require
        ->：链式依赖

↓

[root@bogon mainfests]# vim test8.pp
    group {'linux':
            gid     => 3000,
            ensure  => present,
            #before         => User['suse']
    }#->

    user {'suse':
            uid     => 3000,
            gid     => 3000,
            shell   => '/bin/bash',
            home    => '/home/suse',
            ensure  => 'present',
            #require        => Group['linux']
    }
    #  依赖关系  before  => User['suse']等同于->等同于require => Group['linux']
[root@bogon mainfests]# puppet apply -v test8.pp

#通知关系
    资源引用
        Type['title']
    依赖关系
        被依赖资源中使用：notify
        监听其它资源的资源：subscribe
        ~>：链式通知

↓

[root@bogon mainfests]# setenforce 0
[root@bogon mainfests]# mkdir /root/modules/nginx/files -pv
[root@bogon mainfests]# cp /etc/nginx/nginx.conf /root/modules/nginx/files
[root@bogon mainfests]# vim /root/modules/nginx/files/nginx.conf 
        #修改端39行口号测试   listen       808 default_server;

[root@bogon mainfests]# vim test9.pp
    package {'nginx':
            ensure  => latest
    }
    file {'/etc/nginx/nginx.conf':
            ensure  => file,
            source  => '/root/modules/nginx/files/nginx.conf',
            require => Package['nginx'],
            notify  => Service['nginx']
    }

    service {'nginx':
            ensure  => running,
            enable  => true,
            hasrestart      => true,
            hasstatus       => true,
            require => [ Package['nginx'],File['/etc/nginx/nginx.conf'] ]
    }

[root@bogon mainfests]# puppet apply -v test9.pp
[root@bogon mainfests]# ss -tnl

#条件判断
[root@bogon mainfests]# vim test11.pp
    if $processorcount>1 {
            notice ('SMP HOST')
    }else {
            notice ('poor guy')
    }
[root@bogon mainfests]# puppet apply -v test11.pp

[root@bogon mainfests]# vim test12.pp
    if $operatingsystem =~/^(?i-mx:(centos|redhat|fedora|ubuntu))/ {
            notice("welcome $1 hahhah")
    }
[root@bogon mainfests]# puppet apply -v test12.pp