Puppet Files Templates
About Me
DevOps@RajeshKumar.XYZ
Puppet 4: Working with Files and Templates
PUPPET FILE AND TEMPLATE TOOLS
Module Overview
- Lab Environment
- Pluralsight Courses
- Course Contents
Lab Environment
Puppet 4 Series
This course follow on from the Puppet 4: Modules and Classes course. In this course you will learn to rationalize the use of files using templates. Making better use of variable content.
Working with Template Reduces the files Needed
Template: ntp.conf.erb
server <%= @server_address %>
File Tools
Working with tools such as the function file_line we do not necessarily need to manage a complete file. We can ensure a given line is present or absent from the file.
- Puppet 4: Language Essentials
- Puppet 4: Working with Modules and Classes
- Puppet 4: Working with File and Templates
- Puppet 4: Hiera the Single Source of Truth
- Puppet 4: Server and Puppet Enterprise
Puppet 4: Working with Files and Templates
Installing a puppet module from an archive
Summary
Next up: Using Puppet Templates
Using Puppet Templates
Objectives
- Why use templates
- ERB vs EPP templates
- Using inline templates
Why Use Templates
Using a template allows us to implement variable data
within a single file
server 192.168.0.3
server uk.pool.ntp.org
server <%= @ntp_local_server %>
server <%= @ntp_regional_server %>
Static Files vs Templates
Instead of hard coding values into files, templates make use of
variable data. The @ symbol used here for the variables tells us that the template is written in the ERB or Embedded Ruby Language.
EPP vs ERB
Using Templates
|
Functions: epp = read a template inline_epp = read a string |
Functions: template = read a template inline_template = read a string |
| EPP | ERB |
Working with Inline ERB Templates
Simple MOTD Manifest
$down_time = ‘17:00’
$motd = @(END)
Welcome to the server: <%= @facts[‘networking’][‘fqdn’] %>
The server will be down today at: <%= @down_time %>
END
file { ‘/etc/motd’:
ensure => ‘file’,
content => inline_template($motd),
}
Working with Inline EPP Templates
Simple MOTD Manifest
$motd= @(END)
Welcome to the server: <%= $facts[‘networking’][‘fqdn’] %>
The server will be down today at: <%= $down_time %>
END
file { ‘/etc/motd’:
ensure => ‘file’,
content => inline_epp($motd, {‘down_time’=> ’17:00’},),
}
Embedded ruby code in ERB templates
Embedded puppet code in EPP templates which is new to puppet 4
ERB files can use template or inline_template functions
EPP files can make use of the epp function or inline_epp function.
Next up: Working with ERB Templates
Working with ERB Templates
Objectives
- Creating the templates directory
- Creating an ERB template using expression printing tags
- Adding if statement in code tags
- Adding iteration to code tags
- Validating ERB templates
Templates Directory
When using templates with modules they should be
located in the
They can be accessed using the template or epp
function
cd /etc/puppetlabs/code/environments/production/modules
sudo mkdir ntp/templates
sudo mv ntp/files/ntp.conf ntp/templates/ntp.conf.erb
sudo rm ntp/files/*
Copy the ntp. conf to the Templates Directory
We can now rationalize the amount of configuration files we use removing the files and using just one template
Configure the Templates Directory
Simple ntp.conf.erb with Expression Tags
#Managed by Puppet - do not edit
server <%= @ntp_local_server%> iburst prefer
server <%= @ntp_regional_server%>
driftfile /var/lib/ntp/drift
Create the Initial ERB Template
Setting Variables
#ntp/manifests/admin_file.pp
$ntp_regional_server = $ntp_location ? {
'London' => 'uk.pool.ntp.org',
'paris' => 'fr.pool.ntp.org',
'nyc' => 'us.pool.ntp.org',
default => 'pool.ntp.org',
}
$ntp_local_server = '192.168.0.3'
File Resource
#ntp/manifests/admin_file.pp
file { $title :
content => template('ntp/ntp.conf.erb')
…
}
Using the Initial ERB Template
Adding Logic with Non-printing Tags
#Managed by Puppet - do not edit
server <%= @ntp_local_server %> iburst prefer
server <%= @ntp_regional_server %>
driftfile /var/lib/ntp/drift
<% if @monitor == false -%>
disable monitor
<% end -%>
Adding Logic to the Template
Iteration
#ntp/manifests/admin_file.pp
$ntp_regional_server = $ntp_location ? {
'London' => ['uk.pool.ntp.org', 'ie.pool.ntp.org',]
'paris' => ['fr.pool.ntp.org', 'de.pool.ntp.org',]
'nyc' => ['us.pool.ntp.org', 'ca.pool.ntp.org',]
default => ['pool.ntp.org', 'us.pool.ntp.org',]
}
#Managed by Puppet - do not edit
server <%= @ntp_local_server -%> iburst prefer
<% @ntp_regional_server.each do |s| -%>
server <%= s -%>
<% end %>
driftfile /var/lib/ntp/drift
<% if @monitor == false -%>
disable monitor
<% end -%>
Adding Iteration to the Template
Validating ERB Templates
We need to use the erb and the ruby command.
These are in /opt/puppetlabs/puppet/bin which is not in the PATH variable by default
./erb -Pxt '-'
Templates should be located in
An ERB template has embedded ruby tags.
Expression tags print a value: <%=....%>
Code tags embed ruby code: <%=....%>
If the closing tag includes the - symbol then we supress the line feedas as long as no further characters follow the closing tags.
Next up: Working with EPP Templates
Working with EPP Templates
Objectives
- Creating an EPP template using expression printing tags
- Adding if statement in code tags
- Adding iteration to code tags
- Validating and rendering EPP templates
Simple ntp.conf.epp with Expression Tags
#Managed by Puppet - do not edit
server <%= $ntp_local_server%> iburst prefer
server <%= $ntp_regional_server%>
driftfile /var/lib/ntp/drift
File Resource
#ntp/manifests/admin_file.pp
file { $title :
content => template('ntp/ntp.conf.epp')
…
}
Adding Logic with Non-printing Tags
#Managed by Puppet - do not edit
server <%= @ntp_local_server %> iburst prefer
server <%= @ntp_regional_server %>
driftfile /var/lib/ntp/drift
<% unless $monitor == true -%>
disable monitor
<% }-%>
Iteration
#Managed by Puppet - do not edit
server <%= @ntp_local_server -%> iburst prefer
<% $ntp_regional_server.each |$server| { -%>
server <%= s %>
<% } -%>
driftfile /var/lib/ntp/drift
<% unless $monitor == true { -%>
disable monitor
<% } -%>
Refactoring to EPP Template
Validating EPP Templates
This is much more simple than ERB templates.
sudo puppet epp validate
Render EPP Templates
We can even test the output of EPP files.
sudo puppet epp render
If you need to pass value through:
...epp render
Validating and Rendering EPP Files
Templates should be located in
EPP templates work with the puppet 4 client and later.
Variables within the EPP file are local to the template, these can be populated by passing parameters when accessing the template.
We can use the Puppet client to both validate and render the template.
Next up: Delivering Files with Puppet
Delivering Files with Puppet
Objectives
- Introduction to purging resources
- Managing the local host file
- Delivering directories and content
ensure => 'present',
purge => true,
Resource: resources
resources { 'host':
purge => true,
noop => true,
}
Host Resource Type
host { $facts['networking']['fqdn']:
ip => $facts ['networking']['ip'],
}
unless $facts['networking']['fqdn'] == 'centos7' {
host { 'centos7':
ip => '192.168.56.15',
}
}
Encapsulate Repetitive Code Using Defined Type
host { $facts['networking']['fqdn']:
ip => $facts ['networking']['ip'],
}
host_entries::host_entry { 'centos7':
ip => '192.168.56.15',
}
Defined Type
define host_entries::host_entry (
$ip,
){
unless $facts['networking']['fqdn'] == $title {
host { $title :
ip => $ip,
}
}
} Managing the Host File on CentoOs and Ubuntu
Copy a directory
and content
Copy Directory
file { ‘/etc/yum.repos.d/’:
ensure => 'directory',
source => 'puppet:///modules/centos_repo/repos/',
recurse => true,
purge => true,
}
Managing CentoOs Repository Files
Meta-resource
The meta-resources resources can manage meta-parameters for the given resource type.
resource {'host':
purge => true,
}
Encapsulate Repetitive Logic in Defined Types
Repetitive logic can be encapsulated within defines types.
define host_entries:: host_entry(
$ip,
){
unless $fact ['fqdn'] == $title{
host { $title:
ip => $ip,
}}}
Using source within a file resource we can copy a file or directory.
Using resource will copy a directories content.
Using purge we can ensure only the delivered content will exist.
Next up: Ensure Content Using File_Line
Ensure Content Using File_Line
Objectives
- Investigate Puppetlabs Stdlib
- Utilize file_line to ensure file content
- Build MOTD module
Without Fail Install
puppetlabs/stdlib
validation & Encryption
and now file_line
Stdlib Documentation on Puppet Forge
file_line { '/etc/ssh/sshd_config':
line => 'PermitRootLogin yes',
}
Undesirable Complete File Management
Where we do not wish to manage the complete file we can allow a level of autonomy whilst controlling the setting needed. The example used here matches the complete line and ensures it is present in the file.
File_line { path => 'etc/ssh/sshd_config', }
file_line { 'PermitRootYes':
line => 'PermitRootLogin yes',
}
file_line { 'PermitRootNo':
line => 'PermitRootLogin no',
ensure = 'absent',
}
Independent Title
Setting a title to be independent of the path allows for more than one line in the same file to be managed.
File_line { path => 'etc/ssh/sshd_config', }
file_line { 'PermitRootYes':
line => 'PermitRootLogin yes',
match => '^\s*PermitRootLogin\s+yes'
}
Using Regular Expressions
Matching the whole line as we have used sa far will be problematic where extra white spaces are used. Using match we can implement regular expression.
Regular Expression Fundamentals - Juliette Reinders Folmer
Managing the SSH Server Configuration
Challenge
The MOTD file should be managed independently on all servers.
Planned downtime for a server will occur at 17:00 on the selected day.The message for the downtime must be consistant across all servers.
Produce a Puppet solution for this using the file_line type from the stdlib.
Using the file_line type from the stdlib.
Using line we will match the complete line.
Using match we can use regular expression.
Use match_for_absence => true when using match for deletions.
Possible Challenge Solution
Next up: Delivery of File Parts with Concat
Questions
Thank you!
