Pro Puppet (32 page)
Authors: Jeffrey McCune James Turnbull
In this code example, Puppet will manage the group before the user if theapacheaccount is present. However, if theapacheaccount is absent, then the user is managed before the group to prevent the operating system from complaining that a group cannot be removed when a user exists with the samegidnumber.
The complete list of syntax arrows are ->, <-, ~> and <~. The tilde arrows add notifications to the relationship just like the subscribe and notify parameters.
Group["apache"] -> User["apache"]
The apache group is before the apache user.
User["apache"] <- Group["apache"]
The apache user requires the apache group.
File["httpd.conf"] ~> Service["httpd"]
The httpd.conf file notifies the httpd service.
Service["httpd"] <~ File["httpd.conf"]
The httpd service subscribes to the httpd.conf file.
Additional information about the new relationship-chaining syntax in Puppet 2.6.0 is available online at:http://docs.puppetlabs.com/guides/language_tutorial.html.
In the next section, we expand on the concept of virtual resources and make resources available across nodes and configuration catalogs. Resources available for collection across nodes are called exported resources, though it's important to think of them in terms of the virtual resources feature they are designed to resemble.
Now that you're ready to look at exported resources and stored configuration using the groundwork we've introduced with virtual resources, let's start with a database server.
The first step in using exported resources is to install and create the database your stored configuration will use. You can use a variety of database back-ends to store your configuration, including:
- MySQL
- PostgreSQL
- SQlite3, and
- Oracle
To allow Puppet to use these different database back ends, Puppet uses the Ruby Active Record object relational mapper (see the Ruby Active Record sidebar). Many people start with the SQLite3 database as a stored configuration back end because it's fast and easy to set up. Unfortunately, it relies on direct file access to write transactions, and this makes it difficult to scale for larger configurations. As a result, we recommend you use a more fully-featured database server. In this chapter, we demonstrate how to use MySQL as our stored configuration database server.
RUBY ACTIVE RECORD
The Ruby Active Record library is best known from the Ruby on Rails web application framework. Active Record is an Object Relational Mapper (ORM), which is an abstraction layer that allows a programming language to support a variety of database servers. The library provides the means to model relational data stored in SQL as objects and classes in Ruby without the need to write complicated, cross-database-compatible SQL statements. More information about Active Record is available at:http://ar.rubyonrails.org/.
Your database server needs to be installed on a host that is accessible through the network by your Puppet master or Puppet masters. You can install the database server locally on your Puppet master, but we don't recommend this for performance and scalability reasons.
In the following sections we show you how to install the MySQL server on Enterprise Linux- and Debian/Ubuntu-based systems.
Note For other platforms, please consult the installation procedure for MySQL (or the database server of your choice) for additional information.
MySQL server packages are available from the vendor-provided media on most Enterprise Linux-based systems without the need to enable third-party repositories. Either the yum package manager or Puppet may be used to install MySQL. Unfortunately, the MySQL Ruby library package,mysql-ruby, is not available from the vendor package repositories and should be obtained from the Enhanced Packages for Enterprise Linux third party repository.
Note The Enhanced Packages for Enterprise Linux package repository contains many third-party packages not included in the main Enterprise Linux distribution. These packages are compiled and maintained to cleanly interoperate with Enterprise Linux releases. Additional information about the EPEL repository is available online athttp://fedoraproject.org/wiki/EPEL/FAQ.
To install MySQL on Red Hat Enterprise Linux using Puppet, add this line of code:
# yum install mysql-server
You also need to ensure taht the Ruby MySQL bindings are present on each Puppet master system:
# yum install ruby-mysql
With the MySQL server RPM packages and Ruby client libraries installed, the next step is to use RubyGems to install the Rails framework.
The first step to configure stored configurations is to install and configure a SQL server. On Debian and Ubuntu systems, this task is easily accomplished by installing themysql-serverpackage:
# aptitude install mysql-server
In addition to the MySQL server packages, the client libraries allowing Ruby programs to connect to a MySQL server need to be installed. On Debian and Ubuntu, these client libraries are contained in thelibmysql-ruby1.8andlibmysql-rubypackages.
# aptitude install libmysql-ruby1.8 libmysql-ruby
Once the MySQL server packages and Ruby client libraries are present on the system, you can move on to installing the Ruby on Rails framework.
Exported resources and stored configurations in Puppet take advantage of the Ruby on Rails framework to model and store Puppet resources in a relational database supported by the Active Record library. Installing the Rails framework is straightforward if you are working with a recent version of Ruby and therubygemspackage.
In this section, we will install Ruby on Rails using thegemsystem command, which is well supported on Enterprise Linux- and Debian-based systems. Indeed, any system with thegemcommand will support this installation process.
First, install Rails for Puppet versions 0.25.x, 2.6.x and later, as you can see in
Listing 6-5
.
Listing 6-5.
Installing Ruby on Rails using RubyGems
# gem install rails -v 2.3.5 --no-ri --no-rdoc
Successfully installed rails-2.3.5
1 gem installed
There is a problem with Puppet and ActiveRecord versions prior to version 2.3.5, so you need to update the ActiveRecord library to at least this version:
# gem install activerecord -v 2.3.5 --no-ri --no-rdoc
Successfully installed activerecord-2.3.5
1 gem installed
Once Rails and ActiveRecord have been installed, you can verify that the proper versions are present using thegem listcommand.
# gem list
*** LOCAL GEMS ***
actionmailer (2.3.5)
actionpack (2.3.5)
activerecord (
2.3.5
)
activeresource (2.3.5)
activesupport (
2.3.5
)
rails (2.3.5)
rake (0.8.7)
Notice thatactiverecordandactivesupportare both available at version 2.3.5. With these libraries installed, you're ready to proceed with the Puppet settings to enable stored configurations.
In the previous sections you installed Ruby on Rails, ActiveRecord, and the MySQL Ruby libraries for the platform the Puppet master is executing on. You're now ready to configure the Puppet master to connect to the database and store configuration information. This configuration is done in thepuppet.conffile located in the configuration directory,/etc/puppetby default.
Before configuring the Puppet master we need to make sure a database has been created for use with Puppet. Any database name will suffice; in this example, the operator uses the default name of “puppet” accompanied by a MySQL account named “puppet” with a password of “teppup.”
First, connect to the MySQL command line interface:
# mysql -u root -p
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 36
Server version: 5.0.51a-24+lenny4 (Debian)
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
Once connected, create a new database named “puppet”:
mysql> create database puppet;
Query OK, 1 row affected (0.00 sec)
Finally, create a MySQL account named “puppet” to access this new database. Notice the password is set to “teppup.” The username and password should be changed to something more secure and reflected inpuppet.conf.
grant all privileges on puppet.* to puppet@localhost identified by 'teppup';
Query OK, 1 rows affected (0.05 sec)
With the database and account created in MySQL, you're ready to configure/etc/puppet/puppet.conf. The lines in
Listing 6-6
need to be inserted in the[master]section of the configuration file.
Listing 6-6.
puppet.conf MySQL stored configuration settings
# vim /etc/puppet/puppet.conf
[master]
storeconfigs = true
dbadapter = mysql
dbname =
puppet
dbuser =
puppet
dbpassword =
teppup
dbserver = localhost
dbsocket = /var/run/mysqld/mysqld.sock
If you chose to change the name of the database, the account, or the account password, please make sure to reflect those changes in thepuppet.confsettings.
The database tables will not be created until the Puppet master compiles a catalog. We can easily test the configuration of Stored Configs using a standalone Puppet master and agent. After the agent runs, we can expect the tables and configuration information to be visible in themysqlconsole.
Note
When using a load balancer configuration as we demonstrated in
Chapter 5
, each Puppet master worker process must be configured to connect to the same SQL server instance.
# puppet master --verbose --no-daemonize --masterport 8141
notice: Starting Puppet master version 2.6.4
This command starts the standalone Puppet master with the new Stored Configuration settings on an alternate port number, 8141, using themasterportoption. Next, we connect a single Puppet agent to this server in order to trigger the table creation in the “puppet” database:
# puppet agent --test --masterport 8141
info: Caching catalog for debian.example.com
info: Applying configuration version '1293480381'
notice: Finished catalog run in 0.01 seconds
