自動化運維工具之Puppet模組
前文我們了解來puppet的變數、流程式控制制、正則表達式、類和模板的相關話題,回顧請參考//www.cnblogs.com/qiuhom-1874/p/14079208.html;今天我們來了解下puppet中的模組相關概念;
什麼是模組?
在puppet中模組的概念有點類似ansible中的角色;在puppet中模組就是把定義在一個資源清單中的各個資源拆分到不同的資源文件中,然後把對應的文件放在特定的目錄中;簡單講puppet中的模組就是一個按約定的、預定義的結構存放了多個文件或子目錄的目錄,目錄里的文件或子目錄必須遵循某種命名規範;puppet會按照此種規範在特定位置查找模組所需文件,不過這些特定的目錄可以通過puppet配置參數modulepath來指定;
模組的目錄結構
提示:MODULE NAME是模組的名稱,模組名稱必須是小寫字母開頭,可以包含小寫字母,數字,下劃線;不能將「main」,「setting」作為模組名稱;manifests是用來存在當前模組的所有資源清單文件,每個資源清單文件中必須包含一個類或一個定義的類,但init.pp這個文件中只能包含一個單獨的類定義,且類名必須同模組名相同;資源清單文件訪問路徑格式遵循MOUDLE_NAME::[SubDirectoryName::]ManifastFileName;這裡需要注意一點訪問資源清單文件,不需要加後綴.pp;files目錄主要用來存放靜態文件,這些靜態文件可被節點下載使用,每個文件的訪問遵循puppet://modules/MODULE_NAME/filename的路徑格式;templates目錄主要用來存放模版文件其訪問路徑遵循template(‘ModuleName/TemplateFileName’)格式;lib目錄主要用來存放自定義fact和自定義資源類型等;tests目錄主要用來存放當前模組的使用幫助或使用範例文件;類似如何聲明當前模組中的類以及定義的類型等;spec目錄類似tests目錄,不同tests目錄的是,該目錄主要存放lib中存放的自定義fact和資源類型的幫助或使用範例文件;一個模組中如果沒有自定義fact或資源類型,後面的lib,tests,spec這三個目錄可以不用創建;
示例:將以下資源清單更改為模組
[root@slave03 ~]# cat redis.pp
class redis{
package{"redis":
ensure => installed,
}
service{"redis":
ensure => running,
enable => true,
hasrestart => true,
restart => 'service redis restart',
}
}
class redis::master($masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('/root/redis-master.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
class redis::slave($masterip,$masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('/root/redis-slave.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
[root@slave03 ~]#
創建目錄結構
[root@slave03 ~]# mkdir -p /etc/puppet/modules/redis/{manifests,files,templates,lib,tests,spec}
[root@slave03 ~]# tree /etc/puppet/modules/redis/
/etc/puppet/modules/redis/
├── files
├── lib
├── manifests
├── spec
├── templates
└── tests
6 directories, 0 files
[root@slave03 ~]#
提示:puppet默認模組存放在/etc/puppet/modules或/usr/share/puppet/modules/目錄下,可以通過puppet config print modulepath 命令查看;如果要修改其模組存放位置,可以使用puppet config set modulepath ‘path/to/somewhere’;
移動模版文件到templates目錄下
[root@slave03 ~]# mv redis-master.conf.erb redis-slave.conf.erb /etc/puppet/modules/redis/templates/ [root@slave03 ~]# ll /etc/puppet/modules/redis/templates/ total 8 -rw-r--r-- 1 root root 1247 Dec 4 16:20 redis-master.conf.erb -rw-r--r-- 1 root root 1276 Dec 4 16:18 redis-slave.conf.erb [root@slave03 ~]#
在manifests目錄下創建init.pp
[root@slave03 ~]# cat /etc/puppet/modules/redis/manifests/init.pp
class redis{
package{"redis":
ensure => installed,
}
service{"redis":
ensure => running,
enable => true,
hasrestart => true,
restart => 'service redis restart',
}
}
[root@slave03 ~]#
提示:通常這個init.pp這個文件主要用來定義基類;其他子類需要單獨定一個文件;
在manifests目下創建master.pp和slave.pp資源清單文件
[root@slave03 ~]# cat /etc/puppet/modules/redis/manifests/master.pp
class redis::master($masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('redis/redis-master.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
[root@slave03 ~]# cat /etc/puppet/modules/redis/manifests/slave.pp
class redis::slave($masterip,$masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('redis/redis-slave.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
[root@slave03 ~]#
提示:如果複製文件是一個模版需要將模版文件放在templates目錄下,使用template內建函數訪問時需要遵循template(‘ModuleName/TemplateFileName’)的格式引用;如果是複製文件是一個普通文件(非模版格式文件)在對應的files目錄要存在對應的文件;其次在用source屬性指定訪問文件時,需要使用puppet:///modules/ModuleName/filename的格式;
最終redis模組目錄結構
[root@slave03 ~]# tree /etc/puppet/modules/redis/ /etc/puppet/modules/redis/ ├── files ├── lib ├── manifests │ ├── init.pp │ ├── master.pp │ └── slave.pp ├── spec ├── templates │ ├── redis-master.conf.erb │ └── redis-slave.conf.erb └── tests 6 directories, 5 files [root@slave03 ~]#
查看puppet現有的模組
[root@slave03 ~]# puppet module list /etc/puppet/modules └── redis (???) /usr/share/puppet/modules (no modules installed) [root@slave03 ~]#
提示:可以看到redis模組已經可以看到,其實我們在對應的模組存放路徑下創建目錄就可以看到對應的名稱;後面的問號是因為我們自定義的模組沒有寫說明資訊,它這裡可能是沒有獲取到指定的資訊,所以顯示問號;但這不影響我們使用模組;
單機模型下使用模組
調用模組(調用基類)
[root@slave03 ~]# rpm -q redis package redis is not installed [root@slave03 ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 80 [::]:3306 [::]:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 100 [::1]:25 [::]:* [root@slave03 ~]# puppet apply -v --noop -e 'include redis' Notice: Compiled catalog for slave03 in environment production in 0.49 seconds Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false. (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default') Info: Applying configuration version '1607074610' Notice: /Stage[main]/Redis/Package[redis]/ensure: current_value absent, should be present (noop) Notice: /Stage[main]/Redis/Service[redis]/ensure: current_value stopped, should be running (noop) Info: /Stage[main]/Redis/Service[redis]: Unscheduling refresh on Service[redis] Notice: Class[Redis]: Would have triggered 'refresh' from 2 events Notice: Stage[main]: Would have triggered 'refresh' from 1 events Notice: Finished catalog run in 0.29 seconds [root@slave03 ~]# puppet apply -v -e 'include redis' Notice: Compiled catalog for slave03 in environment production in 0.49 seconds Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false. (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default') Info: Applying configuration version '1607074622' Notice: /Stage[main]/Redis/Package[redis]/ensure: created Notice: /Stage[main]/Redis/Service[redis]/ensure: ensure changed 'stopped' to 'running' Info: /Stage[main]/Redis/Service[redis]: Unscheduling refresh on Service[redis] Notice: Finished catalog run in 3.66 seconds [root@slave03 ~]# rpm -q redis redis-3.2.12-2.el7.x86_64 [root@slave03 ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 127.0.0.1:6379 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 80 [::]:3306 [::]:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 100 [::1]:25 [::]:* [root@slave03 ~]#
提示:單機模型下調用模組中的類,需要使用-e選項來聲明類;以上資訊可以看到redis安裝好了,並以默認配置啟動起來,監聽在127.0.0.1的6379埠;這裡只是調用了init.pp中的程式碼;
調用子類
[root@slave03 ~]# puppet apply -v -e 'include redis::master'
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Notice: Compiled catalog for slave03 in environment production in 0.63 seconds
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
(at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607074812'
Info: FileBucket got a duplicate file {md5}d98629fded012cd2a25b9db0599a9251
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Filebucketed /etc/redis.conf to puppet with sum d98629fded012cd2a25b9db0599a9251
Notice: /Stage[main]/Redis::Master/File[/etc/redis.conf]/content: content changed '{md5}d98629fded012cd2a25b9db0599a9251' to '{md5}9bcaca33cf09d7cb0bb1beec2006a644'
Notice: /Stage[main]/Redis::Master/File[/etc/redis.conf]/mode: mode changed '0640' to '0644'
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Notice: /Stage[main]/Redis/Service[redis]: Triggered 'refresh' from 2 events
Notice: Finished catalog run in 0.29 seconds
[root@slave03 ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:6379 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 80 [::]:3306 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@slave03 ~]# cat /etc/redis.conf
bind 0.0.0.0
protected-mode yes
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /var/run/redis_6379.pid
loglevel notice
logfile /var/log/redis/redis.log
databases 16
requirepass admin
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /var/lib/redis
slave-serve-stale-data yes
slave-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
slave-priority 100
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
aof-rewrite-incremental-fsync yes
[root@slave03 ~]#
提示:可以看到調用master子類,對應redis就監聽在本機所有地址的6379埠上,並且在配置文件也變成了我們手動提供的配置文件,對應模版中的變數已經替換成變數默認值;
redis-master.conf.erb模版文件內容
[root@slave03 ~]# cat /etc/puppet/modules/redis/templates/redis-master.conf.erb bind 0.0.0.0 protected-mode yes port <%= @masterport %> tcp-backlog 511 timeout 0 tcp-keepalive 300 daemonize no supervised no pidfile /var/run/redis_6379.pid loglevel notice logfile /var/log/redis/redis.log databases 16 requirepass <%= @masterpass %> save 900 1 save 300 10 save 60 10000 stop-writes-on-bgsave-error yes rdbcompression yes rdbchecksum yes dbfilename dump.rdb dir /var/lib/redis slave-serve-stale-data yes slave-read-only yes repl-diskless-sync no repl-diskless-sync-delay 5 repl-disable-tcp-nodelay no slave-priority 100 appendonly no appendfilename "appendonly.aof" appendfsync everysec no-appendfsync-on-rewrite no auto-aof-rewrite-percentage 100 auto-aof-rewrite-min-size 64mb aof-load-truncated yes lua-time-limit 5000 slowlog-log-slower-than 10000 slowlog-max-len 128 latency-monitor-threshold 0 notify-keyspace-events "" hash-max-ziplist-entries 512 hash-max-ziplist-value 64 list-max-ziplist-size -2 list-compress-depth 0 set-max-intset-entries 512 zset-max-ziplist-entries 128 zset-max-ziplist-value 64 hll-sparse-max-bytes 3000 activerehashing yes client-output-buffer-limit normal 0 0 0 client-output-buffer-limit slave 256mb 64mb 60 client-output-buffer-limit pubsub 32mb 8mb 60 hz 10 aof-rewrite-incremental-fsync yes [root@slave03 ~]#
View Code
調用子類,並向子類中傳遞參數
模版中需要傳遞的參數
[root@slave03 ~]# grep -Ei ^"slaveof|masterauth" /etc/puppet/modules/redis/templates/redis-slave.conf.erb slaveof <%= @masterip %> <%= @masterport %> masterauth <%= @masterpass %> [root@slave03 ~]#
聲明slave子類,並應用對應的清單
[root@slave03 ~]# puppet apply -v -e 'class{"redis::slave": masterip => "10.0.0.3"}'
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Notice: Compiled catalog for slave03 in environment production in 0.66 seconds
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
(at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607075455'
Info: FileBucket got a duplicate file {md5}9bcaca33cf09d7cb0bb1beec2006a644
Info: /Stage[main]/Redis::Slave/File[/etc/redis.conf]: Filebucketed /etc/redis.conf to puppet with sum 9bcaca33cf09d7cb0bb1beec2006a644
Notice: /Stage[main]/Redis::Slave/File[/etc/redis.conf]/content: content changed '{md5}9bcaca33cf09d7cb0bb1beec2006a644' to '{md5}15f84c31c3f4582b526724da6ffd08d5'
Info: /Stage[main]/Redis::Slave/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Notice: /Stage[main]/Redis/Service[redis]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.38 seconds
[root@slave03 ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:6379 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 80 [::]:3306 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@slave03 ~]# grep -Ei ^"slaveof|masterauth" /etc/redis.conf
slaveof 10.0.0.3 6379
masterauth admin
[root@slave03 ~]#
提示:在slave.pp文件中masterport和masterpass這兩個變數都有默認值,所以傳遞聲明類可以只傳遞masterip這個變數的值即可;從上面的資訊可以看到redis的配置文件中slaveof 的值就是我們傳遞的IP地址,對應埠和master密碼都是使用的默認值;
