自動化運維工具之Puppet模組
阿新 • • 發佈:2020-12-05
前文我們瞭解來puppet的變數、流程控制、正則表示式、類和模板的相關話題,回顧請參考https://www.cnblogs.com/qiuhom-1874/p/14079208.html;今天我們來了解下puppet中的模組相關概念;
什麼是模組?
在puppet中模組的概念有點類似ansible中的角色;在puppet中模組就是把定義在一個資源清單中的各個資源拆分到不同的資原始檔中,然後把對應的檔案放在特定的目錄中;簡單講puppet中的模組就是一個按約定的、預定義的結構存放了多個檔案或子目錄的目錄,目錄裡的檔案或子目錄必須遵循某種命名規範;puppet會按照此種規範在特定位置查詢模組所需檔案,不過這些特定的目錄可以通過puppet配置引數modulepath來指定;
模組的目錄結構
提示:MODULE NAME是模組的名稱,模組名稱必須是小寫字母開頭,可以包含小寫字母,數字,下劃線;不能將“main”,“setting”作為模組名稱;manifests是用來存在當前模組的所有資源清單檔案,每個資源清單檔案中必須包含一個類或一個定義的類,但init.pp這個檔案中只能包含一個單獨的類定義,且類名必須同模組名相同;資源清單檔案訪問路徑格式遵循MOUDLE_NAME::[SubDirectoryName::]ManifastFileName;這裡需要注意一點訪問資源清單檔案,不需要加字尾.pp;files目錄主要用來存放靜態檔案,這些靜態檔案可被節點下載使用,每個檔案的訪問遵循puppet://modules/MODULE_NAME/filename的路徑格式;templates目錄主要用來存放模版檔案其訪問路徑遵循template('ModuleName/TemplateFileName')格式;lib目錄主要用來存放自定義fact和自定義資源型別等;tests目錄主要用來存放當前模組的使用幫助或使用範例檔案;類似如何聲明當前模組中的類以及定義的型別等;spec目錄類似tests目錄,不同tests目錄的是,該目錄主要存放lib中存放的自定義fact和資源型別的幫助或使用範例檔案;一個模組中如果沒有自定義fact或資源型別,後面的lib,tests,spec這三個目錄可以不用建立;
示例:將以下資源清單更改為模組
[root@slave03 ~]# cat redis.pp
class redis{
package{"redis":
ensure => installed,
}
service{"redis":
ensure => running,
enable => true,
hasrestart => true,
restart => 'service redis restart',
}
}
class redis::master($masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('/root/redis-master.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
class redis::slave($masterip,$masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('/root/redis-slave.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
[root@slave03 ~]#
建立目錄結構
[root@slave03 ~]# mkdir -p /etc/puppet/modules/redis/{manifests,files,templates,lib,tests,spec}
[root@slave03 ~]# tree /etc/puppet/modules/redis/
/etc/puppet/modules/redis/
├── files
├── lib
├── manifests
├── spec
├── templates
└── tests
6 directories, 0 files
[root@slave03 ~]#
提示:puppet預設模組存放在/etc/puppet/modules或/usr/share/puppet/modules/目錄下,可以通過puppet config print modulepath 命令檢視;如果要修改其模組存放位置,可以使用puppet config set modulepath 'path/to/somewhere';
移動模版檔案到templates目錄下
[root@slave03 ~]# mv redis-master.conf.erb redis-slave.conf.erb /etc/puppet/modules/redis/templates/ [root@slave03 ~]# ll /etc/puppet/modules/redis/templates/ total 8 -rw-r--r-- 1 root root 1247 Dec 4 16:20 redis-master.conf.erb -rw-r--r-- 1 root root 1276 Dec 4 16:18 redis-slave.conf.erb [root@slave03 ~]#
在manifests目錄下建立init.pp
[root@slave03 ~]# cat /etc/puppet/modules/redis/manifests/init.pp
class redis{
package{"redis":
ensure => installed,
}
service{"redis":
ensure => running,
enable => true,
hasrestart => true,
restart => 'service redis restart',
}
}
[root@slave03 ~]#
提示:通常這個init.pp這個檔案主要用來定義基類;其他子類需要單獨定一個檔案;
在manifests目下建立master.pp和slave.pp資源清單檔案
[root@slave03 ~]# cat /etc/puppet/modules/redis/manifests/master.pp
class redis::master($masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('redis/redis-master.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
[root@slave03 ~]# cat /etc/puppet/modules/redis/manifests/slave.pp
class redis::slave($masterip,$masterport='6379',$masterpass='admin') inherits redis {
file{"/etc/redis.conf":
ensure => file,
content => template('redis/redis-slave.conf.erb'),
owner => 'redis',
group => 'root',
mode => '0644',
}
Service["redis"]{
subscribe => File["/etc/redis.conf"],
restart => 'systemctl restart redis'
}
}
[root@slave03 ~]#
提示:如果複製檔案是一個模版需要將模版檔案放在templates目錄下,使用template內建函式訪問時需要遵循template('ModuleName/TemplateFileName')的格式引用;如果是複製檔案是一個普通檔案(非模版格式檔案)在對應的files目錄要存在對應的檔案;其次在用source屬性指定訪問檔案時,需要使用puppet:///modules/ModuleName/filename的格式;
最終redis模組目錄結構
[root@slave03 ~]# tree /etc/puppet/modules/redis/ /etc/puppet/modules/redis/ ├── files ├── lib ├── manifests │ ├── init.pp │ ├── master.pp │ └── slave.pp ├── spec ├── templates │ ├── redis-master.conf.erb │ └── redis-slave.conf.erb └── tests 6 directories, 5 files [root@slave03 ~]#
檢視puppet現有的模組
[root@slave03 ~]# puppet module list /etc/puppet/modules └── redis (???) /usr/share/puppet/modules (no modules installed) [root@slave03 ~]#
提示:可以看到redis模組已經可以看到,其實我們在對應的模組存放路徑下建立目錄就可以看到對應的名稱;後面的問號是因為我們自定義的模組沒有寫說明資訊,它這裡可能是沒有獲取到指定的資訊,所以顯示問號;但這不影響我們使用模組;
單機模型下使用模組
呼叫模組(呼叫基類)
[root@slave03 ~]# rpm -q redis package redis is not installed [root@slave03 ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 80 [::]:3306 [::]:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 100 [::1]:25 [::]:* [root@slave03 ~]# puppet apply -v --noop -e 'include redis' Notice: Compiled catalog for slave03 in environment production in 0.49 seconds Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false. (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default') Info: Applying configuration version '1607074610' Notice: /Stage[main]/Redis/Package[redis]/ensure: current_value absent, should be present (noop) Notice: /Stage[main]/Redis/Service[redis]/ensure: current_value stopped, should be running (noop) Info: /Stage[main]/Redis/Service[redis]: Unscheduling refresh on Service[redis] Notice: Class[Redis]: Would have triggered 'refresh' from 2 events Notice: Stage[main]: Would have triggered 'refresh' from 1 events Notice: Finished catalog run in 0.29 seconds [root@slave03 ~]# puppet apply -v -e 'include redis' Notice: Compiled catalog for slave03 in environment production in 0.49 seconds Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false. (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default') Info: Applying configuration version '1607074622' Notice: /Stage[main]/Redis/Package[redis]/ensure: created Notice: /Stage[main]/Redis/Service[redis]/ensure: ensure changed 'stopped' to 'running' Info: /Stage[main]/Redis/Service[redis]: Unscheduling refresh on Service[redis] Notice: Finished catalog run in 3.66 seconds [root@slave03 ~]# rpm -q redis redis-3.2.12-2.el7.x86_64 [root@slave03 ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 127.0.0.1:6379 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 80 [::]:3306 [::]:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 100 [::1]:25 [::]:* [root@slave03 ~]#
提示:單機模型下呼叫模組中的類,需要使用-e選項來宣告類;以上資訊可以看到redis安裝好了,並以預設配置啟動起來,監聽在127.0.0.1的6379埠;這裡只是呼叫了init.pp中的程式碼;
呼叫子類
[root@slave03 ~]# puppet apply -v -e 'include redis::master'
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Notice: Compiled catalog for slave03 in environment production in 0.63 seconds
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
(at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607074812'
Info: FileBucket got a duplicate file {md5}d98629fded012cd2a25b9db0599a9251
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Filebucketed /etc/redis.conf to puppet with sum d98629fded012cd2a25b9db0599a9251
Notice: /Stage[main]/Redis::Master/File[/etc/redis.conf]/content: content changed '{md5}d98629fded012cd2a25b9db0599a9251' to '{md5}9bcaca33cf09d7cb0bb1beec2006a644'
Notice: /Stage[main]/Redis::Master/File[/etc/redis.conf]/mode: mode changed '0640' to '0644'
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Notice: /Stage[main]/Redis/Service[redis]: Triggered 'refresh' from 2 events
Notice: Finished catalog run in 0.29 seconds
[root@slave03 ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:6379 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 80 [::]:3306 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@slave03 ~]# cat /etc/redis.conf
bind 0.0.0.0
protected-mode yes
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /var/run/redis_6379.pid
loglevel notice
logfile /var/log/redis/redis.log
databases 16
requirepass admin
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /var/lib/redis
slave-serve-stale-data yes
slave-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
slave-priority 100
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
aof-rewrite-incremental-fsync yes
[root@slave03 ~]#
提示:可以看到呼叫master子類,對應redis就監聽在本機所有地址的6379埠上,並且在配置檔案也變成了我們手動提供的配置檔案,對應模版中的變數已經替換成變數預設值;
redis-master.conf.erb模版檔案內容
[root@slave03 ~]# cat /etc/puppet/modules/redis/templates/redis-master.conf.erb bind 0.0.0.0 protected-mode yes port <%= @masterport %> tcp-backlog 511 timeout 0 tcp-keepalive 300 daemonize no supervised no pidfile /var/run/redis_6379.pid loglevel notice logfile /var/log/redis/redis.log databases 16 requirepass <%= @masterpass %> save 900 1 save 300 10 save 60 10000 stop-writes-on-bgsave-error yes rdbcompression yes rdbchecksum yes dbfilename dump.rdb dir /var/lib/redis slave-serve-stale-data yes slave-read-only yes repl-diskless-sync no repl-diskless-sync-delay 5 repl-disable-tcp-nodelay no slave-priority 100 appendonly no appendfilename "appendonly.aof" appendfsync everysec no-appendfsync-on-rewrite no auto-aof-rewrite-percentage 100 auto-aof-rewrite-min-size 64mb aof-load-truncated yes lua-time-limit 5000 slowlog-log-slower-than 10000 slowlog-max-len 128 latency-monitor-threshold 0 notify-keyspace-events "" hash-max-ziplist-entries 512 hash-max-ziplist-value 64 list-max-ziplist-size -2 list-compress-depth 0 set-max-intset-entries 512 zset-max-ziplist-entries 128 zset-max-ziplist-value 64 hll-sparse-max-bytes 3000 activerehashing yes client-output-buffer-limit normal 0 0 0 client-output-buffer-limit slave 256mb 64mb 60 client-output-buffer-limit pubsub 32mb 8mb 60 hz 10 aof-rewrite-incremental-fsync yes [root@slave03 ~]#View Code
呼叫子類,並向子類中傳遞引數
模版中需要傳遞的引數
[root@slave03 ~]# grep -Ei ^"slaveof|masterauth" /etc/puppet/modules/redis/templates/redis-slave.conf.erb slaveof <%= @masterip %> <%= @masterport %> masterauth <%= @masterpass %> [root@slave03 ~]#
宣告slave子類,並應用對應的清單
[root@slave03 ~]# puppet apply -v -e 'class{"redis::slave": masterip => "10.0.0.3"}'
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Notice: Compiled catalog for slave03 in environment production in 0.66 seconds
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
(at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607075455'
Info: FileBucket got a duplicate file {md5}9bcaca33cf09d7cb0bb1beec2006a644
Info: /Stage[main]/Redis::Slave/File[/etc/redis.conf]: Filebucketed /etc/redis.conf to puppet with sum 9bcaca33cf09d7cb0bb1beec2006a644
Notice: /Stage[main]/Redis::Slave/File[/etc/redis.conf]/content: content changed '{md5}9bcaca33cf09d7cb0bb1beec2006a644' to '{md5}15f84c31c3f4582b526724da6ffd08d5'
Info: /Stage[main]/Redis::Slave/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Notice: /Stage[main]/Redis/Service[redis]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.38 seconds
[root@slave03 ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:6379 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 80 [::]:3306 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@slave03 ~]# grep -Ei ^"slaveof|masterauth" /etc/redis.conf
slaveof 10.0.0.3 6379
masterauth admin
[root@slave03 ~]#
提示:在slave.pp檔案中masterport和masterpass這兩個變數都有預設值,所以傳遞宣告類可以只傳遞masterip這個變數的值即可;從上面的資訊可以看到redis的配置檔案中slaveof 的值就是我們傳遞的IP地址,對應埠和master密碼都是使用的預設