本文共 4696 字,大约阅读时间需要 15 分钟。
default 针对所有节点
node default { file { "/tmp/helloworld.txt": content => "hello, world"; }} # cat /etc/puppet/manifests/site.ppnode default { file { "/tmp/puppettest1.txt": content => "hello,first puppet manifest"; }} 指定节点
# cat /etc/puppet/manifests/test.ppnode www { file { "/var/www/index.html": source => "/tmp/something", mode => 666; }} 多个节点
node 'www','images' { ... ...} 如果没有指定name的话就会建立和资源名一样的用户名/组名,如果指定了name就以name指定的用户名/组名为主
用户组的添加
node 'node1.example.com' {#为该节点添加一个名字为test的组,并设置组ID为1000,如果不指定name的值,所创建的用户就为web。 group { "web": ensure => "present", gid => 1000, name => "test"; }#为该节点添加一个httpd的组,并且设置ID和web一样 group { "httpd": ensure => "present", gid => 1000, allowdupe => true; }#为该节点删除一个apache的组。 group { "apache": ensure => "absent", }} 用户组的删除
node 'node1.example.com' {#为该节点删除一个web的组。 group { "web": ensure => "absent", }} 用户的添加
#创建一个用户并且密码为空user {"svn": ensure => "present", shell => "/sbin/nologin";}#创建一个www用户,设置用户描述为webmaster,shell为bash,user {"www": ensure => "present", comment => "webmaster user", name => "www", shell => "/sbin/bash";}#创建一个gid为80的用户组:group { "www": ensure => "present", gid => 80, } 用户的删除
user { "neo": ensure => "absent",} 创建用户并指定密码
生成密码
# grub-md5-cryptPassword:Retype password:$1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70
user { "www": ensure => "present", uid => 80, gid => 80, home => "/var/www", shell => "/bin/bash", managehome => true, password => '$1$ZlJ1u0$tdv/dr8pYuHh.eT47F6b70';}file {"/var/www": group => 80, owner => 80, mode => 700, ensure => directory;} file { "/var/www/my/file": source => "/path/in/nfs/or/something", mode => 666;} ensure => absent; #absent是检测文件是否存在,如果存在则删除ensure => present; #present正好相反,如果不存在则创建ensure => directory; #创建一个目录的方法force = > true; #删除一个目录必须加上这个参数source => "PATH"; #指定数据来源backup => ".backup_$uptime_seconds"; 覆盖前备份文件
创建目录实例
file { "/tmp/cache": owner => "www", group => "www", mode => 700, ensure => directory;} source 表示 agent节点上的目录
node www { file { "/var/www": owner => "nginx", group => "nginx", mode => 700, ensure => directory; } file { "/var/www/index.html": source => "/tmp/something", mode => 666; }} 从master上获取文件
fileserver.conf 配置如下
[files]path /var/lib/puppet/filesallow *
site.pp配置如下
file { "/tmp/test.txt": source => "puppet://puppet.example.com/files/test.txt", } 此处的files为fileserver.conf中定义模块
file{ "/opt/testfile": owner => "puppet", group => "puppet", mode => 777;} present, installed 安装包absent,pureged 卸载包
# startpackage { "dnsmasq": ensure => installed; }file { "/etc/resolv.conf": require => Service["dnsmasq"], content => "nameserver 127.0.0.1\n"; }service { "dnsmasq": ensure => running, pattern => "dnsmasq" , require => Package["dnsmasq"]; }# end package { "httpd": ensure => installed; 安装httpd,或用present也表示安装 ["vim","vsftpd"]: ensure=>absent; 删除vim 和vsftpd软件,使用pureged表示彻底删除软件} $package_list = [ "screen", "strace", "sudo" ]package { $package_list: ensure => "installed" } package { "lamp": ensure => present, provider => rpm, source => "http://192.168.0.1/lamp.rpm";} service { 'sshd': ensure => running, enable => true, hasrestart => true, hasstatus => true, subscribe => File['/etc/ssh/sshd_config'],} exec { "creates file": cwd => "/tmp", #指定命令执行的目录。如果目录不存在,则命令执行失败。 command => "/bin/echo helloworld > /tmp/hello.txt", user => "root", path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"; #命令执行的搜索路径。如果path没有被定义,命令需要使用绝对路径。} exec { “/srv/puppet/shell/test.sh”: cwd => “/srv/puppet”, timeout => 7200, logoutput => on_failure, user => root, path => ["/sbin", "/usr/sbin", "/usr/local/sbin", "/usr/local/bin", "/usr/bin", "/bin", "/usr/local/java/jre/bin"], require => File["/srv/puppet/shell/test.sh"]} cron{ ntpdate: command => "/usr/sbin/ntpdate 172.16.0.1", user => root, minute =>'*/5', require => Package["crontabs"];} file { "/etc/cron.hourly/backup": mode => 755, owner => root, group => root, require => Package[mysql], content => template("db/backup.erb");} 原文出处:Netkiller 系列 手札
本文作者:陈景峯 转载请与作者联系,同时请务必标明文章原始出处和作者信息及本声明。