• Puppet基础篇8-编写第二个完整测试模块yum
  • 工欲善其事必先利其器
    • 一、配置之前需要考虑的问题:
    • 二、创建yum模块

    Puppet基础篇8-编写第二个完整测试模块yum

    工欲善其事必先利其器

    上一节讲解了puppet基础环境模块puppet,除此之外影响puppet基础环境的还有一个模块叫yum源,当然这个是相对于RedHat系统而言的,如果是SLES系统,就要配置zypper源了,其它Linux系统也是如此。那么配置yum源需要用到哪些资源呢?

    之前写puppet模块的时候用到了file资源、service资源、package资源,那么这三个资源是否能满足yum模块的配置呢,答案是肯定的。然而官方给出了专用的yumrepo资源,管理可以精确到repo里面的每一行,使用还是非常方便的,接下来,我们使用官方给出的yumrepo资源来配置yum模块。

    注:上一节教会大家如何一步步创建一个完整模块,为了避免重复,这一节就直接贴配置了。

    一、配置之前需要考虑的问题:

    1、yum包需要被安装;

    2、yum主配置文件yum.conf需要配置正确;

    3、每台主机至少有两个repo源,一个指向本地的ISO源,一个指向自定义的puppet源;

    4、不同系统版本的repo源中的部分参数略有不同,比如baseurl。

    二、创建yum模块

    1、创建yum模块目录结构

    1. [root@puppetmaster modules]# tree yum
    2. yum
    3. ├── files
    4. ├── manifests
    5. └── templates
    7. 3 directories, 0 files

    2、创建package资源

    1. [root@puppetmaster manifests]# vim install.pp
    3. class yum::install{
    4.   package { 'yum':
    5.     ensure => installed, #要求yum这个包处于安装状态
    6.   }
    7. }

    3、创建params.pp

    根据操作系统版本定义repo文件中的各项条目

    1. eg.
    2. [root@agent1 ~]# facter | grep operatingsystemrelease   系统版本fact
    3. operatingsystemrelease => 5.7

    由于RedHat存在多个版本,不同版本yum源的指向不同,对应的pki认证文件也不同,因此应当设置一些变量,然后进行引用。以下只定义了系统版本为5.7、5.8、和6.4的变量,如果有其它版本效仿即可。

    1. [root@puppetmaster manifests]# vim params.pp
    2. class yum::params {
    3.   case $operatingsystemrelease{
    4.     5.7: {
    5.       $yum_redhat_descr = 'rhel base rpm packages'  #定义redhat光盘源的描述信息
    6.       $yum_puppet_descr = 'puppet rpm packages for rhel' #定义puppet源的描述信息
    7.       $yum_redhat_pki = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5' #定义redhat光盘源的pki认证文件位置
    8.       $yum_redhat_baseurl = 'file:///media/cdrom/Server'  #定义redhat光盘源baseurl的下载位置
    9.       $yum_puppet_baseurl = 'ftp://puppetmaster.kisspuppet.com/RHEL5U7' #定义puppet源baseurl的下载位置
    10.       $yum_redhat_pki_name = '/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5' #定义puppet源pki认证文件位置
    11.       $yum_redhat_pki_download = 'puppet:///modules/yum/PM-GPG-KEY/RPM-GPG-KEY-redhat-release-rhel5' #定义pki文件的服务器下载地址
    12.     }
    14.     5.8: {
    15.       $yum_redhat_descr = 'rhel base rpm packages'
    16.       $yum_puppet_descr = 'puppet rpm packages for rhel'
    17.       $yum_redhat_pki = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5'
    18.       $yum_redhat_baseurl = 'file:///media/cdrom/Server'
    19.       $yum_puppet_baseurl = 'ftp://puppetmaster.kisspuppet.com/RHEL5U8'
    20.       $yum_redhat_pki_name = '/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5'
    21.       $yum_redhat_pki_download = 'puppet:///modules/yum/PM-GPG-KEY/RPM-GPG-KEY-redhat-release-rhel5'
    22.     }
    24.     6.4: {
    25.       $yum_redhat_descr = 'rhel base rpm packages'
    26.       $yum_puppet_descr = 'puppet rpm packages for rhel'
    27.       $yum_redhat_pki = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel6'
    28.       $yum_redhat_baseurl = 'file:///media/cdrom'
    29.       $yum_puppet_baseurl = 'ftp://puppetmaster.kisspuppet.com/RHEL6U4'
    30.       $yum_redhat_pki_name = '/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel6'
    31.       $yum_redhat_pki_download = 'puppet:///modules/yum/PM-GPG-KEY/RPM-GPG-KEY-redhat-release-rhel6'
    32.     }
    33.    default: {  #定义如果没有以上版本的系统,直接报以下错误,同时也是为了方便调试
    34.       fail("Module yum is not supported on ${::operatingsystem}")
    35.     }
    36.   }
    37. }

    4、创建config.pp文件

    config.pp文件用于管理yum主配置文件yum.conf,repo文件的属性,pki文件的属性及下载地址和yumrepo源

    1. [root@puppetmaster manifests]# vim config.pp
    2. class yum::config{
    3.   include yum::params  #引用class yum::params
    4.   include yum::config_file,yum::config_key,yum::config_repo
    5. }
    7. class yum::config_file{
    8.   file { '/etc/yum.conf':  #创建file资源管理yum主配置文件yum.conf
    9.     ensure  => present, #要求文件处于存在状态
    10.     owner   => 'root',  #属主为root
    11.     group   => 'root',  #属组为root
    12.     mode    => '0644',  #文件权限为644
    13.     source  => 'puppet:///modules/yum/etc/yum.conf', #要求从puppetmaster服务器指定目录去下载
    14.     require => Class['yum::install'], #要求在配置之前先安装yum软件包
    15.   }
    16.   file { '/etc/yum.repos.d/rhel-base.repo':  #设置光盘repo的一些属性
    17.     ensure  => present,
    18.     owner   => 'root',
    19.     group   => 'root',
    20.     mode    => '0644',
    21.     require => Class['yum::config_repo'], #要求设置之前yumrepo资源rhel-base必须存在
    22.   }
    23.   file { '/etc/yum.repos.d/rhel-puppet.repo':  #设置puppet repo的一些属性
    24.     ensure  => present,
    25.     owner   => 'root',
    26.     group   => 'root',
    27.     mode    => '0644',
    28.     require => Class['yum::config_repo'],  #要求设置之前yumrepo资源puppet必须存在
    29.   }
    30. }
    31. class yum::config_key{  #设置pki证书的一些属性及下载位置
    32.   file { $yum::params::yum_redhat_pki_name:
    33.     ensure => present,
    34.     owner  => 'root',
    35.     group  => 'root',
    36.     mode   => '0644',
    37.     source => $yum::params::yum_redhat_pki_download,
    38.   }
    39. }
    40. class yum::config_repo{  
    41.   yumrepo { rhel-base: #创建yumrepo资源rhel-base
    42.     descr    => $yum::params::yum_redhat_descr, #设置描述信息
    43.     baseurl  => $yum::params::yum_redhat_baseurl, #设置yum源下载地址
    44.     enabled  => 1, #激活yum源
    45.     gpgcheck => 1, #设置要求通过pki校验
    46.     gpgkey   => $yum::params::yum_redhat_pki, #设置pki文件的下载位置
    47.     require  => Class['yum::config_key'], #要求这个文件必须存在
    48.     priority => 1, #设置repo的优先级为1(数字越小优先级越高)
    49.   }
    50.   yumrepo { rhel-puppet:
    51.     descr    => $yum::params::yum_puppet_descr,
    52.     baseurl  => $yum::params::yum_puppet_baseurl,
    53.     enabled  => 1,
    54.     gpgcheck => 0,
    55.     priority => 2,
    56.   }
    57. }

    5、创建init.pp文件

    由于params.pp文件中设置的变量名称引用太长,这里可以在init.pp中将变量名简化,方便引用。

    1. class yum(
    2.   $yum_redhat_descr        = $yum::params::yum_redhat_descr, #
    3.   $yum_puppet_descr        = $yum::params::yum_puppet_descr,
    4.   $yum_redhat_pki          = $yum::params::yum_redhat_pki,
    5.   $yum_redhat_baseurl      = $yum::params::yum_redhat_baseurl,
    6.   $yum_puppet_baseurl      = $yum::params::yum_puppet_baseurl,
    7.   $yum_redhat_pki_name     = $yum::params::yum_redhat_pki_name,
    8.   $yum_redhat_pki_download = $yum::params::yum_redhat_pki_download
    9.   ) inherits yum::params {   #设置这些变量依赖于yum::params类
    10.   include yum::config,yum::install  #包含所有子class
    11. }

    因此、上面定义的class yum::config_key和yum::config_repo可以写成以下格式

    1. class yum::config_key{  #设置pki证书的一些属性及下载位置
    2.   file { $yum_redhat_pki_name:
    3.     ensure => present,
    4.     owner  => 'root',
    5.     group  => 'root',
    6.     mode   => '0644',
    7.     source => $yum_redhat_pki_download,
    8.   }
    9. }
    11. class yum::config_repo{  
    12.   yumrepo { rhel-base: #创建yumrepo资源rhel-base
    13.     descr    => $yum_redhat_descr, #设置描述信息
    14.     baseurl  => $yum_redhat_baseurl, #设置yum源下载地址
    15.     enabled  => 1, #激活yum源
    16.     gpgcheck => 1, #设置要求通过pki校验
    17.     gpgkey   => $yum_redhat_pki, #设置pki文件的下载位置
    18.     require  => Class['yum::config_key'], #要求这个文件必须存在
    19.     priority => 1, #设置repo的优先级为1(数字越小优先级越高)
    20.   }
    21.   yumrepo { rhel-puppet:
    22.     descr    => $yum_puppet_descr,
    23.     baseurl  => $yum_puppet_baseurl,
    24.     enabled  => 1,
    25.     gpgcheck => 0,
    26.     priority => 2,
    27.   }
    28. }

    6、创建puppet.conf和pki文件

    1. [root@puppetmaster yum]# tree files
    2. files
    3. ├── etc
    4.    └── yum.conf  #可以从节点/etc/目录下copy一个yum.conf文件进行配置管理
    5. └── PM-GPG-KEY
    6.     ├── RPM-GPG-KEY-puppet-release  #自己做一个pki文件,如何做,请google
    7.     ├── RPM-GPG-KEY-redhat-release-rhel5  #在RHEL5系统/etc/pki/rpm-gpg/目录下面有对应的pki文件,将其命个别名即可
    8.     └── RPM-GPG-KEY-redhat-release-rhel6  #在RHEL6系统/etc/pki/rpm-gpg/目录下面有对应的pki文件,将其命个别名即可
    10. 2 directories, 4 files

    7、应用到节点上

    1. [root@puppetmaster modules]# vim /etc/puppet/manifests/site.pp 
    3. $puppetmaster = 'puppetmaster.kisspuppet.com'
    5. class environments{
    6.   include motd,puppet,yum
    7. }
    9. node default{
    10.    include environments
    11. }

    8、在agent1上进行测试

    1. [root@agent1 yum.repos.d]# mv * /tmp/  #将所有的repo文件移动到/tmp目录下
    2. [root@agent1 yum.repos.d]# puppet agent -t #运行一次puppet更新动作,可以通过以下日志看出更新
    3. info: Caching catalog for agent1_cert.kisspuppet.com
    4. info: Applying configuration version '1395696487'
    5. info: create new repo rhel-puppet in file /etc/yum.repos.d/rhel-puppet.repo
    6. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/descr: descr changed '' to 'puppet rpm packages for rhel'
    7. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/baseurl: baseurl changed '' to 'ftp://puppetmaster.kisspuppet.com/RHEL5U7'
    8. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/enabled: enabled changed '' to '1'
    9. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/gpgcheck: gpgcheck changed '' to '0'
    10. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-puppet]/priority: priority changed '' to '2'
    11. info: changing mode of /etc/yum.repos.d/rhel-puppet.repo from 600 to 644
    12. info: create new repo rhel-base in file /etc/yum.repos.d/rhel-base.repo
    13. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/descr: descr changed '' to 'rhel base rpm packages'
    14. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/baseurl: baseurl changed '' to 'file:///media/cdrom/Server'
    15. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/enabled: enabled changed '' to '1'
    16. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/gpgcheck: gpgcheck changed '' to '1'
    17. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/gpgkey: gpgkey changed '' to 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5'
    18. notice: /Stage[main]/Yum::Config_repo/Yumrepo[rhel-base]/priority: priority changed '' to '1'
    19. info: changing mode of /etc/yum.repos.d/rhel-base.repo from 600 to 644
    20. notice: Finished catalog run in 0.51 seconds
    21. [root@agent1 yum.repos.d]# ls
    22. rhel-base.repo  rhel-puppet.repo
    23. [root@agent1 yum.repos.d]# cat rhel-base.repo  #查看更新的光盘源文件
    24. [rhel-base]
    25. name=rhel base rpm packages
    26. baseurl=file:///media/cdrom/Server
    27. enabled=1
    28. gpgcheck=1
    29. gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release-rhel5
    30. priority=1
    31. [root@agent1 yum.repos.d]# cat rhel-puppet.repo #插件更新的puppet源文件
    32. [rhel-puppet]
    33. name=puppet rpm packages for rhel
    34. baseurl=ftp://puppetmaster.kisspuppet.com/RHEL5U7
    35. enabled=1
    36. gpgcheck=0
    37. priority=2

    说明:关于puppet的资源目前大概有48种,这里就不一一介绍了,详情可访问 http://docs.puppetlabs.com/references/stable/type.html