Puppet 简明教程

Puppet - Overview

Puppet 是由 Puppet Labs 开发的一个配置管理工具,用于自动化基础设施管理和配置。Puppet 是一个非常强大的工具,有助于实现“基础设施即代码”的概念。该工具是用 Ruby DSL 语言编写的,这有助于将完整的基础设施转换为代码格式,以便于管理和配置。

Puppet is a configuration management tool developed by Puppet Labs in order to automate infrastructure management and configuration. Puppet is a very powerful tool which helps in the concept of Infrastructure as code. This tool is written in Ruby DSL language that helps in converting a complete infrastructure in code format, which can be easily managed and configured.

Puppet 遵循客户端-服务器模型,其中任何集群中的一台机器充当服务器(称为 puppet 主服务器),而另一台则充当客户端(称为节点上的从服务器)。Puppet 有能力从头开始管理任何系统,从初始配置到任何特定机器的生命周期结束。

Puppet follows the client-server model, where one machine in any cluster acts as the server, known as puppet master and the other acts as a client known as a slave on nodes. Puppet has the capability to manage any system from scratch, starting from initial configuration till the end-of-life of any particular machine.

Features of Puppet System

以下是 Puppet 最重要的功能。

Following are the most important features of Puppet.

Idempotency

Puppet 具有使其独一无二的幂等性支持。与 Chef 类似,在 Puppet 中,人们可以在同一台机器上多次安全地运行同一组配置。在此流程中,Puppet 会检查目标机器的当前状态,并且仅在配置中有任何特定更改时才会进行更改。

Puppet supports Idempotency which makes it unique. Similar to Chef, in Puppet, one can safely run the same set of configuration multiple times on the same machine. In this flow, Puppet checks for the current status of the target machine and will only make changes when there is any specific change in the configuration.

幂等性有助于在机器整个生命周期内管理任何特定机器,从创建机器、机器中的配置更改,直至使用寿命结束。当有任何配置更改时,Puppet 幂等性功能非常有助于保持机器更新多年,而不必多次重建同一台机器。

Idempotency helps in managing any particular machine throughout its lifecycle starting from the creation of machine, configurational changes in the machine, till the end-of-life. Puppet Idempotency feature is very helpful in keeping the machine updated for years rather than rebuilding the same machine multiple times, when there is any configurational change.

Cross-platform

在 Puppet 中,借助使用 Puppet 资源的资源抽象层 (RAL),人们可以针对系统的指定配置,而不用担心实现细节和配置命令将在系统内部如何工作,这些细节在基础配置文件中进行了定义。

In Puppet, with the help of Resource Abstraction Layer (RAL) which uses Puppet resources, one can target the specified configuration of system without worrying about the implementation details and how the configuration command will work inside the system, which are defined in the underlying configuration file.

Puppet − Workflow

Puppet 使用以下工作流将配置应用到系统上。

Puppet uses the following workflow to apply configuration on the system.

workflow

  1. In Puppet, the first thing what the Puppet master does is to collect the details of the target machine. Using the factor which is present on all Puppet nodes (similar to Ohai in Chef) it gets all the machine level configuration details. These details are collected and sent back to the Puppet master.

  2. Then the puppet master compares the retrieved configuration with defined configuration details, and with the defined configuration it creates a catalog and sends it to the targeted Puppet agents.

  3. The Puppet agent then applies those configurations to get the system into a desired state.

  4. Finally, once one has the target node in a desired state, it sends a report back to the Puppet master, which helps the Puppet master in understanding where the current state of the system is, as defined in the catalog.

Puppet − Key Components

以下列出 Puppet 的关键组件。

Following are the key components of Puppet.

key components

Puppet Resources

Puppet 资源是为任何特定机器建模的关键组件。这些资源有各自的实施模型。Puppet 使用相同的模型以所需的某个状态获取任何特定资源。

Puppet resources are the key components for modeling any particular machine. These resources have their own implementation model. Puppet uses the same model to get any particular resource in the desired state.

Providers

提供程序基本上是 Puppet 中使用的任何特定资源的满足者。例如,软件包类型“apt-get”和“yum”都适用于软件包管理。有时候,在特定平台上会提供多个提供程序。虽然每个平台始终都有一个默认提供程序。

Providers are basically fulfillers of any particular resource used in Puppet. For example, the package type ‘apt-get’ and ‘yum’ both are valid for package management. Sometimes, more than one provider would be available on a particular platform. Though each platform always have a default provider.

Manifest

清单是由函数或类内耦合的资源集合,用于配置任何目标系统。它们包含一系列 Ruby 代码,以便配置系统。

Manifest is a collection of resources which are coupled inside the function or classes to configure any target system. They contain a set of Ruby code in order to configure a system.

Modules

模块是 Puppet 的关键构建模块,可以定义为资源、文件、模板等的集合。它们可以轻松地分布在不同类型的操作系统中,因为它们被定义为具有相同性质的。由于它们可以轻松地进行分布,因此可以多次使用具有相同配置的一个模块。

Module is the key building block of Puppet, which can be defined as a collection of resources, files, templates, etc. They can be easily distributed among different kinds of OS being defined that they are of the same flavor. As they can be easily distributed, one module can be used multiple times with the same configuration.

Templates

模板使用 Ruby 表达式来定义自定义内容和变量输入。用于开发自定义内容。模板在清单中进行定义,并复制到系统上的某个位置。例如,如果需要使用自定义端口定义 httpd,那么可以使用以下表达式完成此操作。

Templates use Ruby expressions to define the customized content and variable input. They are used to develop custom content. Templates are defined in manifests and are copied to a location on the system. For example, if one wants to define httpd with a customizable port, then it can be done using the following expression.

Listen <% = @httpd_port %>

在此情形下,httpd_port 变量在引用此模板的清单中进行定义。

The httpd_port variable in this case is defined in the manifest that references this template.

Static Files

静态文件可定义为有时需要执行特定任务的一般文件。可以使用 Puppet 轻松地将它们从一个位置复制到另一个位置。所有静态文件都位于任何模块的 files 目录中。清单中文件的任何操作都使用文件资源来完成。

Static files can be defined as a general file which are sometimes required to perform specific tasks. They can be simply copied from one location to another using Puppet. All static files are located inside the files directory of any module. Any manipulation of the file in a manifest is done using the file resource.