Puppet Files Templates


by scmGalaxy.com

About Me

DevOps@RajeshKumar.XYZ

Puppet 4: Working with Files and Templates


PUPPET FILE AND TEMPLATE TOOLS

Module Overview


  • Lab Environment
  • Pluralsight Courses
  • Course Contents

Lab Environment

Puppet 4 Series


This course follow on from the Puppet 4: Modules and Classes course. In this course you will learn to rationalize the use of files using templates. Making better use of variable content.

Working with Template Reduces the files Needed


	Template: ntp.conf.erb
	server <%= @server_address %>
					

File Tools


Working with tools such as the function file_line we do not necessarily need to manage a complete file. We can ensure a given line is present or absent from the file.

  • Puppet 4: Language Essentials
  • Puppet 4: Working with Modules and Classes
  • Puppet 4: Working with File and Templates
  • Puppet 4: Hiera the Single Source of Truth
  • Puppet 4: Server and Puppet Enterprise

Puppet 4: Working with Files and Templates

Installing a puppet module from an archive


Summary

Next up: Using Puppet Templates


Using Puppet Templates


Objectives


  • Why use templates
  • ERB vs EPP templates
  • Using inline templates

Why Use Templates


Using a template allows us to implement variable data
within a single file


	server 192.168.0.3  
	server uk.pool.ntp.org
					

	server <%= @ntp_local_server %> 
	server <%= @ntp_regional_server %>
					

Static Files vs Templates


Instead of hard coding values into files, templates make use of
variable data. The @ symbol used here for the variables tells us that the template is written in the ERB or Embedded Ruby Language.

EPP vs ERB

Using Templates


Functions:
epp = read a template inline_epp = read a string
Functions:
template = read a template inline_template = read a string
EPP ERB

Working with Inline ERB Templates


Simple MOTD Manifest


	$down_time = ‘17:00’
	$motd = @(END)
	Welcome to the server: <%= @facts[‘networking’][‘fqdn’] %> 
	The server will be down today at: <%= @down_time %> 
	END

	file { ‘/etc/motd’:  
	ensure	=> ‘file’,
	content => inline_template($motd),
	}
					

Working with Inline EPP Templates


Simple MOTD Manifest


	$motd= @(END)
	Welcome to the server: <%= $facts[‘networking’][‘fqdn’] %>  
	The server will be down today at: <%= $down_time %>  
	END
		
	file { ‘/etc/motd’:  
	ensure	=> ‘file’,
	content => inline_epp($motd, {‘down_time’=> ’17:00’},),
	}
					

Embedded ruby code in ERB templates

Embedded puppet code in EPP templates which is new to puppet 4

ERB files can use template or inline_template functions

EPP files can make use of the epp function or inline_epp function.

Next up: Working with ERB Templates


Working with ERB Templates


Objectives


  • Creating the templates directory
  • Creating an ERB template using expression printing tags
  • Adding if statement in code tags
  • Adding iteration to code tags
  • Validating ERB templates

Templates Directory


When using templates with modules they should be
located in the /template/directory.
They can be accessed using the template or epp function


	cd /etc/puppetlabs/code/environments/production/modules
	sudo mkdir ntp/templates  
	sudo mv ntp/files/ntp.conf ntp/templates/ntp.conf.erb 
	sudo rm ntp/files/*
					

Copy the ntp. conf to the Templates Directory


We can now rationalize the amount of configuration files we use removing the files and using just one template

Configure the Templates Directory


Simple ntp.conf.erb with Expression Tags



	#Managed by Puppet - do not edit
	server <%= @ntp_local_server%> iburst prefer
	server <%= @ntp_regional_server%> 
	driftfile /var/lib/ntp/drift
					

Create the Initial ERB Template


Setting Variables


	#ntp/manifests/admin_file.pp
	$ntp_regional_server = $ntp_location ? {
	'London' => 'uk.pool.ntp.org',
	'paris'  => 'fr.pool.ntp.org',
	'nyc'    => 'us.pool.ntp.org',
	default  => 'pool.ntp.org',
	}
	
	$ntp_local_server = '192.168.0.3'

					

File Resource


	#ntp/manifests/admin_file.pp  
	file { $title :
	content => template('ntp/ntp.conf.erb')
	…
	}
					

Using the Initial ERB Template


Adding Logic with Non-printing Tags


	#Managed by Puppet - do not edit
	server <%= @ntp_local_server %> iburst prefer
	server <%= @ntp_regional_server %>
	driftfile /var/lib/ntp/drift
	
	<% if @monitor == false -%>
	disable monitor
	<% end -%>
					

Adding Logic to the Template


Iteration


	#ntp/manifests/admin_file.pp
	$ntp_regional_server = $ntp_location ? {
	'London' => ['uk.pool.ntp.org', 'ie.pool.ntp.org',]
	'paris'  => ['fr.pool.ntp.org', 'de.pool.ntp.org',]
	'nyc'    => ['us.pool.ntp.org', 'ca.pool.ntp.org',]
	default  => ['pool.ntp.org',    'us.pool.ntp.org',]
	}
			

	#Managed by Puppet - do not edit
	server <%= @ntp_local_server -%> iburst prefer
	
	<% @ntp_regional_server.each do |s| -%>
	server <%= s -%>
	<% end %>

	driftfile /var/lib/ntp/drift
	<% if @monitor == false -%>
	disable monitor
	<% end -%>
				

Adding Iteration to the Template


Validating ERB Templates


We need to use the erb and the ruby command.

These are in /opt/puppetlabs/puppet/bin which is not in the PATH variable by default

./erb -Pxt '-' | ./ruby -c

Templates should be located in /template/subdirectory.

An ERB template has embedded ruby tags.

Expression tags print a value: <%=....%>

Code tags embed ruby code: <%=....%>

If the closing tag includes the - symbol then we supress the line feedas as long as no further characters follow the closing tags.

Next up: Working with EPP Templates


Working with EPP Templates


Objectives


  • Creating an EPP template using expression printing tags
  • Adding if statement in code tags
  • Adding iteration to code tags
  • Validating and rendering EPP templates

Simple ntp.conf.epp with Expression Tags


	#Managed by Puppet - do not edit
	server <%= $ntp_local_server%> iburst prefer
	server <%= $ntp_regional_server%> 
	driftfile /var/lib/ntp/drift
					

File Resource


	#ntp/manifests/admin_file.pp  
	file { $title :
	content => template('ntp/ntp.conf.epp')
	…
	}
					

Adding Logic with Non-printing Tags


	#Managed by Puppet - do not edit
	server <%= @ntp_local_server %> iburst prefer
	server <%= @ntp_regional_server %>
	driftfile /var/lib/ntp/drift
	
	<% unless $monitor == true -%>
	disable monitor
	<% }-%>
					

Iteration


	#Managed by Puppet - do not edit
	server <%= @ntp_local_server -%> iburst prefer
	
	<% $ntp_regional_server.each  |$server| { -%>
	server <%= s %>
	<% } -%>

	driftfile /var/lib/ntp/drift
	<% unless $monitor == true { -%>
	disable monitor
	<% } -%>
				

Refactoring to EPP Template


Validating EPP Templates


This is much more simple than ERB templates.

sudo puppet epp validate

Render EPP Templates


We can even test the output of EPP files.

sudo puppet epp render

If you need to pass value through:

...epp render -- values '{m=>3}'

Validating and Rendering EPP Files


Templates should be located in /templates/subdirectory.

EPP templates work with the puppet 4 client and later.

Variables within the EPP file are local to the template, these can be populated by passing parameters when accessing the template.

We can use the Puppet client to both validate and render the template.

Next up: Delivering Files with Puppet


Delivering Files with Puppet


Objectives


  • Introduction to purging resources
  • Managing the local host file
  • Delivering directories and content

ensure => 'present',

purge => true,

Resource: resources


	resources { 'host':
	purge => true,
	noop  => true,
	}
					

Host Resource Type


	host { $facts['networking']['fqdn']:  
	ip => $facts ['networking']['ip'],
	}
	
	unless $facts['networking']['fqdn'] == 'centos7' {
	host { 'centos7':
	ip => '192.168.56.15',
		}
	}
					

Encapsulate Repetitive Code Using Defined Type


	host { $facts['networking']['fqdn']:  
	ip => $facts ['networking']['ip'],
	}
	
	host_entries::host_entry { 'centos7':
	ip => '192.168.56.15',
	}
					

Defined Type


	define host_entries::host_entry (
	$ip,
	){
		
	unless $facts['networking']['fqdn'] ==  $title {
	host { $title :
	ip => $ip,
			}
		}
	}				

Managing the Host File on CentoOs and Ubuntu


Copy a directory

and content

Copy Directory


	file { ‘/etc/yum.repos.d/’:
	ensure => 'directory',
	source => 'puppet:///modules/centos_repo/repos/',
	recurse => true,
	purge => true,
	}
					

Managing CentoOs Repository Files


Meta-resource


The meta-resources resources can manage meta-parameters for the given resource type.


	resource {'host':
	purge => true,
	}
					

Encapsulate Repetitive Logic in Defined Types


Repetitive logic can be encapsulated within defines types.


	define host_entries:: host_entry(
		$ip,
	){
	unless $fact ['fqdn'] == $title{
		host { $title:
		ip => $ip,
	}}}
					

Using source within a file resource we can copy a file or directory.

Using resource will copy a directories content.

Using purge we can ensure only the delivered content will exist.

Next up: Ensure Content Using File_Line


Ensure Content Using File_Line


Objectives


  • Investigate Puppetlabs Stdlib
  • Utilize file_line to ensure file content
  • Build MOTD module

Without Fail Install

puppetlabs/stdlib

validation & Encryption

and now file_line

Stdlib Documentation on Puppet Forge



	file_line { '/etc/ssh/sshd_config':
	line => 'PermitRootLogin yes',
	}
					

Undesirable Complete File Management


Where we do not wish to manage the complete file we can allow a level of autonomy whilst controlling the setting needed. The example used here matches the complete line and ensures it is present in the file.


	File_line { path => 'etc/ssh/sshd_config', }  
	file_line { 'PermitRootYes':
	line => 'PermitRootLogin yes',
	}
	file_line { 'PermitRootNo':
		line => 'PermitRootLogin no',
		ensure = 'absent',
	}
					

Independent Title


Setting a title to be independent of the path allows for more than one line in the same file to be managed.


	File_line { path => 'etc/ssh/sshd_config', }
	file_line { 'PermitRootYes':
	line	=> 'PermitRootLogin yes',
	match   => '^\s*PermitRootLogin\s+yes'
	}

					

Using Regular Expressions


Matching the whole line as we have used sa far will be problematic where extra white spaces are used. Using match we can implement regular expression.

Regular Expression Fundamentals - Juliette Reinders Folmer

Managing the SSH Server Configuration


Challenge


The MOTD file should be managed independently on all servers.

Planned downtime for a server will occur at 17:00 on the selected day.The message for the downtime must be consistant across all servers.

Produce a Puppet solution for this using the file_line type from the stdlib.

Using the file_line type from the stdlib.

Using line we will match the complete line.

Using match we can use regular expression.

Use match_for_absence => true when using match for deletions.

Possible Challenge Solution


Next up: Delivery of File Parts with Concat


Questions

Thank you!