My Opera is closing 3rd of March

Cronache di Sarvegia

...because every new challenge hides an opportunity

Using a makefile to automate a puppet installation

Thursday, October 21, 2010 1:41:44 PM

, ,

Puppet helps automation, and that's OK. But how to automate puppet installation on nodes? Puppet can't install puppet, can it?

I became a big fan of Makefiles when I read Tom Limoncelli's Time Management for System Administrators. Since I started using them, they helped me a lot in many automation tasks.

I had to install puppet on many existing nodes running Debian Lenny. After I consolidated a by-hand procedure, I found it was ready to be "ported" to a Makefile. Now, once the variables at the top of the file are set, I can reduce the puppet installation on a node to:

make backups
make
make config
make test

The first make will back up some files. It is important to run it only once.

The second run, "make" alone, will go through the needed steps for installation: if rsync is not installed, it will install rsync; if the needed files are not present in the /puppet hierarchy, it will download the files using rsync; if puppet is not installed, it will install it; then, it will run puppetd with a bootstrap configuration file and... fail!

Yes, fail. Because you need to sign the host certificate, don't you? Once you signed it on the master node, then you'll run make config. If everything is properly configured, this will set up your host according to the manifests.

The last command, make test will just run a puppetd --test to ensure that everything is properly set up.

And that's all. Installing one host this way takes about 5 minutes, downloads included. And using cssh I could even install puppet on several machines in parallel.

Am I missing something? Oh, yes, the real Makefile smile

PUPPETMASTER=i.am.your.master.com
SYNCSERVER=$(PUPPETMASTER)

all: install config

install: /usr/bin/puppetd

config:
        puppetd --config /puppet/common/files/bootstrap/client.conf --server $(PUPPETMASTER) --test

test:
        puppetd --test

clean:
        -rm -rf /puppet
        -apt-get remove puppet facter
        -apt-get autoremove

backups:
        cp /etc/apt/sources.list{,.dist}

/usr/bin/rsync:
        apt-get install rsync

/puppet/usa/files/sources.list: sync-puppet-conf

/puppet/volatile/keys/apt: sync-puppet-conf

update: /puppet/usa/files/sources.list /puppet/volatile/keys/apt
        cp /puppet/usa/files/sources.list /etc/apt/sources.list
        apt-key add /puppet/volatile/keys/apt 
        apt-get update
        apt-key update

sync-puppet-conf: /usr/bin/rsync
        rsync -zav $(SYNCSERVER)::PuppetConf /puppet

/usr/bin/puppetd: update
        apt-get install puppet

L'inverno si avvicina...Auguri dottore!

Comments

Cosimo Strepponecstrep Wednesday, November 24, 2010 8:41:48 PM

Funny, I did something similar with bash/Perl scripts.

You could also replace rsync with a svn (or git or similar) export from a "development/test/production" branch of a repository. Something like:

svn export http://my.repository/svn/puppet-config/branches/production /puppet

That's more or less what I did for this setup smile

Marco Marongiumarcomarongiu Thursday, November 25, 2010 9:02:28 AM

Thanks for the pointer smile

The rsync stuff actually happens on purpose, but I can't say more here. But I'll be happy to share one of these days in the canteen. Today? Friday beer? smile

--bronto