Oh, the things I’d rather be doing. I should be laying down code, weeks ago. Thanks Puppet Labs.
Amazon just announced a new Ohio region. Major cost savings if I move over to EC2 everything. Still deciding. Linode’s treated me well.
So, last time we finished the quest for creating a module but didn’t actually apply it to anything. This is a note to put these two events in the proper order during the doc pruning from this article series.
I’ve lost the link to the URL for the docs on the VM.
root@learning:/etc/puppetlabs/code/environments/production/modules # netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1406/nginx: master [0/163] tcp 0 0 0.0.0.0:2003 0.0.0.0:* LISTEN 2601/python tcp 0 0 0.0.0.0:8180 0.0.0.0:* LISTEN 2655/python tcp 0 0 0.0.0.0:2004 0.0.0.0:* LISTEN 2601/python tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 925/sshd tcp 0 0 127.0.0.1:4567 0.0.0.0:* LISTEN 634/ruby tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 2067/postgres tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2220/master tcp 0 0 0.0.0.0:7002 0.0.0.0:* LISTEN 2601/python tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2132/nginx: master tcp6 0 0 :::8140 :::* LISTEN 936/java tcp6 0 0 :::61613 :::* LISTEN 2160/java tcp6 0 0 127.0.0.1:4430 :::* LISTEN 4795/java tcp6 0 0 :::8142 :::* LISTEN 2327/java tcp6 0 0 :::4431 :::* LISTEN 4795/java tcp6 0 0 :::8143 :::* LISTEN 2327/java tcp6 0 0 :::37999 :::* LISTEN 2160/java tcp6 0 0 127.0.0.1:4432 :::* LISTEN 4795/java tcp6 0 0 :::8080 :::* LISTEN 905/java tcp6 0 0 :::61616 :::* LISTEN 2160/java tcp6 0 0 :::4433 :::* LISTEN 4795/java tcp6 0 0 :::8081 :::* LISTEN 905/java tcp6 0 0 :::22 :::* LISTEN 925/sshd tcp6 0 0 ::1:4567 :::* LISTEN 634/ruby tcp6 0 0 :::5432 :::* LISTEN 2067/postgres tcp6 0 0 ::1:25 :::* LISTEN 2220/master tcp6 0 0 :::90 :::* LISTEN 901/httpd root@learning:/etc/puppetlabs/code/environments/production/modules #
This will list all the open ports, and what’s listening on them. Arguably messy and full of shit I don’t care about, so, I’ll clean it up a bit:
root@$VM:~# netstat -lntp | awk '{ print $4, $7; }' | sed -r 's/:::|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|:+|\s[0-9]+|^[^0-9]+//g;'
80/nginx
2003/python
8180/python
2004/python
22/sshd
4567/ruby
5432/postgres
25/master
7002/python
443/nginx
8140/java
61613/java
4430/java
8142/java
4431/java
8143/java
37999/java
4432/java
8080/java
61616/java
4433/java
8081/java
22/sshd
14567/ruby
5432/postgres
125/master
90/httpd
Little easier to read that way. So, looks like best guesses are 80, 8180, 443, or 90. Probably 90.
root@learning:~ # curl localhost:90 <!-- Copyright 2008 Orbitz WorldWide Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <html> <head> <title>Graphite Browser</title> </head> <frameset rows="60,*" frameborder="1" border="1"> <frame src="/browser/header/" name="Header" id='header' scrolling="no" noresize="true" /> <frame src="/composer/?" name="content" id="composerFrame"/> </frameset> </html> root@learning:~ #
Nope, that was the graphite thing.
80. Here we go.
Begin the NTP quest.
So since you’re not a dummy you already know what NTP is and it wouldn’t really be applicable to the lesson if you didn’t, they want to ensure a package is installed with a module next.
First, check if it’s there:
root@learning:~ # puppet resource package ntp
package { 'ntp':
ensure => 'purged',
}
root@learning:~ #
Less than basically this is a wrapper for your distro’s package manager. As you can see, it’s current state is purged. Let’s try that on a nonsense package to see what it says:
root@learning:~ # puppet resource package chris_punches
package { 'chris_punches':
ensure => 'purged',
}
So, if the package isn’t there, it’s “purged”. Why doesn’t it say: present => 0, since ensuring a configuration is pretty much the entire purpose of puppet? This would also make it more clear about what it was actually doing.
Now, check for the existence of a file that we know is not there, and as you can see it’s much more clear:
root@learning:~ # puppet resource file /etc/ntp.conf
file { '/etc/ntp.conf':
ensure => 'absent',
}
Ah, some usable information. Modules that are publicly hosted are in the Forge.
So next we install the module:
root@learning:~ # puppet module install puppetlabs-ntp Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ... Notice: Downloading from https://forgeapi.puppetlabs.com ... Notice: Installing -- do not interrupt ... /etc/puppetlabs/code/environments/production/modules └─┬ puppetlabs-ntp (v4.2.0) └── puppetlabs-stdlib (v4.7.0)
Just like last time.
Note that this did not install the package:
root@learning:~ # puppet resource package ntp
package { 'ntp':
ensure => 'purged',
}
Ah, yes, now we’re to the part that will completely replace the first few chapters in the final walkthrough: Non-enterprise ways of adding classes and nodes.
But given that my patience is long-term shot with this, I’m watching cartoons instead. Site.pp manifest is the name of the game, and it’s Saturday’s game.