深入浅出Puppet(一)
Puppet基础
===============================================================================
概述:
===============================================================================
运维工具
1.运维工具(Operations)介绍
★OS Provision:
bare metal(裸机):pxe, cobbler
virutal machine(虚拟机):p_w_picpath file template
★Configuration:
ansible(agentless)
puppet(master/agent)(ruby)
saltstack(python)
★Command and Control:
ansible(playbook)
fabric(fab)
func
...
附图:
运维工具层次图
puppet介绍
1.puppet简介
puppet是一个IT基础设施自动化管理工具,它能够帮助系统管理员管理基础设施的整个生命周期:供应(provisioning)、配置(configuration)、联动(orchestration)及报告(reporting)
基于puppet,可实现自动化重复任务、快速部署关键性应用以及在本地或云端完成主动管理变更和快速扩展架构规模等;
遵循GPL协议(2.7.0-),基于ruby语言研发,2.7.0以后使用(Apache 2.0 license)
对于系统管理员是抽象的,只依赖于ruby和facter
能管理多达40多种资源,例如:file、user、group、host、package、service、cron、exec、yum repo等,适合整个软件生命周期管理
1.puppet工作模型和工作原理
★puppet通过声明性、基于模型的方法进行IT自动化管理
定义:使用Puppet特定的语言定义基础配置信息。通常我们把这些信息写在Modules中。
模板:在配置执行之前检测代码,但并不真正执行。
执行:定义的配置自动部署。检测并记录下所发生变化的部分
报告:将期待的变化、实际发生的变化及任何修改发送给报告系统。
附图:
puppet工作数据流示意图:
★数据流说明:
首先所有的节点(Node)Node节点将Facts和本机信息发送给Master
Master告诉Node节点应该如何配置,将这些信息写入Catalog后传给Node。
Node节点在本机进行代码解析验证并执行,将结果反馈给Master。
Master通过API将数据发给分析工具。报告完全可以通过开放API或与其他系统集成。
整个数据流的走向是基于SSL安全协议的,如下图所示:
★模板文件处理过程说明如下:
Puppet通过编译Manifest(清单)中的内容 (即模板中内容),将编译好的代码存入Catalog。在执行前先进行代码的验证,再执行,完成最开始所定义好的状态。代码编译过程如图所示:
★整个puppet自动部署过程中agent和master的详细的交互过程:
★过程说明:
1. Puppet客户端Agent将节点名与facts信息发送给Master。
2. Puppet服务端Master通过分类判断请求的客户端是谁,它将要做什么。这个判断是通过site.pp中包含的
Node.pp配置文件定义的。
3. Puppet服务端Master将所需要的Class类信息进行编译后存入Catalog并发送给Puppet客户端Agent,到此完 成第一次交互。
4. Puppet客户端Agent对Catalog进行代码验证(语法检查及错误检查)并执行。主要是代码的验证,并将执行
过程的信息及结果写入日志。
5. Puppet客户端Agent最终达到最开始所定义的状态,并且将结果及任何执行数据通过开放API的形式发送给
Puppet服务端Master。
以上就是puppet的工作原理需要注意是:因为整个过程中都是基于ssl实现的,所以首要的是保证agent和master间可以基于ssl通讯!
★puppet的工作模型:
单机模型:手动应用清单;
master/agent:由agent周期性地向Master请求清单并自动应用于本地;
如上就是整个puppet的工作模型和工作原理,我们主要的学习过程就集中在如何去书写站点请求manifest(清单)。所以,以下我将首先从puppet的单机模型讲起,然后再扩展到master/agent模型。
puppet安装和配置(单机模型)
1.puppet安装
★puppet官方下载路径:
https://yum.puppetlabs.com/el/7/products/x86_64/
2.单机模型下的puppet程序环境
★配置文件:/etc/puppet/
puppet.conf
★主程序:/usr/bin/puppet
★puppet程序:
演示:
1.这是我在如上官方下载的puppet相关程序的rpm包,使用yum直接安装,会自动解决依赖到的ruby环境,如下:
[root@centos7 puppet]# ls facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm puppet-server-3.8.7-1.el7.noarch.rpm [root@centos7 puppet]# yum install ./puppet-3.8.7-1.el7.noarch.rpm ./facter-2.4.6-1.el7.x86_64.rpm Dependencies Resolved # 依赖到的相关程序包如下: ======================================================================================================================================================================= Package Arch Version Repository Size ======================================================================================================================================================================= Installing: facter x86_64 1:2.4.6-1.el7 /facter-2.4.6-1.el7.x86_64 273 k puppet noarch 3.8.7-1.el7 /puppet-3.8.7-1.el7.noarch 6.3 M Installing for dependencies: hiera noarch 1:1.3.4-5.el7 epel 25 k libselinux-ruby x86_64 2.2.2-6.el7 CDROM 127 k ruby-augeas x86_64 0.5.0-1.el7 epel 23 k ruby-shadow x86_64 1.4.1-23.el7 epel 14 k Transaction Summary ======================================================================================================================================================================= Install 2 Packages (+4 Dependent packages)
2.puppet程序相关命令
[root@centos7 ~]# puppet help Usage: puppet <subcommand> [options] <action> [options] Available subcommands: agent The puppet agent daemon apply Apply Puppet manifests locally # 在本地应用资源清单 ca Local Puppet Certificate Authority management. catalog Compile, save, view, and convert catalogs. cert Manage certificates and requests certificate Provide access to the CA for certificate management. certificate_request Manage certificate requests. certificate_revocation_list Manage the list of revoked certificates. config Interact with Puppet's settings. describe Display help about resource types device Manage remote network devices doc Generate Puppet documentation and references facts Retrieve and store facts. file Retrieve and store files in a filebucket filebucket Store and retrieve files in a filebucket help Display Puppet help. inspect Send an inspection report instrumentation_data Manage instrumentation listener accumulated data. DEPRECATED. instrumentation_listener Manage instrumentation listeners. DEPRECATED. instrumentation_probe Manage instrumentation probes. Deprecated key Create, save, and remove certificate keys. kick Remotely control puppet agent man Display Puppet manual pages. master The puppet master daemon module Creates, installs and searches for modules on the Puppet Forge. node View and manage node definitions. parser Interact directly with the parser. plugin Interact with the Puppet plugin system. queue Deprecated queuing daemon for asynchronous storeconfigs report Create, display, and submit reports. resource The resource abstraction layer shell resource_type View classes, defined resource types, and nodes from all manifests. secret_agent Mimics puppet agent. status View puppet server status. See 'puppet help <subcommand> <action>' for help on a specific subcommand action. See 'puppet help <subcommand>' for help on a specific subcommand. Puppet v3.8.7
3.puppet apply:
★作用:
Applies a standalone Puppet manifest to the local system.(手动在本地应用自愿清单中的配置)
★语法格式:
puppet apply [-d|--debug] [-v|--verbose] [-e|--execute] [--noop] <file>
puppet资源
如果把OS的所有配置,如用户账号、特定的文件、文件所属的目录、运行的服务、程序包以及cron任务等,看作是许多独立原子单元的集合的话,这些所谓的“单元”就是“资源”,不过,这些资源在其大小、复杂程度以及生命周期的跨度上等多个维度上可能会各不相同。
通常来说,类属于同一种资源的属性是相近的,如文件都有其属主和属组,而用户账号则由用户名、UID、GID等组成。但,即便是同一种资源,其在不同OS上的实现方式却又可能各不相同,例如,在windows上和Linux上启动和停止服务的方式相去甚远。
★因此,puppet从以下三个维度来对资源完成抽象:(RAL如何抽象资源的?):
相似的资源被抽象成同一种资源“类型”,如程序包资源、用户资源及服务资源等;
将资源属性或状态的描述与其实现方式剥离开来,如仅说明安装一个程序包而不用关心其具体是通过yum、pkgadd、ports或是其它方式实现;
仅描述资源的目标状态,也即期望其实现的结果,而不是其具体过程,如“确定nginx运行起来”而不是具体描述为“运行nginx命令将其启动起来”;
※这三个也被称作puppet的资源抽象层(RAL)。RAL由type(类型)和provider(提供者,即不同OS上的特定实现)组成。
1.puppet 资源结构
在为puppet定义一个资源时,需要为其指定所属的类型和资源标题,并同时配置一系列的属性和对应的值。puppet通过其特有的语言来描述和管理资源,如下面所示的资源定义。
这种语法被称作“资源申报(resource declaration)”,它是puppet语言的核心组成部分。上述的定义中,仅描述了资源的目标状态而没有提到为达成目标所需要采取的任何步骤。而资源定义的核心也可以抽象为type、title、attribute和value四个部分。
puppet有许多内置的资源类型,而通过安装插件还可以继续新增额外的类型。可以通过puppet官方的类型参考页面(http://docs.puppetlabs.com/references/latest/type.html)获取详细的信息。也可以使用“puppet describe”命令来获取puppet当前所支持的类型列表及每种类型的详细信息,下面给出了一个简要的使用说明。
★puppet describe:
☉作用:
Prints help about Puppet resource types, providers, and metaparameters.
☉语法格式:
puppet describe [-h|--help] [-s|--short] [-p|--providers] [-l|--list] [-m|--meta] [type]
☉常用选项:
puppet describe -l:列出所有资源类型;例如puppet支持的所有资源类型及其描述信息;
puppet describe -s <TYPE>:显示指定类型的简要帮助信息;
puppet describe <TYPE>:显示指定资源的详细说明;
puppet describe -m:显示指定类型的元参数,一般与-s一同使用;
2.puppet 资源定义:
如前所述,资源是puppet用于模型化系统配置的基础单元,每个资源都从某个角度描述了系统属性,如某程序包必须安装或某用户必须移除等。在puppet,用于完成此类功能的代码也即“资源申报”。
★资源定义:
向资源类型的属性赋值来实现,可称为资源类型实例化;
定义了资源实例的文件即清单,manifest;
★定义资源的语法:
在定义时,资源类型必须使用小写字符;而资源名称(title)仅是一个字符串,但要求在同一个类型中其必须惟一,这意味着,可以同时有名为nginx的“service”资源和“package”资源,但在“package”类型的资源中只能有一个名为“nginx”。
puppet资源类型
1.group:
作用:
Manage groups.(管理组)
属性:
name:组名;
gid:GID;
system:是否为系统组;
ensure:目标状态,present/absent;
members:成员用户;
演示:
[root@centos7 ~]# mkdir mainfests
[root@centos7 ~]# cd mainfests/
[root@centos7 mainfests]# ls
# 定义group资源
[root@centos7 mainfests]# vim group.pp
group {'mygrp':
name => 'mygrp',
ensure => present,
gid => 3000,
system => false,
}
# 试运行
[root@centos7 mainfests]# puppet apply --verbose --noop group.pp
Notice: Compiled catalog for centos7 in environment production in 0.32 seconds
Info: Applying configuration version '1484056729'
Notice: /Stage[main]/Main/Group[mygrp]/ensure: current_value absent, should be present (noop) #提示当前为absent,应该为present(noop)
Notice: Class[Main]: Would have triggered 'refresh' from 1 events
Notice: Stage[main]: Would have triggered 'refresh' from 1 events
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.06 seconds
[root@centos7 mainfests]# puppet apply --verbose group.pp # 真正执行
Notice: Compiled catalog for centos7 in environment production in 0.28 seconds
Info: Applying configuration version '1484057172'
Notice: /Stage[main]/Main/Group[mygrp]/ensure: created # 已经创建
Notice: Finished catalog run in 0.13 seconds
[root@centos7 mainfests]# tail /etc/group
tcpdump:x:72:
memcached:x:985:
dhcpd:x:177:
zabbix:x:984:
varnish:x:983:
haproxy:x:188:
haclient:x:189:
tomcat:x:982:
puppet:x:52:
mygrp:x:3000: # 创建的组
2.user:
作用:
Manage users.(管理用户)
属性:
name:用户名;
uid: UID;
gid:基本组ID;
groups:附加组,不能包含基本组;
comment:注释;
expiry:过期时间 ;
home:家目录;
shell:默认shell类型;
system:是否为系统用户 ;
ensure:present/absent;
password:加密后的密码串;
演示:
[root@centos7 mainfests]# vim user.pp
group {'mygrp':
name => 'mygrp',
ensure => present,
gid => 3000,
system => false,
}
user {'centos':
name => 'centos',
ensure =>present,
uid =>4000,
groups => 'mygrp',
}
[root@centos7 mainfests]# puppet apply --verbose --noop user.pp
Notice: Compiled catalog for centos7 in environment production in 0.51 seconds
Info: Applying configuration version '1484059044'
Notice: /Stage[main]/Main/Group[mygrp]/ensure: current_value absent, should be present (noop)
Notice: /Stage[main]/Main/User[centos]/ensure: current_value absent, should be present (noop)
Notice: Class[Main]: Would have triggered 'refresh' from 2 events
Notice: Stage[main]: Would have triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.08 seconds
[root@centos7 mainfests]# puppet apply --verbose user.pp
Notice: Compiled catalog for centos7 in environment production in 0.51 seconds
Info: Applying configuration version '1484059058'
Notice: /Stage[main]/Main/Group[mygrp]/ensure: created
Notice: /Stage[main]/Main/User[centos]/ensure: created
Notice: Finished catalog run in 0.32 seconds
3.package:
作用:
Manage packages.(管理程序包)
属性:
ensure:installed, present, latest, absent
name:包名;
source:程序包来源,仅对不会自动下载相关程序包的provider有用,例如rpm或dpkg;
演示:
[root@centos7 mainfests]# vim package.pp
package {'nginx':
ensure => installed,
name => 'nginx'
} # 没有指定provider,会自动去搜索可用的provider,本机只有yum
[root@centos7 mainfests]# puppet apply --verbose --noop package.pp
Notice: Compiled catalog for centos7 in environment production in 0.71 seconds
Info: Applying configuration version '1484060692'
Notice: /Stage[main]/Main/Package[nginx]/ensure: current_value absent, should be present (noop)
Notice: Class[Main]: Would have triggered 'refresh' from 1 events
Notice: Stage[main]: Would have triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.40 seconds
# 也可以使用source指定程序宝来源
[root@centos7 mainfests]# cat package.pp
package {'nginx':
ensure => installed,
name => 'nginx',
provider => 'rpm',
source => '/root/nginx/nginx-1.10.0-1.el7.ngx.x86_64.rpm'
}
4.service:
作用:
Manage running services.
属性:
ensure:Whether a service should be running. Valid values are `stopped` (also called `false`), `running` (also called `true`).
enable:Whether a service should be enabled to start at boot. Valid values are `true`, `false`, `manual`.
name:
path:The search path for finding init scripts. Multiple values should be separated by colons or provided as an array. 脚本的搜索路径,默认为/etc/init.d/;
hasrestart:ture,false
hasstatus:ture,false
restart:Specify a *restart* command manually. If left unspecified, the service will be stopped and then started. 通常用于定义reload操作;
演示:
[root@centos7 mainfests]# vim service.pp
package {'nginx':
ensure => installed,
name => 'nginx',
provider => 'rpm',
source => '/root/nginx/nginx-1.10.0-1.el7.ngx.x86_64.rpm'
}
service {'nginx':
ensure => running,
enable => true,
} # 没有指定启动方式,默认为使用systemd或者service脚本启动
[root@centos7 mainfests]# puppet apply --verbose --noop service.pp
Notice: Compiled catalog for centos7 in environment production in 1.01 seconds
Info: Applying configuration version '1484062595'
Notice: /Stage[main]/Main/Service[nginx]/ensure: current_value stopped, should be running (noop)
Info: /Stage[main]/Main/Service[nginx]: Unscheduling refresh on Service[nginx]
Notice: Class[Main]: Would have triggered 'refresh' from 1 events
Notice: Stage[main]: Would have triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.48 seconds
# 我们也可以手动指定启动
[root@centos7 mainfests]# cat service.pp
package {'nginx':
ensure => installed,
name => 'nginx',
provider => 'rpm',
source => '/root/nginx/nginx-1.10.0-1.el7.ngx.x86_64.rpm'
}
service {'nginx':
ensure => running,
enable => true,
start => '/usr/sbin/nginx',
restart => '/usr/sbin/nginx -t && /usr/sbin/nginx -s reload',
}
★资源引用:
Type['title']
类型的首字母必须大写;
★资源有特殊属性:
名称变量(namevar):
name可省略,此时将由title表示;
ensure:
定义资源的目标状态;
元参数:metaparameters
依赖关系:
before:被依赖 (如:A before B ,表示A被B依赖),值为资源引用的值
require:依赖者(如:B rrquire A ,表示B依赖A)
通知关系:通知相关的其它资源进行“刷新”操作;
notify:通知(前资源中定义)例如:a发生改变要通知给b
subscribe:订阅(后资源中定义)例如:b要始终关注a的变化,a要变化b也要变化
演示:
[root@centos7 mainfests]# vim web.pp
service {'httpd':
ensure => running,
enable => ture
}
package {'httpd':
ensure => installed,
before => Service['httpd'] package资源被service所依赖
}
# 或者如下这种写发也可以:
[root@centos7 mainfests]# cat web.pp
service {'httpd':
ensure => running,
}
package {'httpd':
ensure => installed,
}
Package['httpd'] -> Service['httpd'] # 资源依赖链,左边的先执行
5.file:
作用:
Manages files, including their content, ownership, and permissions.
属性:
※ensure:Whether the file should exist, and if so what kind of file it should be. Possible values are `present`, `absent`, `file`, `directory`, and `link`.
file:类型为普通文件,其内容由content属性生成或复制由source属性指向的文件路径来创建;
link:类型为符号链接文件,必须由target属性指明其链接的目标文件;
directory:类型为目录,可通过source指向的路径复制生成,recurse属性指明是否递归复制;
※path:文件路径;
※source:源文件;
※content:文件内容;
※target:符号链接的目标文件;
※owner:属主
※group:属组
※mode:权限;
※atime/ctime/mtime:时间戳;
演示:
[root@centos7 mainfests]# cat file.pp
file{'test.txt':
path => '/tmp/test.txt',
ensure => file,
source => '/etc/fstab',
}
file{'test.symlink':
path => '/tmp/test.symlink',
ensure => link,
target => '/tmp/test.txt', # 链接的目标文件
require => File['test.txt'], # 依赖于文件test.txt
}
file{'test.dir':
path => '/tmp/test.dir',
ensure => directory,
source => '/etc/yum.repos.d/', #源文件为目录文件
recurse => true, # 递归复制
}
2.定义通知机制,notify
[root@centos7 mainfests]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 25 *:514 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 25 :::514 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 ::1:631 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6010 :::*
LISTEN 0 128 :::443 :::*
# 如上,httpd监听在80端口,现在我定义只要httpd的配置文件发生改变就通知httpd重启服务,如下:
[root@centos7 mainfests]# cp /etc/httpd/conf/httpd.conf ./ # 首先复制配置文件到当前目录,并修改监听端口为8080
[root@centos7 mainfests]# ls
file.pp group.pp httpd.conf package.pp service.pp user.pp web.pp
[root@centos7 mainfests]# vim web.pp
service {'httpd':
ensure => running,
enable => true,
restart => 'systemctl restart httpd.service', # 重启命令
}
package {'httpd':
ensure => installed,
}
file {'httpd.conf':
path => '/etc/httpd/conf/httpd.conf', # 文件路径
source => '/root/mainfests/httpd.conf', # 源文件
ensure => file,
notify => Service['httpd'], #如果发生改变通知service资源
}
Package['httpd'] -> File['httpd.conf'] -> Service['httpd'] # 资源依赖链,从左向右依次执行
# 运行修改后的web.pp
[root@centos7 mainfests]# puppet apply --verbose web.pp
Notice: Compiled catalog for centos7 in environment production in 0.96 seconds
Info: Applying configuration version '1484191662'
Info: Computing checksum on file /etc/httpd/conf/httpd.conf
Info: /Stage[main]/Main/File[httpd.conf]: Filebucketed /etc/httpd/conf/httpd.conf to puppet with sum 71c33697704e72bf128b75a4a3dd4ad2
Notice: /Stage[main]/Main/File[httpd.conf]/content: content changed '{md5}71c33697704e72bf128b75a4a3dd4ad2' to '{md5}21002918bf1dd3c6f1d0697ec0aa8e8b'
Info: /Stage[main]/Main/File[httpd.conf]: Scheduling refresh of Service[httpd]
Notice: /Stage[main]/Main/Service[httpd]/enable: enable changed 'false' to 'true'
Notice: /Stage[main]/Main/Service[httpd]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 2.02 seconds
[root@centos7 mainfests]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 25 *:514 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 25 :::514 :::*
LISTEN 0 128 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 ::1:631 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6010 :::*
LISTEN 0 128 :::443 :::*
# 发现此时httpd监听的端口已经由80改为8080
6.exec:
作用:
Executes external commands. Any command in an `exec` resource **must** be able to run multiple times without causing harm --- that is, it must be *idempotent*.(幂等)
属性:
**command** (*namevar*):要运行的命令;
cwd:The directory from which to run the command. //定义运行命令前要cd到目录中去
**creates**:文件路径,仅此路径表示的文件不存在时,command方才执行;
user/group:运行命令的用户身份;
path:命令的查找路径,如果没有指定路径,则命令必须使用绝对路径
onlyif:此属性指定一个命令,此命令正常(退出码为0)运行时,当前command才会运行;(如果...)
unless:此属性指定一个命令,此命令非正常(退出码为非0)运行时,当前command才会运行;(如果不...)
refresh:重新执行当前command的替代命令;
refreshonly:仅接收到订阅的资源的通知时方才运行;
演示:
[root@centos7 mainfests]# cat exec.pp
exec{'mkdir':
command => 'mkdir /tmp/hello.dir',
path => '/bin:/sbin:/usr/bin:/usr/sbin',
creates => '/tmp/hello.dir', # 或者 unless => 'test -d /tmp/hello.dir',也可以
}
[root@centos7 mainfests]# puppet apply --verbose exec.pp
Notice: Compiled catalog for centos7 in environment production in 0.13 seconds
Info: Applying configuration version '1484206815'
Notice: /Stage[main]/Main/Exec[mkdir]/returns: executed successfully
Notice: Finished catalog run in 0.07 seconds
7.cron:
作用:
Installs and manages cron jobs. Every cron resource created by Puppet requires a command and at least one periodic attribute (hour, minute, month, monthday, weekday, or special).
属性:
command:要执行的任务;
ensure:present/absent;
hour:
minute:
monthday:
month:
weekday:
user:添加在哪个用户之上;
name:cron job的名称;
演示:
[root@centos7 mainfests]# cat cron.pp
cron{'timesync':
command => '/usr/sbin/ntpdate cn.pool.ntp.org &> /dev/null',
ensure =>present,
minute => '*/3',
user => 'root',
}
[root@centos7 mainfests]# puppet apply --verbose cron.pp
Notice: Compiled catalog for centos7 in environment production in 5.38 seconds
Info: Applying configuration version '1484207796'
Notice: /Stage[main]/Main/Cron[timesync]/ensure: created
Notice: Finished catalog run in 0.09 seconds
[root@centos7 mainfests]# crontab -l
# HEADER: This file was autogenerated at 2017-01-12 15:56:42 +0800 by puppet.
# HEADER: While it can still be managed manually, it is definitely not recommended.
# HEADER: Note particularly that the comments starting with 'Puppet Name' should
# HEADER: not be deleted, as doing so could cause duplicate cron jobs.
# Puppet Name: timesync
*/3 * * * * /usr/sbin/ntpdate cn.pool.ntp.org &> /dev/null
8.notify:
作用:
Sends an arbitrary message to the agent run-time log. 发送任意指定信息到运行日志中
属性:
message:信息内容
name:信息名称;
演示:
[root@centos7 mainfests]# cat notify.pp
notify{'hello':
message => 'hello there',
name => 'pig head',
}
[root@centos7 mainfests]# puppet apply --verbose notify.pp
Notice: Compiled catalog for centos7 in environment production in 0.11 seconds
Info: Applying configuration version '1484208626'
Notice: hello there
Notice: /Stage[main]/Main/Notify[hello]/message: defined 'message' as 'hello there'
Notice: Finished catalog run in 0.04 seconds
转载于:https://blog.51cto.com/1992tao/1890925