Thursday, August 22, 2013

Puppet: Defining A System, Adding A Package And Launching A Service

Previously I wrote a simple blog post about setting up a Puppet master and agent. In this post I'm going to write about how to add a simple service to your puppet master that will be installed (if necessary) and started (if necessary) on systems.

Step 1: Define the system on your Puppet master

Before your Puppet master can do its work, it needs to first know what needs to be done and to whom.

In your /etc/puppet/manifests directory you'll want to create two files with the following content (remember: in my case the Puppet master's name is earth and the Puppet client's name is halo):


  import 'nodes.pp'
  filebucket { main: server => "" }
  File { backup => main }
  Exec { path => "/usr/bin:/usr/sbin:/bin:/sbin" }


  # nodes.pp
  node default {
    include ntp
  node '' inherits default {


In this example the default system definition will install the sudo module. The definition for a server will inherit that definition and add to it the ntp module. And finally the definition for halo inherits the server definition and adds to it the bip module.

In later posts I'll expand on the above to do more involved server definitions, specifically add modules that include files. But let's not get ahead of ourselves.

Step 3: Add the module definition

Before Puppet can do anything on the client it has to have more details on, in this case, the ntp module.

To do that we first create the file /etc/puppet/modules/tests/init.pp with the following content:

  class { 'ntp': }

Next we'll create the file /etc/puppet/modules/ntp/manifests/init.pp with the following content:

  class ntp {
    package { ntp: ensure => installed }
    file { "/etc/ntp.conf":
      owner => root,
      group => root,
      mode => 640,
      require => Package["ntp"],

    service { 'ntp':
      name => 'ntpd',
      ensure => running,
      enable => true,
      subscribe => File['/etc/ntp.conf'],

In the configuration we ensure the package is installed, that, if the file /etc/ntp.conf exists, the configuration is owned by user root and group root, that it has the proper file modes, and that if it doesn't exist the package named ntp is installed to provide it.

The service stanza adds to the above a check for the actual service itself. If Puppet doesn't see a process named "ntpd" then it knows that the service isn't up and will launch it for you.


That's it! If you then launch the puppet agent on your client machine, you should see it apply the above configuration by installed the package named ntp.