也许我理解不正确:
我想通过 Puppet 定义一些应用于全部已连接的主机。
这是我的 site.pp:
node default {
## Add default user ##
user { 'test':
ensure => present,
managehome => true,
password => '$6$XYZ',
}
## Create sudoers ##
class { 'sudo': }
sudo::conf {
'test':
priority => 60,
content => "test ALL=(ALL) ALL"
}
## Install bareos client ##
class {
'bareos':
manage_client => 'true',
}
}
## Create test-file ##
node 'pp-test' {
file { '/tmp/puppet-test':
ensure => present,
mode => 0644,
content => "Only test-servers get this file.\n",
}
include base-software
class {
'ssh':
server_options => {
'Port' => '2211',
'Protocol' => '2',
'HostKey' => '/etc/ssh/ssh_host_rsa_key',
'HostKey' => '/etc/ssh/ssh_host_dsa_key',
'HostKey' => '/etc/ssh/ssh_host_ecdsa_key',
'UsePrivilegeSeparation' => 'yes',
'KeyRegenerationInterval' => '3600',
'ServerKeyBits' => '1024',
'SyslogFacility' => 'AUTH',
'LogLevel' => 'INFO',
'LoginGraceTime' => '120',
'PermitRootLogin' => 'no',
'StrictModes' => 'yes',
'RSAAuthentication' => 'yes',
'PubkeyAuthentication' => 'yes',
'IgnoreRhosts' => 'yes',
'RhostsRSAAuthentication' => 'no',
'HostbasedAuthentication' => 'no',
'PermitEmptyPasswords' => 'no',
'ChallengeResponseAuthentication'=> 'no',
'PasswordAuthentication' => 'yes',
'AllowUsers' => 'test',
}
}
}
不幸的是,测试节点上没有设置用户“test”pp-test
阅读您的评论后,我创建了另一种布局:
profile/
`-- manifests
|-- backup
| |-- client.pp
| `-- server.pp
|-- backup.pp
`-- base.pp
role/
`-- manifests
|-- backup.pp
`-- init.pp
profile/manifests/base.pp 包含:
class profile::base {
## Add MOTD ##
class {
'motd':
template => '/etc/puppet/modules/motd/templates/motd.erb',
}
## Add default user ##
user { 'test':
ensure => 'present',
managehome => 'true',
password => '$6$XYZ',
}
## Create sudoers ##
class { 'sudo': }
sudo::conf {
'test':
priority => '60',
content => "test ALL=(ALL) ALL"
}
## Install base-software
include base-software
## Configuration of OpenSSH-Server ##
class {
'ssh':
server_options => {
'Port' => '2211',
'Protocol' => '2',
'HostKey' => '/etc/ssh/ssh_host_rsa_key',
'HostKey' => '/etc/ssh/ssh_host_dsa_key',
'HostKey' => '/etc/ssh/ssh_host_ecdsa_key',
'UsePrivilegeSeparation' => 'yes',
'KeyRegenerationInterval' => '3600',
'ServerKeyBits' => '1024',
'SyslogFacility' => 'AUTH',
'LogLevel' => 'INFO',
'LoginGraceTime' => '120',
'PermitRootLogin' => 'no',
'StrictModes' => 'yes',
'RSAAuthentication' => 'yes',
'PubkeyAuthentication' => 'yes',
'IgnoreRhosts' => 'yes',
'RhostsRSAAuthentication' => 'no',
'HostbasedAuthentication' => 'no',
'PermitEmptyPasswords' => 'no',
'ChallengeResponseAuthentication'=> 'no',
'PasswordAuthentication' => 'yes',
'AllowUsers' => 'test',
}
}
}
现在我创建了我的 site.pp 如下:
node default {
include role::backup::client ##add bacula to all servers
}
node 'pp-test' {
file { '/etc/test.txt':
ensure => present,
mode => 0644,
content => "Test\n",
}
}
node 'backupserver' {
include role::backup::server
}
好吧,问题仍然存在:一旦我定义pp-test默认包就不会安装。
答案1
引用文档:
名称 default(不带引号)是节点名称的特殊值。如果找不到与给定节点匹配的节点语句,则将使用默认节点。[...]
由于您的节点名称pp-test位于您的配置中,因此您的default节点配置将不会被应用。
关于你的问题:看看这Craig Dunn 的一篇关于“角色和配置文件”的精彩博文。如果您要采用这种方式,您可以想出类似以下内容的内容:
class role {
include profile::base
}
class role::www inherits role {
# All WWW servers get tomcat
include profile::tomcat
}
class role::www::dev inherits role::www {
include profile::webserver::dev
include profile::database
}
class role::www::live inherits role::www {
include profile::webserver::live
}
class role::mailserver inherits role {
include profile::mailserver
}
...将所有默认设置放入其中profile::base。