puppet 问题记录

1. permission denied 问题
在 cliet 测试时,发现如下的问题:
# puppet agent –server jaseywang.example.com  –noop –test
info: Caching catalog for user1.example.com
info: Applying configuration version '1358997047'
err: /Stage[main]/User::Virtual/Ssh_user[user1]/File[/home/user1/.ssh/id_rsa]: Could not evaluate: Error 400 on SERVER: Permission denied – /etc/puppet/modules/user/files/keys/id_rsa Could not retrieve file metuser1ata for puppet:///modules/user/keys/id_rsa: Error 400 on SERVER: Permission denied – /etc/puppet/modules/user/files/keys/id_rsa at /etc/puppet/modules/user/manifests/definition.pp:49
notice: Finished catalog run in 0.52 seconds

看 error log 应该很简单,权限的问题:
[email protected]:/etc/puppet/modules/user/files/keys$ ll
total 20
-rw-r–r– 1 jaseywang jaseywang 6249 2013-01-23 18:59 authorized_keys
-rw-r–r– 1 jaseywang jaseywang   81 2013-01-22 23:23 config
-rw——- 1 jaseywang jaseywang 1675 2013-01-22 23:18 id_rsa
-rw-r–r– 1 jaseywang jaseywang  398 2013-01-22 23:29 id_rsa.pub

修改一下 if_rsa 的权限:
[email protected]:/etc/puppet/modules/user/files/keys$ ll
total 20
-rw-r–r– 1 jaseywang jaseywang 6249 2013-01-23 18:59 authorized_keys
-rw-r–r– 1 jaseywang jaseywang   81 2013-01-22 23:23 config
-rw-r–r– 1 jaseywang jaseywang 1675 2013-01-22 23:18 id_rsa
-rw-r–r– 1 jaseywang jaseywang  398 2013-01-22 23:29 id_rsa.pub

再次执行通过:
# puppet agent –server jaseywang.example.com  –noop –test
info: Caching catalog for user1.example.com
info: Applying configuration version '1358997047'
notice: /Stage[main]/User::Virtual/Ssh_user[user1]/File[/home/user1/.ssh/id_rsa]/ensure: current_value absent, should be file (noop)
notice: Ssh_user[user1]: Would have triggered 'refresh' from 1 events
notice: Class[User::Virtual]: Would have triggered 'refresh' from 1 events
notice: Stage[main]: Would have triggered 'refresh' from 1 events
notice: Finished catalog run in 0.57 seconds

2. inherits 问题
在进行 node 同步的时候,可以通过 inherits 来进行默认 class 的继承,像下面这样,这样可以让 user1 同时部署 default 的类以及 nginx 这个类:
node default {
        include base
        include sshd
        include user

}

node 'user1.example.com' inherits 'default' {
        include nginx
}

3. 不同 OS 之间的转换
由于涉及到 RedHat 以及 Ubuntu 两个系统,这两个系统在诸如 /etc/bash.bashrc, /etc/bashrc 等文件时实现不太一样,可以通过下面这个方式来区别不同的 OS:
case $operatingsystem {
        "RedHat": {

                $bashrc_etc = "bashrc_etc.el"
        }

        "Ubuntu": {

                $bashrc_etc = "bashrc_etc.debian"
        }
}

在上面按照不同的 OS 定义好了变量之后,修改相应的文件就方便多了:
file{
        "/etc/bash.bashrc":
        name => $operatingsystem ? {
                "RedHat" => "/etc/bashrc",
                "Ubuntu" => "/etc/bash.bashrc",
        },
        ensure => present,
        mode => 0644,
        owner => root,
        group => root,
        source => "puppet://$fileserver/base/bashrc/${bashrc_etc}",
}

4. facter 的使用
这个在需要指定监地址的比较有用,facter 中的 ipaddress 表示的是 puppet 能识别到的第一个 ip 地址,一般就是 eth0, em0 等,根据规定,这个全部划分为内网的 IP,因此如果需要指定监听这个 IP,就可以通过 erb 来实现,以 munin-node 为例,其他的同理:
# cat manifests/init.pp

file {
        "munin-node.conf":
        name => "/etc/munin/munin-node.conf",
        ensure => present,
        owner => root,
        group => root,
        mode => 0644,
        content => template("munin_node/munin-node.conf.erb"),
        require => Package[“munin-node”];
}

# cat templates/munin-node.confi.erb
log_level 4

host <%= @ipaddress %>

5. 一次安装多个包的问题
最初是像下面这样:
$apppackage = [ "screen",
                "tree",
                "git" ]

package {
        $apppackage:
        ensure => installed,
        require => Exec[“yum_makecache”],
}

一直表现正常,但是某次在写 MySQL 模块的时候依葫芦画瓢安装下面三个需要的包时出现了比较诡异的情况
$pkg = [ "mysql-server",
         "python-devel",
         "MySQL-python" ]

根据 puppet "–debug" 参数出来的信息,puppet 会识别不出上面三个包文件,而是将以下面类似的方式安装,这个明显有问题:
mysql -serverpython-develxxxyyyy

百思不得其解,后来干脆直接指定了 name,不再报错:
package {
        "$pkg":
        name => $pkg,
        ensure => installed,
}