Sample puppet manifests for setting up a web server

17,372

Solution 1

With puppet the best thing to remember is to try to create modules for all of your manifest so the code an easily be reused for multiple servers and environments.

Also make use of SVN or GIT this way you can easily track changes and checkout config files needed for a given application. As kashani stated both Puppet Forge and Example42 can be some good references.

Below is a sample manifest that I have created for web servers. This will give you the option to both install/uninstall a web server if required. You'll notice it uses the facter facts for check for both OS and architecture to install the correct RPMS (Centos). Though you could easily take this as a template and expand to Ubuntu with the correct package names.

class apache ($disable = "false", $apacheconf = "default") {
  if $disable == "false" {
    $installed = present
    $enable = true
    $ensure = "running"
  } else {
    $installed = absent
    $enable = false
    $ensure = "stopped"
  }
  case $operatingsystem {
    'CentOS', 'RedHat': {
      if $architecture == "x86_64" {
        package { 'httpd':
          name   => "httpd.x86_64",
          ensure => $installed,
        }
      } else {
        package { 'httpd':
          name   => "httpd.i386",
          ensure => $installed,
        }
      }
      service { 'httpd':
        ensure => $ensure,
        enable => $enable,
      }
      file { "http.conf":
        path   => "/etc/httpd/conf/httpd.conf",
        owner  => root,
        group  => root,
        mode   => 0644,
        source => $apacheconf ? {
          'default' => "puppet:///modules/apache/httpd.conf",
        }
      }
    }  
  }
}

To add additional functionality to the basic manifest you just call it from within another manifest. Such as installing and SSL http server. The code below, you'll see that --include apache-- is used to call the manifest above then also install aditional options.

class apache::ssl ($disable = "false") {
  include apache

  if $disable == "false" {
    $installed = present
    $enable = true
    $ensure = "running"
  } else {
    $installed = absent
    $enable = false
    $ensure = "stopped"
  }

  case $operatingsystem {
    'CentOS', 'RedHat': {
      case $architecture {
        'x86_64': {
          package { 'mod_ssl':
            name   => "mod_ssl.x86_64",
            ensure => $installed,
            require => Package['httpd'],
          }
       }
        'i386':{
          package { 'mod_ssl':
            name   => "mod_ssl.i386",
            ensure => $installed,
            require => Package['httpd'],
          }
        }
      }
    }
  }
}

Solution 2

Unfortunately such a thing doesn't really exist. Using Puppet is kinda like developing web apps before there were frameworks. You will write a lot of scaffolding code.. well at least that's been my experience so far. The Puppet Module Forge is very hit or miss and I've been fairly unimpressed with most of the modules there.

I would recommend looking at Example42's attempts to create a coherent system. I used a number of his modules to bootstrap my latest Puppet install You're going to need to modify quite a bit of his code because it's based on RHEL/CentOS however he uses a params class which makes supporting other distros pretty simple.

Solution 3

You can have something like this. The exact package name depends on the operating system you're using. Put the following in /etc/puppet/modules/webserver/manifests/init.pp:

class webserver {
    package { apache2: ensure => installed; }
    package { php5: ensure => installed; } 
    package { mysql-server ensure => installed; }
}

Then in your /etc/puppet/site/nodes.pp file put:

node default {
    include webserver;
}
Share:
17,372

Related videos on Youtube

Blankman
Author by

Blankman

Updated on September 17, 2022

Comments

  • Blankman
    Blankman almost 2 years

    Just getting my feet wet with puppet (just reading so far), and was hoping there were some sample (real life) manifests/recipes that setup a typical web server with things like apache/mysql/php etc. along with basic server hardening (ubuntu)

    • Scott Pack
      Scott Pack over 13 years
      This is really two questions; the puppet snippets for apache, and hardening Ubuntu. Between here and security.se there are lots of server hardening questions and answers. If none of them seem to help, ask that one separately.
    • Art Shayderov
      Art Shayderov over 13 years
      Puppet is just a tool for delivering configuration to your server. Like install package, copy config files, restart service. It just helps automate the process. I mean there is nothing special in setting up a server with puppet, config files are the same as without puppet.
    • Aaron Copley
      Aaron Copley over 13 years
      Added the 'apache' and 'webserver' tags. Should help in searching.