Created
September 19, 2013 07:14
-
-
Save philfreo/6620003 to your computer and use it in GitHub Desktop.
Fabric fabfile to bootstrap new servers and install/configure Puppet 3.3 Tested with 64bit Ubuntu 12.04 LTS on AWS EC2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
from fabric.api import * | |
PUPPETMASTER_HOST = 'ecxxxxxxxxxxxx.us-west-2.compute.amazonaws.com' | |
DOMAIN = 'example.com' | |
def set_hostname(hostname, domain): | |
"""Sets the hostname and FQDN for an instance. Should persist after reboot. | |
We want to get 'hostname' to return our hostname (e.g. "foo"). | |
We want to get 'hostname -f' and 'facter fqdn' to all return our desired FQDN (e.g., "foo.example.com"). | |
""" | |
# Set the hostname | |
run('sudo hostname %s' % hostname) | |
run('echo %s | sudo tee /etc/hostname' % hostname) | |
# Add fqdn to hosts file | |
run("""echo " | |
# This file is automatically generated by our bootstrap script. | |
127.0.0.1 {hostname}.{domain} {hostname} localhost | |
# The following lines are desirable for IPv6 capable hosts | |
::1 ip6-localhost ip6-loopback | |
fe00::0 ip6-localnet | |
ff00::0 ip6-mcastprefix | |
ff02::1 ip6-allnodes | |
ff02::2 ip6-allrouters | |
ff02::3 ip6-allhosts" | sudo tee /etc/hosts""".format(hostname=hostname, domain=domain)) | |
@roles('puppetmaster') | |
def setup_puppetmaster(): | |
"""(One-time) setup of the Puppet Master.""" | |
# Roughly following instructions from http://davidwinter.me/articles/2012/12/08/setting-up-puppet-master-and-agents-on-ec2/ | |
set_hostname(PUPPETMASTER_HOST, DOMAIN) | |
# Not using apt-get because we want Puppet 3.0 (and older Ubuntu doesn't have it) | |
# http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html#for-debian-and-ubuntu | |
run('wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb') | |
run('sudo dpkg -i puppetlabs-release-precise.deb') | |
run('sudo apt-get update -y -f') | |
run('sudo apt-get install -y puppetmaster=3.3.0-1puppetlabs1') | |
run('sudo apt-get install -y puppet=3.3.0-1puppetlabs1') | |
run("""echo " | |
[main] | |
logdir=/var/log/puppet | |
vardir=/var/lib/puppet | |
ssldir=/var/lib/puppet/ssl | |
rundir=/var/run/puppet | |
factpath=$vardir/lib/facter | |
templatedir=$confdir/templates | |
[master] | |
# These are needed when the puppetmaster is run by passenger | |
# and can safely be removed if webrick is used. | |
ssl_client_header = SSL_CLIENT_S_DN | |
ssl_client_verify_header = SSL_CLIENT_VERIFY | |
[agent] | |
server=%s | |
report = true | |
classfile = $vardir/classes.txt | |
localconfig = $vardir/localconfig | |
graph = true | |
pluginsync = true | |
" | sudo tee /etc/puppet/puppet.conf""" % (PUPPETMASTER_HOST)) | |
run('echo "*" | sudo tee /etc/puppet/autosign.conf') # we can rely on the AWS security groups instead of SSL signing | |
run('sudo service puppetmaster restart') | |
@roles('puppetmaster') | |
def deploy_puppetmaster(): | |
"""Send the latest Puppet manifest (from the 'puppet/' folder) to the Puppet Master.""" | |
# rsync is faster than fabric's put | |
#put('puppet/', '/etc/', use_sudo=True) | |
# we use separate syncs to the manifests & modules folders so that we can also use --delete without deleting the other | |
# important stuff in the puppet master's /etc/puppet folder. | |
with lcd(os.path.dirname(os.path.realpath(__file__))): | |
local('rsync -adzv --delete --rsync-path="sudo rsync" --exclude=.git --exclude=puppet.conf puppet/manifests/ %s:/etc/puppet/manifests/' % PUPPETMASTER_HOST) | |
local('rsync -adzv --delete --rsync-path="sudo rsync" --exclude=.git --exclude=puppet.conf puppet/modules/ %s:/etc/puppet/modules/' % PUPPETMASTER_HOST) | |
def setup_puppetagent(hostname): | |
""" | |
Setup a (new) server to be a Puppet agent. | |
Usage: fab -H ciofoo setup_puppetagent:ciofoo | |
""" | |
if hostname.endswith('.%s' % DOMAIN): | |
abort('Do not include the domain in the hostname') | |
set_hostname(hostname, DOMAIN) | |
run('sudo apt-get -y -f update') | |
run('sudo apt-get -y -f upgrade') | |
run('sudo apt-get -y -f install puppet') | |
# Not using apt-get because we want Puppet 3.0 (and older Ubuntu doesn't have it) | |
# http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html#for-debian-and-ubuntu | |
run('wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb') | |
run('sudo dpkg -i puppetlabs-release-precise.deb') | |
run('sudo apt-get update -y -f') | |
run('sudo apt-get install -y puppet=3.3.0-1puppetlabs1') | |
run("""echo " | |
[main] | |
logdir=/var/log/puppet | |
vardir=/var/lib/puppet | |
ssldir=/var/lib/puppet/ssl | |
rundir=/var/run/puppet | |
factpath=$vardir/lib/facter | |
templatedir=$confdir/templates | |
[master] | |
# These are needed when the puppetmaster is run by passenger | |
# and can safely be removed if webrick is used. | |
ssl_client_header = SSL_CLIENT_S_DN | |
ssl_client_verify_header = SSL_CLIENT_VERIFY | |
[agent] | |
server=%s | |
report = true | |
classfile = $vardir/classes.txt | |
localconfig = $vardir/localconfig | |
graph = true | |
pluginsync = true | |
" | sudo tee /etc/puppet/puppet.conf""" % (PUPPETMASTER_HOST)) | |
run("sudo sed -i /etc/default/puppet -e 's/START=no/START=yes/'") | |
run('sudo service puppet restart') | |
run('sudo puppet agent --no-daemonize --onetime --verbose --no-splay') | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment