Puppet is a toolkit for managing the configuration of many systems. For information about using Puppet on Oracle Solaris, see Using Puppet to Perform Configuration Management in Oracle Solaris 11.4.
On Oracle Solaris, the Puppet application is managed by SMF.
When you install the system/management/puppet package, you get the following SMF service instances:
$ svcs puppet STATE STIME FMRI disabled 8:17:58 svc:/application/puppet:agent disabled 8:17:58 svc:/application/puppet:main disabled 8:17:58 svc:/application/puppet:master disabled 8:17:58 svc:/application/puppet:user online 8:36:42 svc:/application/puppet:upgrade
The master instance serves configuration to agents.
The agent instance controls configuration of a particular node.
The main instance holds shared configuration values.
The user instance is used by the puppet apply command, as well as many of the less common puppet subcommands.
The upgrade instance performs migration and cleanup steps if needed.
Puppet writes to log files in the following locations:
$ svcprop -p config/logdest puppet:master /var/log/puppetlabs/puppet/puppet-master.log $ svcprop -p config/logdest puppet:agent /var/log/puppetlabs/puppet/puppet-agent.log
Puppet expects to use a configuration file named /etc/puppetlabs/puppet/puppet.conf. The /usr/sbin/puppet application reads configuration information from /etc/puppetlabs/puppet/puppet.conf and not from properties set in the application/puppet service instances.
To provide the required configuration file, each puppet instance provides a configfile type property group. The configfile type property group tells the svcio utility to run and create the specified configuration file. The stencil file is used to write data from service property values to the configuration file in the correct format.
The following command shows all puppet service properties that are in a property group of type configfile. This output shows that all instances of the puppet service have the same configfile properties with the same values. Each puppet service instance provides the path to the configuration file, the mode of the configuration file, and the path to the stencil file.
$ svcprop -g configfile puppet
The following command shows the values set in the parent service:
$ svccfg -s puppet listprop puppet_stencil puppet_stencil configfile puppet_stencil/mode astring 0444 puppet_stencil/path astring /etc/puppetlabs/puppet/puppet.conf puppet_stencil/stencil astring puppet.stencil
If you run the following command for each instance, you see that the service instance properties are inherited from the parent service. The instances do not set custom values for any of these properties:
$ svccfg -s puppet:master listprop puppet_stencil
Though every instance specifies the same stencil file, stencil defines property groups are not used because every instance also specifies the same configuration file: Puppet expects to find all configuration in the one file, not in multiple configuration files. In addition, other services also use values from this puppet.conf configuration file.
If your site requires more instances, for example puppet:agent1 and puppet:agent2, add instances and customize property values and add properties for each instance as shown in Modifying the Puppet Configuration File.
The content of the stencil file tells you what properties and other information are written to the configuration file. The puppet.stencil path that is the value of the puppet_stencil/stencil property is relative to /lib/svc/stencils. The following is the content of the stencil file, /lib/svc/stencils/puppet.stencil:
# WARNING: THIS FILE GENERATED FROM SMF DATA.
# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.
#
# See puppet.conf(5) and http://docs.puppet.com/guides/configuring.html
# for details.
#
#
# service: puppet:main
# main is the global section used by all commands and services. It can be
# overridden by the other sections.
#
; walk the main instance and extract all properties from the config PG
$%/(svc:/$%s:(main)/:properties)/ {
[$%2]
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }
}
#
# service: puppet:master
# master is used by the Puppet master service and the Puppet cert command.
#
; walk the master instance and extract all properties from the config PG
$%/(svc:/$%s:(master)/:properties)/ {
[$%2]
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }
}
#
# service: puppet:agent
# agent is used by the Puppet agent service.
#
; walk the agent instance and extract all properties from the config PG
$%/(svc:/$%s:(agent)/:properties)/ {
[$%2]
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }
}
#
# service: puppet:user
# user is used by the Puppet apply command, as well as many of the less common
# Puppet subcommands.
#
; walk the user instance and extract all properties from the config PG
$%/(svc:/$%s:(user)/:properties)/ {
[$%2]
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }
}
Expressions used in this stencil file have the following meanings. See the smf_stencil(5) man page for more information.
|
For example, given the following config property group properties, the following section in the stencil file produces the following block in the configuration file.
$ svcprop -p config puppet:main config/confdir astring /etc/puppetlabs/puppet config/rundir astring /var/run/puppetlabs config/vardir astring /var/cache/puppetlabs
Stencil file:
$%/(svc:/$%s:(main)/:properties)/ {
[$%2]
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }
}
Configuration file:
[main] confdir = /etc/puppetlabs/puppet rundir = /var/run/puppetlabs vardir = /var/cache/puppetlabs
As you can see in Puppet Stencil File, all the property values in the config property group for each instance except puppet:upgrade are written to the configuration file. To modify the configuration file, modify property values in the config property group.
Configuration in the [main] block applies to both the agent and the master. For the Puppet master, agent, and user, configuration in the corresponding block overrides the same configuration in the [main] block.
The following commands show how to add configuration to your Puppet configuration file for the puppet:agent service instance.
$ svccfg -s puppet:agent svc:/application/puppet:agent> setprop config/report=true svc:/application/puppet:agent> setprop config/pluginsync=true svc:/application/puppet:agent> refresh svc:/application/puppet:agent> exit $ svcadm restart puppet:agent
Following the restart, the /etc/puppetlabs/puppet/puppet.conf configuration file contains the following lines in the agent block:
[agent] logdest = /var/log/puppetlabs/puppet/puppet-agent.log pluginsync = true report = true
Similar commands can be used to remove properties and change property values. See Chapter 4, Configuring Services in Managing System Services in Oracle Solaris 11.4.