Puppet: Working with puppetforge

So maybe writing modules isn’t something you want to hassle with. Ok, that’s cool. Puppetlabs has provided a place where you can leach off of others. In this article, I will talk about how to use PuppetForge (forge.puppetlabs.com)

There is a good chance that if you thought of a module to write, someone may have already done it and can save you a LOT of work. Most of the modules will support the big three Linux flavors out there, but not all so your results may vary with each and every module. Puppetlabs is working on improving that, but its something to keep in mind as we go through this article.

You can browse on the web site and see what is there but I’m going to take you straight into getting your hands dirty by not only searching, but installing modules directly into your puppet tree from the command line.

Using the puppet client

Since we’re all new here, let’s do a bit of searching to see what we can install.

puppet module search %searchitem%

This will go out to the forge and list all of the modules matching your search. This can be a bit daunting at times as there are several versions of the same package, but don’t worry, we’ll guide you a bit on your way.

root@puppet ~]# puppet module search apache
Searching http://forge.puppetlabs.com ...
NAME                           DESCRIPTION               AUTHOR          KEYWORDS  
puppetlabs-apache              This is a generic Apa...  @puppetlabs     apache web
puppetlabs-passenger           Module to manage Phus...  @puppetlabs     apache rack
DavidSchmitt-apache            Manages apache, modul...  @DavidSchmitt   apache    
jamtur01-httpauth              Puppet HTTP Authentic...  @jamtur01       apache HTTP
jamtur01-apachemodules         Puppet Apache Module ...  @jamtur01       apache    
adobe-hadoop                   Puppet module to depl...  @adobe          apache    
adobe-hbase                    Puppet module to depl...  @adobe          apache    
adobe-zookeeper                Puppet module to depl...  @adobe          apache lock
adobe-highavailability         Puppet module to conf...  @adobe          apache mon
adobe-mon                      Puppet module to depl...  @adobe          apache mon
puppetmanaged-webserver        Apache webserver mana...  @puppetmanaged  apache    
ghoneycutt-apache              Manages apache server...  @ghoneycutt     apache web
ghoneycutt-sites               This module manages t...  @ghoneycutt     apache web
fliplap-apache_modules_sles11  Exactly the same as t...  @fliplap                  
mstanislav-puppet_yum          Puppet 2.                 @mstanislav     apache    
mstanislav-apache_yum          Puppet 2.                 @mstanislav     apache HTTP
jonhadfield-wordpress          Puppet module to set ...  @jonhadfield    apache php
saz-php                        Manage cli, apache an...  @saz            apache php
saltycowdawg-apache                                      @saltycowdawg   apache web
thias-apache_httpd             Install and enable th...  @thias          apache rhel
thias-php                      Install PHP packages ...  @thias          php apache
brightbox-apache               Brightbox's Apache mo...  @brightbox      apache web
5UbZ3r0-httpd                  This module handles a...  @5UbZ3r0        apache

Oh sweet jeebus…we have a few versions of apache. This is the difficult part about working with the forge. Basically, you’d have to go out to each module page and find the one that you think is the best fit for your needs. Or, I use a common rule of thumb, if puppetlabs has a version of it, install their first. If they don’t do everything that you need, then start searching around.

Installing

To install is pretty easy. Just one simple command and it will not only install your module, but also the other modules that it depends upon. Let’s install the PuppetLabs Apache module and you’ll see what I mean.

[root@puppet ~]# puppet module install puppetlabs-apache
Preparing to install into /etc/puppet/modules ...
Downloading from http://forge.puppetlabs.com ...
Installing -- do not interrupt ...
/etc/puppet/modules
└─┬ puppetlabs-apache (v0.4.0)
  ├── puppetlabs-firewall (v0.0.4)
  └── puppetlabs-stdlib (v3.0.1)

As you can see, puppetlabs-apache requires puppetlabs-firewall and puppetlabs-stdlib so it went out and grabbed those. If we look in your /etc/puppet/modules directory, we will now see the other modules listed.

[root@puppet ~]# cd /etc/puppet/modules/
[root@puppet modules]# ls
admin_users  apache  firewall  motd  ntp  pdns_recursor  stdlib  sudo  sysctl

Listing

We can also get a listing of the modules installed on our system by simply typing the list command.

[root@puppet modules]# puppet module list
/etc/puppet/modules
├── admin_users (???)
├── motd (???)
├── ntp (???)
├── pdns_recursor (???)
├── puppetlabs-apache (v0.4.0)
├── puppetlabs-firewall (v0.0.4)
├── puppetlabs-stdlib (v3.0.1)
├── saz-sudo (v2.0.2)
└── sysctl (???)

As you can see, I have several modules installed on my system, not all of which are from the forge. If its on the forge, there is a semver on the module letting you know the version that you have installed.

Upgrading

Of coarse, upgrading is just as easy as installing. Just swap out install for upgrade and away you go.

[root@puppet modules]# puppet module upgrade saz-sudo
Preparing to upgrade 'saz-sudo' ...
Found 'saz-sudo' (v2.0.2) in /etc/puppet/modules ...
Downloading from http://forge.puppetlabs.com ...
Upgrading -- do not interrupt ...
/etc/puppet/modules
└── saz-sudo (v2.0.2 -> v2.0.7)

Let’s make sure it upgraded shall we

[root@puppet modules]# puppet module list
/etc/puppet/modules
├── admin_users (???)
├── motd (???)
├── ntp (???)
├── pdns_recursor (???)
├── puppetlabs-apache (v0.4.0)
├── puppetlabs-firewall (v0.0.4)
├── puppetlabs-stdlib (v3.0.1)
├── saz-sudo (v2.0.7)
└── sysctl (???)

Uninstall

Say you didn’t like the version of puppetlabs-apache that you installed, easy enough to clean it up.

[root@puppet modules]# puppet module uninstall puppetlabs-apache
Preparing to uninstall 'puppetlabs-apache' ...
Removed 'puppetlabs-apache' (v0.4.0) from /etc/puppet/modules

Now one thing to keep in mind. The uninstall will not remove modules that were required on initial install. Probably due to the fact that it doesn’t go through and check all the other modules to make sure that it is not needed elsewhere. Better to leave well enough alone and keep those in the repo. If you want to remove those, you’ll have to do it manually.

[root@puppet modules]# puppet module list
/etc/puppet/modules
├── admin_users (???)
├── motd (???)
├── ntp (???)
├── pdns_recursor (???)
├── puppetlabs-firewall (v0.0.4)
├── puppetlabs-stdlib (v3.0.1)
├── saz-sudo (v2.0.7)
└── sysctl (???)

Conclusion

While writing modules is fun, using someone else’s module that has already solved the problem saves you time and allows you to automate a lot more of your environment faster. Updating the MOTD, adding users, updating sudo are all examples of problems that have already been solved. Let’s not recreate the wheel, its round enough the way it is.

If you want to see a nice video demo of the forge in action, check out this video from PuppetLabs…