Puppet zleslie/freebsd

SirDice

SirDice

Administrator
Staff member
Administrator
Moderator
Is there anybody that uses the zleslie/freebsd module in Puppet?

I'm a total newbie when it comes to Puppet but I managed to get a basic configuration going. The same author has a PKGNG module and that one works perfectly. I created a few basic modules containing some services I wanted to manage and those work too. The freebsd module seems to have all the things I need to configure interfaces (including VLANs) but I can't seem to figure out how to use this module. The accompanied README only contains a few notes about the classes and definitions but doesn't provide any examples. And yes, I have read quite a lot of the Puppet documentation but all I managed to get so far are errors or a non-working module.

If I get this running properly for my client I will try to write up a how-to, covering the distribution, installation and configuration of various services on FreeBSD using Puppet.
 
I enjoy working with Puppet. I'm no expert but I did give the module a quick look and tested some stuff out. Hopefully this helps.

With this in my manifests/site.pp it will configure a static IP and MTU on em0 with a default router.
Code: 
node bsd9vm {
  class {'freebsd::network':
    defaultrouter => '10.100.82.1',
  }
 freebsd::network::interface {'em0':
   address => '10.100.82.25',
   mtu     => '1300',
 }
}

If you look at modules/freebsd/manifests/network.pp, you see that it starts with class freebsd::network. You can declare this like the example above just by saying class and specifying the name of the class in the brackets. Then you just override the default variables listed at the top of the network.pp file by declaring them without the sigil in your node.

For the interface, it's a bit different. If you look at modules/freebsd/manifests/network/interface.pp, you see that it starts with define freebsd::network::interface. You'll use this a bit differently by just calling it out. Specify the name for the interface and variables you want to override and go for it.

Code: 
  freebsd::network::vlan {'82':
    address => '10.100.82.25/24',
    vlan    => '82',
    dev     => 'em0',
  }

Now for Vlans, it works the same way. The example above made the Vlan when it ran after I fixed the module. It looks like there was a comma missing initially. Look in the modules/freebsd/manifests/network/vlan.pp and you'll find there is no comma after the second line. I'm sure you'll run into some more kinks along the way as not many people have downloaded the module.

Code: 
define freebsd::network::vlan (
  $ensure    = 'present'
  $address   = '',  # CIDR Notation
...continued...

Once fixed the example above works.
Code: 
define freebsd::network::vlan (
  $ensure    = 'present',
  $address   = '',  # CIDR Notation
...continued...
 
Thank you very much for the detailed explanation. Things are a lot clearer now. Now I need to figure out how to incorporate it all. We have to configure a bunch of servers, some have VLANs, some don't. I was thinking about defining an array with the network information and somehow work through that.

The basic structure looks something like this:
Code: 
Non-vlan hosts:

host -> name,
        interface,
        ip,
        comments

VLAN hosts:
host -> name,
        interface,
        ip=vlan -> vlanX -> ip
                   vlanY -> ip

For example:
$nodes_data = { 
            test1 => { 'name' => 'test1.example.com',
                       'interface' => 'em0',
                       'ip' => '192.168.1.10/24',
                       'comment' => 'Test Server 1' 
            },
            test2 => { 'name' => 'test2.example.com',
                       'interface' => 'em0',
                       'ip' => { '10' => '192.168.10.10/24',
                                 '20' => '192.168.20.10/24' }
            }
}

Structure is certainly not complete as I just realized some servers have more than one physical interface. And I need to cater for those too.
 
Revised structure:
Code: 
#   host -> name
#           comment
#           interfaces -> int1 -> vlanX -> ip
#                                 vlanY -> ip
#                         int2 -> vlanZ -> ip
#
#   host -> name
#           comment
#           interfaces -> int1 -> ip
#                         int2 -> ip
#
Which looks something like this:
Code: 
        test1 => { 'name' => 'test1.example.com',
                   'comment' => '',
                   'interfaces' => { 'em0' => { 'vlan10' => '192.168.10.1/24',
                                                'vlan20' => '192.168.20.1/24'
                                              }
                                   }
        }
        test2 => { 'name' => 'test2.example.com',
                   'comment' => '',
                   'interfaces' => { 'em0' => '192.168.0.2/24' }
        }
 
junovitch said:
For what it's worth, I have one big Puppet manifest on my FreeBSD server for all my home Ubuntu desktops/laptops. Feel free to use it for ideas.

https://github.com/junovitch/puppet-module-ubuntu1304/blob/master/manifests/init.pp
Click to expand...

I see you have a lot of these:
Code: 
  package { 'apparmor-profiles':
    ensure => installed,
  }
  package { 'bleachbit':
    ensure => installed,
  }
  package { 'chkrootkit':
    ensure => installed,
  }

I used a slightly different approach:
Code: 
define install() { 
  package { "$name": ensure => installed }
}

node default {
  install { [ "sysutils/tmux", "sysutils/smartmontools" ]: }
}
If you need to add a package you can simply edit the array instead of having to add another package{} definition.

I think I'm starting to get the hang of this thing :e
 
Check out facter if you haven't already. You can use any of the values in your manifest to help build something more robust. I mainly use it to distribute SSH and VPN keys specific to a $hostname.

Among other things, it will list interfaces. With some work you might be able to cut out the loopback and just specify a variable for the interface.
Code: 
interfaces => em0,em1,lo0,tun0

If you haven't already, install sysutils/puppet-lint. Between running puppet parser validate mymanifest.pp and puppet-lint mymanifest.pp you should be able to catch the little mistakes before you try them out.

I've been learning as I go as well and my approach for packages was to just list them all out like you seen. I figured out how to do it with an array afterwards and what I have works for me so I'm not bothering to go back to change it right now. Maybe sometime in the future I will.

I submitted a pull request for the missing comma to the maker of the module on Github at https://github.com/xaque208/puppet-freebsd. When all is said and done, between my notes and yours I can put together a quick selection of examples for his readme. Hopefully something to help the next person in the same boat would be useful.
 
You must log in or register to reply here.
Back
Top