Using Tags
Version 2 (Anonymous, 03/13/2010 08:02 pm)
| 1 | 1 | # Gaining More Control with Tags |
|
|---|---|---|---|
| 2 | 1 | ||
| 3 | 1 | Puppet allows for arbitrary tags to be applied to any or all |
|
| 4 | 1 | objects in its configuration. You can use these tags to control |
|
| 5 | 1 | your configuration roll-out with greater precision or greater |
|
| 6 | 1 | complexity. |
|
| 7 | 1 | ||
| 8 | 1 | ## Invoking puppet in a Tag-Restricted Context |
|
| 9 | 1 | ||
| 10 | 1 | One way to make use of tagging in puppet is to use tags at |
|
| 11 | 1 | invocation-time to restrict which objects will be taken into |
|
| 12 | 1 | consideration at run-time. In addition to the section below, you |
|
| 13 | 1 | might want to glance at the tags section of the [[Configuration |
|
| 14 | 1 | Reference]] . |
|
| 15 | 1 | ||
| 16 | 1 | ### Testing Configurations with Tags |
|
| 17 | 1 | ||
| 18 | 1 | You can also specify tags on the command-line. This can be very |
|
| 19 | 1 | useful for testing just a portion of the configuration, for |
|
| 20 | 1 | instance, when you are first developing your site manifests. |
|
| 21 | 1 | ||
| 22 | 1 | $ puppetd --tags solaris |
|
| 23 | 1 | ||
| 24 | 1 | In the example above, we might want to only test the solaris hosts |
|
| 25 | 1 | (perhaps because the HP-UX and Linux host configuration isn't |
|
| 26 | 1 | stable yet). |
|
| 27 | 1 | ||
| 28 | 1 | Specifying tags on the command-line might also be useful if your |
|
| 29 | 1 | configuration cycle occurs in multiple phases, e.g.: |
|
| 30 | 1 | ||
| 31 | 1 | $ puppetd --tags phase1,morning |
|
| 32 | 1 | ||
| 33 | 1 | The invocation above might be used to execute only a select phase |
|
| 34 | 1 | of the configuration process, here, using both procedural time |
|
| 35 | 1 | ("phase1") as well as real chronological time ("morning"). |
|
| 36 | 1 | ||
| 37 | 1 | ### Specifying Tags in Configuration Files |
|
| 38 | 1 | ||
| 39 | 1 | Tags can be used in configuration files to create a permanent |
|
| 40 | 1 | context for the host's configuration. For instance, the host below |
|
| 41 | 1 | is configured to configure itself only against objects tagged with |
|
| 42 | 1 | "global", "westside", or "subnet7". Presumably, then, this network |
|
| 43 | 1 | is categorized by physical geography ("westside") as well as by |
|
| 44 | 1 | network topology ("subnet7"). |
|
| 45 | 1 | ||
| 46 | 1 | # |
|
| 47 | 1 | # /etc/puppet/puppet.conf |
|
| 48 | 1 | # |
|
| 49 | 1 | tags = global,westside,newnet |
|
| 50 | 1 | ||
| 51 | 1 | ## Specifying Tags for Different Configuration Scopes |
|
| 52 | 1 | ||
| 53 | 1 | In order to make use of the tagging capability of Puppet, however, |
|
| 54 | 1 | you must first set meaningful tags in your object definitions. |
|
| 55 | 1 | ||
| 56 | 1 | ### Specifying Tags Explicitly in Object Definitions |
|
| 57 | 1 | ||
| 58 | 1 | The easiest way to mark an object with a tag is to do it explicitly |
|
| 59 | 1 | with the "tag" metaparameter. Since it is a metaparameter, it can |
|
| 60 | 1 | be set on any object. In the example below, we're tagging this file |
|
| 61 | 1 | object, "/etc/httpd", with the tag "apache", since it is part of |
|
| 62 | 1 | the Apache webserver configuration. |
|
| 63 | 1 | ||
| 64 | 1 | # |
|
| 65 | 1 | # /etc/puppet/manifests/site.pp |
|
| 66 | 1 | # |
|
| 67 | 1 | file { "/etc/httpd": |
|
| 68 | 1 | ensure => directory, |
|
| 69 | 1 | mode => 0755, |
|
| 70 | 1 | owner => $rootuser, |
|
| 71 | 1 | tag => apache |
|
| 72 | 1 | } |
|
| 73 | 1 | ||
| 74 | 1 | ### Specifying Tags Explicitly in Class Definitions |
|
| 75 | 1 | ||
| 76 | 1 | Classes automatically tag everything in them with the class name, |
|
| 77 | 1 | so this isn't usually needed. This works the same way in nodes. |
|
| 78 | 1 | ||
| 79 | 1 | class ssh { |
|
| 80 | 1 | tag("security") |
|
| 81 | 1 | service { sshd: |
|
| 82 | 1 | ensure => running, |
|
| 83 | 1 | enable => true, |
|
| 84 | 1 | } |
|
| 85 | 1 | } |
|
| 86 | 1 | # sshd service is now tagged with "ssh", "security" and probably a few other things |
|
| 87 | 1 | ||
| 88 | 1 | ### Automatic Tagging |
|
| 89 | 1 | ||
| 90 | 1 | All language statements enclosed in a node, define or class |
|
| 91 | 1 | structure (read more about puppet control structures [[Language |
|
| 92 | 1 | Tutorial]] ) will automatically be tagged with the name of that |
|
| 93 | 1 | statement. These automatically-applied tags will be inherited by |
|
| 94 | 1 | any object enclosed in that class, regardless of the depth of |
|
| 95 | 1 | enclosure. |
|
| 96 | 1 | ||
| 97 | 1 | Let's take a look at the configuration we looked at above, with a |
|
| 98 | 1 | slight change: |
|
| 99 | 1 | ||
| 100 | 1 | # |
|
| 101 | 1 | # /etc/puppet/manifests/site.pp |
|
| 102 | 1 | # |
|
| 103 | 1 | class apache { |
|
| 104 | 1 | file { "/etc/httpd": |
|
| 105 | 1 | ensure => directory, |
|
| 106 | 1 | mode => 0755, |
|
| 107 | 1 | owner => $rootuser, |
|
| 108 | 1 | tag => apache # This line is now redundant |
|
| 109 | 1 | } |
|
| 110 | 1 | } |
|
| 111 | 1 | ||
| 112 | 1 | Now, since the file object "/etc/httpd" is automatically tagged |
|
| 113 | 1 | with "apache" because it is contained in the class named "apache", |
|
| 114 | 1 | it is no longer necessary to explicitly tag it with the "tag" |
|
| 115 | 1 | metaparameter. |