Puppet扩展篇7-puppet代码与版本控制系统的结合

一、介绍

二、环境介绍

三、部署流程

1.1 安装相关软件包

[root@puppetserver ~]# svnserve –version  #通过查看版本验证安装是否成功
svnserve, version 1.6.11 (r934486)
   compiled Apr 12 2012, 11:09:11
Copyright (C) 2000-2009 CollabNet.
Subversion is open source software, see http://subversion.tigris.org/
This product includes software developed by CollabNet (http://www.Collab.Net/).
The following repository back-end (FS) modules are available:
* fs_base : Module for working with a Berkeley DB repository.
* fs_fs : Module for working with a plain file (FSFS) repository.
Cyrus SASL authentication is available.

1.2 创建第一个版本库

[root@puppetserver ~]# mkdir /svndata
[root@puppetserver ~]# svnadmin create /svndata/puppet
[root@puppetserver ~]# ll /svndata/puppet/
total 24
drwxr-xr-x 2 root root 4096 Oct 22 13:29 conf
drwxr-sr-x 6 root root 4096 Oct 22 13:29 db
-r--r--r-- 1 root root    2 Oct 22 13:29 format
drwxr-xr-x 2 root root 4096 Oct 22 13:29 hooks
drwxr-xr-x 2 root root 4096 Oct 22 13:29 locks
-rw-r--r-- 1 root root  229 Oct 22 13:29 README.txt

2.1 安装相关软件包

[root@puppetserver ~]# yum install httpd httpd-devel mod_dav_svn

2.2 创建SVN虚拟主机

[root@puppetserver svndata]# vim /etc/httpd/conf.d/subversion.conf
LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so
Listen 8142
<VirtualHost *:8142>
<Location /svndata>
DAV svn
SVNListParentPath on
SVNPath "/svndata/puppet"
AuthType Basic
AuthName "Subversion repository"
AuthUserFile "/svndata/puppet/conf/authfile"
Require valid-user
SVNAutoversioning on
ModMimeUsePathInfo on
</Location>
</VirtualHost>

2.3 创建svn权限配置文件

[groups]
admin = puppet
[admin:/]
@admin = rw
[/]
* = r
[$name:/]
test = rw">>/svndata/puppet/conf/authz
2.4    创建用户名及密码并设置相应权限
[root@puppetserver ~]# /usr/bin/htpasswd -c /svndata/puppet/conf/authfile puppet #创建SVN服务器账户puppet密码为redhat
New password: redhat
Re-type new password: redhat
Adding password for user puppet
[root@puppetserver ~]# chown apache /svndata/puppet -R
[root@puppetserver ~]# echo "puppet = redhat" >>/svndata/puppet/conf/passwd

2.5 配置SVN服务信息

2.6 通过浏览器测试访问

[root@puppetserver svndata]# /etc/rc.d/init.d/httpd restart #重启httpd服务
http://192.168.100.110:8142/svndata/

2.7 通过其他linux节点访问测试

[root@agent1 ~]# svn checkout http://192.168.100.110:8142/svndata/  /mnt/
Authentication realm: <http://192.168.100.110:8142> Puppet Subversion repository
Password for 'root': 
Authentication realm: <http://192.168.100.110:8142> Puppet Subversion repository
Username: puppet 
Password for 'puppet':
-----------------------------------------------------------------------
ATTENTION!  Your password for authentication realm:
   <http://192.168.100.110:8142> Puppet Subversion repository
can only be stored to disk unencrypted!  You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible.  See the documentation for details.
You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
'/root/.subversion/servers'.
-----------------------------------------------------------------------
Store password unencrypted (yes/no)? no
Checked out revision 0.

2.8 通过Windows客户端TortoiseSVN访问测试

备注：由于还为import版本，所以查看的内容为空

3.1 将puppet server模块目录导入到版本库中

[root@puppetserver ~]# svn import /etc/puppet/environments/testing
Authentication realm: <http://192.168.100.110:8142> Puppet Subversion repository
Password for 'root': 
Username: puppet
Password for 'puppet': 
Adding         /etc/puppet/environments/testing/groups
Adding         /etc/puppet/environments/testing/groups/modules
Adding         /etc/puppet/environments/testing/groups/modules/grub
Adding         /etc/puppet/environments/testing/groups/modules/grub/files
Adding         /etc/puppet/environments/testing/groups/modules/grub/manifests
…
Committed revision 1.

备注：由于SVN服务器端和puppetserver在同一台服务器上，也可以通过以下方式进行导入

[root@puppetserver ~]# svn import /etc/puppet/environments/testing  
file:///svndata/puppet -m "Puppet Initial repository"

3.2 通过IE浏览器访问SVN服务器

3.3 通过Windows客户端TortoiseSVN checkout最新的版本库到本地

[root@puppetserver ~]# cd /etc/puppet/environments/testing/
[root@puppetserver testing]# rm -rf *  #删除之前建议备份
[root@puppetserver testing]# svn checkout
http://192.168.100.110:8142/svndata/puppet  /etc/puppet/environments/testing 
Authentication realm: <http://192.168.100.110:8142> Puppet Subversion repository
Password for 'puppet':
Please type 'yes' or 'no': no
A    groups
A    groups/modules
A    groups/modules/grub
A    groups/modules/grub/files
A    groups/modules/grub/manifests
Checked out revision 1.
[root@puppetserver testing]# ls -a
.  ..  agents  environment  groups  manifests  .svn
[root@puppetserver testing]# ls .svn/  #每个目录下面都会生成.svn隐藏目录，用于保存当前版本的信息
all-wcprops  entries  prop-base  props  text-base  tmp
备注：checkout之后，在/etc/puppet/environments/testing目录下就会有一份SVN服务器上最新版本的副本。

4.1 设置pre-commit

设置pre-commit钩子可以提交文件到SNV服务器之前对puppet语法进行检查，语法通过则提交成功，语法错误则提交失败。

4.2 设置post-commit

设置post-commit钩子可以在正确提交文件至SVN服务器之后，puppetmaster的模块目录/etc/puppet/environments/testing会自动从SNV服务器上update最新的版本库到本地。

#!/bin/sh
# POST-COMMIT HOOK
REPOS="$1"
REV="$2"
#mailer.py commit "$REPOS" "$REV" /path/to/mailer.conf
export LANG=en_US.UTF-8
SVN=/usr/bin/svn
PUPPET_DIR=/etc/puppet
#/usr/bin/svn  up /etc/puppet -non-interactive
$SVN  update $PUPPET_DIR --username puppet --password 123.com >>/var/log/puppet/svn_post-commit.log

5.1 本地测试

1）导出版本数据库文件到本地

[root@puppetserver ~]# svn checkout file:///svndata/puppet  /puppet/puppet

2）、创建并添加新的目录及文件

[root@puppetserver puppet]# svn add ssh

3）、将修改后的文件提交到SVN服务器，此时版本库版本加1

[root@puppetserver .svn]# svn commit -m "add ssh modules" /puppet/puppet/*

5.2 远程测试（Linux）

5.3 客户端TortoiseSVN测试（Windows）