Now, that we have seen what directory and file structure should be in puppet management. Lets, discuss about user management - creation of local user on client, which is a daily/frequent task of system admin.
Lets change directory to /etc/puppet/modules and create folder accounts with a sub-folder manifests i.e /etc/puppet/modules/accounts/manifests.
We will be creating two files init.pp and system.pp. Please be careful with directory and file names as they hold the key to run your configuration in an appropriate way.
Create and edit file - /etc/puppet/modules/accounts/manifests/system.pp
In the above file we have defined type accounts::system, which is done in order to ensure that every user should get home, shell as defined and not the default which is created by useradd utility. We also included variable for comment and password as these variables varies user to user and cannot be constant.
For example : If we try to create user on ubuntu via useradd utility manually, we will end up having /bin/sh as its shell until explicitly defined using -s option.
Create and edit file - /etc/puppet/modules/accounts/manifests/init.pp
Lets change directory to /etc/puppet/modules and create folder accounts with a sub-folder manifests i.e /etc/puppet/modules/accounts/manifests.
We will be creating two files init.pp and system.pp. Please be careful with directory and file names as they hold the key to run your configuration in an appropriate way.
Create and edit file - /etc/puppet/modules/accounts/manifests/system.pp
define accounts::system ($comment,$password) { user { $title: ensure => 'present', shell => '/bin/bash', managehome => true, } }
In the above file we have defined type accounts::system, which is done in order to ensure that every user should get home, shell as defined and not the default which is created by useradd utility. We also included variable for comment and password as these variables varies user to user and cannot be constant.
For example : If we try to create user on ubuntu via useradd utility manually, we will end up having /bin/sh as its shell until explicitly defined using -s option.
Create and edit file - /etc/puppet/modules/accounts/manifests/init.pp
class accounts { @accounts::system { 'demo': comment => 'demo users', password => '*', } }
Now that the defined type is done, we can use it to actually create the system user resources.We repeat as many times as necessary to create a system accounts::system resource for each user account you want to manage within Puppet.
Once we are done with these configuration, we just then have to realize it in nodes.
Edit file /etc/puppet/manifests/nodes/client2.pp
node 'client2.puppet.com' { include accounts realize (Accounts::System['demo']) }
Apply changes on the master to take effect.
On master server : CentOS
papply Notice: Compiled catalog for server.puppet.com in environment production in 0.05 seconds Notice: Finished catalog run in 0.06 seconds
Let move on to client to fetch changes.
On client server : Ubuntu
pagent Info: Retrieving plugin Info: Caching catalog for client2.puppet.com Info: Applying configuration version '1390898484' Notice: /Stage[main]/Accounts/Accounts::System[demo]/User[demo]/ensure: created Notice: Finished catalog run in 0.67 seconds