Resources
Resources are the fundamental unit for modeling system configurations. Each resource describes the desired state for some aspect of a system, like a specific service or package. When Puppet applies a catalog to the target system, it manages every resource in the catalog, ensuring the actual state matches the desired state.
The following video gives you an overview of resources:
Resources contained in classes and defined types share the relationships of those classes and defined types. Resources are not subject to scope: a resource in any area of code can be referenced from any other area of code.
A resource declaration adds a resource to the catalog and tells Puppet to manage that resource's state.
When Puppet applies the compiled catalog, it:
Reads the actual state of the resource on the target system.
Compares the actual state to the desired state.
If necessary, changes the system to enforce the desired state.
Logs any changes made to the resource. These changes appear in Puppet agent's log and in the run report, which is sent to the primary server and forwarded to any specified report processors.
If the catalog doesn't contain a particular resource, Puppet does nothing with whatever that resource described. If
you remove a package resource from your manifests, Puppet
doesn't uninstall the package; instead, it just ignores it. To remove a package, manage it
as a resource and set ensure => absent.
You can delay adding resources to the catalog. For example, classes and defined types can contain groups of resources. These resources are managed only if you add that class or defined resource to the catalog. Virtual resources are added to the catalog only after they are realized.
Resource declarations
At minimum, every resource declaration has a resource type, a title, and a set of attributes:
<TYPE> { '<TITLE>': <ATTRIBUTE> => <VALUE>, }
The resource title and attributes are called the resource body. A resource declaration can have one resource body or multiple resource bodies of the same resource type.
Resource declarations are expressions in the Puppet language — they always have a side effect of adding a resource to the catalog, but they also resolve to a value. The value of a resource declaration is an array of resource references, with one reference for each resource the expression describes.
A resource declaration has extremely low precedence; in fact, it's even lower than the
variable assignment operator (=). This means that if you use a resource
declaration for its value, you must surround it with parentheses to associate it with the
expression that uses the value.
If a resource declaration includes more than one resource body, it declares multiple resources of that resource type. The resource body is a title and a set of attributes; each body must be separated from the next one with a semicolon. Each resource in a declaration is almost completely independent of the others, and they can have completely different values for their attributes. The only connections between resources that share an expression are:
They all have the same resource type.
They can all draw from the same pool of default values, if a resource body with the title
defaultis present.
Resource uniqueness
Each resource must be unique;Puppet does not allow you to
declare the same resource twice. This is to prevent multiple conflicting values from being
declared for the same attribute. Puppet uses the resource
title and the name attribute or namevar to
identify duplicate resources — if either the title or the name is duplicated within a given
resource type, catalog compilation fails. See the page about resource syntax for details about resource titles
and namevars. To provide the same resource for multiple classes, use a class or a virtual
resource to add it to the catalog in multiple places without duplicating it. See classes and virtual resources for more information.
Relationships and ordering
By default,Puppet applies unrelated resources in the order in which they're written in the manifest. If a resource must be applied before or after some other resource, declare a relationship between them to show that their order isn't coincidental. You can also make changes in one resource cause a refresh of some other resource. See the Relationships and ordering page for more information.
Otherwise, you can customize the default order in whichPuppet applies resources with the ordering setting. See the configuration page for details about this setting.
Resource types
Every resource is associated with a resource type, which determines the kind
of configuration it manages. Puppet has built-in resource
types such as file, service, and package.
See the resource type reference for a complete
list and information about the built-in resource types.
You can also add new resource types to Puppet:
Defined types are lightweight resource types written in the Puppet language.
Custom resource types are written in Ruby and have the same capabilities as Puppet's built-in types.
Title
A resource's title is a string that uniquely identifies the resource to Puppet. In a resource declaration, the title is the identifier
after the first curly brace and before the colon. For example, in this file resource
declaration, the title is /etc/passwd:
file { '/etc/passwd':
owner => 'root',
group => 'root',
}
Titles must be unique per resource type. You can have both a package and a service titled "ntp," but you can only have one service titled "ntp." Duplicate titles cause compilation to fail.
The title of a resource differs from the namevar of the resource. Whereas the
title identifies the resource toPuppet itself, the namevar
identifies the resource to the target system and is usually specified by the resource's
name attribute. The resource title doesn't have to match the namevar, but
you'll often want it to: the value of the namevar attribute defaults to the title, so using
the name in the title can save you some typing.
If a resource type has multiple namevars, the type specifies whether and how the title maps
to those namevars. For example, the package type uses the
provider attribute to help determine uniqueness, but that attribute has
no special relationship with the title. See each type's documentation for details about how
it maps title to namevars.
Attributes
Attributes describe the desired state of the resource; each attribute handles some aspect
of the resource. For example, the file type has a mode
attribute that specifies the permissions for the file.
Each resource type has its own set of available attributes; see the resource type reference for a complete list. Most resource types have a handful of crucial attributes and a larger number of optional ones. Attributes accept certain data types, such as strings, numbers, hashes, or arrays. Each attribute that you declare must have a value. Most attributes are optional, which means they have a default value, so you do not have to assign a value. If an attribute has no default, it is considered required, and you must assign it a value.
Most resource types contain an ensure attribute. This attribute generally
manages the most basic state of the resource on the target system, such as whether a file
exists, whether a service is running or stopped, or whether a package is installed or
uninstalled. The values accepted for the ensure attribute vary by resource
type. Most accept present and absent, but there are
variations. Check the reference for each resource type you are working with.
Namevars and name
Every resource on a target system must have a unique identity; you cannot have two services, for example, with the same name. This identifying attribute in Puppet is known as the namevar.
Each resource type has an attribute that is designated to serve as the namevar. For most
resource types, this is the name attribute, but some types use other
attributes, such as the file type, which uses path, the
file's location on disk, for its namevar. If a type's namevar is an attribute other than
name, this is listed in the type reference
documentation.
Most types have only one namevar. With a single namevar, the value must be unique per
resource type. There are a few rare exceptions to this rule, such as the
exec type, where the namevar is a command. However, some resource types,
such as package, have multiple namevar attributes that create a composite
namevar. For example, both the yum provider and the gem
provider have mysql packages, so both the name and the
command attributes are namevars, and Puppet uses both to identify the resource.
The namevar differs from the resource's title, which identifies a resource to Puppet's compiler rather than to the target system. In practice, however, a resource's namevar and the title are often the same, because the namevar usually defaults to the title. If you don't specify a value for a resource's namevar when you declare the resource, Puppet uses the resource's title.
You might want to specify different a namevar that is different from the title when you
want a consistently titled resource to manage something that has different names on
different platforms. For example, the NTP service might be ntpd on Red Hat systems, but ntp on Debian and Ubuntu. You might
title the service "ntp," but set its namevar --- the name attribute ---
according to the operating system. Other resources can then form relationships to the
resource without the title changing.
Metaparameters
Some attributes in Puppet can be used with every resource type. These are called metaparemeters. These don't map directly to system state. Instead, metaparameters affect Puppet's behavior, usually specifying the way in which resources relate to each other.
The most commonly used metaparameters are for specifying order relationships between resources. See the documentation on relationships and ordering for details about those metaparameters. See the full list of available metaparameters in the metaparameter reference.