Workshops/PuppetWorkshop
by Stefan Alexander Hartsuiker
Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml | 80 +++++++++++----------
1 file changed, 44 insertions(+), 36 deletions(-)
New commits:
commit 6192051c88dea0c796ad6e43ddc118f43e89a825
Author: S.A. Hartsuiker <shartsuiker(a)stefan-vaio.lan>
Date: Sat Oct 18 02:55:15 2008 +0200
Changes :) Please check.
diff --git a/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
index 853e1f1..34a3c03 100644
--- a/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
+++ b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
@@ -880,7 +880,7 @@ debug: Calling fileserver.describe</screen>
<formalpara>
<title>The Puppet</title>
<para>
- Another pretty essential player in this game, as without puppets, there is no strings to pull.
+ Another pretty essential player in this game, as without puppets, there are no strings to pull.
</para>
</formalpara>
<formalpara>
@@ -920,7 +920,7 @@ debug: Calling fileserver.describe</screen>
</section>
<section id="PuppetWorkshop-PuppetFeatures-FactsNoFiction">
- <title>Facts, no Fiction</title>
+ <title>Facts, not Fiction</title>
<para>
When Puppet becomes your main configuration management tool, you want to use facts, not fiction. Puppet takes the most reliable sources for it's facts; the client does not set every single fact.
</para>
@@ -1005,26 +1005,7 @@ debug: Calling fileserver.describe</screen>
</listitem>
<listitem>
<para>
- The puppetmaster.
- </para>
- <para>
- <screen># <userinput>yum install puppet-server</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
- </para>
- <para>
- <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) The Ruby RRDtool library.
- </para>
- <para>
- <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
+ Follow the recipe for < ~25 clients for the other packages that are required (see above).
</para>
</listitem>
</itemizedlist>
@@ -1430,7 +1411,7 @@ node default {
<section id="PuppetWorkshop-LanguageTutorial-ResourceCollections">
<title>Resource Collections</title>
<para>
- There is two ways you can combine multiple resources: Classes and definitions. Classes are only interpreted once per node. Definitions on the other hand can be used as custom types and are meant to be interpreted more then once, each time with different parameters.
+ There are two ways you can combine multiple resources: Classes and definitions. Classes are only interpreted once per node. Definitions on the other hand can be used as custom types and are meant to be interpreted more then once, each time with different parameters.
</para>
<section id="PuppetWorkshop-LanguageTutorial-ResourceCollections-Classes">
<title>Classes</title>
@@ -1551,6 +1532,9 @@ class apache-ssl inherits apache {
<para>
In this case, using the ssl subclass of apache would become <literal>include apache::ssl</literal>.
</para>
+ <para>
+ The main difference (operational wise) between the two styles is that if you make a module out of the first above mentioned classes, both classes would have to be in their own file, so as to facilitate automatic loading by puppet. If you do not do this, puppet cannot find the class(es) that have a different name from the name of the module. On its own there is nothing wrong with having each class in its own file, however with large modules this tends to generate a lot of files, something one may wish to avoid.
+ </para>
</section>
<section id="PuppetWorkshop-LanguageTutorial-ResourceCollections-Definitions">
@@ -1618,7 +1602,10 @@ class apache-ssl inherits apache {
</para>
<para>
<screen>[puppetmasterd]
- modulepath = /var/lib/modules/</screen>
+ modulepath = /var/lib/puppet/modules/</screen>
+ </para>
+ <para>
+ Of course, for this workshop we are using Linux, so this is the preferred path for us, but this may vary, depending on the Operating System the puppetmaster is run on.
</para>
<para>
If you are to have multiple environments (development, testing and production for example), you would move modules to <filename>/var/lib/puppet/modules/<replaceable>environment</replaceable>/</filename>. For more information on configuring environments see <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments-SettingUpEnvironments" />. Modules are comprised of the following:
@@ -1691,7 +1678,7 @@ class apache-ssl inherits apache {
<section id="PuppetWorkshop-HowToUsePuppet-Environments">
<title>Environments</title>
<para>
- Environments aid in staging developments and not breaking the production. There's three environments you would want to consider using:
+ Environments aid in staging developments and not breaking the production. There are three environments you may want to consider using:
</para>
<formalpara>
<title>development</title>
@@ -1706,7 +1693,7 @@ class apache-ssl inherits apache {
</para>
</formalpara>
<para>
- Obviously, the testing stage is entirely optional. One could decide to not use the testing stage the way it is subscribed here, but instead assign a couple of (power-)user desktops and have these users provide feedback on the changes applied, or not use the testing stage at all.
+ Obviously, the testing stage is entirely optional. One could decide to not use the testing stage the way it is described here, but instead assign a couple of (power-)user desktops and have these users provide feedback on the changes applied, or not use the testing stage at all.
</para>
<formalpara>
<title>production</title>
@@ -1822,6 +1809,9 @@ class apache-ssl inherits apache {
}</screen>
</para>
<para>
+ To declare a package to be a virtual resource, one would place a <literal>@</literal> in front of the keyword package. Then, in the class where the virtual resource is realized, one would call the <code>realize()</code> function on the resource, as above in the example.
+ </para>
+ <para>
A more complex but also more appropriate example can be found at <ulink url="http://git.puppetmanaged.org/?p=puppet;a=blob;f=manifests/init.pp" />. Note that in the puppet module linked from puppetmanaged.org, the definition and use of virtual resources is a necessity.
</para>
</section>
@@ -2176,7 +2166,7 @@ end</screen>
Running the puppetmaster in debug mode generates a lot of output. You may want to redirect the output to a file and read the file to prevent the available scrollback buffer from filling up too fast. To run the puppetmaster in debug mode, stop the puppetmaster service and type:
</para>
<para>
- <screen># <userinput>puppetmasterd --debug --no-deamonize [--servertype mongrel --masterport 8141]</userinput></screen>
+ <screen># <userinput>puppetmasterd --debug --no-daemonize [--servertype mongrel --masterport 8141]</userinput></screen>
</para>
<para>
Or run the service in verbose or debug mode by editing <filename>/etc/sysconfig/puppetmaster</filename> and adding <code>--verbose</code> or <code>--debug</code> to <code>PUPPETMASTER_EXTRAOPTS</code>.
@@ -2194,7 +2184,10 @@ end</screen>
<section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppet-DebuggingThePuppet">
<title>Debugging The Puppet</title>
<para>
- para
+ To get an incling about what went wrong, the output of
+ <screen><userinput># puppet --verbose --debug --noop</userinput>
+ </screen>
+ This will run puppet without actually doing the work. Look for things like a 503 error (HTTP permission denied) of a (fatal) error like ''class not found'' or a warning like ''duplicate resource''.
</para>
</section>
@@ -2214,6 +2207,9 @@ end</screen>
<para>
A database can be configured to store the configuration distributed by the puppetmaster, and applied by the puppet. This is optional, and creates some overhead to the original purpose of configuring the puppets, but provides the opportunity to create overviews of applied classes to nodes, and a complete inventory of <emphasis>facts</emphasis> for all nodes. similarities / exemptions.
</para>
+ <para>
+ Regardless of which of the following methods is chosen, they have one thing in common and that is that only the database has to be created. Puppet will create the tables with the correct schema's for you. Only the postgresql example is shown, for the other databases, please consult the respective manual on how to create a database.
+ </para>
<section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-SQLite3">
<title>SQLite3</title>
@@ -2400,7 +2396,7 @@ security: security-admins(a)domain.tld</screen>
<chapter id="PuppetWorkshop-BestPractices">
<title>Best Practices</title>
<para>
- Using Puppet starting in a small(er) scale, scaling up to more and more systems in your organization to become managed with puppet, you might encounter some challenges and to prevent you end up with a giant mess of manifests, files, templates, needing to search (with <code>grep</code> and <code>find</code> for example) where it is exactly you need to configure the next change, or have you use configuration items that need to be changed as soon as your organization introduces the next generation operating systems or distribution version, here's a set of <emphasis>Best Practices</emphasis>, or actually Tips & Tricks.
+ Using Puppet starting in a small(er) scale, scaling up to more and more systems in your organization to become managed with puppet, you might encounter some challenges and to prevent you ending up with a giant mess of manifests, files, templates, needing to search (with <code>grep</code> and <code>find</code> for example) where it is exactly you need to configure the next change, or having to use configuration items that need to be changed as soon as your organization introduces the next generation operating systems or distribution version, here's a set of <emphasis>Best Practices</emphasis>, or actually Tips & Tricks.
</para>
<section id="PuppetWorkshop-BestPractices-SettingOsAndOsver">
@@ -2432,7 +2428,19 @@ case $os {
<section id="PuppetWorkshop-BestPractices-UsingMultipleSources">
<title>Using Multiple Sources</title>
<para>
- para
+ Because no system is exactly alike, it is advisable to formalize a method to allow exceptions, for instance:
+ <screen>#Allow exceptions
+file { "/etc/httpd/conf/httpd.conf":
+ source => [
+ "puppet://$server/webserver/$hostname/httpd.conf",
+ "puppet://$server/webserver/httpd.conf.$hostname",
+ "puppet://$server/webserver/httpd.conf"
+ ],
+ require => Package["httpd"],
+ notify => Service["httpd"]
+}
+ </screen>
+ This allow three ways for a webserver to get the resource <code>/etc/httpd/conf/httpd.conf</code>.
</para>
</section>
@@ -2492,33 +2500,33 @@ case $os {
<formalpara>
<title>Modules</title>
<para>
- Modules that need settings or modules that need to be pulled (updated) from upstream. For older versions of Puppet (< 0.24.4), you can state "imports" here as well.
+ Modules that need settings or files that need to be pulled (updated) from upstream. For older versions of Puppet (< 0.24.4), you can state "imports" here as well.
</para>
</formalpara>
<para>
- explanation
+ Modules allow you to group in one subdirectory all the files needed for the module. This means that upstream can still be the repository that all other files come from, or a completely different repository (perhaps from an opensource contributer)
</para>
</listitem>
<listitem>
<formalpara>
<title>Nodes</title>
<para>
- The nodes you manage, one per file. These oughta be actual nodes, not abstraction levels where you inherit from.
+ The nodes you manage, one per file. These should be be actual nodes, not abstraction levels where you inherit from.
</para>
</formalpara>
<para>
- explanation
+ This allows a per host configuration. This allow for exceptions/additions to the more general groups a node can be part of. Of course this also allows for definition of a node that is not part of any group.
</para>
</listitem>
<listitem>
<formalpara>
<title>Services</title>
<para>
- para
+ This is kind of on a par with grouping, but the design concept behind it is different. Instead of grouping together the same kind of hardwareclass, group together the common function these nodes have.
</para>
</formalpara>
<para>
- explanation
+ Given a cluster of webservers and another cluster of mailservers, it should be obvious what the benefit is. You can change a website instantly on all websever or add an additional maildomain all the nodes of a mailcluster, all in one change.
</para>
</listitem>
<listitem>
15 years, 6 months
en-US/Courses.xml Makefile Workshops/PuppetWorkshop
by Jeroen van Meeuwen
Makefile | 9
Workshops/PuppetWorkshop/en-US/Appendix.xml | 612 ++++
Workshops/PuppetWorkshop/en-US/Common_Content/environment_staging.png |binary
Workshops/PuppetWorkshop/en-US/Common_Content/images/environment_staging.png |binary
Workshops/PuppetWorkshop/en-US/Common_Content/images/title_logo.png |binary
Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml | 1432 ++++++++--
Workshops/PuppetWorkshop/en-US/environment_staging.png |binary
Workshops/PuppetWorkshop/en-US/images/environment_staging.png |binary
en-US/Courses.xml | 3
9 files changed, 1864 insertions(+), 192 deletions(-)
New commits:
commit a2022d718e70e9ea45909f9ef2cb89e993662244
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Fri Oct 17 20:50:09 2008 +0200
Updates
diff --git a/Makefile b/Makefile
index 5b3c298..a395170 100644
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,14 @@ TRANSLATIONS = $(XML_LANG) $(OTHER_LANGS)
COMMON_CONFIG = /usr/share/publican
include $(COMMON_CONFIG)/make/Makefile.common
-html: html-en-US
+int-workshop:
+ rm -rf en-US/Books/Workshops
+ mkdir -p en-US/Books/Workshops/PuppetWorkshop/
+ cp -a Workshops/PuppetWorkshop/en-US/* en-US/Books/Workshops/PuppetWorkshop/
+ cp -a en-US/Common_Content/Legal_Notice.xml en-US/Books/Workshops/PuppetWorkshop/Common_Content/Legal_Notice.xml
+ cp -a en-US/Common_Content/Conventions.xml en-US/Books/Workshops/PuppetWorkshop/Common_Content/Conventions.xml
+
+html: clean int-workshop html-en-US
fpeople: html
rsync -aHvz --delete --progress --rsh=ssh tmp/en-US/html/ fedorapeople.org:./public_html/Courses/
diff --git a/Workshops/PuppetWorkshop/en-US/Appendix.xml b/Workshops/PuppetWorkshop/en-US/Appendix.xml
index d268653..8710799 100644
--- a/Workshops/PuppetWorkshop/en-US/Appendix.xml
+++ b/Workshops/PuppetWorkshop/en-US/Appendix.xml
@@ -52,7 +52,7 @@
<formalpara id="PuppetWorkshop-Appendix-Terminology-nativetype">
<title>native type</title>
<para>
- definition
+ A type provided by puppet
</para>
</formalpara>
</listitem>
@@ -159,6 +159,9 @@
Deny from all
</Directory>
+Listen 8140
+NameVirtualHost *:8140
+
<Proxy balancer://<replaceable>master.puppetmanaged.org</replaceable>>
BalancerMember http://127.0.0.1:8141 keepalive=on retry=30
</Proxy>
@@ -210,11 +213,616 @@
<section id="PuppetWorkshop-Appendix-Examples-DefinedType">
<title>Example Defined Type</title>
<para>
- para
+ A defined type is a custom type you can define yourself. This can be a shortcut to a collection of resources given a set of parameters, or just a single resource, as shown in the following examples.
+ </para>
+ <formalpara>
+ <title>Defined type for a single resource</title>
+ <para>
+ This is an example defined type that creates a single resource, with just one parameter controlling the source of where the file comes from.
+ <screen>define yum::repository ($enable = true) {
+ file { "/etc/yum/repos.d/$name.repo":
+ mode => 644,
+ owner => "root",
+ group => "root",
+ backup => false,
+ links => follow,
+ source => $enable ? {
+ true => "puppet:///yum/$os/$osver/repos/$name.repo",
+ default => "puppet:///yum/$os/$osver/repos/$name.repo.disabled"
+ }
+ }
+}</screen>
+ </para>
+ </formalpara>
+ <para>
+ You can use this defined type to manage the files in <filename>/etc/yum/repos.d/</filename>, and thus the repositories available to the YUM package manager, by calling (for example):
+ <screen>yum::repository { "custom":
+ enable => true
+}</screen>
+ </para>
+ <para>
+ This will create a <code>File["/etc/yum/repos.d/custom.repo"]</code> and grab if from a location on the puppetmaster's fileserver where it has <code>enabled=1</code> in the repository configuration file. Should <code>$enable</code> have been set to false in the <code>Yum::Repository["custom"]</code> resource, then the file would have been grabbed from the location on the puppetmaster's fileserver where the contents would have <code>enabled=0</code>.
+ </para>
+
+ <formalpara>
+ <title>Multiple resources in a defined type</title>
+ <para>
+ This is an example
+ </para>
+ </formalpara>
+ <para>
+ <screen>define yum::plugin($enable = false) {
+ file { "/etc/yum/pluginconf.d/$name.conf":
+ ensure => $enable ? {
+ true => file,
+ default => absent
+ },
+ owner => "root",
+ group => "root",
+ mode => 644,
+ source => "puppet:///yum/plugins/$name.conf"
+ }
+
+ package { "yum-$name":
+ ensure => $enable ? {
+ true => installed,
+ default => absent
+ }
+ }
+
+ case $name {
+ "versionlock": {
+ file { "/etc/yum/pluginconf.d/versionlock.list":
+ source => "puppet:///yum/plugins/versionlock.list"
+ }
+ }
+ }
+}</screen>
</para>
</section>
</appendix>
+ <appendix id="PuppetWorkshop-Appendix-GITCommitHooks">
+ <title>GIT Commit Hooks</title>
+ <para>
+ The following GIT commit hooks allow you to check the manifests you commit before they are actually committed (pre-commit), and sync the puppetmasster after the changes are applied to the repo (post-commit), including posting the changes or diff to a mailing list.
+ </para>
+ <formalpara>
+ <title>pre-commit</title>
+ <para>
+ There is no valid pre-commit hook for GIT repositories yet.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>post-commit</title>
+ <para>
+ <screen>#!/bin/sh
+#
+# An hook script to mail out commit update information.
+# Called by git-receive-pack with arguments: refname sha1-old sha1-new
+#
+# To enable this hook:
+# (1) change the recipient e-mail address
+# (2) make this file executable by "chmod +x update".
+#
+
+project=$(cat $GIT_DIR/description)
+[ -f $GIT_DIR/commit-list ] && \
+ recipients=$(cat $GIT_DIR/commit-list)
+[ -n "$recipients" ] || exit 0
+
+ref_type=$(git cat-file -t "$3")
+
+# Only allow annotated tags in a shared repo
+# Remove this code to treat dumb tags the same as everything else
+# case "$1","$ref_type" in
+# refs/tags/*,commit)
+# echo "*** Un-annotated tags are not allowed in this repo" >&2
+# echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate."
+# exit 1;;
+# refs/tags/*,tag)
+# echo "### Pushing version '${1##refs/tags/}' to the masses" >&2
+# # recipients="release-announce(a)somwehere.com
+# announce(a)somewhereelse.com"
+# ;;
+# esac
+
+# set this to 'cat' to get a very detailed listing.
+# short only kicks in when an annotated tag is added
+short='git shortlog'
+
+# see 'date --help' for info on how to write this
+# The default is a human-readable iso8601-like format with minute
+# precision ('2006-01-25 15:58 +0100' for example)
+date_format="%F %R %z"
+
+# Set to the number of pathname components you want in the subject line
+# to indicate which components of a project changed.
+num_path_components=2
+
+# Set subject
+(if expr "$2" : '0*$' >/dev/null ; then
+ subject="Changes to '${1##refs/heads/}'"
+ echo "Subject: $subject"
+else
+ base=$(git-merge-base "$2" "$3")
+ subject=$(git-diff-tree -r --name-only "$base" "$3" |
+ cut -d/ -f-$num_path_components |
+ sort -u |
+ xargs echo -n)
+
+ commits=$(git-rev-list "$3" "^$base" | wc -l)
+
+ if [ "$commits" -ne 1 ] ; then
+ subject="$commits commits - $subject"
+ fi
+
+ branch="${1##refs/heads/}"
+
+ if [ "$branch" != "master" ] ; then
+ subject="Branch '$branch' - $subject"
+ fi
+
+ echo "Subject: $subject"
+fi
+
+echo "To: $recipients"
+echo "X-Project: $project"
+
+module=$(basename `readlink -f $GIT_DIR`)
+
+echo "X-Git-Module: $module"
+echo ""
+
+if expr "$2" : '0*$' >/dev/null
+then
+ # new ref
+ case "$1" in
+ refs/tags/*)
+ # a pushed and annotated tag (usually) means a new version
+ tag="${1##refs/tags/}"
+ if [ "$ref_type" = tag ]; then
+ eval $(git cat-file tag $3 | \
+ sed -n '4s/tagger \([^>]*>\)[^0-9]*\([0-9]*\).*/tagger="\1" ts="\2"/p')
+ date=$(date --date="1970-01-01 00:00:00 $ts seconds" +"$date_format")
+ echo "Tag '$tag' created by $tagger at $date"
+ git cat-file tag $3 | sed -n '5,$p'
+ echo
+ fi
+
+ prev=$(git describe "$3^" | sed 's/-g.*//')
+ # the first tag in a repo will yield no $prev
+ if [ -z "$prev" ]; then
+ echo "Changes since the dawn of time:"
+ git rev-list --pretty $3 | $short
+ else
+ echo "Changes since $prev:"
+ git rev-list --pretty $prev..$3 | $short
+ echo ---
+ git diff $prev..$3 | diffstat -p1
+ echo ---
+ fi
+ ;;
+
+ refs/heads/*)
+ branch="${1##refs/heads/}"
+ echo "New branch '$branch' available with the following commits:"
+ git-rev-list --pretty "$3" $(git-rev-parse --not --all)
+ ;;
+ esac
+else
+ case "$base" in
+ "$2")
+ git diff "$3" "^$base" | diffstat -p1
+ echo
+ echo "New commits:"
+ ;;
+ *)
+ echo "Rebased ref, commits from common ancestor:"
+ ;;
+ esac
+ git-rev-list "$3" "^$base" | while read rev; do git-show $rev; echo ""; echo ""; done
+fi) | /usr/local/bin/send-unicode-email.py $recipients
+exit 0</screen>
+ </para>
+ </formalpara>
+ <note>
+ <para>
+ The post-commit GIT hook requires <filename>/usr/local/bin/send-unicode-email.py</filename>
+ </para>
+ </note>
+ </appendix>
+
+ <appendix id="PuppetWorkshop-Appendix-SVNCommitHooks">
+ <title>SVN Commit Hooks</title>
+ <para>
+ The following SVN commit hooks allow you to check the manifests you commit before they are actually committed (pre-commit), and sync the puppetmaster after the changes are applied to the repo (post-commit), including posting the changes or diff to a mailing list.
+ </para>
+ <formalpara>
+ <title>pre-commit</title>
+ <para>
+ <screen>#!/bin/sh
+# SVN pre-commit hook to check Puppet syntax for .pp files
+# Modified from http://mail.madstop.com/pipermail/puppet-users/2007-March/002034.html
+REPOS="$1"
+TXN="$2"
+tmpfile=`mktemp`
+export HOME=/tmp
+SVNLOOK=/usr/bin/svnlook
+$SVNLOOK changed -t "$TXN" "$REPOS" | awk '{print $2}' | grep '\.pp$' | while read line
+do
+ $SVNLOOK cat -t "$TXN" "$REPOS" "$line" > $tmpfile
+ if [ $? -ne 0 ]; then
+ echo "Warning: Failed to checkout $line" >&2
+ fi
+ puppet --color=false --confdir=/tmp --vardir=/tmp --parseonly --ignoreimport $tmpfile >&2
+ if [ $? -ne 0 ]; then
+ echo "Puppet syntax error in $line." >&2
+ exit 2
+ fi
+done
+res=$?
+rm -f $tmpfile
+if [ $res -ne 0 ]; then
+ exit $res
+fi</screen>
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>post-commit</title>
+ <para>
+ <screen>#!/bin/sh
+REPOS="$1"
+REV="$2"
+PATH=/usr/bin:/bin
+PROJECT=puppet
+TO=<replaceable>to(a)domain.tld</replaceable>
+FROM=<replaceable>from(a)domain.tld</replaceable>
+
+svn up /etc/puppet/
+svn up /var/lib/puppet/manifests/development/
+svn up /var/lib/puppet/manifests/testing/
+svn up /var/lib/puppet/manifests/production/
+svn up /var/lib/puppet/modules/development/
+svn up /var/lib/puppet/modules/testing/
+svn up /var/lib/puppet/modules/production/
+
+# Note that --from is optional and if omitted the from address
+# will be $COMMITTER@$hostname
+#
+# If no --from is used, the committer may need to be subscribed
+# to the mailing list used in order for this message to be
+# accepted to the mailing list
+#
+
+svnnotify --repos-path "$REPOS" \
+ --revision "$REV" \
+ --smtp localhost \
+ --svnlook /usr/bin/svnlook \
+ --to $TO \
+ <replaceable>--from $FROM \</replaceable>
+ --subject-prefix "Puppet SVN Commit: " \
+ --with-diff --subject-cx --handler HTML::ColorDiff</screen>
+ </para>
+ </formalpara>
+ </appendix>
+
+ <appendix id="PuppetWorkshop-Appendix-ModuleConventions">
+ <title>Module Conventions</title>
+ <para>
+ This section lists a number of conventions used by all modules on <ulink url="http://puppetmanaged.org" />, that you can use (f desireable) and modify as needed.
+ </para>
+
+ <section id="PuppetWorkshop-Appendix-ModuleConventions-CodeLayout">
+ <title>Code Layout</title>
+ <para>
+ A consistent layout of the code is important within a collaborative environment. This section describes a number of conventions used in the modules on puppetmanaged.org.
+ </para>
+
+ <section id="PuppetWorkshop-Appendix-ModuleConventions-CodeLayout-Indentation">
+ <title>Indentation</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>4 spaces to a tab</title>
+ <para>
+ No tabs should be used, and instead 4 space characters should be inserted to increase the indentation level. This applies to the manifests, custom facts, the configuration files (if compatible) as well as the DocBook documentation.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Aggregated resource definitions</title>
+ <para>
+ Aggregated resource definitions, such as <code>file { [ "foo", "bar" ]: ensure => absent }</code> are indented like this:<screen>file { [
+ "foo",
+ "bar"
+ ]:
+ ensure => absent
+}</screen>
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+
+ </section>
+
+ <section id="PuppetWorkshop-Appendix-ModuleConventions-Sources">
+ <title>Sources</title>
+ <para>
+ The location a file is sourced from is subject to the following conditions:
+ <orderedlist>
+ <listitem>
+ <para>
+ A file should first be sourced from a domain-specific configuration tree as to allow domain administrators to maintain their own files. The exact location again is subject to the following conditions:
+ <orderedlist inheritnum="inherit">
+ <listitem>
+ <para>
+ If the file is part of a directory structure that is going to be pulled from the source recursively, and the configuration files in that directory structure is host specific, files for such a host go into a sub-directory <code>$hostname</code>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ If the file is is a single host-specific file to be pulled from the source, the file goes into the same directoryas the original file appended with <code>.$hostname</code>.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ A file should then be sourced from the common, shared <filename>files/</filename> file server share and is organization specific, but not necessarily domain-specific. The <filename>files/</filename> file server share allows an organization to maintain the configuration in a single source controlled tree. Again, the following conditions apply to a file location:
+ <orderedlist inheritnum="inherit">
+ <listitem>
+ <para>
+ If the file is part of a directory structure that is going to be pulled from the source recursively, and the configuration files in that directory structure is host specific, files for such a host go into a sub-directory <code>$hostname</code>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ If the file is is a single host-specific file to be pulled from the source, the file goes into the same directoryas the original file appended with <code>.$hostname</code>.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The source is the default configuration available with the puppet module.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ <para>
+ Such a set of conditions can maybe be shown best in an example configuration, in this case a single file:
+ </para>
+ <para>
+<screen>class sudo {
+ file { "/etc/sudoers":
+ source => [
+ # Organization-wide, host specific, single file
+ "puppet:///files/sudo/sudoers.$hostname",
+
+ # Organization-wide
+ "puppet:///files/sudo/sudoers",
+
+ # Module default
+ "puppet:///sudo/sudoers"
+ ]
+ }
+}</screen>
+ </para>
+ <para>
+ If, however, a host is configured to recursively pull a directory from source, this is a better approach:
+ </para>
+ <para>
+<screen>class foo {
+ file { "/path/to/foo/":
+ source => [
+ # Organization-wide, host specific, directory tree
+ "puppet:///files/foo/$hostname/",
+
+ # Organization-wide
+ "puppet:///files/foo/common/",
+
+ # Module default
+ "puppet:///foo/common/"
+ ],
+ recurse => true
+ }
+}</screen>
+ </para>
+ <para>
+ For common files shared between the common and host specific tree you use symbolic links from the host specific tree to the common tree. If, however, there is a million files in the common directory tree with thousands of changes every day, which makes using symbolic links not particularly sustainable, you can also specify an additional File resource in the manifest applied to the host and manage the host-specific file separate from the recursively managed directory. An example:
+ </para>
+ <para>
+<screen>file { "/path/to/foo/":
+ source => "puppet:///foo/common/",
+ recurse => true
+}
+
+file { "/path/to/foo/bar":
+ source => "puppet:///foo/$hostname/bar"
+}</screen>
+ </para>
+ <para>
+ For host specific files and directory trees shared amongst a group of hosts, you use a category specific file name or directory name appendix (such as <code>.admins-only</code>) and use symbolic links between the host specific file or directory and the category specific file or directory.
+ </para>
+
+ <section id="PuppetWorkshop-Appendix-ModuleConventions-Sources-Scalability">
+ <title>Scalability Issues</title>
+ <para>
+ Suppose you are a large ISP (example-isp.com) running a million websites which may or may not be managed by puppet. Putting all virtualhost specific configuration files in your domain specific tree under <filename>webserver/sites/</filename> doesn't scale very well because of the large amount of files in one single directory which could be inconvenient when trying to edit those files. We've set up a domain-specific tree working around that problem by adding a <filename>webserver/sites.d/</filename> tree dividing the files into a hierarchy with makes tab-completion and finding the files needing to be edited somewhat easier.
+ </para>
+ <para>
+ The <filename>webserver/</filename> tree in GIT => <ulink url="http://git.puppetmanaged.org/?p=domains/example-isp.com/.git;a=tree;f=web..." />
+ </para>
+ </section>
+
+ </section>
+
+ <section id="PuppetWorkshop-Appendix-ModuleConventions-ModuleTreeLayout">
+ <title>Module Tree Layout</title>
+ <para>
+ Like described on <ulink url="http://reductivelabs.com/trac/puppet/wiki">Puppet's wiki</ulink>, a module tree looks as follows:
+ </para>
+ <para>
+ <screen>MODULE_PATH
+ `- module_name/
+ `- README
+ `- depends/
+ `- files/
+ `- manifests/
+ `- plugins/
+ `- facter/
+ `- puppet/type/
+ `- templates/</screen>
+ See also: <ulink url="http://reductivelabs.com/trac/puppet/wiki/ModuleOrganisation" />
+ </para>
+ <para>
+ This is a segmentedlist:
+ <segmentedlist>
+ <title>Module Layout</title>
+ <segtitle>Directory</segtitle>
+ <segtitle>Description</segtitle>
+ <seglistitem>
+ <seg><code>MODULE_PATH</code></seg>
+ <seg>The path that holds the modules (see <code>modulepath</code> in <filename>/etc/puppet/puppet.conf</filename>)</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg><filename>`- module_name/depends/</filename></seg>
+ <seg>Dependencies for the module</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg><filename>`- module_name/files/</filename></seg>
+ <seg>Files distributed with the module. Files in this directory can be sourced by using the <code>puppet:///module_name/</code> URI</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg><filename>`- module_name/manifests/</filename></seg>
+ <seg>The manifests directory for this module. Should at least hold a file called <filename>init.pp</filename></seg>
+ </seglistitem>
+ <seglistitem>
+ <seg><filename>`- module_name/plugins/facter/</filename></seg>
+ <seg>Holds custom facts for this module</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg><filename>`- module_name/plugins/puppet/type/</filename></seg>
+ <seg>Holds custom puppet types for this module</seg>
+ </seglistitem>
+ </segmentedlist>
+ </para>
+ <para>
+ Additionally, puppetmanaged.org modules define a tree layout for some of the files needed by these modules. For example, Red Hat Enterprise Linux 3 cannot have the <code>UsePAM</code> configuration directive in <filename>/etc/ssh/sshd_config</filename>. For the SSH module, the <filename>files/</filename> directory has the following layout:
+ </para>
+ <para>
+ <screen>ssh/files
+ `- CentOS -> RedHat
+ `- RedHat/
+ `- 3/
+ `- sshd_config
+ `- sshd_config</screen>
+ </para>
+ <para>
+ whereas the module sources the <filename>/etc/ssh/sshd_config</filename> as follows:
+ </para>
+ <para><screen>file { "/etc/ssh/sshd_config":
+ owner => "root",
+ group => "root",
+ mode => 600,
+ replace => true,
+ source => [
+ # Organization specific, OS version specific, host specific
+ "puppet:///files/ssh/$os/$osver/sshd_config.$hostname",
+ # Organization specific, OS version specific
+ "puppet:///files/ssh/$os/$osver/sshd_config",
+
+ # Organization specific, OS specific, host specific
+ "puppet:///files/ssh/$os/sshd_config.$hostname",
+ # Organization specific, OS specific
+ "puppet:///files/ssh/$os/sshd_config",
+
+ # Organization specific, host specific
+ "puppet:///files/ssh/sshd_config.$hostname",
+ # Organization specific
+ "puppet:///files/ssh/sshd_config",
+
+ # Module default, OS version specific
+ "puppet:///ssh/$os/$osver/etc/ssh/sshd_config",
+ # Module default, OS specific
+ "puppet:///ssh/$os/etc/ssh/sshd_config",
+ # Module default
+ "puppet:///ssh/etc/ssh/sshd_config"
+ ],
+ notify => Service["sshd"],
+ require => Package["openssh-server"]
+}</screen>
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-Appendix-ModuleConventions-FileAndDirectoryPaths">
+ <title>File And Directory Paths</title>
+ <para>
+ To be able to clearly distinct files from directories (and vice-versa of course), the modules use the following naming convention:
+ <itemizedlist>
+ <listitem>
+ <para>
+ Directory names end with a forward slash.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Filenames do not (however obvious).
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ And here's why it's important. There's a few utilities that do not work if a trailing slash to a fully qualified directory name is omitted. One of these situations is shown as an example (and is not the actual code in the git module):
+ </para>
+ <para>
+<screen>git::pull { [
+ "foo",
+ "bar"
+ ]:
+ base_source => "/srv/git",
+ localtree => "/var/lib/puppet/modules/development"
+}
+
+define git::pull($localtree, $base_source, $branch = 'master') {
+ exec { "git_pull_$name":
+ command => "git pull ${base_source}${name} $branch",
+ cwd => "${localtree}${name}"
+ }
+}</screen>
+ </para>
+ <para>
+ where the <code>cwd</code> has become <filename>/var/lib/puppet/modules/developmentfoo</filename> instead of the intended <filename>/var/lib/puppet/modules/development/foo/</filename>. Also, the <code>$base_source</code> in this example is, unintentionally, <filename>/srv/gitfoo</filename>.
+ </para>
+ <para>
+ If the modules do not use the standard directory naming schema as set forth in this section, some modules might start omitting the forward slash (between <code>${localtree}</code> and <code>$name</code>, or between <code>${base_source}</code> and <code>${name}</code>), and others might not, which in the end leads to confusion and malfunctioning modules.
+ </para>
+ </section>
+
+ </appendix>
+
+<!-- <appendix id="PuppetWorkshop-Appendix-Modules">
+ <title>Modules</title>
+ <para>
+
+ </para>
+
+ <section id="PuppetWorkshop-Appendix-Modules-Puppet">
+ <title>Puppet</title>
+ <para>
+
+ </para>
+ </section>
+
+ </appendix>-->
+
<xi:include href="Revision_History.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
diff --git a/Workshops/PuppetWorkshop/en-US/Common_Content/environment_staging.png b/Workshops/PuppetWorkshop/en-US/Common_Content/environment_staging.png
new file mode 100644
index 0000000..e2e7218
Binary files /dev/null and b/Workshops/PuppetWorkshop/en-US/Common_Content/environment_staging.png differ
diff --git a/Workshops/PuppetWorkshop/en-US/Common_Content/images/environment_staging.png b/Workshops/PuppetWorkshop/en-US/Common_Content/images/environment_staging.png
new file mode 100644
index 0000000..e2e7218
Binary files /dev/null and b/Workshops/PuppetWorkshop/en-US/Common_Content/images/environment_staging.png differ
diff --git a/Workshops/PuppetWorkshop/en-US/Common_Content/images/title_logo.png b/Workshops/PuppetWorkshop/en-US/Common_Content/images/title_logo.png
new file mode 100644
index 0000000..b611f79
Binary files /dev/null and b/Workshops/PuppetWorkshop/en-US/Common_Content/images/title_logo.png differ
diff --git a/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
index a8ccafd..853e1f1 100644
--- a/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
+++ b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
@@ -419,7 +419,7 @@ ensure => present
}
file { "/etc/yp.conf":
- source => "puppet://$server/files/yp.conf",
+ source => "puppet:///files/yp.conf",
notify => Service["ypbind"],
require => Package["ypbind"]
}
@@ -438,7 +438,7 @@ service { "ypbind":
The above example is called a <emphasis>manifest</emphasis>, built out of <emphasis>types</emphasis> (package, file, service), which, once defined in a manifest, are referred to as <emphasis>resources</emphasis>. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
</para>
<para>
- The configuration file for this YP client is pulled from <code>puppet://$server/files/yp.conf</code>, the puppetmaster's fileserver, which is where you put the file, possibly from within a Version Control System.
+ The configuration file for this YP client is pulled from <code>puppet:///files/yp.conf</code>, the puppetmaster's fileserver, which is where you put the file, possibly from within a Version Control System.
</para>
</section>
@@ -447,6 +447,9 @@ service { "ypbind":
<para>
As you can see in the <xref linkend="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo-YpClientExample" />, Puppet does not just manage resources and hopes for the best, but allows one resource to require another resource (<code>File["/etc/yp.conf"] { require => Package["ypbind"] }</code>), and for one resource to notify another resource on changes (<code>File["/etc/yp.conf"] { notify => Service["ypbind"] }</code>).
</para>
+ <para>
+ This capability ensures that files are placed in the right location after the appropriate package is installed, and before the service starts. This also allows changes to configuration files to notify the service so that it can reload or restart.
+ </para>
</section>
<section id="PuppetWorkshop-IntroductionToPuppet-WriteOnceApplyManyTimes">
@@ -461,7 +464,7 @@ service { "ypbind":
}
file { "/etc/yp.conf":
- source => "puppet://$server/files/yp.conf",
+ source => "puppet:///files/yp.conf",
notify => Service["ypbind"],
require => Package["ypbind"]
}
@@ -477,13 +480,12 @@ service { "ypbind":
}
node '<replaceable>node2.example.com</replaceable>' {
-
package { "ypbind":
ensure => latest
}
file { "/etc/yp.conf":
- source => "puppet://$server/files/yp.conf",
+ source => "puppet:///files/yp.conf",
notify => Service["ypbind"],
require => Package["ypbind"]
}
@@ -499,7 +501,7 @@ node '<replaceable>node2.example.com</replaceable>' {
}</screen>
</para>
<para>
- This of course is not very efficient; One change would need to be applied many times still, and errors are easily made. Besides, it doesn't scale well. Why not group the YP Client relevant resources into a class, and then include the class with each node? Here's how:
+ This of course is not very efficient; One change would need to be applied many times still, and errors are easily made. Besides, it doesn't scale well. Group the YP Client relevant resources into a <xref linkend="PuppetWorkshop-PuppetTerminology-class" /> instead, and then include the class with each node:
</para>
<para>
<screen># Example /etc/puppet/manifests/classes/yp.pp
@@ -510,7 +512,7 @@ class yp::client {
}
file { "/etc/yp.conf":
- source => "puppet://$server/files/yp.conf",
+ source => "puppet:///files/yp.conf",
notify => Service["ypbind"],
require => Package["ypbind"]
}
@@ -524,9 +526,7 @@ class yp::client {
]
}
}</screen>
-<screen># Example /etc/puppet/manifests/site.pp
-
-$server = "<replaceable>master.example.com</replaceable>"
+ <screen># Example /etc/puppet/manifests/site.pp
import "classes/*.pp"
@@ -548,8 +548,6 @@ node '<replaceable>node3.example.com</replaceable>' {
<para>
<screen># Example /etc/puppet/manifests/site.pp
-$server = "<replaceable>master.example.com</replaceable>"
-
import "classes/*.pp"
node '<replaceable>node1.example.com</replaceable>' {
@@ -598,8 +596,6 @@ node '<replaceable>node3.example.com</replaceable>' {
<para>
<screen># Example /etc/puppet/manifests/site.pp
-$server = "<replaceable>master.example.com</replaceable>"
-
import "classes/*.pp"
node '<replaceable>node1.example.com</replaceable>' {
@@ -614,8 +610,26 @@ node '<replaceable>node3.example.com</replaceable>' {
include desktop
}</screen>
</para>
+ <para>
+ Note that nodes, like classes, allow a simple form of inheritance, but can only inherit from one other node. As such, you can also use:
+ </para>
+ <para>
+ <screen>node desktop {
+ include yp::client
+}
+
+node '<replaceable>node1.example.com</replaceable>' inherits desktop {
+}
+
+node '<replaceable>node1.example.com</replaceable>' inherits desktop {
+}
+
+node '<replaceable>node1.example.com</replaceable>' inherits desktop {
+}</screen>
+ </para>
</section>
+
</chapter>
<chapter id="PuppetWorkshop-PuppetTerminology">
@@ -624,7 +638,7 @@ node '<replaceable>node3.example.com</replaceable>' {
First, some clarification on the terminology used in this documentation. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
<itemizedlist>
<listitem>
- <formalpara>
+ <formalpara id="PuppetWorkshop-PuppetTerminology-class">
<title>class</title>
<para>
A class is a collection of resources applied to a node with a single include statement. It groups together a comprehensible set of resources. A class <emphasis>ypclient</emphasis> would manage the <code>File["/etc/nsswitch.conf"]</code>, <code>File["/etc/yp.conf"]</code>, <code>Package["ypbind"]</code>, and <code>Service["ypbind"]</code> resources.
@@ -714,6 +728,9 @@ FIXME:
</listitem>
</itemizedlist>
</para>
+ <para>
+ More definition of terms are in <xref linkend="PuppetWorkshop-Appendix-Terminology" />
+ </para>
</chapter>
<chapter id="PuppetWorkshop-HowPuppetWorks">
@@ -760,7 +777,13 @@ FIXME:
</para>
</formalpara>
<para>
- <screen># <userinput>puppetca --sign <fqdn></userinput></screen>
+ <screen># <userinput>puppetca --sign <replaceable><Certificate-CN></replaceable></userinput></screen>
+ </para>
+ <para>
+ To refuse a certificate, or clean a signed certificate, use:
+ </para>
+ <para>
+ <screen># <userinput>puppetca --clean <replaceable><Certificate-CN></replaceable></userinput></screen>
</para>
</listitem>
<listitem>
@@ -969,7 +992,7 @@ debug: Calling fileserver.describe</screen>
A webserver capable of performing as a frontend SSL reverse proxy load balancer, such as the Apache HTTPd webserver.
</para>
<para>
- <screen># <userinput>yum install httpd</userinput></screen>
+ <screen># <userinput>yum install httpd mod_ssl</userinput></screen>
</para>
</listitem>
<listitem>
@@ -1019,6 +1042,8 @@ debug: Calling fileserver.describe</screen>
<title>Configuring the Puppetmaster</title>
<para>
The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values. There's 4 sections of interest,
+ </para>
+ <para>
<itemizedlist>
<listitem>
<formalpara>
@@ -1061,140 +1086,146 @@ debug: Calling fileserver.describe</screen>
<title>Relevant Settings For The First Run</title>
<para>
For the first run of the puppetmaster, the following settings require configuration:
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>[main]</title>
- <para>
- The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
- <itemizedlist>
- <listitem>
- <para>
- <code>logdir = /var/log/puppet/</code>
- </para>
- </listitem>
- <listitem>
+ </para>
+ </formalpara>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>[main]</title>
+ <para>
+ The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <code>logdir = /var/log/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>rundir = /var/run/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>ssldir = $vardir/ssl/</code>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <note>
+ <para>
+ If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
+ </para>
+ </note>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>certname</title>
<para>
- <code>rundir = /var/run/puppet/</code>
+ The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
</para>
- </listitem>
- <listitem>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>certdnsnames</title>
<para>
- <code>ssldir = $vardir/ssl/</code>
+ A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
</para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- <note>
- <para>
- If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
- </para>
- </note>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetmasterd]</title>
- <para>
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>certname</title>
- <para>
- The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>certdnsnames</title>
- <para>
- A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
- <orderedlist>
- <listitem>
- <para>
- The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- Any other hostname or fully qualified domain name you want to use for the puppetmaster.
- </para>
- </listitem>
- </orderedlist>
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <para>
- Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
- ca = <replaceable>true</replaceable></screen>
- The default is often set to <code>true</code>.
+ </formalpara>
+ <para>
+ <orderedlist>
+ <listitem>
+ <para>
+ The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Any other hostname or fully qualified domain name you want to use for the puppetmaster.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </listitem>
+ </itemizedlist>
</para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use autosigning of certificates, using
- <screen>[puppetca]
+ </formalpara>
+ </listitem>
+ <listitem>
+ <para>
+ Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
+ ca = <replaceable>true</replaceable></screen>
+ The default is often set to <code>true</code>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Whether or not to use autosigning of certificates, using
+ <screen>[puppetca]
autosign = <replaceable>false</replaceable></screen>
- The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
+ The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
<formalpara>
<title>Other Relevant Settings</title>
<para>
The following settings require review before the puppetmaster is going in production.
- <itemizedlist>
- <listitem>
- <para>
- A list of environments using a comma seperated list, in
- <screen>[puppetmasterd]
+ </para>
+ </formalpara>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ A list of environments using a comma seperated list, in
+ <screen>[puppetmasterd]
environments = <replaceable>development,testing,production</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
- </para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
- <screen>[puppetmasterd]
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
+ <screen>[puppetmasterd]
reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- <listitem>
- <para>
- The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
tagmap = <replaceable>/path/to/tagmail.conf</replaceable></screen>
- for reporting changes applied to puppets, via email.
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
+ for reporting changes applied to puppets, via email.
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
</section>
<section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Sitepp">
@@ -1203,11 +1234,9 @@ debug: Calling fileserver.describe</screen>
Create a minimal <code>site.pp</code> in <filename>/etc/puppet/manifests/site.pp</filename> for the puppetmaster to parse on it's initial startup. Below is an example.
</para>
<screen>#
-# site.pp for any domain
+# Example site.pp
#
-$server = "<replaceable>master.puppetmanaged.org</replaceable>"
-
# The default node
node default {
@@ -1231,51 +1260,343 @@ node default {
<para>
The webserver is going to listen on port 8140, the default port for the puppetmaster to listen for clients. It is going to forward traffic (after being decrypted) to the puppetmaster on 127.0.0.1:8141.
</para>
+ <para>
+ Setting up the webserver requires you install <application>httpd</application> and <application>mod_ssl</application>. If these are not installed already, use:
+ </para>
+ <para>
+ <screen># <userinput>yum install httpd mod_ssl</userinput></screen>
+ </para>
+ <para>
+ Refer to <xref linkend="PuppetWorkshop-Appendix-ExampleSSLFrontendReverseProxyLoadBalancerConfiguration" /> for more an example VirtualHost configuration for an SSL frontend reverse proxy load balancer.
+ </para>
</section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer">
- <title>Configuring the Database Server</title>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-LanguageTutorial">
+ <title>Language Tutorial</title>
+ <para>
+ The language puppet uses has a strong focus on making the specification of types as easy as possible within a heterogeneous set of resources shared over all the systems you are managing.
+ </para>
+
+ <section id="PuppetWorkshop-LanguageTutorial-Resources">
+ <title>Resources</title>
+ <para>
+ Resource are built by using a type and specifying a list of attributes to that type. Each type has a specific list of supported attributes. You can find the complete list of native types and their attributes on <ulink url="http://reductivelabs.com/trac/puppet/wiki/TypeReference" />
+ </para>
+ <para>
+ A simple example resource is:
+ </para>
+ <para>
+ <screen>file { "/etc/passwd":
+ owner => "root",
+ group => "root",
+ mode => 644
+}</screen>
+ </para>
+ <para>
+ Any system on which this resource is managed will use it to verify that the <filename>/etc/passwd</filename> is owned by the root user and group, and has permissions 644. The field before the colon, in this case "/etc/passwd", is the resource's title, which can be used to refer to the resource later in the manifest.
+ </para>
+ <para>
+ For simple resources that don't vary much between systems, a single title to refer to is sufficient. Many system resources though vary from system to system. The OpenSSH Client package for example is called <application>openssh-client</application> on Debian systems, while it is <application>openssh-clients</application> on Fedora systems. To create the package resource to get the OpenSSH Client package installed through a manifest, Puppet allows you to specify:
+ </para>
+ <para>
+ <screen>package { "openssh-clients":
+ ensure => installed,
+ name => $operatingsystem ? {
+ "Debian" => "openssh-client",
+ default => "openssh-clients"
+ }
+}</screen>
+ </para>
+ <important>
+ <para>
+ Note that the name of this resource is now conditional, and thus virtually unpredictable from within the rest of the manifests, but still if you wanted to require the OpenSSH Client package you do not need to conditionally require the resource, but instead can use the title of the resource, "openssh-clients".
+ </para>
+ </important>
+ <para>
+ Even more complex resources are file resources that are located in different paths on different operating systems, such as the configuration file for the OpenSSH Client package.
+ </para>
+ <para>
+ <screen>file { "/etc/ssh/ssh_config":
+ path => $operatingsystem ? {
+ "Solaris" => "/usr/local/etc/ssh/ssh_config",
+ "Darwin" => "/etc/ssh_config",
+ "Debian" => "/etc/openssh/ssh_config",
+ default => "/etc/ssh/ssh_config"
+ },
+ require => Package["openssh-clients"]
+}</screen>
+ </para>
+ <para>
+ The <emphasis>title</emphasis> for this resource is "/etc/ssh/ssh_config", while the path of the file managed is conditional to the value of the <code>$operatingsystem</code> variable. The <code>$operatingsystem</code> variable in this case is a fact describing the operating system name. Note that the title of the resource is used as a path if the path parameter had not been seperately configured.
+ </para>
+ <para>
+ Also note that it is the title of the <code>Package["openssh-clients"]</code> used in the reference to the OpenSSH Client package resource.
+ </para>
+ <note>
+ <para>
+ To refer to a resource, you can use it's title, or specify the magic attribute "alias".
+ </para>
+ </note>
+
+ <section id="PuppetWorkshop-LanguageTutorial-ResourceDefaults">
+ <title>Resource Defaults</title>
+ <para>
+ You can specify resource defaults so that the default parameter is always used when you make a resource by capitalizing the resource and not specifying a title. With the exec type for example, the command either must use a fully qualified path, or the path parameter to the exec type must be included.
+ </para>
+ <para>
+ <screen>Exec {
+ path => [
+ "/bin/",
+ "/usr/bin/",
+ "/usr/local/bin/",
+ "/sbin/",
+ "/usr/sbin/",
+ "/usr/local/sbin/"
+ ]
+}</screen>
+ </para>
+ <para>
+ This makes the following work
+ </para>
+ <para>
+ <screen>exec { "echo this works": }</screen>
+ </para>
+ <para>
+ While normally you would have to specify (in each exec resource):
+ </para>
+ <para>
+ <screen>exec { "/bin/echo this works" }</screen>
+ </para>
+ <para>
+ Needless to say, <application>echo</application> does not exist in <filename>/bin/</filename> on all operating sytems you may want to manage.
+ </para>
<para>
- A database can be configured to store the configuration distributed by the puppetmaster, and applied by the puppet. This is optional, and creates some overhead to the original purpose of configuring the puppets, but provides the opportunity to create overviews of applied classes to nodes, and a complete inventory of <emphasis>facts</emphasis> for all nodes. similarities / exemptions.
+ This type of defaults you would normally store in a file named after the type you specify the defaults for, in the directory <filename>utils/</filename> beneath the <filename>manifests/</filename> directory.
</para>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-SQLite3">
- <title>SQLite3</title>
+ <section id="PuppetWorkshop-LanguageTutorial-ResourceDefaults-ConditionalResourceDefaults">
+ <title>Conditional Resource Defaults</title>
<para>
- SQLite(3) is a file based, light SQL database which is suitable for small databases. Depending on the size of the organization or priority you give to storing configs, generally speaking using SQLite(3) is not very suitable. In addition, SQLite3 isn't easily queried either manually or automatically. To setup SQLite3, provide the following settings in <filename>/etc/puppet/puppet.conf</filename>:
+ To facilitate the use of different defaults per operating system for example, you can set the resource defaults conditionally, using either <code>if-then-else</code> statements, or using <code>case</code> statements.
</para>
<para>
- <screen>[puppetmasterd]
- reports = store[,tagmail,rrdgraph]
- storeconfigs = true
- dbadapter = sqlite3
- dblocation = /var/lib/puppet/storeconfigs.sqlite</screen>
+ Case statements let you set the resource defaults as follows:
+ </para>
+ <para>
+ <screen>case $operatingsystem {
+ "Darwin": {
+ Exec {
+ path => [
+ "/foo/bin/",
+ "/bar/sbin/",
+ (...etc...)
+ ]
+ }
+ }
+ "Solaris": {
+ Exec {
+ path => [
+ "/baz/bin/",
+ "/baz/sbin/",
+ (...etc...)
+ ]
+ }
+ }
+ default: {
+ Exec {
+ path => [
+ "/bin/",
+ "/usr/bin/",
+ (...etc...)
+ ]
+ }
+ }
+}</screen>
</para>
+ <important>
+ <para>
+ Resource defaults are not global, but apply to every resource in the current scope. If you define the resource defaults within a class, then the resources within that class and all sub-classes will have defaults set. The only way you can currently specify global defaults is to define them outside of any classes.
+ </para>
+ </important>
+
</section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-MySQL">
- <title>MySQL</title>
+ </section>
+
+ <section id="PuppetWorkshop-LanguageTutorial-ResourceCollections">
+ <title>Resource Collections</title>
+ <para>
+ There is two ways you can combine multiple resources: Classes and definitions. Classes are only interpreted once per node. Definitions on the other hand can be used as custom types and are meant to be interpreted more then once, each time with different parameters.
+ </para>
+ <section id="PuppetWorkshop-LanguageTutorial-ResourceCollections-Classes">
+ <title>Classes</title>
+ <para>
+ Classes are introduced by using the <code>class</code> keyword, and support a simple form of inheritence. Subclasses are allowed to override resources defined in parent classes.
+ </para>
+ <para>
+ <screen>class unix {
+ file { [
+ "/etc/passwd",
+ "/etc/group"
+ ]:
+ owner => root,
+ group => root,
+ mode => 644
+ }
+}
+
+class freebsd inherits unix {
+ File["/etc/passwd"] {
+ group => "wheel"
+ }
+ File["/etc/group"] {
+ group => "wheel"
+ }
+}</screen>
+ </para>
<para>
- MySQL of course is much more scalable, and you can query it manually or automatically.
+ You can use the <code>undef</code> keyword when overriding a resource to make the child class act as if the value had never been set in the parent:
</para>
<para>
- <screen>[puppetmasterd]
- reports = store[,tagmail,rrdgraph]
- storeconfigs = true
- dbadapter = mysql
- dbserver = 127.0.0.1
- dbuser = <replaceable>puppet</replaceable>
- dbpassword = <replaceable>puppet</replaceable>
- [dbsocket = /var/lib/mysql/mysql.sock]
- </screen>
+ <screen>class freebsd inherits unix {
+ File["/etc/passwd"] {
+ group => undef
+ }
+}</screen>
+ </para>
+ <para>
+ In this example, nodes which include the unix class will have the password file forced to group root, while nodes including freebsd would have the password file group ownership left unmodified.
+ </para>
+ <para>
+ It is also possible to add additional values to resource parameters using the <literal>+></literal> operator:
+ </para>
+ <para>
+ <screen>class apache {
+ service { "apache":
+ require => Package["httpd"]
+ }
+}
+
+class apache-ssl inherits apache {
+ # host certificate is required for SSL to function
+ Service["apache"] {
+ require +> File["apache.pem"]
+ }
+}</screen>
+ </para>
+ <para>
+ The above effectively makes the <code>require</code> parameter for the <code>Service["apache"]</code> resource in the <code>apache-ssl</code> class equal to <code>[ Package["httpd"], File["apache.pem"] ]</code>.
+ </para>
+ <para>
+ You can add multiple values by separating each value with commas:
+ </para>
+ <para>
+ <screen>class apache {
+ service { "apache":
+ require => Package["httpd"]
+ }
+}
+
+class apache-ssl inherits apache {
+ Service["apache"] {
+ require +> [
+ File["apache.pem"],
+ File["/etc/httpd/conf/httpd.conf"]
+ ]
+ }
+}</screen>
+ </para>
+ <para>
+ The above would make the require parameter in the apache-ssl class equal to <code>[ Package["httpd"], File["apache.pem"], File["/etc/httpd/conf/httpd.conf"] ]</code>.
+ </para>
+ <para>
+ Like resources, you can also require a class, like so:
+ </para>
+ <para>
+ <screen>class apache {
+ service { "apache":
+ require => Class["squid"]
+ }
+}</screen>
+ </para>
+ <para>
+ In this case, the <code>Class["squid"]</code> will need to be applied successfully before the <code>Service["apache"]</code> resource is applied on the puppet.
+ </para>
+ <formalpara>
+ <title>Namespacing</title>
+ <para>
+ Classes such as the <code>apache</code> class in one of the forementioned examples, sub-classed by the <code>apache-ssl</code> class, can also be defined within another class:
+ </para>
+ </formalpara>
+ <para>
+ <screen>class apache {
+ service { "apache":
+ require => Package["httpd"]
+ }
+
+ class ssl inherits apache {
+ Service["apache"] {
+ require +> [
+ File["apache.pem"],
+ File["/etc/httpd/conf/httpd.conf"]
+ ]
+ }
+ }
+}</screen>
+ </para>
+ <para>
+ In this case, using the ssl subclass of apache would become <literal>include apache::ssl</literal>.
</para>
</section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-Postgresql">
- <title>PostgreSQL</title>
+ <section id="PuppetWorkshop-LanguageTutorial-ResourceCollections-Definitions">
+ <title>Definitions</title>
+ <para>
+ Definitions are very similar to classes, but are introduced with the <code>define</code> keyword, and do not allow inheritance. Definitions also take parameters, which classes do not.
+ </para>
+ <para>
+ <screen>class yum {
+ define repository($enable = true) {
+ file { "/etc/yum.repos.d/$name.repo":
+ mode => 644,
+ owner => "root",
+ group => "root",
+ backup => false,
+ links => follow,
+ source => $enable ? {
+ true => [
+ "puppet:///yum/$os/$osver/repos/$name.repo"
+ ],
+ default => [
+ "puppet:///yum/$os/$osver/repos/$name.repo.disabled"
+ ]
+ }
+ }
+ }
+}</screen>
+ </para>
<para>
- PostgreSQL is even more scalable then MySQL
+ This definition can be used as follows:
</para>
+ <para>
+ <screen>node '<replaceable>node1.example.com</replaceable>' {
+ yum::repository { "<replaceable>custom</replaceable>":
+ enable => true
+ }
+}</screen>
+ </para>
+ <para>
+ Now, <code>node1.example.com</code> gets a file <filename>/etc/yum.repos.d/custom.repo</filename> from <filename>puppet:///yum/$os/$osver/repos/custom.repo</filename>.
+ </para>
+ <note>
+ <para>
+ The above example makes use of <code>$os</code> and <code>$osver</code> variables you have to set first. See <xref linkend="PuppetWorkshop-BestPractices-SettingOsAndOsver" /> for more details.
+ </para>
+ </note>
</section>
</section>
@@ -1287,35 +1608,470 @@ node default {
<chapter id="PuppetWorkshop-HowToUsePuppet">
<title>How To Use Puppet</title>
<para>
- This is a first section
+ Now that we've set up Puppet, let's see how we can use puppet.
</para>
<section id="PuppetWorkshop-HowToUsePuppet-Modules">
<title>Using Modules</title>
<para>
- About using modules
+ Modules are collections of manifests, files, templates, plugins and possibly documentation on how to use the module, and have a special position in Puppet that allows them to be loaded automatically. Modules live in <filename><replaceable>$confdir</replaceable>/modules/</filename> by default, so you will need to change that using the <code>modulepath</code> setting in <filename>/etc/puppet/puppet.conf</filename>:
</para>
+ <para>
+ <screen>[puppetmasterd]
+ modulepath = /var/lib/modules/</screen>
+ </para>
+ <para>
+ If you are to have multiple environments (development, testing and production for example), you would move modules to <filename>/var/lib/puppet/modules/<replaceable>environment</replaceable>/</filename>. For more information on configuring environments see <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments-SettingUpEnvironments" />. Modules are comprised of the following:
+ </para>
+ <formalpara>
+ <title><filename><replaceable>module_name</replaceable>/manifests/init.pp</filename></title>
+ <para>
+ This file is mandatory and defines the manifest for the module. The <filename><replaceable>module_name</replaceable>/manifests/init.pp</filename> should at least define 1 class with the same name as the module to allow automatically loading the module.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title><filename><replaceable>module_name</replaceable>/files/</filename></title>
+ <para>
+ The tree of files this module may distribute to clients. Note that this tree should only contain the modules default, which would represent the best default for all of the systems in the organization. If the manifest uses files from the module, address the files as follows from the manifest:
+ </para>
+ </formalpara>
+ <para>
+ <screen>source => "puppet:///<replaceable>module_name</replaceable>/path/to/file"</screen>
+ </para>
+ <para>
+ So, for example, if the file to distribute is <filename><replaceable>module_name</replaceable>/files/foo</filename>, the <code>source</code> value would be:
+ </para>
+ <para>
+ <screen>source => "puppet:///<replaceable>module_name</replaceable>/foo</screen>
+ </para>
+ <para>
+ For more information on using multiple sources, see <xref linkend="PuppetWorkshop-BestPractices-UsingMultipleSources" />. For more information on fileserver operations, see <xref linkend="PuppetWorkshop-HowToUsePuppet-Fileserver" />.
+ </para>
+ <formalpara>
+ <title><filename><replaceable>module_name</replaceable>/templates/</filename></title>
+ <para>
+ Templates are basically files with conditional content, or little programs spitting out what the actual file should look like given a set of variables, conditions and logical statements. Templates should go into the <filename><replaceable>module_name</replaceable>/templates/</filename> directory, and can therefrom used as follows:
+ </para>
+ </formalpara>
+ <para>
+ <screen>content => template('<replaceable>module_name</replaceable>/<replaceable>template_filename</replaceable>')</screen>
+ </para>
+ <para>
+ Example with <filename>webserver/templates/virtualhost.conf.erb</filename>:
+ </para>
+ <para>
+ <screen>content => template('webserver/virtualhost.conf.erb')</screen>
+ </para>
+ <formalpara>
+ <title><filename><replaceable>module_name</replaceable>/plugins/puppet/type/</filename></title>
+ <para>
+ The location to put custom types to be distributed with this module. Requires <code>pluginsync</code> to be set to <code>true</code> in the puppet configuration.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title><filename><replaceable>module_name</replaceable>/plugins/puppet/provider/</filename></title>
+ <para>
+ The location to put custom providers to be distributed with this module. Requires <code>pluginsync</code> to be set to <code>true</code> in the puppet configuration.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title><filename><replaceable>module_name</replaceable>/plugins/facter/</filename></title>
+ <para>
+ The location to put custom facts to be distributed with this module. Requires <code>pluginsync</code> to be set to <code>true</code> in the puppet configuration.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title><filename><replaceable>module_name</replaceable>/documentation/</filename></title>
+ <para>
+ Just an optional placeholder for documentation you may want to distribute along with the module, if you are to share the module with the community.
+ </para>
+ </formalpara>
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-Environments">
+ <title>Environments</title>
+ <para>
+ Environments aid in staging developments and not breaking the production. There's three environments you would want to consider using:
+ </para>
+ <formalpara>
+ <title>development</title>
+ <para>
+ The development environment is where you stage developments in your manifests, modules and plugins. You would apply the development environment to a small number of non-critical systems, that maybe are dedicated to the sole purpose of puppet development. These development systems would not necessarily be managed extensively with puppet, and may just apply only the classes you are making changes to. There is no use in applying the <code>foo</code> class to a development system if you are making changes to the <code>bar</code> module or class.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>testing</title>
+ <para>
+ The testing stage would be the stage where your basic development is finished, and you test the changes in a broader scope. Again, these systems should be non-critical systems, but these systems may also not be dedicated to puppet testing. In the testing stage, you would want to make sure all puppet classes and modules are applied correctly when used in combination with one another. For example, conflicts between modules and/or classes could be caused by duplicate resource definitions, or incorrect inter-module or inter-class dependencies (<code>require =></code>, <code>notify =></code>, <code>before =></code> and <code>subscribe =></code> statements). Although most of the dependencies are used in the development stage as well, using the testing stage makes sure N+X modules cooperate before you destroy your production.
+ </para>
+ </formalpara>
+ <para>
+ Obviously, the testing stage is entirely optional. One could decide to not use the testing stage the way it is subscribed here, but instead assign a couple of (power-)user desktops and have these users provide feedback on the changes applied, or not use the testing stage at all.
+ </para>
+ <formalpara>
+ <title>production</title>
+ <para>
+ The production stage is the most important stage in the entire process of staging changes. The production environment is where most of the systems within your orgnization are managed in, and as such, changes applied to the production environment need to be proven stable (or system and services may be interrupted).
+ </para>
+ </formalpara>
+ <para>
+ <inlinemediaobject>
+ <objectinfo>
+ <title>An overview of how changes are applied and staged</title>
+ </objectinfo>
+ <imageobject>
+ <imagedata format='PNG' fileref="images/environment_staging.png" />
+ </imageobject>
+ </inlinemediaobject>
+ </para>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-Environments-SettingUpEnvironments">
+ <title>Setting Up Environments</title>
+ <para>
+ Setting up the environments requires you to configure the available environments in <filename>/etc/puppet/puppet.conf</filename>. The relevant settings are:
+ </para>
+ <para>
+ <screen>[puppetmasterd]
+ environments = <replaceable>development,testing,production</replaceable></screen>
+ </para>
+ <para>
+ Per environment, create a section similar to the following:
+ </para>
+ <para>
+ <screen>[development]
+ manifest = /var/lib/puppet/manifests/development/site.pp
+ modulepath = /var/lib/puppet/modules/development
+
+[testing]
+ manifest = /var/lib/puppet/manifests/testing/site.pp
+ modulepath = /var/lib/puppet/modules/testing
+
+[production]
+ manifest = /var/lib/puppet/manifests/production/site.pp
+ modulepath = /var/lib/puppet/modules/production</screen>
+ </para>
+ <para>
+ Make sure you put the files and directories in place before restarting the puppetmaster service.
+ </para>
+ </section>
+
</section>
<section id="PuppetWorkshop-HowToUsePuppet-VirtualResources">
<title>Virtual Resources</title>
<para>
- paragraph
+ Using virtual resources is a way to avoid duplicate definitions in your manifests if you define a virtual resource in parent classes, inherit the parent classes in sub-classes, and realize() the virtual resource in the sub-class.
+ </para>
+ <para>
+ An example where you can use virtual resources is a webserver class:
+ </para>
+ <para>
+ <screen>class webserver {
+ package { "httpd":
+ ensure => installed
+ }
+
+ class ssl {
+ package { [
+ "httpd",
+ "mod_ssl"
+ ]:
+ ensure => installed
+ }
+ }
+}</screen>
+ </para>
+ <para>
+ Now, if you were to <code>include webserver</code> on a system, everything is well. However, some other class may require the <code>webserver::ssl</code> class to be applied to the system as well:
+ </para>
+ <para>
+ <screen>class mail {
+ class server {
+ # Include webserver::ssl for secure webmail capacity
+ include webserver::ssl
+
+ webserver::virtualhost { "mail.$domain":
+ enable => true,
+ certificate => true
+ }
+
+ package { "squirrelmail":
+ ensure => installed
+ }
+ }
+}</screen>
+ </para>
+ <para>
+ This would result in a duplicate definition of the <code>Package["httpd"]</code> resource. Such is easily prevented by making sure the <code>Package["httpd"]</code> resource is only defined once:
+ </para>
+ <para>
+ <screen>class webserver {
+ @package { [
+ "httpd",
+ "mod_ssl"
+ ]:
+ ensure => installed
+ }
+
+ realize(Package["httpd"])
+
+ class ssl inherits webserver {
+ realize( Package["httpd"],
+ Package["mod_ssl"])
+ }
+}</screen>
+ </para>
+ <para>
+ A more complex but also more appropriate example can be found at <ulink url="http://git.puppetmanaged.org/?p=puppet;a=blob;f=manifests/init.pp" />. Note that in the puppet module linked from puppetmanaged.org, the definition and use of virtual resources is a necessity.
</para>
</section>
<section id="PuppetWorkshop-HowToUsePuppet-Plugins">
<title>Using Plugins</title>
<para>
- About the use of plugins
+ Using plugins (e.g. custom types, facts, functions and providers) gives you even more control over the behaviour of puppet and extend what it can do. An example custom fact that exposes the version of Python installed is:
+ </para>
+ <para>
+ <screen># From <ulink url="http://reductivelabs.com/trac/puppet/wiki/Recipes/PythonVersion" />
+require 'facter'
+
+pythonversion = nil
+if FileTest.exists?("/usr/bin/python")
+ pythonversion = %x{python -V 2>&1}.split(" ")[1]
+end
+
+Facter.add("pythonversion") do
+ setcode do
+ pythonversion
+ end
+end
+
+Facter.add("pythonmmversion") do
+ pythonmmversion = nil
+ if pythonversion != nil
+ pythonversionsplit = pythonversion.split(".")
+ pythonmmversion = pythonversionsplit[0] + "." + pythonversionsplit[1]
+ end
+ setcode do
+ pythonmmversion
+ end
+end</screen>
</para>
+ <para>
+ Using this new custom fact you can create conditional statements in manifests or templates using <code>$pythonverion</code> or <code>$pythonmmversion</code>.
+ </para>
+
</section>
- <section id="PuppetWorkshop-HowToUsePuppet-Environments">
- <title>Environments</title>
+ <section id="PuppetWorkshop-HowToUsePuppet-UsingManifestFromASCM">
+ <title>Using Manifests from a SCM</title>
<para>
- paragraph
+ Using manifests from a Source Control Management system.
</para>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-UsingManifestFromASCM-SingleTree">
+ <title>Using a Single Tree</title>
+ <para>
+ Using a single tree in case you want to use environment staging and module support is considered a bad idea, but can still be done. The layout of such a repository can be one of the following:
+ </para>
+ <section id="PuppetWorkshop-HowToUsePuppet-UsingManifestFromASCM-SingleTree-UsingSVN">
+ <title>Using SVN</title>
+ <para>
+ Using SVN allows Windows users to contribute to the repository and/or make edits to files in the repository, which of course has it's advantages.
+ </para>
+ <para>
+ The layout of an SVN repository would be as follows:
+ </para>
+ <para>
+ <screen><replaceable>/path/to/repository/</replaceable>
+ `- trunk/
+ `- branches/
+ `- testing/
+ `- production/</screen>
+ </para>
+ <para>
+ <filename>trunk/</filename> would represent the development branch in this case. Continuing with <filename>trunk/</filename>, the repository layout could look as follows:
+ </para>
+ <para>
+ <screen>trunk/
+ `- conf/
+ `- files/<footnote><para>Used for files distributed without them being integrated into a module</para></footnote>
+ `- modules/
+ `- module1/
+ `- files/
+ `- manifests/
+ `- plugins/
+ `- templates/
+ `- module2/
+ `- (etc)
+ `- manifests/
+ `- site.pp
+ `- classes/
+ `- nodes/
+ `- utils/
+ `- (etc)</screen>
+ </para>
+ <para>
+ Checking out the SVN repository (sub-directories) in each various location on the puppetmaster would look like
+ </para>
+ <para>
+ <screen># svn co http://server/svn/puppet/trunk/conf/ /etc/puppet/<footnote><para>Note that checking out the puppet configuration from <code>trunk/</code> like this almost certainly results in you having to manage the puppetmaster with puppet; See <ulink url="http://puppetmanaged.org/documentation/puppet-module/" /> for more information.</para></footnote>
+# svn co http://server/svn/puppet/trunk/modules/ \
+ /var/lib/puppet/modules/development/
+# svn co http://server/svn/puppet/trunk/manifests/ \
+ /var/lib/puppet/manifests/development/
+# svn co http://server/svn/puppet/branches/testing/modules/ \
+ /var/lib/puppet/modules/testing/
+# svn co http://server/svn/puppet/branches/testing/manifests/ \
+ /var/lib/puppet/manifests/testing/
+# svn co http://server/svn/puppet/branches/production/modules/ \
+ /var/lib/puppet/modules/production/
+# svn co http://server/svn/puppet/branches/production/manifests/ \
+ /var/lib/puppet/manifests/production/
+ </screen>
+ </para>
+ <para>
+ See <xref linkend="PuppetWorkshop-Appendix-SVNCommitHooks" /> for how to make the puppetmaster update it's sources when you commit changes to the SVN repository.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-UsingManifestFromASCM-SingleTree-UsingGIT">
+ <title>Using GIT</title>
+ <para>
+ It is currently not possible to use a single GIT tree to configure all of your puppet environment without requiring manual (or automatic) copying of files and directories from within a copy of the source repository into the location where puppet expects them to be.
+ </para>
+ </section>
+
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-UsingManifestFromASCM-MultipleTrees">
+ <title>Multiple Trees</title>
+ <para>
+ Multiple trees is more efficient because you can merge changes from one stage to another on a per-module basis, rather then merging entire branches with all configuration, manifests, modules and so forth. Additionally, using multiple trees allows you to upstream modules integrated into your own set of modules.
+ </para>
+ <para>
+ Using one SCM tree for each module allows you to set access control accordingly, and stage changes per module instead of globally.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-UsingManifestFromASCM-ModulesFromUpstream">
+ <title>Modules From Upstream</title>
+ <para>
+ You can use one or more modules from an upstream provider such as:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <ulink url="http://puppetmanaged.org/" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink url="http://git.black.co.at/" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink url="http://reductivelabs.com/trac/puppet/wiki/Recipes" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ Using either a single tree or multiple trees as described above; the environment staging though does not apply to most of the modules available from upstream providers. If the upstream provider does provide branches for each of your environments, you would still only want to use the production or equivalent branch.
+ </para>
+ <para>
+ If you want to use a module from an upstream provider without the use of the branches for staging, you can specify a colon-seperated list to the <code>modulepath</code> setting for your environments to have puppet search through the list of paths. Such would look like:
+ </para>
+ <para>
+ <screen>[puppetmasterd]
+ environments = <replaceable>development,testing,production</replaceable>
+
+[development]
+ manifest = /var/lib/puppet/manifests/development/site.pp
+ modulepath = /var/lib/puppet/modules/upstream/:/var/lib/puppet/modules/development/
+
+[testing]
+ manifest = /var/lib/puppet/manifests/testing/site.pp
+ modulepath = /var/lib/puppet/modules/upstream/:/var/lib/puppet/modules/testing/
+
+[production]
+ manifest = /var/lib/puppet/manifests/production/site.pp
+ modulepath = /var/lib/puppet/modules/upstream/:/var/lib/puppet/modules/production/</screen>
+ </para>
+ <para>
+ In the example configuration, you would clone, checkout and pull the modules you use from an upstream provider to <filename>/var/lib/puppet/modules/upstream/<replaceable>module_name</replaceable>/</filename>.
+ </para>
+
+ </section>
+
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-Fileserver">
+ <title>Fileserver</title>
+ <para>
+ Puppet's fileserver, again a core component in being able to apply configuration management to your systems, needs to be configured appropriately to allow files, templates, plugins and facts to be distributed to your clients.
+ </para>
+
+ <section id="PuppetWorshop-HowToUsePuppet-Fileserver-Operations">
+ <title>Fileserver Operations</title>
+ <para>
+ Using <filename>/etc/puppet/fileserver.conf</filename>, you can define fileserver <emphasis>mounts</emphasis>.
+ </para>
+ <para>
+ Each fileserver mount has a <code>path</code> attribute and <code>allow</code> and/or <code>deny</code> statements. The <code>path</code> attribute describes where the files are on the local filesystem, and <code>allow</code> and <code>deny</code> statements allow you to apply access control to these fileserver mounts. Note that <code>deny</code> always has precedence over <code>allow</code>, and that the order of <code>allow</code> and <code>deny</code> does therefor not matter.
+ </para>
+ <para>
+ Also note, that the wildcard matches used in <code>allow</code> and <code>deny</code> match DNS, or IP addresses. You can also use CIDR notations for the latter.
+ </para>
+ <para>
+ Additionally, the special <code>[modules]</code> mount does not use the <code>path</code> attribute but instead figures out the filesystem path based on the <code>modulepath</code> setting in <filename>/etc/puppet/puppet.conf</filename>, taking the environment used into account as well.
+ </para>
+ <para>
+ <screen># This file consists of arbitrarily named sections/modules
+# defining where files are served from and to whom
+
+# Define a section 'files'
+# Adapt the allow/deny settings to your needs. Order
+# for allow/deny does not matter, allow always takes precedence
+# over deny
+
+[facts]
+ path /var/lib/puppet/facts
+ allow *
+
+[files]
+ path /var/lib/puppet/files
+ allow *.example.com
+ deny *.evil.example.com
+
+[modules]
+ allow *</screen>
+ </para>
+ <para>
+ The <code>source =></code> parameter in resources now let's you use the following sources:
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title><filename>puppet:///files/<replaceable>path/to/file</replaceable></filename></title>
+ <para>
+ Resulting in the file being looked for in <filename>/var/lib/puppet/files/<replaceable>path/to/file</replaceable></filename>.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title><filename>puppet:///<replaceable>module_name</replaceable>/<replaceable>path/to/file</replaceable></filename></title>
+ <para>
+ Resulting in the file being looked for in the path for module <replaceable>module_name</replaceable>, subdirectory <filename>files/</filename>, <filename><replaceable>path/to/file</replaceable></filename>.
+ </para>
+ </formalpara>
+ <para>
+ So, <filename>puppet:///sudo/sudoers</filename> would result in <filename>/var/lib/puppet/modules/<replaceable>$environment</replaceable>/sudo/files/sudoers</filename>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
</section>
</chapter>
@@ -1323,7 +2079,7 @@ node default {
<chapter id="PuppetWorkshop-TroubleshootingPuppet">
<title>Troubleshooting Puppet</title>
<para>
- This section is about troubleshooting the manifests, puppetmaster and puppet.
+ This section is about troubleshooting the manifests, the puppetmaster and the puppet.
</para>
<section id="PuppetWorkshop-TroubleshootingPuppet-Manifests">
@@ -1411,17 +2167,20 @@ node default {
<section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppetmaster">
<title>The Puppetmaster</title>
<para>
- The puppetmaster
+ The puppetmaster service is configured using <filename>/etc/sysconfig/puppetmaster</filename>, which is also where you can specify what the log destination is, and whether the puppetmaster service should run in verbose or debug mode. Both would be using the <code>PUPPETMASTER_EXTRAOPTS</code> variable.
</para>
<section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppetmaster-DebuggingThePuppetmaster">
<title>Debugging The Puppetmaster</title>
<para>
- Running the puppetmaster in debug mode generates a lot of output. To run the puppetmaster in debug mode, stop the puppetmaster service and type:
+ Running the puppetmaster in debug mode generates a lot of output. You may want to redirect the output to a file and read the file to prevent the available scrollback buffer from filling up too fast. To run the puppetmaster in debug mode, stop the puppetmaster service and type:
</para>
<para>
<screen># <userinput>puppetmasterd --debug --no-deamonize [--servertype mongrel --masterport 8141]</userinput></screen>
</para>
+ <para>
+ Or run the service in verbose or debug mode by editing <filename>/etc/sysconfig/puppetmaster</filename> and adding <code>--verbose</code> or <code>--debug</code> to <code>PUPPETMASTER_EXTRAOPTS</code>.
+ </para>
</section>
</section>
@@ -1429,7 +2188,7 @@ node default {
<section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppet">
<title>The Puppet</title>
<para>
- para
+ Debugging the puppet can be tricky, because it is the puppetmaster that parses the manifests first, and so if the puppetmaster fails parsing the manifests, the puppet client won't get any changes to it's manifests. If files or templates have changed on the fileserver, these will obviously be changed on the puppet as well, but if a template uses a new variable from the manifest, the template will fail to parse and the error message will occur on the puppetmaster.
</para>
<section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppet-DebuggingThePuppet">
@@ -1446,41 +2205,193 @@ node default {
<chapter id="PuppetWorkshop-OtherThingsToDoWithPuppet">
<title>Other Things To Do With Puppet</title>
<para>
- This is a first section
+ There's way more you can do with puppet. Actually there's so much you can do with puppet it does not fit in a workshop type of course.
</para>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-StoreConfigurationsInADatabase">
+ <title>Store Configurations In A Database</title>
+ <para>
+ A database can be configured to store the configuration distributed by the puppetmaster, and applied by the puppet. This is optional, and creates some overhead to the original purpose of configuring the puppets, but provides the opportunity to create overviews of applied classes to nodes, and a complete inventory of <emphasis>facts</emphasis> for all nodes. similarities / exemptions.
+ </para>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-SQLite3">
+ <title>SQLite3</title>
+ <para>
+ SQLite(3) is a file based, light SQL database which is suitable for small databases. Depending on the size of the organization or priority you give to storing configs, generally speaking using SQLite(3) is not very suitable. In addition, SQLite3 isn't easily queried either manually or automatically. To setup SQLite3, provide the following settings in <filename>/etc/puppet/puppet.conf</filename>:
+ </para>
+ <para>
+ <screen>[puppetmasterd]
+ reports = store[,tagmail,rrdgraph]
+ storeconfigs = true
+ dbadapter = sqlite3
+ dblocation = <replaceable>/var/lib/puppet/storeconfigs.sqlite</replaceable></screen>
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-MySQL">
+ <title>MySQL</title>
+ <para>
+ MySQL of course is much more scalable, and you can query it manually or automatically. A simple query can give you all webservers in the organization:
+ </para>
+ <para>
+ <screen>$ mysql -p puppet -e 'SELECT hosts.name
+ FROM resources INNER JOIN hosts
+ ON resources.host_id = hosts.id
+ WHERE resources.title = "webserver"
+ GROUP BY name;'
+
++---------------------------+
+| name |
++---------------------------+
+| app1.genomicscenter.nl |
+| elwood.kanarip.com |
+| master.puppetmanaged.org |
+| open.the-cave-of-steef.nl |
+| pinky.kanarip.com |
+| server.ogd.nl |
+| vito.kanarip.com |
++---------------------------+
+7 rows in set (0.02 sec)
+
+</screen>
+ </para>
+ <para>
+ To configure storing the configurations, use the following settings in <filename>/etc/puppet/puppet.conf</filename>:
+ </para>
+ <para>
+ <screen>[puppetmasterd]
+ storeconfigs = true
+ dbadapter = mysql
+ dbserver = <replaceable>127.0.0.1</replaceable>
+ dbuser = <replaceable>puppet</replaceable>
+ dbpassword = <replaceable>puppet</replaceable>
+ [dbsocket = /var/lib/mysql/mysql.sock]
+ </screen>
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-Postgresql">
+ <title>PostgreSQL</title>
+ <para>
+ PostgreSQL is even more scalable then MySQL as it's multi-master, but most importantly you may already have PostgreSQL running in your organization, and may just want to add puppet's configuration store to that infrastructure.
+ </para>
+ <para>
+ To add the configuration store to PostgreSQL, use the following settings in <filename>/etc/puppet/puppet.conf</filename>:
+ </para>
+ <para>
+ <screen>[puppetmasterd]
+ storeconfigs = true
+ dbadapter = postgresql
+ dbuser = <replaceable>puppet</replaceable>
+ dbpassword = <replaceable>password</replaceable>
+ dbserver = <replaceable>localhost</replaceable>
+ dbname = <replaceable>puppet</replaceable></screen>
+ </para>
+ <para>
+ And create the database:
+ </para>
+ <para>
+ <screen># <userinput>su - postgres</userinput>
+$ <userinput>psql template1</userinput>
+template1=# <userinput>create database <replaceable>puppet</replaceable>;</userinput>
+CREATE DATABASE
+<userinput>create user <replaceable>puppetuser</replaceable> with unencrypted password '<replaceable>password</replaceable>';</userinput>
+CREATE ROLE
+template1=# <userinput>grant create on database <replaceable>puppet</replaceable> to <replaceable>puppetuser</replaceable>;</userinput>
+</screen>
+ </para>
+ </section>
+
+ </section>
+
<section id="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting">
<title>Tweaking Reporting</title>
<para>
- paragraph
+ Reports can be sent out to various email addresses as a notification on errors or changes applied to the systems. This not only helps in keeping track of changes being applied, but can also help you keep your manifests clean, attending to each error that may otherwise have passed by unnoticed.
</para>
- </section>
+ <para>
+ To enable reporting, use the following settings in <filename>/etc/puppet/puppet.conf</filename>:
+ </para>
+ <para>
+ <screen>[main]
+ tagmap = /etc/puppet/tagmail.conf
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomTypes">
- <title>Writing Custom Types</title>
+[puppetmasterd]
+ reports = tagmail
+
+[puppet]
+ reportfrom = puppet-reports@<replaceable>domain.tld</replaceable></screen>
+ </para>
+ <para>
+ This will cause the puppetmaster to look at <filename>/etc/puppet/tagmail.conf</filename>, which maps tags to email addresses that need to be notified on changes applied to systems tagged with the appropriate keywords.
+ </para>
+ <formalpara>
+ <title>Using tags in your manifests</title>
+ <para>
+ You can use tags in your manifests like so:
+ </para>
+ </formalpara>
+ <para>
+ <screen>class ssh {
+ tag("security")
+ file { "...":
+ (...)
+ }
+}</screen>
+ </para>
+ <para>
+ To have notifications on changes to systems including the ssh class sent to security-admins(a)domain.tld, use the following tagmap entry:
+ </para>
+ <para>
+ <screen>ssh: ssh-admins(a)domain.tld
+security: security-admins(a)domain.tld</screen>
+ </para>
+ <para>
+ A catch-all can be specified to have notifications on all changes sent to an emailaddress or multiple email addresses:
+ </para>
<para>
- paragraph
+ <screen>all: system-admins(a)domain.tld</screen>
</para>
</section>
<section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFacts">
<title>Writing Custom Facts</title>
<para>
- paragraph
+ Writing custom facts, like writing custom types, functions or providers, is done in Ruby, using the interfaces and objects offered by Puppet.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomTypes">
+ <title>Writing Custom Types</title>
+ <para>
+ <ulink url="http://reductivelabs.com/trac/puppet/wiki/CreatingCustomTypes" />
</para>
</section>
<section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFunctions">
<title>Writing Custom Functions</title>
<para>
- paragraph
+ <ulink url="http://reductivelabs.com/trac/puppet/wiki/WritingYourOwnFunctions" />
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomProviders">
+ <title>Writing Custom Providers</title>
+ <para>
+ <ulink url="http://reductivelabs.com/trac/puppet/wiki/ProviderDevelopment" />
</para>
</section>
<section id="PuppetWorkshop-OtherThingsToDoWithPuppet-StoreconfigsReportingAndPuppetview">
<title>Storeconfigs, Reporting and Puppetview</title>
<para>
- paragraph
+ Using Puppet's storeconfig capability and standard reporting, in combination with rrdgraphing, you can use applications such as <application>Puppetview</application> to create nice overviews of results of your configuration management as applicable to your systems.
+<!--
+ FIXME
+
+ Elaborate
+//-->
</para>
</section>
@@ -1489,8 +2400,153 @@ node default {
<chapter id="PuppetWorkshop-BestPractices">
<title>Best Practices</title>
<para>
- This is a first section
+ Using Puppet starting in a small(er) scale, scaling up to more and more systems in your organization to become managed with puppet, you might encounter some challenges and to prevent you end up with a giant mess of manifests, files, templates, needing to search (with <code>grep</code> and <code>find</code> for example) where it is exactly you need to configure the next change, or have you use configuration items that need to be changed as soon as your organization introduces the next generation operating systems or distribution version, here's a set of <emphasis>Best Practices</emphasis>, or actually Tips & Tricks.
</para>
+
+ <section id="PuppetWorkshop-BestPractices-SettingOsAndOsver">
+ <title>Setting $os and $osver</title>
+ <para>
+ The <code>$operatingsystem</code> and <code>$operatingsystemrelease</code>, <code>$operatingsystemversion</code> or <code>$lsbdistrelease</code> variables relate directly to specific operating system resources, configuration file locations, package names and most importantly, settings you can or cannot use in the configuration files for specific applications<footnote><para>Enterprise Linux 3 distributions for example have OpenSSH Server versions that do not use, and are incompatible with, the <code>UsePAM</code> setting in <filename>/etc/ssh/sshd_config</filename>. In these cases, you would want the configuration file for EL-3 to come from a different location then for the EL-4 and EL-5 distributions that do take <code>UsePAM</code> because of the OpenSSH Server package versions they ship.</para></footnote>. Using the <code>$operatingsystem</code>, <code>$operatingsystemrelease</code>, <code>$operatingsystemversion</code> and/or <code>$lsbdistrelease</code> variables (set from Facter) help you determine the Operating System (Distribution) and Version.
+ </para>
+ <para>
+ However, some distributions have Facter set <code>$operatingsystemrelease</code>, while others set <code>$lsbdistrelease</code>. If these variables need to be used in manifests, you really do not want to use these both because in your manifests all you are interested in is the Operating System Version. Using the following snippet of code in <filename>site.pp</filename> enables you to use <code>$os</code> and <code>$osver</code> throughout your manifests.
+ </para>
+ <para>
+ <screen># Get facts and give them a good, good name
+$os = $operatingsystem
+
+case $os {
+ "Fedora", "CentOS", "RedHat": {
+ $osver = $lsbdistrelease
+ }
+ "Debian", "SuSE', "OpenSuSE": {
+ $osver = $operatingsystemrelease
+ }
+ "Darwin": {
+ $osver = $operatingsystemrelease
+ }
+}</screen>
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-BestPractices-UsingMultipleSources">
+ <title>Using Multiple Sources</title>
+ <para>
+ para
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-BestPractices-GroupProfiles">
+ <title>Group Profiles</title>
+ <para>
+ Grouping <emphasis>profiles</emphasis> that define certain resources to be applied to the systems you manage can help you in giving and keeping structure in the ever-growing configuration tree you use.
+ </para>
+ <para>
+ We know of organizations that run the following deterministic set of profiles:
+ </para>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>Classes</title>
+ <para>
+ Organization specific classes not eligible to become a module. Note that these are mostly very simple classes, managing a single resource, or merely defining a set of variables per-class to be used throughout the manifests.
+ </para>
+ </formalpara>
+ <para>
+ Using classes to manage multiple resources is strongly discouraged as these are commonly eligible to become modules. However, when using a module from upstream changing that module to fit your needs introduces the risk of conflicts when trying to update the module from upstream. Therefor, classes can be used to override and/or extend classes from modules.
+ </para>
+ <para>
+ Classes are stored in <filename>classes/*.pp</filename>, where the name of the actual file represents the class defined in the file.
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Domains</title>
+ <para>
+ Domains are most commonly used within organizations that manage branch offices, or merge with other organizations, or Puppet setups that manage more then one organization at a time.
+ </para>
+ </formalpara>
+ <para>
+ puppetmanaged.org runs multiple organizations with each organization maintaining their own domain specific configuration tree and manifests.
+ </para>
+ <para>
+ CustomerA has 3 branch offices and uses domains to define branch office specific settings.
+ </para>
+ <para>
+ Defined domains should go in <filename>domains/*.pp</filename> where the actual filename is the most descriptive common denominator between all systems in a domain.
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Groups</title>
+ <para>
+ Grouping systems allow you to control a lot more with a lot less. Less is more, sort of. Groups can include <emphasis>servers</emphasis>, <emphasis>desktops</emphasis>, <emphasis>laptops</emphasis>.
+ </para>
+ </formalpara>
+ <para>
+ Given a group of servers you can imagine SELinux needs to be enabled on all of these, and the firewall needs to be up and running. Create a group servers in <filename>groups/server.pp</filename> and include the class defined or inherit the node used.
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Modules</title>
+ <para>
+ Modules that need settings or modules that need to be pulled (updated) from upstream. For older versions of Puppet (< 0.24.4), you can state "imports" here as well.
+ </para>
+ </formalpara>
+ <para>
+ explanation
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Nodes</title>
+ <para>
+ The nodes you manage, one per file. These oughta be actual nodes, not abstraction levels where you inherit from.
+ </para>
+ </formalpara>
+ <para>
+ explanation
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Services</title>
+ <para>
+ para
+ </para>
+ </formalpara>
+ <para>
+ explanation
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Utils</title>
+ <para>
+ para
+ </para>
+ </formalpara>
+ <para>
+ explanation
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Users</title>
+ <para>
+ para
+ </para>
+ </formalpara>
+ <para>
+ explanation
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+
</chapter>
<xi:include href="Appendix.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
diff --git a/Workshops/PuppetWorkshop/en-US/environment_staging.png b/Workshops/PuppetWorkshop/en-US/environment_staging.png
new file mode 100644
index 0000000..e2e7218
Binary files /dev/null and b/Workshops/PuppetWorkshop/en-US/environment_staging.png differ
diff --git a/Workshops/PuppetWorkshop/en-US/images/environment_staging.png b/Workshops/PuppetWorkshop/en-US/images/environment_staging.png
new file mode 100644
index 0000000..e2e7218
Binary files /dev/null and b/Workshops/PuppetWorkshop/en-US/images/environment_staging.png differ
diff --git a/en-US/Courses.xml b/en-US/Courses.xml
index 00287a7..b250580 100644
--- a/en-US/Courses.xml
+++ b/en-US/Courses.xml
@@ -94,7 +94,6 @@
</listitem>
//-->
-
</itemizedlist>
</para>
</formalpara>
@@ -182,4 +181,6 @@
<xi:include href="Books/Linux/RHCETraining/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Books/Linux/RHCETraining/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Books/Workshops/PuppetWorkshop/Puppet_Workshop.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
</set>
15 years, 6 months
2 commits - Workshops/PuppetWorkshop
by Stefan Alexander Hartsuiker
Workshops/PuppetWorkshop/en-US/Preface.xml | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
New commits:
commit 22b1e8868dc98d3557a58980e9ad5c1895e82ff3
Merge: 5c01b13... f52e11d...
Author: S.A. Hartsuiker <shartsuiker(a)stefan-vaio.lan>
Date: Tue Oct 14 23:39:24 2008 +0200
Merge branch 'master' of ssh://git.fedorahosted.org/git/courses
commit 5c01b130c8f7c8e65d463adf77068139214112f5
Author: S.A. Hartsuiker <shartsuiker(a)stefan-vaio.lan>
Date: Tue Oct 14 23:38:46 2008 +0200
Added info about Stefan Hartsuiker
Changed Brand to fedora
diff --git a/Workshops/PuppetWorkshop/Makefile b/Workshops/PuppetWorkshop/Makefile
index 7bb7c9a..22c7679 100644
--- a/Workshops/PuppetWorkshop/Makefile
+++ b/Workshops/PuppetWorkshop/Makefile
@@ -3,8 +3,8 @@
XML_LANG = en-US
DOCNAME = PuppetWorkshop
PRODUCT = Workshop
-BRAND = ogd
-#BRAND = fedora
+#BRAND = ogd
+BRAND = fedora
#OTHER_LANGS = as-IN bn-IN de-DE es-ES fr-FR gu-IN hi-IN it-IT ja-JP kn-IN ko-KR ml-IN mr-IN or-IN pa-IN pt-BR ru-RU si-LK ta-IN te-IN zh-CN zh-TW
diff --git a/Workshops/PuppetWorkshop/en-US/Preface.xml b/Workshops/PuppetWorkshop/en-US/Preface.xml
index 1c8dd1f..854b20d 100644
--- a/Workshops/PuppetWorkshop/en-US/Preface.xml
+++ b/Workshops/PuppetWorkshop/en-US/Preface.xml
@@ -20,12 +20,15 @@
As a contributor to Free and Open Source Software within the Fedora community, amongst other programs, Jeroen has developed Revisor, a Python framework to build distributions with. With regards to Configuration Management, Jeroen currently maintains or co-maintains -amongst other packages- the entire stack of packages related to Puppet
</para>
-<!-- <formalpara>
+ <formalpara>
<title>Contributors</title>
<para>
- <emphasis>Stefan Hartsuiker</emphasis>
+ <emphasis>Stefan Hartsuiker</emphasis> (RHCE, LPIC-2, MCP) is currently a System Engineer, specialized in maintaining Linux Systems, also working for Operator Group Delft in the Netherlands and a colleague of Jeroen van Meeuwen. His experience with computers started in the late 80's with a Acorn Electron, a smaller version of the BBC Electron (no it had nothing to do with the British Broadcasting Company), for which he had to type in several pages worth of lines of code just to play a game. His first introduction to Linux came in the early 90's with the slackware distribution on about 32 floppies. Since then he has used and maintained Suse, Debian, RedHat and Fedora systems.
</para>
- </formalpara>-->
+ </formalpara>
+ <para>
+ Currently Stefan is a contributor to Revisor and working on packaging Free and Open Source Software in the Fedora Community. He is also a fan of Puppet and is working with Jeroen on designing an infrastructure for Puppetmasters.
+ </para>
</section>
<!-- <section id="PuppetWorkshop-Preface-Acknowledgements">
15 years, 6 months
Workshops/PuppetWorkshop
by Jeroen van Meeuwen
Workshops/PuppetWorkshop/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
New commits:
commit f52e11d31e5745928a883e74f1a711bbc7c22589
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Tue Oct 14 23:33:01 2008 +0200
Brand should be fedora, not ogd
diff --git a/Workshops/PuppetWorkshop/Makefile b/Workshops/PuppetWorkshop/Makefile
index 7bb7c9a..22c7679 100644
--- a/Workshops/PuppetWorkshop/Makefile
+++ b/Workshops/PuppetWorkshop/Makefile
@@ -3,8 +3,8 @@
XML_LANG = en-US
DOCNAME = PuppetWorkshop
PRODUCT = Workshop
-BRAND = ogd
-#BRAND = fedora
+#BRAND = ogd
+BRAND = fedora
#OTHER_LANGS = as-IN bn-IN de-DE es-ES fr-FR gu-IN hi-IN it-IT ja-JP kn-IN ko-KR ml-IN mr-IN or-IN pa-IN pt-BR ru-RU si-LK ta-IN te-IN zh-CN zh-TW
15 years, 6 months
3 commits - en-US/Book_Info.xml Workshops/PuppetWorkshop
by Jeroen van Meeuwen
Workshops/PuppetWorkshop/Makefile | 8
Workshops/PuppetWorkshop/en-US/Appendix.xml | 64
Workshops/PuppetWorkshop/en-US/Author_Group.xml | 6
Workshops/PuppetWorkshop/en-US/Book_Info.xml | 17
Workshops/PuppetWorkshop/en-US/Chapter.xml | 25
Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml | 10
Workshops/PuppetWorkshop/en-US/Preface.xml | 30
Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent | 4
Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml | 2002 +++++++------
en-US/Book_Info.xml | 1
10 files changed, 1328 insertions(+), 839 deletions(-)
New commits:
commit ea9b92ce2c98482548f5019a7eacc4d9e6b1d838
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Tue Oct 14 22:43:14 2008 +0200
Update Makefile
diff --git a/Workshops/PuppetWorkshop/Makefile b/Workshops/PuppetWorkshop/Makefile
index 6b7c18e..7bb7c9a 100644
--- a/Workshops/PuppetWorkshop/Makefile
+++ b/Workshops/PuppetWorkshop/Makefile
@@ -14,3 +14,6 @@ BRAND = ogd
COMMON_CONFIG = /usr/share/publican
include $(COMMON_CONFIG)/make/Makefile.common
+kanarip: pdf-en-US html-single-en-US
+ rsync -rlHvz --delete --progress --rsh=ssh tmp/en-US/html-single/ pinky:/data/www/kanarip.com/www/public_html/courses/puppet/
+ rsync -rlHvz --delete --progress --rsh=ssh tmp/en-US/pdf/Puppet_Workshop.pdf pinky:/data/www/kanarip.com/www/public_html/courses/puppet/puppet.pdf
commit cc1f17682b21d06241004ab71297382002cc27a8
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Tue Oct 14 22:42:54 2008 +0200
Edit product name
diff --git a/en-US/Book_Info.xml b/en-US/Book_Info.xml
index 56cd609..b854ef8 100644
--- a/en-US/Book_Info.xml
+++ b/en-US/Book_Info.xml
@@ -9,6 +9,7 @@
<productnumber>0</productnumber>
<edition>1</edition>
<pubsnumber>1</pubsnumber>
+ <productname>Course Materials</productname>
<abstract><para>This book contains a number of courses applicable to You!</para></abstract>
<corpauthor>
<inlinemediaobject>
commit 469a84f0f2fe6357678249707b180c83d084811e
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Sun Oct 12 16:52:25 2008 +0200
Updates to puppet workshop
diff --git a/Workshops/PuppetWorkshop/Makefile b/Workshops/PuppetWorkshop/Makefile
index ef2009f..6b7c18e 100644
--- a/Workshops/PuppetWorkshop/Makefile
+++ b/Workshops/PuppetWorkshop/Makefile
@@ -2,8 +2,9 @@
XML_LANG = en-US
DOCNAME = PuppetWorkshop
-PRODUCT = Fedora
-BRAND = fedora
+PRODUCT = Workshop
+BRAND = ogd
+#BRAND = fedora
#OTHER_LANGS = as-IN bn-IN de-DE es-ES fr-FR gu-IN hi-IN it-IT ja-JP kn-IN ko-KR ml-IN mr-IN or-IN pa-IN pt-BR ru-RU si-LK ta-IN te-IN zh-CN zh-TW
diff --git a/Workshops/PuppetWorkshop/en-US/Appendix.xml b/Workshops/PuppetWorkshop/en-US/Appendix.xml
index 37b3e31..d268653 100644
--- a/Workshops/PuppetWorkshop/en-US/Appendix.xml
+++ b/Workshops/PuppetWorkshop/en-US/Appendix.xml
@@ -17,6 +17,14 @@
</formalpara>
</listitem>
<listitem>
+ <formalpara id="PuppetWorkshop-Appendix-Terminology-definedtype">
+ <title>defined type</title>
+ <para>
+ defined type
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
<formalpara>
<title>fact</title>
<para>
@@ -41,6 +49,14 @@
</formalpara>
</listitem>
<listitem>
+ <formalpara id="PuppetWorkshop-Appendix-Terminology-nativetype">
+ <title>native type</title>
+ <para>
+ definition
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
<formalpara>
<title>node</title>
<para>
@@ -65,7 +81,7 @@
</formalpara>
</listitem>
<listitem>
- <formalpara>
+ <formalpara id="PuppetWorkshop-Appendix-Terminology-resource">
<title>resource</title>
<para>
A resource is an instantiated <xref linkend="PuppetWorkshop-Appendix-Terminology-type" />
@@ -83,6 +99,17 @@
</formalpara>
</listitem>
<listitem>
+ <formalpara id="PuppetWorkshop-Appendix-Terminology-virtualresource">
+ <title>virtual resource</title>
+ <para>
+ A virtual resource is like a normal <xref linkend="PuppetWorkshop-Appendix-Terminology-resource" />, but it is not sent to the puppet (e.g. not part of the manifest sent to the client) until it is realized. Virtual resources may be realized multiple times, and are sent to the puppet only once.
+ </para>
+ </formalpara>
+ <para>
+ <emphasis>See Also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-VirtualResources" />
+ </para>
+ </listitem>
+ <listitem>
<formalpara id="PuppetWorkshop-Appendix-Terminology-type">
<title>type</title>
<para>
@@ -132,16 +159,16 @@
Deny from all
</Directory>
-<Proxy balancer://master.puppetmanaged.org>
+<Proxy balancer://<replaceable>master.puppetmanaged.org</replaceable>>
BalancerMember http://127.0.0.1:8141 keepalive=on retry=30
</Proxy>
<VirtualHost *:8140>
- ServerName master.puppetmanaged.org
+ ServerName <replaceable>master.puppetmanaged.org</replaceable>
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
- SSLCertificateFile /var/lib/puppet/ssl/certs/master.puppetmanaged.org.pem
- SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/master.puppetmanaged.org.pem
+ SSLCertificateFile /var/lib/puppet/ssl/certs/<replaceable>master.puppetmanaged.org</replaceable>.pem
+ SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/<replaceable>master.puppetmanaged.org</replaceable>.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLVerifyClient optional
@@ -159,18 +186,35 @@
Allow from all
</Location>
- ProxyPass / balancer://master.puppetmanaged.org:8140/ timeout=180
- ProxyPassReverse / balancer://master.puppetmanaged.org:8140/
+ ProxyPass / balancer://<replaceable>master.puppetmanaged.org</replaceable>:8140/ timeout=180
+ ProxyPassReverse / balancer://<replaceable>master.puppetmanaged.org</replaceable>:8140/
ProxyPreserveHost on
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
- ErrorLog logs/master.puppetmanaged.org-balancer-error_log
- CustomLog logs/master.puppetmanaged.org-balancer-access_log combined
- CustomLog logs/master.puppetmanaged.org-balancer-ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+ ErrorLog logs/<replaceable>master.puppetmanaged.org</replaceable>-balancer-error_log
+ CustomLog logs/<replaceable>master.puppetmanaged.org</replaceable>-balancer-access_log combined
+ CustomLog logs/<replaceable>master.puppetmanaged.org</replaceable>-balancer-ssl_request_log "%t %h \
+ %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</screen>
</para>
</appendix>
+
+ <appendix id="PuppetWorkshop-Appendix-Examples">
+ <title>Examples</title>
+ <para>
+ para
+ </para>
+
+ <section id="PuppetWorkshop-Appendix-Examples-DefinedType">
+ <title>Example Defined Type</title>
+ <para>
+ para
+ </para>
+ </section>
+
+ </appendix>
+
<xi:include href="Revision_History.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
diff --git a/Workshops/PuppetWorkshop/en-US/Author_Group.xml b/Workshops/PuppetWorkshop/en-US/Author_Group.xml
index c9ba622..88fd11f 100644
--- a/Workshops/PuppetWorkshop/en-US/Author_Group.xml
+++ b/Workshops/PuppetWorkshop/en-US/Author_Group.xml
@@ -6,18 +6,20 @@
<author>
<firstname>Jeroen</firstname>
<surname>van Meeuwen</surname>
+ <lineage>RHCE</lineage>
<affiliation>
+ <jobtitle>Sr. System Engineer</jobtitle>
<orgname>Operator Groep Delft</orgname>
- <orgdiv>Sr. System Engineer</orgdiv>
</affiliation>
<email>j.van.meeuwen(a)ogd.nl</email>
</author>
<author>
<firstname>Stefan</firstname>
<surname>Hartsuiker</surname>
+ <lineage>RHCE</lineage>
<affiliation>
+ <jobtitle>System Engineer</jobtitle>
<orgname>Operator Groep Delft</orgname>
- <orgdiv>System Engineer</orgdiv>
</affiliation>
<email>s.hartsuiker(a)ogd.nl</email>
</author>
diff --git a/Workshops/PuppetWorkshop/en-US/Book_Info.xml b/Workshops/PuppetWorkshop/en-US/Book_Info.xml
index 2c5296f..9e92430 100644
--- a/Workshops/PuppetWorkshop/en-US/Book_Info.xml
+++ b/Workshops/PuppetWorkshop/en-US/Book_Info.xml
@@ -2,14 +2,21 @@
<!DOCTYPE bookinfo PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<bookinfo id="PuppetWorkshop-Product_Name_and_Version">
+<bookinfo id="PuppetWorkshop-Book">
<title>Puppet Workshop</title>
- <subtitle>Puppet Workshop</subtitle>
+ <subtitle>Configuration Management Made Easy</subtitle>
+<!--
<issuenum>0.1</issuenum>
- <productnumber>1</productnumber>
- <edition>1</edition>
+ <productnumber>1.0</productnumber>
+ <edition>1.0</edition>
<pubsnumber>1</pubsnumber>
- <abstract><para>This is a Configuration Management workshop (based on Puppet)</para></abstract>
+ <productname>Puppet Workshop</productname>
+//-->
+ <abstract>
+ <para>
+ This book is a configuration management workshop wrapped around puppet, the next-generation configuration management utility that has proven to be simple, straightforward, flexible, scalable, stable, fast, extensible and most importantly, truely Free.
+ </para>
+ </abstract>
<corpauthor>
<inlinemediaobject>
<imageobject>
diff --git a/Workshops/PuppetWorkshop/en-US/Chapter.xml b/Workshops/PuppetWorkshop/en-US/Chapter.xml
deleted file mode 100644
index e32f15e..0000000
--- a/Workshops/PuppetWorkshop/en-US/Chapter.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-]>
-
-<chapter id="PuppetWorkshop-Test">
- <title>Test</title>
- <para>
- This is a test paragraph
- </para>
- <section id="PuppetWorkshop-Test-Section_1_Test">
- <title>Section 1 Test</title>
- <para>
- Test of a section
- </para>
- </section>
-
- <section id="PuppetWorkshop-Test-Section_2_Test">
- <title>Section 2 Test</title>
- <para>
- Test of a section
- </para>
- </section>
-
-</chapter>
-
diff --git a/Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml b/Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml
index 34b6b81..70a9275 100644
--- a/Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml
+++ b/Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml
@@ -3,16 +3,16 @@
]>
<section>
- <title>We Need Feedback!</title>
+ <title>Feedback</title>
<indexterm>
- <primary>feedback</primary>
- <secondary>contact information for this manual</secondary>
+ <primary>Feedback</primary>
+ <secondary>Contact Information for this manual</secondary>
</indexterm>
<para>
- We would love to see your feedback!
+ Should you find any discrepancies or additional information for this documentation, we would appreciate to hear from you.
</para>
<para>
- Our mailing lists are as follows:
+ Our mailing lists are:
<itemizedlist>
<listitem>
<formalpara>
diff --git a/Workshops/PuppetWorkshop/en-US/Preface.xml b/Workshops/PuppetWorkshop/en-US/Preface.xml
index d8e4a06..1c8dd1f 100644
--- a/Workshops/PuppetWorkshop/en-US/Preface.xml
+++ b/Workshops/PuppetWorkshop/en-US/Preface.xml
@@ -5,8 +5,36 @@
<preface id="PuppetWorkshop-Preface">
<title>Preface</title>
<para>
- paragraph
+ This is the Configuration Management Workshop reader as provided to you by the &PROVIDER;. This reader is composed form both an introduction to Configuration Management with Puppet as well as a reference for later use.
</para>
+
+ <section id="PuppetWorkshop-Preface-AboutTheContributors">
+ <title>About the Contributors</title>
+ <formalpara>
+ <title>Author</title>
+ <para>
+ <emphasis>Jeroen van Meeuwen</emphasis> (RHCE, LPIC-2, MCP, CCNA) is currently a Senior System Engineer, specialized in Linux systems and Systems Architecture, working for Operator Groep Delft in The Netherlands. His experience with computers goes back to the early '90s, with a Philips P2000T being over a decade old, little tapes containing programs but most importantly games, and 16K memory cartridges. Since 1998, he has been involved with Red Hat Linux (5.2 at that time), and was an early adopter of Fedora Core Linux in November 2003, until his first real contributions to Free and Open Source Software were made in 2005.
+ </para>
+ </formalpara>
+ <para>
+ As a contributor to Free and Open Source Software within the Fedora community, amongst other programs, Jeroen has developed Revisor, a Python framework to build distributions with. With regards to Configuration Management, Jeroen currently maintains or co-maintains -amongst other packages- the entire stack of packages related to Puppet
+ </para>
+
+<!-- <formalpara>
+ <title>Contributors</title>
+ <para>
+ <emphasis>Stefan Hartsuiker</emphasis>
+ </para>
+ </formalpara>-->
+ </section>
+
+<!-- <section id="PuppetWorkshop-Preface-Acknowledgements">
+ <title>Acknowledgements</title>
+ <para>
+ Foo
+ </para>
+ </section>-->
+
<xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent b/Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent
deleted file mode 100644
index fc041ac..0000000
--- a/Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent
+++ /dev/null
@@ -1,4 +0,0 @@
-<!ENTITY PRODUCT "Documentation">
-<!ENTITY BOOKID "PuppetWorkshop">
-<!ENTITY HOLDER "Jeroen van Meeuwen">
-<!ENTITY YEAR "2008">
diff --git a/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
index ec54e83..a8ccafd 100644
--- a/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
+++ b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
@@ -6,924 +6,1203 @@
<xi:include href="Book_Info.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Preface.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <part id="PuppetWorkshop-Part">
- <title>Puppet Workshop</title>
- <chapter id="PuppetWorkshop-Introduction">
- <title>Introduction</title>
+ <chapter id="PuppetWorkshop-Introduction">
+ <title>Introduction</title>
+ <para>
+ Welcome to the Puppet Workshop (or Configuration Management workshop). Today's workshop is comprised of the following topics, in order of appearance:
+ </para>
+ <para>
+ <itemizedlist>
+ <title>Topics in this workshop</title>
+ <listitem>
+ <para><emphasis>Introduction to Configuration Management</emphasis></para>
+ <para>A short introduction to what part of configuration management it is that Puppet is able to assist with.</para>
+ </listitem>
+ <listitem>
+ <para><emphasis>Introduction to Puppet</emphasis></para>
+ <para>An introduction to how puppet resolves many of the issues that exist without configuration management.</para>
+ </listitem>
+ <listitem>
+ <para><emphasis>Puppet Terminology</emphasis></para>
+ <para></para>
+ </listitem>
+ <listitem>
+ <para><emphasis>How Puppet Works</emphasis></para>
+ <para>A birds view of Puppet's operations</para>
+ </listitem>
+ <listitem>
+ <para><emphasis>Puppet Features</emphasis></para>
+ </listitem>
+ <listitem>
+ <para><emphasis>Troubleshooting Puppet</emphasis></para>
+ </listitem>
+ <listitem>
+ <para><emphasis>Setting up Puppet</emphasis></para>
+ <para>Set up Puppet so that it keeps on going</para>
+ </listitem>
+ <listitem>
+ <para><emphasis>How to use Puppet</emphasis></para>
+ <para>Tips & tricks on using Puppet</para>
+ </listitem>
+ <listitem>
+ <para><emphasis>Other Things To Do With Puppet</emphasis></para>
+ <para>Advanced stuff Puppet can also do</para>
+ </listitem>
+ <listitem>
+ <para><emphasis>Best Practices</emphasis></para>
+ </listitem>
+ </itemizedlist>
+ </para>
+
+ <section id="PuppetWorkshop-Introduction-TargetAudience">
+ <title>Target Audience</title>
<para>
- Welcome to the Puppet Workshop (or Configuration Management workshop). Today's workshop is comprised of the following topics:
+ The primary audience for this book is, of course, Linux system administrators and engineers seeking to implement, further enhance or extend their knowledge about configuration management in general and by using the next-generation configuration management utility Puppet in particular.
</para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-IntroductionToConfigurationManagement">
+ <title>Introduction to Configuration Management</title>
+
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement">
+ <title>What is Configuration Management?</title>
<para>
- <segmentedlist>
- <segtitle>Topic</segtitle>
- <seglistitem>
- <seg>Introduction to Configuration Management</seg>
- </seglistitem>
- <seglistitem>
- <seg>Introduction to Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Puppet Terminology</seg>
- </seglistitem>
- <seglistitem>
- <seg>How Puppet Works</seg>
- </seglistitem>
- <seglistitem>
- <seg>Puppet Features</seg>
- </seglistitem>
- <seglistitem>
- <seg>Troubleshooting Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Setting up Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>How to use Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Other Things To Do With Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Best Practices</seg>
- </seglistitem>
- </segmentedlist>
+ Within virtually every organization, there's probably a number of systems running Linux, Solaris, Mac OS X and/or HP-UX. These systems need to be configured appropriately to be able to function properly. Some will need special drivers, and all of them will need correct DNS settings, certain packages installed and certain other packages removed, users created, and SSH host keys exchanged. The more systems, the more these diverge in the configuration they need, diverge in the way this configuration needs to be applied, and the more these configurations will show discrepancies arising over time.
+ </para>
+ <para>
+ More specifically, an organization may have a couple of webservers, fileservers, a DNS and a DHCP server, a number of desktop PCs, and a number of laptops. The laptops may need slightly different system configuration (no LDAP authentication, and with a VPN client installed, for example), and the desktop PCs may need different applications installed then the servers, and so forth. Yet, between, say, a hundred desktop PCs, you would want the configuration to be as similar as possible. You may want to diverge between a software developer's desktop PC and a desktop PC in Human Resources, but in essence these are desktop profiles diverging on the application level, applied upon a stable system configuration which remains the same, or similar at least.
+ </para>
+ <para>
+ By the time the organization grows, replaces the hardware, upgrades to another version of the operating system, or applies changes, the challenge to making everything work yet maintain a similar configuration between all nodes becomes bigger. While every attempt made to control the situation can be called a form of configuration management, the solution without a configuration management framework is often comprised of:
+ </para>
+ <para>
+ <orderedlist>
+ <listitem>
+ <para>
+ a number of scripts (with or without revision control), to move around files, install packages, perform daily check-ups,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ NFS mounts with programs pre-installed, so that nodes can mount these NFS shares and the software needs to be provided once, in one location, for all to share,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ file server shares with pre-compiled drivers, or driver sources being compiled on the nodes by scripts running on the nodes,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ terminal servers or desktop servers like with FreeNX, so that configuration concentrates on a smaller number of boxes
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ <para>
+ This means that workarounds for actual (user) problems maybe require an additional <code>if-then-else</code> in one or the other script, and updates to programs installed require manual compilation and installation. The success rate of these solutions never reaches 100%, and as it turns out the longer such a implemented solution runs, the more exotic problems become and the more machines will fail to remain up-to-date regardless of any attempt made to fix the issue; simply because it becomes to diverse and unmaintainable.
</para>
- </chapter>
-
- <chapter id="PuppetWorkshop-IntroductionToConfigurationManagement">
- <title>Introduction to Configuration Management</title>
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement">
- <title>What is Configuration Management?</title>
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagement">
+ <title>Configuration Management</title>
<para>
- Within virtually every organization, there's probably a number of systems running Linux, Solaris, Mac OS X or HP-UX. All these machines need to be configured to be able to function properly. Some will need special drivers, and all of them will need correct DNS settings, certain packages installed and certain other packages removed. Most probably, the more systems, the more these diverge in the configuration they need, and potentially diverge in the way this configuration needs to be applied to a given operating system or operating system version.
+ Generally speaking, with configuration management, it's about managing the configuration of one or more organizational resources in order to have it be in a state in which it can perform the operations required by, and possibly critical to, the organization's operations. In addition to that, configuration management often concerns administrative tasks as to what systems provide a service and what <emphasis>SLA</emphasis> or <emphasis>OLA</emphasis> is applicable to that service, as well as the purchase date, location of the system, responsible party, etcetera.
</para>
<para>
- More specifically, an organization may have a couple of webservers, fileservers, a DNS and a DHCP server, a number of desktop PCs, and a number of laptops. The laptops may need slightly different system configuration (no LDAP authentication, and with a VPN client installed, for example), and the desktop PCs may need different applications installed then the servers, and so forth. Yet, between, say, a hundred desktop PCs, you would want the configuration to be as similar as possible. You may want to diverge between a software developer's desktop PC and a desktop PC in Human Resources, but in essence these are desktop profiles diverging on the application level, applied upon a stable system configuration which remains the same, or similar at least.
+ In this workshop though, we are not going to explore configuration management of a coffee machine. Instead we look at the computers in a network running any platform but the one from a prominent proprietary North America-based vendor. We are talking automation and further enhancement of Computer Systems Administration.
</para>
<para>
- By the time the organization grows, replaces the hardware, upgrades to another version of the operating system, or applies changes, the challenge to making everything work yet maintain a similar configuration between all nodes becomes bigger. While every attempt made to control the situation can be called a form of configuration management, the solution without a configuration management framework is often comprised of:
+ When managing the operating system and software running on mainframes, servers, desktop PCs and laptops, you may find yourself looking for answers to questions such as:
</para>
<para>
- <orderedlist>
+ <itemizedlist>
<listitem>
<para>
- a number of scripts (with or without revision control), to move around files, install packages, perform daily check-ups,
+ How do I manage what packages are installed on a given system?
+ <itemizedlist>
+ <listitem>
+ <para>
+ How do I manage the configuration of those packages (this software)?
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ How do I make sure these packages are updated?
+ </para>
+ </listitem>
+ </itemizedlist>
</para>
</listitem>
<listitem>
<para>
- NFS mounts with programs pre-installed, so that nodes can mount these NFS shares and the software needs to be provided once, in one location, for all to share,
+ How do I make sure the services that every machine needs to run are actually running?
</para>
</listitem>
<listitem>
<para>
- file server shares with pre-compiled drivers, or driver sources being compiled on the nodes by scripts running on the nodes,
+ How do I manage monitoring the services or a machine's state?
</para>
</listitem>
<listitem>
<para>
- terminal servers or desktop servers like with FreeNX, so that configuration concentrates on a smaller number of boxes
+ A job needs to run periodically (maybe via <application>crontab</application>), but how do I make sure it is run, and how can I change or remove the job later?
</para>
</listitem>
- </orderedlist>
- </para>
- <para>
- This means that work-arounds for actual (user) problems maybe require an additional if-then-else in one or the other script, and updates to programs installed require manual compilation and installation. The success rate of these solutions never reaches 100%, and as it turns out the longer such a implemented solution runs, the more exotic problems become and the more machines will fail to remain up-to-date regardless of any attempt made to fix the issue; simply because it becomes to diversive and unmaintainable.
+ <listitem>
+ <para>
+ Given different operating systems and operating system versions, how do I make sure I apply the correct routine for adding a user, starting a service, install/update/remove a package?
+ </para>
+ </listitem>
+ </itemizedlist>
</para>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagement">
- <title>Configuration Management</title>
- <para>
- Generally speaking, with configuration management, it's about managing the configuration of one or more organizational resources in order to have it be in a state in which it can perform the operations required by, and possibly critical to, the organization's operations.
- </para>
- <para>
- In this workshop though, we are not going to explore configuration management of a coffee machine. Instead we look at the computers in a network running any platform but the one from a prominent proprietary North America-based vendor. We are talking automation and further enhancement of Computer Systems Administration.
- </para>
- <para>
- When managing the operating system and software running on mainframes, servers, desktop PCs and laptops, you may find yourself looking for answers to questions such as:
- </para>
- <para>
- <itemizedlist>
- <listitem>
- <para>
- How do I manage what packages are installed on a given system?
- <itemizedlist>
- <listitem>
- <para>
- How do I manage the configuration of those packages (this software)?
- </para>
- </listitem>
- <listitem>
- <para>
- How do I make sure these packages are updated?
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </listitem>
- <listitem>
- <para>
- How do I make sure the services that every machine needs to run are actually running?
- </para>
- </listitem>
- <listitem>
- <para>
- How do I manage monitoring the services or a machine's state?
- </para>
- </listitem>
- <listitem>
- <para>
- A job needs to run periodically (maybe via <application>crontab</application>), but how do I make sure it is run, and how can I change or remove the job later?
- </para>
- </listitem>
- <listitem>
- <para>
- Given different operating systems and operating system versions, how do I make sure I apply the correct routine for adding a user, starting a service, install/update/remove a package?
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </section>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagementRequirements">
- <title>Configuration Management Requirements</title>
- <para>
- This section is about what you would want Configuration Management to do for you:
- </para>
- <para>
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>Maintain consistency across systems</title>
- <para>
- Consistency across systems is key in understanding where a problem might come from. If each and every system is unique, you may end up searching for unique aspects of the system's configuration in order to determine the cause of a problem, while if systems are consistent to some extend, you may have found the problem even before your users report it.
- </para>
- </formalpara>
- <formalpara>
- <title>Consistency !== Equality</title>
- <para>
- Of course keeping system consistent in their configuration doesn't say all your systems should be entirely equal, because that would not be feasible for many organizations and defeat the purpose of configuration management. Needless to say though, having all systems be entirely unique defeats part of the purpose of configuration management as well.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Categorize systems</title>
- <para>
- Categorizing systems into categories like (for example) <emphasis>desktop</emphasis>, <emphasis>server</emphasis> and/or <emphasis>laptop</emphasis>, helps in applying changes to one category, such as installing <application>GNOME</application> or keeping systems up-to-date according to a schedule that may (servers) or may not (desktops, laptops) need a service or maintenance window.
- </para>
- </formalpara>
- <formalpara>
- <title>Different profiles</title>
- <para>
- More generally speaking, different profiles for each of these categories may be defined as well, of course. A developer's desktop most likely has different requirements then a publicly accessible booth at the reception desk.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Version Control</title>
- <para>
- Version control lets you keep track of changes applied to the overall configuration management framework, which is important because since you are managing different aspects of a number of systems, if something goes wrong the changes applied to the configuration of puppet will most likely be the first clue as to what caused the new problem and lets you recover relatively fast.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Overview of systems' tasks and services</title>
- <para>
- Being able to quickly tell what a system does exactly, and how it differs from another system not only aids in performing risk assessments (impact of a given change), but may also help in determining the impact of a change beforehand, as well as determine the impact of an unexpected system interruption. Providing an example to the latter I suppose if you update httpd across systems (whether tested or untested), but the new software version doesn't work as expected, a configuration management framework should be able to quickly give you an overview of impacted systems and services.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Updating systems</title>
- <para>
- Some systems can be updated irregularly, such as desktop PCs, but need to be kept up-to-date nonetheless. Other systems need to have service and/or maintenance windows, such as servers.
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
- </section>
-
</section>
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement">
- <title>Problems without Configuration Management</title>
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagementRequirements">
+ <title>Configuration Management Requirements</title>
<para>
- There's a number of challenges in applying configuration management, such as:
+ This section is about what you would want Configuration Management to do for you, as a system administrator for the systems within your organization:
</para>
<para>
- <orderedlist>
+ <itemizedlist>
<listitem>
<formalpara>
- <title>Different operating systems</title>
+ <title>Maintain consistency across systems</title>
<para>
- If you have a diverse organization in terms of the operating systems your nodes run, applying the same thing to a set of different operating systems is challenging in that adding a user or setting a password on one operating system isn't the same as adding a user or setting a password on another operating system. Of course the same applies to installing, updating or removing a package, and so forth. Of course the more different operating systems you have, the harder managing any given resource becomes.
+ Consistency across systems is key in understanding where a problem might come from. If each and every system is unique, you may end up searching for unique aspects of the system's configuration in order to determine the cause of a problem, while if systems are mostly consistent and the exceptions to the rule are determined or determinable, you may have found the problem even before your users report it.
</para>
</formalpara>
- </listitem>
- <listitem>
<formalpara>
- <title>Different distributions</title>
+ <title>Consistency !== Equality</title>
<para>
- Although an organization may not have different distributions running right now, sooner or later, an organization will migrate from one distribution to another; That is practically inevitable. If an organization does have different distributions running, practical problems such as the location of certain files become evident, as well as different interfaces to resource-management (like adding a user with <application>useradd</application> or <application>adduser</application>).
+ Of course keeping systems consistent in their configuration doesn't say all your systems should be entirely equal, because that would not be feasible for many organizations and defeat the purpose of configuration management. Needless to say though, having all systems be entirely unique defeats part of the purpose of configuration management as well.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>Different versions of distributions</title>
+ <title>Categorize systems</title>
<para>
- Different versions of distributions, or more accurately the different versions of the utilities, as well as the configuration settings for updated programs that come with the distributions, can form a challenge when or if the organization does not have a proper configuration management framework in place. Note that even though an organization may not have different versions of a distribution right now, at some point the organization will need to upgrade to the next available release.
+ Categorizing systems into categories like (for example) <emphasis>desktop</emphasis>, <emphasis>server</emphasis> and/or <emphasis>laptop</emphasis>, helps in applying changes to one category, such as installing <application>GNOME</application> or keeping systems up-to-date according to a schedule that may (servers) or may not (desktops, laptops) need a service or maintenance window.
</para>
</formalpara>
- </listitem>
- <listitem>
<formalpara>
- <title>Different tasks to perform</title>
+ <title>Different profiles</title>
<para>
- Each different system in an organization is performing one or more tasks that may be unique to the system or may be shared between a group of systems, but with many different tasks being performed throughout the organization's infrastructure, keeping track of what system performs which task, keeping these systems up to date and configuring them to have the required packages installed for each of the tasks they perform, tackling the problem becomes harder.
+ More generally speaking, different profiles for each of these categories may be defined as well, of course. A developer's desktop most likely has different requirements then a publicly accessible booth at the reception desk.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>Different ways to perform a task</title>
+ <title>Version Control</title>
<para>
- Within an organization that has multiple servers performing the same task, keeping a similar state or perform a task in a similar manner is challenging in that without configuration management, you are most likely to find three or more ways to purge old files from <filename>/tmp/</filename> and <filename>/var/tmp/</filename>, for example. The same differentiation may apply to how webservers' VirtualHost's are configured, or how a NFS share is mounted (mount options in particular).
+ Version control lets you keep track of changes applied to the overall configuration management framework, which is important because since you are managing different aspects of a (large) number of systems, if something goes wrong the changes applied to the configuration of puppet will most likely be the first clue as to what caused the new problem and lets you recover relatively fast. Additionally, version control adds a layer that also gives you the chance to perform access control, to have notifications of changes applied sent to interested people, and to branch off.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>Different nodes</title>
+ <title>Overview of systems' tasks and services</title>
<para>
- This one goes to hardware-specific needs and configuration. When each of the systems in an organization are not all of the same brand, make and model, or each system has different harddisk layouts, or needs different videocard drivers, you are basically keeping lists and making choices based on this list.
+ Being able to quickly tell what a system does exactly, and how it differs from another system not only aids in performing risk assessments (impact of a given change), but may also help in determining the impact of a change beforehand, as well as determine the impact of an unexpected system or service interruption. Providing an example to the latter; if you update httpd across systems (whether tested or untested), but the new software version doesn't work as expected, a configuration management framework should be able to quickly give you an overview of impacted systems and services.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>Different services</title>
+ <title>Updating systems</title>
<para>
- Different services of course are configured differently, as far as configuration file locations and syntax are concerned. However, figuring out the best way to apply certain configuration to a system for each service is less efficient without configuration management. You might adjust a script or two and/or adjust the source repository from which you pull updates to each machine, but the changes may turn out to only apply to that system that needed the exception to the rule instead of focussing on a more general solution to the problem once, and apply that solution multiple times, over and over again.
+ Some systems can be updated irregularly, such as desktop PCs, but need to be kept up-to-date nonetheless. Other systems have service and/or maintenance windows, such as servers, and thus need a very regular and strict update schema, compliant with the update policies in place.
</para>
</formalpara>
</listitem>
- <listitem>
- <formalpara>
- <title>Interfaces to a system resource</title>
- <para>
- This is probably the hardest one if you are not using any configuration management framework. Given different operating systems, distributions and/or distribution versions, in which case any combination of the three only makes the problem harder to solve, you are most likely to encounter so many different ways to manage a resource, that a simple script or routine cannot cover all of them. One example is adding a user to the system, and making the user a group member of several groups. You may find routines ranging from using <application>useradd</application> or <application>adduser</application> depending on the distribution used, to writing out ldifs from a template and using <application>ldapadd</application> or <application>ldapmodify</application> depending on whether the user already exists or not.
- </para>
- </formalpara>
- </listitem>
- </orderedlist>
- </para>
- </section>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-NotSoTechnicalAspects">
- <title>Not So Technical Aspects</title>
- <para>
- In addition to the problems you may encounter with or without configuration management, there's a number of problems or challenges that are not so technical, but you may want to see resolved by a configuration management utility;
- </para>
- <para>
- <orderedlist>
- <listitem>
- <formalpara>
- <title>Applying changes</title>
- <para>
- Applying changes to multiple machines at once may become a problem depending on the size of the organization or the amount of control that you have over systems, remotely. There was a time when changing the DNS servers for a set of systems required one to log on to the console of each system and edit <filename>/etc/resolv.conf</filename> manually. You can see the problem become bigger if the organization does not have 20 systems, but 1200.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Keeping track of changes</title>
- <para>
- Another challenge is keeping track of the changes applied to each system. Even with configuration management, errors can be made and systems might behave unexpectedly, in which case you will want to know what changed on these systems, and how to recover to an operational state. Keeping track of changes without a configuration management framework however is a little harder, but with configuration management, you have reports (changes applied to a system in a nice overview), and most advisebly you have the configuration for Puppet stored in a Source Control Management system, or SCM system, like CVS, SVN, Mercurial, or GIT.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Staging changes</title>
- <para>
- Staging changes is a huge must-have in case changes are radical or might destroy a normal system's operation (even if temporary). For such changes, you would want to test the changes first, and with Puppet, you get this in the form of <emphasis>environments</emphasis>.
- </para>
- </formalpara>
- </listitem>
- </orderedlist>
+ </itemizedlist>
</para>
</section>
- </chapter>
+ </section>
- <chapter id="PuppetWorkshop-IntroductionToPuppet">
- <title>Introduction To Puppet</title>
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement">
+ <title>Problems without Configuration Management</title>
<para>
- Puppet is a solution to the problems set forth in <xref linkend="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement" />.
+ There's a number of challenges an organization might encounter when not implementing some form of configuration management, such as:
</para>
-
- <section id="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo">
- <title>What Does Puppet Do?</title>
- <para>
- Puppet offers a high-level abstraction of system resources like you would encounter on any given system, such as users, services and packages. Seeing as how different operating systems and different distributions each have different interfaces, so-called <emphasis>providers</emphasis> in puppet terms, to these system resources, scripting a package to be installed, updated, removed or be of a certain version includes a lot of <code>if-then-else</code> statements in a script you'd write to manage that particular system resource, the package.
- </para>
- <para>
- On Debian, Ubuntu and derivative distributions for example, the package provider may be <application>apt</application>, <application>dpkg</application>, <application>smart</application>, <application>alien</application>, <application>PackageKit</application>, while on Fedora, Red Hat and it's derivatives, the package provider may be <application>rpm</application>, <application>yum</application>, <application>PackageKit</application>, <application>apt</application> or <application>smart</application>.
- </para>
- <para>
- Another difference between distributions is how services can be started, or configured to start up when the machine boots. A <application>service</application> script may be available, or <filename>/etc/init.d/</filename> may contain scripts to start and stop a service. Also, some of these service providers may have <code>status</code>, <code>reload</code> and <code>restart</code> command parameters, whereas others may not have. Additionally, using <application>chkconfig</application> to configure the runlevels the service should be enabled or disabled in may not be available on all systems.
- </para>
- <para>
- By abstracting these system resources into <emphasis>types</emphasis>, Puppet takes on the headaches for most operating system and distribution specific interfaces to managing these system resources. It knows, or figures out all by itself, what provider to use given a <emphasis>type</emphasis>.
- </para>
- <formalpara>
- <title>Abstraction of system resources</title>
- <para>
- Abstraction of the system resources into so-called <emphasis>types</emphasis> causes the administrator to only need to configure a type, such as <emphasis>package</emphasis>, <emphasis>user</emphasis>, <emphasis>cron</emphasis>, and so forth. The configuration management utility itself will figure out what package manager backend to use, whether it's apt, yum, rpm, dpkg, smart or PackageKit.
- </para>
- </formalpara>
- <para>
- Puppet example to ensure user <emphasis>sysadmin</emphasis> exists on a system:
- <screen>user { "sysadmin":
- ensure => present
-}</screen>
- </para>
- <para>
- Puppet example to ensure the <emphasis>ypbind</emphasis> package is installed and the most recent version, <emphasis>ypbind</emphasis> is correctly configured, and the <emphasis>ypbind</emphasis> service is running:
- <screen>package { "ypbind":
- ensure => latest
-}
-
-file { "/etc/yp.conf":
- source => "puppet://$server/files/yp.conf",
- notify => Service["ypbind"],
- require => Package["ypbind"]
-}
-
-service { "ypbind":
- enable => true,
- ensure => running,
- require => [
- File["/etc/yp.conf"],
- Package["ypbind"]
- ]
-}</screen>
- </para>
- <para>
- The above example is called a <emphasis>manifest</emphasis>, built out of <emphasis>types</emphasis> (package, file, service), which, once defined in a manifest, are referred to as <emphasis>resources</emphasis>. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
- </para>
- </section>
-
- </chapter>
-
- <chapter id="PuppetWorkshop-PuppetTerminology">
- <title>Puppet Terminology</title>
<para>
- Terminology used in this documentation. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
- <itemizedlist>
+ <orderedlist>
<listitem>
<formalpara>
- <title>class</title>
+ <title>Different operating systems</title>
<para>
- A class is a collection of resources applied to a node with a single include statement. It groups together a comprehensible set of resources. A class <emphasis>ypclient</emphasis> would manage the <code>File["/etc/nsswitch.conf"]</code>, <code>File["/etc/yp.conf"]</code>, <code>Package["ypbind"]</code>, and <code>Service["ypbind"]</code> resources.
+ If you have a diverse organization in terms of the operating systems your systems run, applying the same configuration items to a set of different operating systems is challenging in that adding a user or setting a password on one operating system is not the same as adding a user or setting a password on another operating system. The same applies to installing, updating or removing a package, and so forth. Additionally the more different operating systems you have, the harder managing any given system resource becomes. Some commands for day-to-day administrative tasks may be equal, or similar, but most of them are and/or behave different.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>fileserver</title>
+ <title>Different distributions</title>
<para>
- The fileserver is where the puppet pulls files from. It is normally integrated with the puppetmaster, but it can be an entirely different server, too.
+ Although an organization may not have different distributions running right now, sooner or later, an organization will migrate from one distribution to another; That is practically inevitable. If an organization does have different distributions running, practical problems such as the location of certain files become evident, as well as different interfaces to resource-management (like adding a user with <application>useradd</application> or <application>adduser</application>).
</para>
</formalpara>
- <para>
- The fileserver serves files to puppets that request them, but it also serves <emphasis>templates</emphasis>, which are parsed on the fileserver (puppetmaster), and passed on to the client as a whole new file.
- </para>
</listitem>
<listitem>
<formalpara>
- <title>manifest</title>
+ <title>Different versions of distributions</title>
<para>
- The collection of classes, modules and resources that the <xref linkend="PuppetWorkshop-PuppetTerminology-puppetmaster" /> uses to distribute the appropriate configuration to a <xref linkend="PuppetWorkshop-PuppetTerminology-puppet" />.
+ Different versions of distributions, or more accurately the different versions of the utilities, as well as the configuration settings for updated programs that come with the distributions, can form a challenge when or if the organization does not have a proper configuration management framework in place. Note that even though an organization may not have different versions of a distribution right now, at some point the organization will need to upgrade to the next available release.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>module</title>
+ <title>Different tasks to perform</title>
<para>
- A module is a placeholder for files, manifests, plugins and templates. Creating a module has numerous advantages such as separate version control, separate staging from development through testing to production, and so forth.
+ Each different system in an organization is performing one or more tasks that may be unique to the system or may be shared between a group of systems, but with many different tasks being performed throughout the organization's infrastructure, keeping track of what system performs which task, keeping these systems up to date and configuring them to have the required packages installed for each of the tasks they perform, tackling the problem becomes harder.
</para>
</formalpara>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Modules" />, <xref linkend="PuppetWorkshop-HowToUsePuppet-Plugins" />
- </para>
</listitem>
<listitem>
<formalpara>
- <title>node</title>
- <para>
- The client, a node, is an operating system instance running the puppet client application. This can be a regular operating system running directly on top of actual hardware, a virtual guest as well as a virtual host.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara id="PuppetWorkshop-PuppetTerminology-puppet">
- <title>puppet</title>
+ <title>Different ways to perform a task</title>
<para>
- The client, a node, runs the <application>puppetd</application> daemon or service, and is referred to as the <emphasis>puppet</emphasis>
+ Within an organization that has multiple servers performing the same task, keeping a similar state or perform a task in a similar manner is challenging in that without configuration management, you are most likely to find three or more ways to purge old files from <filename>/tmp/</filename> and <filename>/var/tmp/</filename>, for example. The same differentiation may apply to how webservers' VirtualHosts are configured, or how a NFS share is mounted (mount options in particular).
</para>
</formalpara>
</listitem>
<listitem>
- <formalpara id="PuppetWorkshop-PuppetTerminology-puppetmaster">
- <title>puppetmaster</title>
+ <formalpara>
+ <title>Different nodes</title>
<para>
- The puppetmaster is the node that runs the server-side application to a puppet setup.
+ This one goes to hardware-specific needs and configuration. When each of the systems in an organization are not all of the same brand, make and model, or each system has different harddisk layouts, or needs different videocard drivers, you are basically keeping lists and making choices based on this list.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>resource</title>
+ <title>Different services</title>
<para>
- A resource is an instantiated <xref linkend="PuppetWorkshop-PuppetTerminology-type" />
+ Different services of course are configured differently, as far as configuration file locations and syntax are concerned. However, figuring out the best way to apply certain configuration to a system for each service is less efficient without configuration management. You might adjust a script or two and/or adjust the source repository from which you pull updates to each machine, but the changes may turn out to only apply to that system that needed the exception to the rule instead of focussing on a more general solution to the problem once, and apply that solution multiple times, over and over again.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>system resource</title>
+ <title>Interfaces to a system resource</title>
<para>
-<!--
-FIXME:
-//-->
- A system resource is a resource available on the node whether it is managed by puppet or not. Unlike what is otherwise understood by system resources, the puppet definition of system resources does not so much refer to resources like CPU or memory, but rather to whether or not a package is installed or what version of said package, or the $osversion, and so on and so forth.
+ This is probably the hardest one if you are not using any configuration management framework. Given different operating systems, distributions and/or distribution versions, in which case any combination of the three only makes the problem harder to solve, you are most likely to encounter so many different ways to manage a given system resource, that a simple script or routine cannot cover all of them -and remain comprehensible and maintainable. One example is adding a user to the system, and making the user a group member of several groups. You may find routines ranging from using <application>useradd</application> or <application>adduser</application> depending on the distribution used, to writing out ldifs from a template and using <application>ldapadd</application> or <application>ldapmodify</application> depending on whether the user already exists or not.
</para>
</formalpara>
</listitem>
<listitem>
- <formalpara id="PuppetWorkshop-PuppetTerminology-type">
- <title>type</title>
+ <formalpara>
+ <title>Fast pace changes</title>
<para>
- definition
+ Changes that need to apply rather sooner then later are often only applied by the time a crontab job polls for new configuration, or when a system reboots. This does not work in cases where changes need to be applied quickly, such as when a package installed on some or all systems exposes remotely exploitable vulnerabilities.
</para>
</formalpara>
</listitem>
- </itemizedlist>
+ </orderedlist>
</para>
- </chapter>
+ </section>
- <chapter id="PuppetWorkshop-HowPuppetWorks">
- <title>How Puppet Works</title>
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-NotSoTechnicalAspects">
+ <title>Not So Technical Aspects</title>
<para>
- This is an overview of how puppet works -in a working setup.
+ In addition to the problems you may encounter with or without configuration management, there's a number of problems or challenges that are not so technical, but you may want to see resolved by a configuration management utility;
</para>
<para>
<orderedlist>
<listitem>
<formalpara>
- <title>The puppet starts for the first time</title>
+ <title>Applying changes</title>
<para>
- It generates a certificate using the node's FQDN.
+ Applying changes to multiple machines at once may become a problem depending on the size of the organization or the amount of remote and direct control that you have over your systems. There was a time when changing the DNS servers for a set of systems required one to log on to the console of each system and edit <filename>/etc/resolv.conf</filename> manually. You can see the problem become bigger if the organization does not have 20 systems, but 1200.
</para>
</formalpara>
- <note>
- <para>
- Although not required, it is strongly recommended to have the client use a FQDN that is registered in DNS (forward as well as reverse).
- </para>
- </note>
</listitem>
<listitem>
<formalpara>
- <title>The puppet submits the certificate to the puppetmaster</title>
+ <title>Keeping track of changes</title>
<para>
- The puppetmaster, also the Certificate Authority, or <emphasis>puppetca</emphasis>, needs to sign the certificate before the client can be considered authenticated.
+ Another challenge is keeping track of the changes applied to each system. Even with configuration management, errors can be made and systems might behave unexpectedly, in which case you will want to know what changed on these systems, and how to recover to an operational state. Keeping track of changes without a configuration management framework however is a little harder, but with configuration management, you have reports (changes applied to a system in a nice overview), and most advisebly you have the configuration for Puppet stored in a Source Control Management system, or SCM system, like CVS, SVN, Mercurial, or GIT.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>The puppet waits 300 seconds for a signed certificate</title>
+ <title>Staging changes</title>
<para>
- It this configurable timeout of 300 seconds<footnote><para>Specify the timeout with <code>--waitforcert [seconds]</code></para></footnote> has passed, the puppet quits.
+ Staging changes is a huge must-have in case changes are radical or might destroy a normal system's operation (even if temporary). For such changes, you would want to test the changes first, and with Puppet, you get this in the form of <emphasis>environments</emphasis>. Additionally, in case any critical component needs to change, proper Change Management then requires you to Build & Test the solution prior to implementation, often not a very bad idea to relieve stress in case the implemented solution does not work, especially if the change is time-constrained such as with service windows.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
- <title>The puppetmaster signs the certificate</title>
+ <title>Exceptions to the rule</title>
<para>
- To do so, you can either configure the puppetmaster to automatically sign certificates or sign manually. Automatically signing certificates is generally a very bad idea. To manually sign a certificate, use:
+ As important as keeping systems consistent, is being able to name and point out the exceptions to the rules that you set. Of course, every organization has exceptions and until the point where high-availability, high-performance, load-balancing or virtualization clusters are deployed (or storage pools for that matter), no two systems are alike. Trying to keep a consistent configuration amongst all your systems doesn't change that. Note though, being able to reproduce the reasoning behind the exceptions to the rule is important in recovering from (unexpected) interruptions.
</para>
</formalpara>
- <para>
- <screen># <userinput>puppetca --sign <fqdn></userinput></screen>
- </para>
</listitem>
<listitem>
<formalpara>
- <title>The puppet receives the signed certificate</title>
+ <title>Restoring a system</title>
<para>
- Immediately thereafter, the puppet starts a configuration run.
+ Restoring a system to it's normal operations often requires you to have a backup of the most recent configuration files and transactional data for the machine. Although configuration management with puppet does not facilitate the backup of transactional data, it does facilitate the backup of configuration files, taking away the rather boring task of having to select manually which items need to be backed up and restored on a regular basis.
</para>
</formalpara>
- <warning>
+ </listitem>
+ </orderedlist>
+ </para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-IntroductionToPuppet">
+ <title>Introduction To Puppet</title>
+ <para>
+ Puppet is a solution to many of the problems set forth in <xref linkend="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement" />, and thus perfect for a workshop on Configuration Management.
+ </para>
+ <para>
+ Another solution may be <emphasis>CFEngine</emphasis>. We have chosen not to use CFEngine for several reasons:
+ <itemizedlist>
+ <listitem>
+ <para>
+ Puppet has an open development model, whereas CFEngine has not. This means that the changes and bugfixes, and more importantly innovation and development is in the hands of you and me.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The level of abstraction of system resources that Puppet enables you to use allows you to concentrate on the bigger picture, rather then needing to figure out again and again, and then specify again and again, how a certain task is to be performed on a given operating system, distribution and/or specific distribution version. CFEngine however is a very low-level utility, perfect for keeping 800 identical machines in shape, but becomes worse with any desirable discrepancy between systems because of that low-level management.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ For a more detailed CFEngine vs. Puppet poem, visit <ulink url="http://reductivelabs.com/trac/puppet/wiki/CfengineVsPuppet" />.
+ </para>
+
+ <section id="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo">
+ <title>What Does Puppet Do?</title>
+ <para>
+ Puppet offers a high-level abstraction of system resources like you would encounter on any given system, such as users, services and packages. Seeing as how different operating systems and different distributions each have different interfaces (<emphasis>providers</emphasis> in puppet terms), to these system resources, managing a package to be installed, updated, removed or be of a certain version includes a lot of <code>if-then-else</code> statements in a script you would write to manage that particular system resource; one package.
+ </para>
+ <para>
+ On Debian, Ubuntu and derivative distributions for example, the package provider may be <application>apt</application>, <application>dpkg</application>, <application>smart</application>, <application>alien</application>, <application>PackageKit</application>, while on Fedora, Red Hat and it's derivatives, the package provider may be <application>rpm</application>, <application>yum</application>, <application>PackageKit</application>, <application>apt</application> or <application>smart</application>. Although some of these package managers can be combined, while others can not, and systems usually stick to their natively integrated package manager, figuring out such while actually trying to manage the result of what a package manager does could be seen as a lot of work for little gain.
+ </para>
+ <para>
+ Another difference between distributions is how services can be started, or configured to start up when the machine boots. A <application>service</application> script may be available, or <filename>/etc/init.d/</filename> may contain scripts to start and stop a service. Also, some of these service providers may have <code>status</code>, <code>reload</code> and <code>restart</code> command parameters, whereas others may not have. Additionally, using <application>chkconfig</application> to configure the runlevels the service should be enabled or disabled in may not be available on all systems. The list of examples here is of course, exhaustive.
+ </para>
+ <para>
+ By abstracting these system resources into <emphasis>types</emphasis>, Puppet takes on the headaches for most operating system and distribution specific interfaces to managing these system resources. It knows, or figures out all by itself, what provider to use given a <emphasis>type</emphasis>.
+ </para>
+ <formalpara>
+ <title>Abstraction of system resources</title>
+ <para>
+ Abstraction of the system resources into so-called <emphasis>types</emphasis> causes the administrator to only need to configure a type, such as <emphasis>package</emphasis>, <emphasis>user</emphasis>, <emphasis>cron</emphasis>, and so forth, directly addressing the system resource on the managed system without the exact specifics of the managed system. The configuration management utility itself will figure out what package manager backend to use, whether it's apt, yum, rpm, dpkg, smart or PackageKit.
+ </para>
+ </formalpara>
+ <para>
+ This is a Puppet example to ensure user <emphasis>sysadmin</emphasis> exists on a system:
+ <screen>user { "sysadmin":
+ensure => present
+}</screen>
+ </para>
+ <formalpara id="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo-YpClientExample">
+ <title>YP Client Example</title>
+ <para>
+ Puppet example to ensure the <emphasis>ypbind</emphasis> package is installed and the most recent version, <emphasis>ypbind</emphasis> is correctly configured, and the <emphasis>ypbind</emphasis> service is running:
+ <screen>package { "ypbind":
+ ensure => latest
+}
+
+file { "/etc/yp.conf":
+ source => "puppet://$server/files/yp.conf",
+ notify => Service["ypbind"],
+ require => Package["ypbind"]
+}
+
+service { "ypbind":
+ enable => true,
+ ensure => running,
+ require => [
+ File["/etc/yp.conf"],
+ Package["ypbind"]
+ ]
+}</screen>
+ </para>
+ </formalpara>
+ <para>
+ The above example is called a <emphasis>manifest</emphasis>, built out of <emphasis>types</emphasis> (package, file, service), which, once defined in a manifest, are referred to as <emphasis>resources</emphasis>. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
+ </para>
+ <para>
+ The configuration file for this YP client is pulled from <code>puppet://$server/files/yp.conf</code>, the puppetmaster's fileserver, which is where you put the file, possibly from within a Version Control System.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-IntroductionToPuppet-Ordering">
+ <title>Ordering</title>
+ <para>
+ As you can see in the <xref linkend="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo-YpClientExample" />, Puppet does not just manage resources and hopes for the best, but allows one resource to require another resource (<code>File["/etc/yp.conf"] { require => Package["ypbind"] }</code>), and for one resource to notify another resource on changes (<code>File["/etc/yp.conf"] { notify => Service["ypbind"] }</code>).
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-IntroductionToPuppet-WriteOnceApplyManyTimes">
+ <title>Write Once, Apply Many Times</title>
+ <para>
+ Returning to the <xref linkend="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo-YpClientExample" />, if many systems need to become YP clients, of course you can apply the snippet to all nodes:
+ </para>
+ <para>
+ <screen>node '<replaceable>node1.example.com</replaceable>' {
+ package { "ypbind":
+ ensure => latest
+ }
+
+ file { "/etc/yp.conf":
+ source => "puppet://$server/files/yp.conf",
+ notify => Service["ypbind"],
+ require => Package["ypbind"]
+ }
+
+ service { "ypbind":
+ enable => true,
+ ensure => running,
+ require => [
+ File["/etc/yp.conf"],
+ Package["ypbind"]
+ ]
+ }
+}
+
+node '<replaceable>node2.example.com</replaceable>' {
+
+ package { "ypbind":
+ ensure => latest
+ }
+
+ file { "/etc/yp.conf":
+ source => "puppet://$server/files/yp.conf",
+ notify => Service["ypbind"],
+ require => Package["ypbind"]
+ }
+
+ service { "ypbind":
+ enable => true,
+ ensure => running,
+ require => [
+ File["/etc/yp.conf"],
+ Package["ypbind"]
+ ]
+ }
+}</screen>
+ </para>
+ <para>
+ This of course is not very efficient; One change would need to be applied many times still, and errors are easily made. Besides, it doesn't scale well. Why not group the YP Client relevant resources into a class, and then include the class with each node? Here's how:
+ </para>
+ <para>
+ <screen># Example /etc/puppet/manifests/classes/yp.pp
+
+class yp::client {
+ package { "ypbind":
+ ensure => latest
+ }
+
+ file { "/etc/yp.conf":
+ source => "puppet://$server/files/yp.conf",
+ notify => Service["ypbind"],
+ require => Package["ypbind"]
+ }
+
+ service { "ypbind":
+ enable => true,
+ ensure => running,
+ require => [
+ File["/etc/yp.conf"],
+ Package["ypbind"]
+ ]
+ }
+}</screen>
+<screen># Example /etc/puppet/manifests/site.pp
+
+$server = "<replaceable>master.example.com</replaceable>"
+
+import "classes/*.pp"
+
+node '<replaceable>node1.example.com</replaceable>' {
+ include yp::client
+}
+
+node '<replaceable>node2.example.com</replaceable>' {
+ include yp::client
+}
+
+node '<replaceable>node3.example.com</replaceable>' {
+ include yp::client
+}</screen>
+ </para>
+ <para>
+ Although this looks much more scalable and long-term sustainable, we're not there yet. If the <code>yp::client</code> is not the only one class of what makes up, say, a desktop, and other classes to be included are named <code>foo1</code> through <code>foo1000</code> (meaning, a lot of different ones), then here's what happens next;
+ </para>
+ <para>
+ <screen># Example /etc/puppet/manifests/site.pp
+
+$server = "<replaceable>master.example.com</replaceable>"
+
+import "classes/*.pp"
+
+node '<replaceable>node1.example.com</replaceable>' {
+ include yp::client
+ include foo1
+ include foo2
+ include fooX
+ [...skip 996 lines for abbrevity...]
+ include foo1000
+}
+
+node '<replaceable>node2.example.com</replaceable>' {
+ include yp::client
+ include foo1
+ include foo2
+ include fooX
+ [...skip 996 lines for abbrevity...]
+ include foo1000
+}
+
+node '<replaceable>node3.example.com</replaceable>' {
+ include yp::client
+ include foo1
+ include foo2
+ include fooX
+ [...skip 996 lines for abbrevity...]
+ include foo1000
+}</screen>
+ </para>
+ <para>
+ While instead, since these are all desktops, we could create a <filename>groups/desktop.pp</filename> that says:
+ </para>
+ <para>
+ <screen>class desktop {
+ include yp::client
+ include foo1
+ include foo2
+ include fooX
+ [...skip 996 lines for abbrevity...]
+ include foo1000
+}</screen>
+ </para>
+ <para>
+ and have <filename>site.pp</filename> say:
+ </para>
+ <para>
+ <screen># Example /etc/puppet/manifests/site.pp
+
+$server = "<replaceable>master.example.com</replaceable>"
+
+import "classes/*.pp"
+
+node '<replaceable>node1.example.com</replaceable>' {
+ include desktop
+}
+
+node '<replaceable>node2.example.com</replaceable>' {
+ include desktop
+}
+
+node '<replaceable>node3.example.com</replaceable>' {
+ include desktop
+}</screen>
+ </para>
+
+ </section>
+ </chapter>
+
+ <chapter id="PuppetWorkshop-PuppetTerminology">
+ <title>Puppet Terminology</title>
+ <para>
+ First, some clarification on the terminology used in this documentation. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>class</title>
+ <para>
+ A class is a collection of resources applied to a node with a single include statement. It groups together a comprehensible set of resources. A class <emphasis>ypclient</emphasis> would manage the <code>File["/etc/nsswitch.conf"]</code>, <code>File["/etc/yp.conf"]</code>, <code>Package["ypbind"]</code>, and <code>Service["ypbind"]</code> resources.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>fileserver</title>
+ <para>
+ The fileserver is where the puppet pulls files from. It is normally integrated with the puppetmaster, but it can be an entirely different server, too.
+ </para>
+ </formalpara>
+ <para>
+ The fileserver serves files to puppets that request them, but it also serves <emphasis>templates</emphasis>, which are parsed on the fileserver (puppetmaster), and passed on to the client as a whole new file.
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>manifest</title>
+ <para>
+ The collection of classes, modules and resources that the <xref linkend="PuppetWorkshop-PuppetTerminology-puppetmaster" /> uses to distribute the appropriate configuration to a <xref linkend="PuppetWorkshop-PuppetTerminology-puppet" />.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>module</title>
+ <para>
+ A module is a placeholder for files, manifests, plugins and templates. Creating a module has numerous advantages such as separate version control, separate staging from development through testing to production, and so forth.
+ </para>
+ </formalpara>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Modules" />, <xref linkend="PuppetWorkshop-HowToUsePuppet-Plugins" />
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>node</title>
+ <para>
+ The client, a node, is an operating system instance running the puppet client application. This can be a regular operating system running directly on top of actual hardware, a virtual guest as well as a virtual host.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-PuppetTerminology-puppet">
+ <title>puppet</title>
+ <para>
+ The client, a node, runs the <application>puppetd</application> daemon or service, and is referred to as the <emphasis>puppet</emphasis>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-PuppetTerminology-puppetmaster">
+ <title>puppetmaster</title>
+ <para>
+ The puppetmaster is the node that runs the server-side application to a puppet setup.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>resource</title>
+ <para>
+ A resource is an instantiated <xref linkend="PuppetWorkshop-PuppetTerminology-type" />. It has been defined and it cannot be undefined. The puppetmaster sends all applicable resources the a puppet, which then applies them. Resources are fundamentally built from a <xref linkend="PuppetWorkshop-PuppetTerminology-type" />, a <emphasis>title</emphasis>, and a list of <emphasis>attributes</emphasis>, with each resource type having a specific list of supported attributes.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>system resource</title>
+ <para>
+<!--
+FIXME:
+//-->
+ A system resource is a resource available on the node whether it is managed by puppet or not. Unlike what is otherwise understood by system resources, the puppet definition of system resources throughout this documentation does not so much refer to hardware resources like CPU or memory, but rather to manageable aspects of the operating system, like users, packages, services, files, cronjobs, and so forth.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-PuppetTerminology-type">
+ <title>type</title>
+ <para>
+ Puppet uses <emphasis>types</emphasis> to abstract system resources. Types have parameters such as <code>ensure => present|absent</code> in case of a user, or <code>ensure => installed|absent|latest|<replaceable>1.0-1.el5</replaceable></code>, indicating in which state the system resource should be. Each type has a title, which must be unique throughout the manifest, and a list of supported attributes. E.g., there is no <code>mode => 644</code> to the package type.
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </chapter>
+
+ <chapter id="PuppetWorkshop-HowPuppetWorks">
+ <title>How Puppet Works</title>
+ <para>
+ This is an overview of how puppet works -in a working setup.
+ </para>
+ <para>
+ <orderedlist>
+ <listitem>
+ <formalpara>
+ <title>The puppet starts for the first time</title>
+ <para>
+ It generates a certificate using the node's FQDN.
+ </para>
+ </formalpara>
+ <note>
+ <para>
+ Although not required, it is strongly recommended to have the client use a FQDN that is registered in DNS (forward as well as reverse).
+ </para>
+ </note>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet submits the certificate to the puppetmaster</title>
+ <para>
+ The puppetmaster, also the Certificate Authority, or <emphasis>puppetca</emphasis>, needs to sign the certificate before the client can be considered authenticated.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet waits 300 seconds for a signed certificate</title>
+ <para>
+ It this configurable timeout of 300 seconds<footnote><para>Specify the timeout with <code>--waitforcert [seconds]</code></para></footnote> has passed, the puppet quits.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppetmaster signs the certificate</title>
+ <para>
+ To do so, you can either configure the puppetmaster to automatically sign certificates or sign manually. Automatically signing certificates is generally a very bad idea. To manually sign a certificate, use:
+ </para>
+ </formalpara>
+ <para>
+ <screen># <userinput>puppetca --sign <fqdn></userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet receives the signed certificate</title>
+ <para>
+ Immediately thereafter, the puppet starts a configuration run.
+ </para>
+ </formalpara>
+ <warning>
+ <para>
+ The time on both the puppetmaster and the puppet must be within 5 minutes of eachother as the certificate generated and signed has a validity period. If the difference in time of these two nodes is more then 5 minutes, you will get a "Certificates not trusted" type of error.
+ </para>
+ </warning>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet generates all the facts</title>
+ <para>
+ Most configurations rely on client information to make decisions. When the Puppet client starts, it loads the Facter Ruby library, collects all of the facts that it can, and passes those facts to the interpreter. When you use Puppet over a network, these facts are passed over the network to the server and the server uses them to compile the client's configuration.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppetmaster parses it's manifests</title>
+ <para>
+ The puppetmaster parses through all it's manifests, including the manifests not applicable to the puppet that is polling. It only sends out the manifest applicable to the puppet polling, however.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet receives the manifests</title>
+ <para>
+ When the puppet receives the manifests, it may still contain variables such as <code>$hostname</code>, <code>$operatingsystem</code> and others, which the puppet fills out with the appropriate values.
+ </para>
+ </formalpara>
+<!-- <warning>
+ <para>
+ All variables in the manifest sent to the client should be based on facts rather then fiction.
+ </para>
+ </warning>-->
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet applies the manifest</title>
+ <para>
+ While the puppet applies the manifest, it pulls files from the puppetmaster's <emphasis>fileserver</emphasis> after checking the local checksum against the remote checksum. When running with debug output, this will show as:
+ </para>
+ </formalpara>
+ <para>
+ <screen>debug: Calling fileserver.list
+debug: //Node[node1.example.com]/File[/tmp/foo]/checksum: Initializing checksum hash
+debug: //Node[node1.example.com]/File[/tmp/foo]: Creating checksum {md5}85e53dc9439253a1ec9ca87aeffd9b0b
+debug: Calling fileserver.describe</screen>
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Files that are replaced are backed up</title>
+ <para>
+ The puppet sends a copy of the files it replaces back to the puppetmaster.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet reports to the puppetmaster</title>
+ <para>
+ A detailed report of what the puppet has done with the manifests is sent back to the puppetmaster.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet waits for 30 minutes</title>
+ <para>
+ The next run the puppet performs/polls for is after a configurable timeperiod, which defaults to 30 minutes.
+ </para>
+ </formalpara>
+ </listitem>
+ </orderedlist>
+ </para>
+ <para>
+ A puppet setup is comprised out of the following parts:
+ </para>
+ <formalpara>
+ <title>The Puppetmaster</title>
+ <para>
+ The puppetmaster of course is the core element in a puppet setup. Not only is it responsible for collecting the facts from, and the handing over the appropriate manifest to the puppets, it also takes care of serving the files needed by the manifest, performs the certificate authority task, offers a clientbucket for backing up changed files, maybe stores the configurations in a database, maybe does reporting, and maybe does some graphing.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>The Puppet</title>
+ <para>
+ Another pretty essential player in this game, as without puppets, there is no strings to pull.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Good Hostnames</title>
+ <para>
+ The puppet determines what certificate to use or generate based on it's current hostname. Once a hostname is used to request the certificate exchange with, that is the valid certificate and the node name for the puppet, which the puppetmaster uses to determine the applicable manifests with. An ever changing hostname doesn't help.
+ </para>
+ </formalpara>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-PuppetFeatures">
+ <title>Puppet Features</title>
+ <para>
+ A few of the Puppet features
+ </para>
+
+ <section id="PuppetWorkshop-PuppetFeatures-PuppetSpeaksTheLocalLanguageOrDialect">
+ <title>Puppet Speaks</title>
+ <para>
+ Puppet speaks the language or dialect used on the local, managed system, fluently.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-PuppetFeatures-SecureCommunication">
+ <title>Secure Communication</title>
+ <para>
+ Your files, templates, and potentially passwords, are passed to the puppet using secure communication.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-PuppetFeatures-FreeAndOpenSourceSoftware">
+ <title>Free and Open Source Software</title>
+ <para>
+ Puppet has a free development model, and has proven to participate in the Free and Open Source Software world with the true Free spirit.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-PuppetFeatures-FactsNoFiction">
+ <title>Facts, no Fiction</title>
+ <para>
+ When Puppet becomes your main configuration management tool, you want to use facts, not fiction. Puppet takes the most reliable sources for it's facts; the client does not set every single fact.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-PuppetFeatures-RepeatRepeatRepeat">
+ <title>Repeat, Repeat, Repeat</title>
+ <para>
+ Write something once. Then use it. And again. And then improve it. And then use it again. And again.
+ </para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-SettingUpPuppet">
+ <title>Setting Up Puppet</title>
+ <para>
+ In this section, we are going to set up a puppetmaster, and a puppet client. The puppetmaster is going to run the <emphasis>mongrel</emphasis> server-type, for setting up a puppetmaster for larger environments.
+ </para>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Installation">
+ <title>Installation</title>
+ <para>
+ The default server type for the puppetmaster is called <emphasis>webrick</emphasis>, a single-threaded webserver. The webserver handles the puppets' requests for manifests, certificate exchanges, as well requests for files and templates. Being single-threaded, the webrick webserver can only handle one client at a time. While the puppets poll the puppetmaster with a default interval of 30 minutes, and configuration runs can take longer then 60 seconds, putting more then 25 clients in front of a puppetmaster with a webrick webserver is a very, very bad idea.
+ </para>
+ <para>
+ There is a multi-threaded webserver in Ruby, called <emphasis>mongrel</emphasis>. This is a simple, multi-threaded, but not very feature-rich webserver. For one, it does not perform SSL. For scalability purposes though, the mongrel server type is an absolute must, and can better be chosen as the webserver to handle the puppets' requests, right from the beginning. This however requires a frontend that performs the SSL part of the communications between the puppetmaster and the puppets. We choose Apache's HTTPd for it's excellent performance, flexible configuration, excellent configuration syntax, and because it can be set up as a reverse proxy load balancer, allowing more then one puppetmaster behind the scenes if necessary.
+ </para>
+ <para>
+ Install the required packages for the puppetmaster:
+ </para>
+ <formalpara>
+ <title>Smaller organizations (< ~25 clients)</title>
+ <para>
+ <itemizedlist>
+ <listitem>
<para>
- The time on both the puppetmaster and the puppet must be within 5 minutes of eachother as the certificate generated and signed has a validity period. If the difference in time of these two nodes is more then 5 minutes, you will get a "Certificates not trusted" type of error.
+ The puppetmaster.
</para>
- </warning>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet generates all the facts</title>
<para>
- Most configurations rely on client information to make decisions. When the Puppet client starts, it loads the Facter Ruby library, collects all of the facts that it can, and passes those facts to the interpreter. When you use Puppet over a network, these facts are passed over the network to the server and the server uses them to compile the client's configuration.
+ <screen># <userinput>yum install puppet-server</userinput></screen>
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppetmaster parses it's manifests</title>
+ </listitem>
+ <listitem>
<para>
- The puppetmaster parses through all it's manifests, including the manifests not applicable to the puppet that is polling. It only sends out the manifest applicable to the puppet polling, however.
+ (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet receives the manifests</title>
<para>
- When the puppet receives the manifests, it may still contain variables such as <code>$hostname</code>, <code>$operatingsystem</code> and others, which the puppet fills out with the appropriate values.
+ <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
</para>
- </formalpara>
-<!-- <warning>
+ </listitem>
+ <listitem>
<para>
- All variables in the manifest sent to the client should be based on facts rather then fiction.
+ (optional) The Ruby RRDtool library.
</para>
- </warning>-->
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet applies the manifest</title>
<para>
- While the puppet applies the manifest, it pulls files from the puppetmaster's <emphasis>fileserver</emphasis> after checking the local checksum against the remote checksum. When running with debug output, this will show as
- <screen>debug: Calling fileserver.list
-debug: //Node[node1.example.com]/File[/tmp/foo]/checksum: Initializing checksum hash
-debug: //Node[node1.example.com]/File[/tmp/foo]: Creating checksum {md5}85e53dc9439253a1ec9ca87aeffd9b0b
-debug: Calling fileserver.describe</screen>
+ <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Files that are replaced are backed up</title>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Larger organizations (> ~25 clients)</title>
+ <para>
+ <itemizedlist>
+ <listitem>
<para>
- The puppet sends a copy of the files it replaces back to the puppetmaster.
+ A webserver capable of performing as a frontend SSL reverse proxy load balancer, such as the Apache HTTPd webserver.
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet reports to the puppetmaster</title>
<para>
- A detailed report of what the puppet has done with the manifests is sent back to the puppetmaster.
+ <screen># <userinput>yum install httpd</userinput></screen>
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet waits for 30 minutes</title>
+ </listitem>
+ <listitem>
<para>
- The next run the puppet performs/polls for is after a configurable timeperiod, which defaults to 30 minutes.
+ The Ruby mongrel library, for better scalability.
</para>
- </formalpara>
- </listitem>
- </orderedlist>
- </para>
- <para>
- A puppet setup is comprised out of the following parts:
- </para>
- <formalpara>
- <title>The Puppetmaster</title>
- <para>
- The puppetmaster of course is the core element in a puppet setup. Not only is it responsible for the handing over the manifest to the client, it also takes care of serving the files needed by the manifest, as well as
+ <para>
+ <screen># <userinput>yum install rubygem-mongrel</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The puppetmaster.
+ </para>
+ <para>
+ <screen># <userinput>yum install puppet-server</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
+ </para>
+ <para>
+ <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ (optional) The Ruby RRDtool library.
+ </para>
+ <para>
+ <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
</para>
</formalpara>
- </chapter>
+ </section>
- <chapter id="PuppetWorkshop-PuppetFeatures">
- <title>Puppet Features</title>
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration">
+ <title>Configuration</title>
<para>
- paragraph
+ In this section, we walk you through the initial configuration of a puppetmaster with the mongrel server type.
</para>
- </chapter>
- <chapter id="PuppetWorkshop-TroubleshootingPuppet">
- <title>Troubleshooting Puppet</title>
- <para>
- This section is about troubleshooting the puppetmaster and puppet
- </para>
- </chapter>
-
- <chapter id="PuppetWorkshop-SettingUpPuppet">
- <title>Setting Up Puppet</title>
- <para>
- In this section, we are going to set up a puppetmaster, and a puppet client. The puppetmaster is going to run the <emphasis>mongrel</emphasis> server-type, for setting up a puppetmaster for larger environments.
- </para>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Installation">
- <title>Installation</title>
- <para>
- The default server type for the puppetmaster is called <emphasis>webrick</emphasis>, a single-threaded webserver. The webserver handles the puppets' requests for manifests, certificate exchanges, as well requests for files and templates. Being single-threaded, the webrick webserver can only handle one client at a time. While the puppets poll the puppetmaster with a default interval of 30 minutes, and configuration runs can take longer then 60 seconds, putting more then 25 clients in front of a puppetmaster with a webrick webserver is a very, very bad idea.
- </para>
- <para>
- There is a multi-threaded webserver in Ruby, called <emphasis>mongrel</emphasis>. This is a simple, multi-threaded, but not very feature-rich webserver. For one, it does not perform SSL. For scalability purposes though, the mongrel server type is an absolute must, and can better be chosen as the webserver to handle the puppets' requests, right from the beginning. This however requires a frontend that performs the SSL part of the communications between the puppetmaster and the puppets. We choose Apache's HTTPd for it's excellent performance, flexible configuration, excellent configuration syntax, and because it can be set up as a reverse proxy load balancer, allowing more then one puppetmaster behind the scenes if necessary.
- </para>
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster">
+ <title>Configuring the Puppetmaster</title>
<para>
- Install the required packages for the puppetmaster:
- </para>
- <formalpara>
- <title>Smaller organizations (< ~25 clients)</title>
- <para>
- <itemizedlist>
- <listitem>
- <para>
- The puppetmaster.
- </para>
- <para>
- <screen># <userinput>yum install puppet-server</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
- </para>
- <para>
- <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) The Ruby RRDtool library.
- </para>
- <para>
- <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- <formalpara>
- <title>Larger organizations (> ~25 clients)</title>
- <para>
- <itemizedlist>
- <listitem>
- <para>
- A webserver capable of performing as a frontend SSL reverse proxy load balancer, such as the Apache HTTPd webserver.
- </para>
- <para>
- <screen># <userinput>yum install httpd</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- The Ruby mongrel library, for better scalability.
- </para>
- <para>
- <screen># <userinput>yum install rubygem-mongrel</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- The puppetmaster.
- </para>
- <para>
- <screen># <userinput>yum install puppet-server</userinput></screen>
- </para>
- </listitem>
- <listitem>
+ The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values. There's 4 sections of interest,
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>[main]</title>
<para>
- (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
+ Primarily file locations, directory settings and other globals applicable to both the puppet as well as the puppetmaster.
</para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetca]</title>
<para>
- <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
+ Puppet Certificate Authority (puppetca) settings.
</para>
- </listitem>
- <listitem>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetd]</title>
<para>
- (optional) The Ruby RRDtool library.
+ Puppet client daemon settings.
</para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
<para>
- <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
+ Puppetmaster daemon settings.
</para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration">
- <title>Configuration</title>
- <para>
- In this section, we walk you through the initial configuration of a puppetmaster with the mongrel server type.
+ </formalpara>
+ </listitem>
+ </itemizedlist>
</para>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster">
- <title>Configuring the Puppetmaster</title>
- <para>
- The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values. There's 4 sections of interest,
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>[main]</title>
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Settings">
+ <title>Relevant Settings</title>
+ <formalpara>
+ <title>Relevant Settings For The First Run</title>
+ <para>
+ For the first run of the puppetmaster, the following settings require configuration:
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>[main]</title>
+ <para>
+ The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <code>logdir = /var/log/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>rundir = /var/run/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>ssldir = $vardir/ssl/</code>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <note>
+ <para>
+ If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
+ </para>
+ </note>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>certname</title>
+ <para>
+ The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>certdnsnames</title>
+ <para>
+ A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
+ <orderedlist>
+ <listitem>
+ <para>
+ The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Any other hostname or fully qualified domain name you want to use for the puppetmaster.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
<para>
- Primarily file locations, directory settings and other globals applicable to both the puppet as well as the puppetmaster.
+ Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
+ ca = <replaceable>true</replaceable></screen>
+ The default is often set to <code>true</code>.
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetca]</title>
+ </listitem>
+ <listitem>
<para>
- Puppet Certificate Authority (puppetca) settings.
+ Whether or not to use autosigning of certificates, using
+ <screen>[puppetca]
+ autosign = <replaceable>false</replaceable></screen>
+ The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetd]</title>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Other Relevant Settings</title>
+ <para>
+ The following settings require review before the puppetmaster is going in production.
+ <itemizedlist>
+ <listitem>
<para>
- Puppet client daemon settings.
+ A list of environments using a comma seperated list, in
+ <screen>[puppetmasterd]
+ environments = <replaceable>development,testing,production</replaceable></screen>
</para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetmasterd]</title>
<para>
- Puppetmaster daemon settings.
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
</para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Settings">
- <title>Relevant Settings</title>
- <formalpara>
- <title>Relevant Settings For The First Run</title>
- <para>
- For the first run of the puppetmaster, the following settings require configuration:
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>[main]</title>
- <para>
- The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
- <itemizedlist>
- <listitem>
- <para>
- <code>logdir = /var/log/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>rundir = /var/run/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>ssldir = $vardir/ssl/</code>
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- <note>
- <para>
- If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
- </para>
- </note>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetmasterd]</title>
- <para>
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>certname</title>
- <para>
- The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>certdnsnames</title>
- <para>
- A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
- <orderedlist>
- <listitem>
- <para>
- The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- Any other hostname or fully qualified domain name you want to use for the puppetmaster.
- </para>
- </listitem>
- </orderedlist>
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <para>
- Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
- ca = <replaceable>true</replaceable></screen>
- The default is often set to <code>true</code>.
- </para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use autosigning of certificates, using
- <screen>[puppetca]
- autosign = <replaceable>false</replaceable></screen>
- The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- <formalpara>
- <title>Other Relevant Settings</title>
- <para>
- The following settings require review before the puppetmaster is going in production.
- <itemizedlist>
- <listitem>
- <para>
- A list of environments using a comma seperated list, in
- <screen>[puppetmasterd]
- environments = <replaceable>development,testing,production</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
- </para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
- <screen>[puppetmasterd]
- reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- <listitem>
- <para>
- The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
- tagmap = <replaceable>/path/to/tagmail.conf</replaceable></screen>
- for reporting changes applied to puppets, via email.
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Sitepp">
- <title>Minimal site.pp</title>
- <para>
- Create a minimal <code>site.pp</code> in <filename>/etc/puppet/manifests/site.pp</filename> for the puppetmaster to parse on it's initial startup. Below is an example.
+ </listitem>
+ <listitem>
+ <para>
+ Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
+ <screen>[puppetmasterd]
+ reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
+ tagmap = <replaceable>/path/to/tagmail.conf</replaceable></screen>
+ for reporting changes applied to puppets, via email.
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ </itemizedlist>
</para>
- <screen>#
+ </formalpara>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Sitepp">
+ <title>Minimal site.pp</title>
+ <para>
+ Create a minimal <code>site.pp</code> in <filename>/etc/puppet/manifests/site.pp</filename> for the puppetmaster to parse on it's initial startup. Below is an example.
+ </para>
+ <screen>#
# site.pp for any domain
#
@@ -933,133 +1212,286 @@ $server = "<replaceable>master.puppetmanaged.org</replaceable>"
node default {
}</screen>
- </section>
+ </section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-ServiceConfiguration">
- <title>Service Configuration</title>
- <para>
- On Red Hat based systems, use <filename>/etc/sysconfig/puppetmaster</filename> to configure the service. It has three variables set, of which <code>PUPPETMASTER_MANIFEST</code> needs to point to the default manifest to use.
- </para>
- </section>
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-ServiceConfiguration">
+ <title>Service Configuration</title>
+ <para>
+ On Red Hat based systems, use <filename>/etc/sysconfig/puppetmaster</filename> to configure the service. It has three variables set, of which <code>PUPPETMASTER_MANIFEST</code> needs to point to the default manifest to use.
+ </para>
+ </section>
+
+ </section>
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-SSLFrontendReverseProxyLoadBalancer">
+ <title>Configuring the SSL Frontend Reverse Proxy Load Balancer</title>
+ <para>
+ A webserver needs to be configured to handle the SSL XML-RPC requests from the puppets, because the mongrel server type is not capable of performing SSL.
+ </para>
+ <para>
+ The webserver is going to listen on port 8140, the default port for the puppetmaster to listen for clients. It is going to forward traffic (after being decrypted) to the puppetmaster on 127.0.0.1:8141.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer">
+ <title>Configuring the Database Server</title>
+ <para>
+ A database can be configured to store the configuration distributed by the puppetmaster, and applied by the puppet. This is optional, and creates some overhead to the original purpose of configuring the puppets, but provides the opportunity to create overviews of applied classes to nodes, and a complete inventory of <emphasis>facts</emphasis> for all nodes. similarities / exemptions.
+ </para>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-SQLite3">
+ <title>SQLite3</title>
+ <para>
+ SQLite(3) is a file based, light SQL database which is suitable for small databases. Depending on the size of the organization or priority you give to storing configs, generally speaking using SQLite(3) is not very suitable. In addition, SQLite3 isn't easily queried either manually or automatically. To setup SQLite3, provide the following settings in <filename>/etc/puppet/puppet.conf</filename>:
+ </para>
+ <para>
+ <screen>[puppetmasterd]
+ reports = store[,tagmail,rrdgraph]
+ storeconfigs = true
+ dbadapter = sqlite3
+ dblocation = /var/lib/puppet/storeconfigs.sqlite</screen>
+ </para>
</section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-SSLFrontendReverseProxyLoadBalancer">
- <title>Configuring the SSL Frontend Reverse Proxy Load Balancer</title>
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-MySQL">
+ <title>MySQL</title>
<para>
- A webserver needs to be configured to handle the SSL XML-RPC requests from the puppets, because the mongrel server type is not capable of performing SSL.
+ MySQL of course is much more scalable, and you can query it manually or automatically.
</para>
<para>
- The webserver is going to listen on port 8140, the default port for the puppetmaster to listen for clients. It is going to forward traffic (after being decrypted) to the puppetmaster on 127.0.0.1:8141.
+ <screen>[puppetmasterd]
+ reports = store[,tagmail,rrdgraph]
+ storeconfigs = true
+ dbadapter = mysql
+ dbserver = 127.0.0.1
+ dbuser = <replaceable>puppet</replaceable>
+ dbpassword = <replaceable>puppet</replaceable>
+ [dbsocket = /var/lib/mysql/mysql.sock]
+ </screen>
</para>
</section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer">
- <title>Configuring the Database Server</title>
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-Postgresql">
+ <title>PostgreSQL</title>
<para>
- para
+ PostgreSQL is even more scalable then MySQL
</para>
+ </section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-SQLite3">
- <title>SQLite3</title>
- <para>
- para
- </para>
- </section>
+ </section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-MySQL">
- <title>MySQL</title>
- <para>
- para
- </para>
- </section>
+ </section>
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-Postgresql">
- <title>PostgreSQL</title>
- <para>
- para
- </para>
- </section>
+ </chapter>
- </section>
+ <chapter id="PuppetWorkshop-HowToUsePuppet">
+ <title>How To Use Puppet</title>
+ <para>
+ This is a first section
+ </para>
- </section>
+ <section id="PuppetWorkshop-HowToUsePuppet-Modules">
+ <title>Using Modules</title>
+ <para>
+ About using modules
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-VirtualResources">
+ <title>Virtual Resources</title>
+ <para>
+ paragraph
+ </para>
+ </section>
- </chapter>
+ <section id="PuppetWorkshop-HowToUsePuppet-Plugins">
+ <title>Using Plugins</title>
+ <para>
+ About the use of plugins
+ </para>
+ </section>
- <chapter id="PuppetWorkshop-HowToUsePuppet">
- <title>How To Use Puppet</title>
+ <section id="PuppetWorkshop-HowToUsePuppet-Environments">
+ <title>Environments</title>
<para>
- This is a first section
+ paragraph
</para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-TroubleshootingPuppet">
+ <title>Troubleshooting Puppet</title>
+ <para>
+ This section is about troubleshooting the manifests, puppetmaster and puppet.
+ </para>
- <section id="PuppetWorkshop-HowToUsePuppet-Modules">
- <title>Using Modules</title>
+ <section id="PuppetWorkshop-TroubleshootingPuppet-Manifests">
+ <title>Manifests</title>
+ <para>
+ One commonly made error is of course a syntax error. Other errors include:
+ <itemizedlist>
+ <listitem>
+ <para>
+ Not realizing a <xref linkend="PuppetWorkshop-Appendix-Terminology-virtualresource" />
+ </para>
+ <para>
+ For more on virtual resources, see also: <xref linkend="PuppetWorkshop-HowToUsePuppet-VirtualResources" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Depending on resources not defined
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Wrong or missing parameters to a <xref linkend="PuppetWorkshop-Appendix-Terminology-definedtype" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Circular or missing dependencies or notifications
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ <formalpara>
+ <title>Manifest syntax error</title>
<para>
- About using modules
+ Should you have a syntax error in a manifest, and have it go all the way through to the puppetmaster, the puppetmaster will not automatically pick up the new manifest, unless the puppetmaster is restarted -in which case the first puppet run will make it complain about the inability to parse all the manifests. Symptoms include your changes not being applied to the puppets, and error messages in <filename>/var/log/messages</filename>
</para>
- </section>
+ </formalpara>
+ <formalpara>
+ <title>Checking for syntax errors</title>
+ <para>
+ Checking for syntax errors is a good habit. Puppet has a utility called <application>puppet</application> that can help you find out whether your manifests have syntax errors. In a directory tree full of <filename>.pp</filename> files, you could run:
+ </para>
+ </formalpara>
+ <para>
+ <screen>$ <userinput>puppet --noop --parseonly `find -name "*.pp"`</userinput></screen>
+ </para>
- <section id="PuppetWorkshop-HowToUsePuppet-Plugins">
- <title>Using Plugins</title>
+ <formalpara>
+ <title>Not realizing virtual resources</title>
<para>
- About the use of plugins
+ Virtual resources like normal resources can only be defined once, and need to be realized before they are included in the manifest sent to the client. You can realize a virtual resource multiple times. Make sure the virtual resources that you use are realized in all the appropriate places.
</para>
- </section>
+ </formalpara>
- <section id="PuppetWorkshop-HowToUsePuppet-Environments">
- <title>Environments</title>
+ <formalpara>
+ <title>Depending on resources not defined</title>
<para>
- paragraph
+ Like in the <xref linkend="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo-YpClientExample" />, resources can depend on other resources, so that one of the resources, in this case <code>Package["ypbind"]</code>, is applied first, <code>File["/etc/yp.conf"]</code> is applied second and <code>Service["ypbind"]</code> is applied last. Note that the depending resources are only applied if the dependent resource is applied succesfully.
</para>
- </section>
+ </formalpara>
- </chapter>
+ <formalpara>
+ <title>Wrong or missing parameters to a defined type</title>
+ <para>
+ A <xref linkend="PuppetWorkshop-Appendix-Terminology-definedtype" /> is a custom type or maybe an aggregation of types, you define yourself from within a manifest, taking a few parameters and creating resources from <xref linkend="PuppetWorkshop-Appendix-Terminology-nativetype" />. You can take a look at an <xref linkend="PuppetWorkshop-Appendix-Examples-DefinedType" /> to see how this works. A common error is changing the defined type with regards to the parameters it takes, but not updating the use of these defined types.
+ </para>
+ </formalpara>
- <chapter id="PuppetWorkshop-OtherThingsToDoWithPuppet">
- <title>Other Things To Do With Puppet</title>
+ <formalpara>
+ <title>Circular or missing dependencies or notifications</title>
+ <para>
+ If <code>File["/etc/yp.conf"]</code> requires <code>Package["ypbind"]</code>, and <code>Package["ypbind"]</code> requires <code>File["/etc/yp.conf"]</code>, neither of both are going to succeed waiting for the other resource to be applied succesfully first.
+ </para>
+ </formalpara>
<para>
- This is a first section
+ The other way around is when <code>Service["ypbind"]</code> does not depend on <code>File["/etc/yp.conf"]</code>, the <application>ypbind</application> service may be started before the correct settings are applied.
+ </para>
+ <para>
+ If <code>File["/etc/yp.conf"]</code> changes, the <application>ypbind</application> service needs to be reloaded or restarted to get the new settings applied to the service operation. If the <code>notify => Service["ypbind"]</code> is missing in <code>File["/etc/yp.conf"]</code> though, this will not just happen.
</para>
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting">
- <title>Tweaking Reporting</title>
- <para>
- paragraph
- </para>
- </section>
+ </section>
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomTypes">
- <title>Writing Custom Types</title>
+ <section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppetmaster">
+ <title>The Puppetmaster</title>
+ <para>
+ The puppetmaster
+ </para>
+
+ <section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppetmaster-DebuggingThePuppetmaster">
+ <title>Debugging The Puppetmaster</title>
<para>
- paragraph
+ Running the puppetmaster in debug mode generates a lot of output. To run the puppetmaster in debug mode, stop the puppetmaster service and type:
</para>
- </section>
-
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFacts">
- <title>Writing Custom Facts</title>
<para>
- paragraph
+ <screen># <userinput>puppetmasterd --debug --no-deamonize [--servertype mongrel --masterport 8141]</userinput></screen>
</para>
</section>
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFunctions">
- <title>Writing Custom Functions</title>
+ </section>
+
+ <section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppet">
+ <title>The Puppet</title>
+ <para>
+ para
+ </para>
+
+ <section id="PuppetWorkshop-TroubleshootingPuppet-ThePuppet-DebuggingThePuppet">
+ <title>Debugging The Puppet</title>
<para>
- paragraph
+ para
</para>
</section>
- </chapter>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-OtherThingsToDoWithPuppet">
+ <title>Other Things To Do With Puppet</title>
+ <para>
+ This is a first section
+ </para>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting">
+ <title>Tweaking Reporting</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomTypes">
+ <title>Writing Custom Types</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFacts">
+ <title>Writing Custom Facts</title>
+ <para>
+ paragraph
+ </para>
+ </section>
- <chapter id="PuppetWorkshop-BestPractices">
- <title>Best Practices</title>
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFunctions">
+ <title>Writing Custom Functions</title>
<para>
- This is a first section
+ paragraph
</para>
- </chapter>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-StoreconfigsReportingAndPuppetview">
+ <title>Storeconfigs, Reporting and Puppetview</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ </chapter>
- </part>
+ <chapter id="PuppetWorkshop-BestPractices">
+ <title>Best Practices</title>
+ <para>
+ This is a first section
+ </para>
+ </chapter>
<xi:include href="Appendix.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
15 years, 6 months
2 commits - en-US/Book_Info.xml en-US/Books en-US/Courses.xml en-US/Template Workshops/DeployingLinux Workshops/PuppetWorkshop
by Jeroen van Meeuwen
Workshops/DeployingLinux/Author_Group.xml | 24
Workshops/DeployingLinux/Book_Info.xml | 29
Workshops/DeployingLinux/Common_Content/Feedback.xml | 45
Workshops/DeployingLinux/Makefile | 15
Workshops/DeployingLinux/Preface.xml | 12
Workshops/DeployingLinux/en-US/Author_Group.xml | 16
Workshops/DeployingLinux/en-US/Book_Info.xml | 32
Workshops/DeployingLinux/en-US/Chapter.xml | 25
Workshops/DeployingLinux/en-US/DeployingLinux.ent | 2
Workshops/DeployingLinux/en-US/DeployingLinux.xml | 12
Workshops/DeployingLinux/en-US/Preface.xml | 13
Workshops/DeployingLinux/en-US/Revision_History.xml | 26
Workshops/DeployingLinux/en-US/images/icon.svg | 3936 ++++++++++
Workshops/PuppetWorkshop/Makefile | 15
Workshops/PuppetWorkshop/en-US/Appendix.xml | 176
Workshops/PuppetWorkshop/en-US/Author_Group.xml | 24
Workshops/PuppetWorkshop/en-US/Book_Info.xml | 29
Workshops/PuppetWorkshop/en-US/Chapter.xml | 25
Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml | 45
Workshops/PuppetWorkshop/en-US/Preface.xml | 12
Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent | 4
Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml | 1076 ++
Workshops/PuppetWorkshop/en-US/Revision_History.xml | 26
Workshops/PuppetWorkshop/en-US/images/icon.svg | 3936 ++++++++++
en-US/Book_Info.xml | 2
en-US/Books/ClassRoom/Manual-Book_Info.xml | 2
en-US/Books/Linux/Advanced/Course-Book_Info.xml | 2
en-US/Books/Linux/Advanced/Manual-Book_Info.xml | 2
en-US/Books/Linux/Basic/Course-Book_Info.xml | 2
en-US/Books/Linux/Basic/Manual-Book_Info.xml | 2
en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml | 2
en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml | 2
en-US/Books/Linux/RHCETraining/Course-Book_Info.xml | 2
en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml | 2
en-US/Books/Linux/Senior/Course-Appendix.xml | 1
en-US/Books/Linux/Senior/Course-Book_Info.xml | 2
en-US/Books/Linux/Senior/Manual-Book_Info.xml | 2
en-US/Books/PuppetWorkshop/Author_Group.xml | 24
en-US/Books/PuppetWorkshop/Course-Appendix.xml | 176
en-US/Books/PuppetWorkshop/Course-Book_Info.xml | 27
en-US/Books/PuppetWorkshop/Course-Preface.xml | 12
en-US/Books/PuppetWorkshop/Course.xml | 1071 --
en-US/Books/PuppetWorkshop/Revision_History.xml | 26
en-US/Books/Template/Course-Book_Info.xml | 2
en-US/Books/Template/Manual-Book_Info.xml | 2
en-US/Courses.xml | 57
en-US/Template/Course-Book_Info.xml | 2
en-US/Template/Manual-Book_Info.xml | 2
48 files changed, 9586 insertions(+), 1395 deletions(-)
New commits:
commit 883a89c5e744bd96bd379ab3ed89b42c5b406669
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Thu Oct 9 14:36:38 2008 +0200
Major Updates
diff --git a/Workshops/DeployingLinux/Author_Group.xml b/Workshops/DeployingLinux/Author_Group.xml
new file mode 100644
index 0000000..c9ba622
--- /dev/null
+++ b/Workshops/DeployingLinux/Author_Group.xml
@@ -0,0 +1,24 @@
+<?xml version='1.0'?>
+<!DOCTYPE authorgroup PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<authorgroup>
+ <author>
+ <firstname>Jeroen</firstname>
+ <surname>van Meeuwen</surname>
+ <affiliation>
+ <orgname>Operator Groep Delft</orgname>
+ <orgdiv>Sr. System Engineer</orgdiv>
+ </affiliation>
+ <email>j.van.meeuwen(a)ogd.nl</email>
+ </author>
+ <author>
+ <firstname>Stefan</firstname>
+ <surname>Hartsuiker</surname>
+ <affiliation>
+ <orgname>Operator Groep Delft</orgname>
+ <orgdiv>System Engineer</orgdiv>
+ </affiliation>
+ <email>s.hartsuiker(a)ogd.nl</email>
+ </author>
+</authorgroup>
diff --git a/Workshops/DeployingLinux/Book_Info.xml b/Workshops/DeployingLinux/Book_Info.xml
new file mode 100644
index 0000000..2c5296f
--- /dev/null
+++ b/Workshops/DeployingLinux/Book_Info.xml
@@ -0,0 +1,29 @@
+<?xml version='1.0'?>
+<!DOCTYPE bookinfo PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<bookinfo id="PuppetWorkshop-Product_Name_and_Version">
+ <title>Puppet Workshop</title>
+ <subtitle>Puppet Workshop</subtitle>
+ <issuenum>0.1</issuenum>
+ <productnumber>1</productnumber>
+ <edition>1</edition>
+ <pubsnumber>1</pubsnumber>
+ <abstract><para>This is a Configuration Management workshop (based on Puppet)</para></abstract>
+ <corpauthor>
+ <inlinemediaobject>
+ <imageobject>
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
+ </imageobject>
+ </inlinemediaobject>
+ </corpauthor>
+ <copyright>
+ <year>&YEAR;</year>
+ <holder>&HOLDER;</holder>
+ </copyright>
+ <xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+</bookinfo>
+
+
+
diff --git a/Workshops/DeployingLinux/Common_Content/Feedback.xml b/Workshops/DeployingLinux/Common_Content/Feedback.xml
new file mode 100644
index 0000000..34b6b81
--- /dev/null
+++ b/Workshops/DeployingLinux/Common_Content/Feedback.xml
@@ -0,0 +1,45 @@
+<?xml version='1.0'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<section>
+ <title>We Need Feedback!</title>
+ <indexterm>
+ <primary>feedback</primary>
+ <secondary>contact information for this manual</secondary>
+ </indexterm>
+ <para>
+ We would love to see your feedback!
+ </para>
+ <para>
+ Our mailing lists are as follows:
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title><ulink url="http://lists.fedorahosted.org/mailman/listinfo/courses-users/" /></title>
+ <para>
+ Our "users" mailing list where anyone can comment on the course materials offered, provide other means of feedback and ask questions when things appear to not be as clear as they intend to be.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title><ulink url="http://lists.fedorahosted.org/mailman/listinfo/courses-devel/" /></title>
+ <para>
+ Our development mailing list for anyone seeking to get involved in the project.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title><ulink url="http://lists.fedorahosted.org/mailman/listinfo/courses-commits/" /></title>
+ <para>
+ This mailing list is used to send any changes made to any of the documents to anyone subscribed.
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+</section>
+
+
diff --git a/Workshops/DeployingLinux/Makefile b/Workshops/DeployingLinux/Makefile
new file mode 100644
index 0000000..4b0291f
--- /dev/null
+++ b/Workshops/DeployingLinux/Makefile
@@ -0,0 +1,15 @@
+#Makefile for DeployingLinux
+
+XML_LANG = en-US
+DOCNAME = DeployingLinux
+PRODUCT = Fedora
+BRAND = fedora
+
+#OTHER_LANGS = as-IN bn-IN de-DE es-ES fr-FR gu-IN hi-IN it-IT ja-JP kn-IN ko-KR ml-IN mr-IN or-IN pa-IN pt-BR ru-RU si-LK ta-IN te-IN zh-CN zh-TW
+
+# Extra Parameters start here
+
+# Extra Parameters stop here
+COMMON_CONFIG = /usr/share/publican
+include $(COMMON_CONFIG)/make/Makefile.common
+
diff --git a/Workshops/DeployingLinux/Preface.xml b/Workshops/DeployingLinux/Preface.xml
new file mode 100644
index 0000000..d8e4a06
--- /dev/null
+++ b/Workshops/DeployingLinux/Preface.xml
@@ -0,0 +1,12 @@
+<?xml version='1.0'?>
+<!DOCTYPE preface PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<preface id="PuppetWorkshop-Preface">
+ <title>Preface</title>
+ <para>
+ paragraph
+ </para>
+ <xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+</preface>
diff --git a/Workshops/DeployingLinux/en-US/Author_Group.xml b/Workshops/DeployingLinux/en-US/Author_Group.xml
new file mode 100644
index 0000000..474378e
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/Author_Group.xml
@@ -0,0 +1,16 @@
+<?xml version='1.0'?>
+<!DOCTYPE authorgroup PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<authorgroup>
+
+ <author>
+ <firstname>Dude</firstname>
+ <surname>McDude</surname>
+ <affiliation>
+ <orgname>My Org</orgname>
+ <orgdiv>Best Div in the place</orgdiv>
+ </affiliation>
+ <email>dude.mcdude(a)myorg.org</email>
+ </author>
+</authorgroup>
diff --git a/Workshops/DeployingLinux/en-US/Book_Info.xml b/Workshops/DeployingLinux/en-US/Book_Info.xml
new file mode 100644
index 0000000..ca3249d
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/Book_Info.xml
@@ -0,0 +1,32 @@
+<?xml version='1.0'?>
+<!DOCTYPE bookinfo PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<bookinfo id="DeployingLinux-Documentation">
+ <title>DeployingLinux</title>
+ <subtitle>short descriptor</subtitle>
+ <productname>Documentation</productname>
+ <productnumber>1</productnumber>
+ <edition>1</edition>
+ <pubsnumber>0</pubsnumber>
+ <abstract>
+ <para>A short overview and summary of the book's subject and purpose, traditionally no more than one paragraph long. Note: the abstract will appear in the front matter of your book and will also be placed in the #description field of the book's RPM spec file.</para>
+ </abstract>
+ <corpauthor>
+ <inlinemediaobject>
+ <imageobject>
+ <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ </imageobject>
+ <textobject><phrase>Logo</phrase></textobject>
+ </inlinemediaobject>
+ </corpauthor>
+ <copyright>
+ <year>&YEAR;</year>
+ <holder>&HOLDER;</holder>
+ </copyright>
+ <xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+</bookinfo>
+
+
+
diff --git a/Workshops/DeployingLinux/en-US/Chapter.xml b/Workshops/DeployingLinux/en-US/Chapter.xml
new file mode 100644
index 0000000..319438a
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/Chapter.xml
@@ -0,0 +1,25 @@
+<?xml version='1.0'?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<chapter id="DeployingLinux-Test">
+ <title>Test</title>
+ <para>
+ This is a test paragraph
+ </para>
+ <section id="DeployingLinux-Test-Section_1_Test">
+ <title>Section 1 Test</title>
+ <para>
+ Test of a section
+ </para>
+ </section>
+
+ <section id="DeployingLinux-Test-Section_2_Test">
+ <title>Section 2 Test</title>
+ <para>
+ Test of a section
+ </para>
+ </section>
+
+</chapter>
+
diff --git a/Workshops/DeployingLinux/en-US/DeployingLinux.ent b/Workshops/DeployingLinux/en-US/DeployingLinux.ent
new file mode 100644
index 0000000..eb212ee
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/DeployingLinux.ent
@@ -0,0 +1,2 @@
+<!ENTITY PRODUCT "Documentation">
+<!ENTITY BOOKID "DeployingLinux">
diff --git a/Workshops/DeployingLinux/en-US/DeployingLinux.xml b/Workshops/DeployingLinux/en-US/DeployingLinux.xml
new file mode 100644
index 0000000..045bbf9
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/DeployingLinux.xml
@@ -0,0 +1,12 @@
+<?xml version='1.0'?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<book>
+ <xi:include href="Book_Info.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Preface.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Chapter.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Revision_History.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <index />
+</book>
+
diff --git a/Workshops/DeployingLinux/en-US/Preface.xml b/Workshops/DeployingLinux/en-US/Preface.xml
new file mode 100644
index 0000000..0ab7049
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/Preface.xml
@@ -0,0 +1,13 @@
+<?xml version='1.0'?>
+<!DOCTYPE preface PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<preface id="DeployingLinux-Preface">
+ <title>Preface</title>
+ <xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude">
+ <xi:fallback xmlns:xi="http://www.w3.org/2001/XInclude">
+ <xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ </xi:fallback>
+ </xi:include>
+</preface>
diff --git a/Workshops/DeployingLinux/en-US/Revision_History.xml b/Workshops/DeployingLinux/en-US/Revision_History.xml
new file mode 100644
index 0000000..68432a0
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/Revision_History.xml
@@ -0,0 +1,26 @@
+<?xml version='1.0'?>
+<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<appendix id="appe-Publican-Revision_History">
+ <title>Revision History</title>
+ <simpara>
+ <revhistory>
+ <revision>
+ <revnumber>1.0</revnumber>
+ <date></date>
+ <author>
+ <firstname></firstname>
+ <surname></surname>
+ <email></email>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member></member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ </revhistory>
+ </simpara>
+</appendix>
+
diff --git a/Workshops/DeployingLinux/en-US/images/icon.svg b/Workshops/DeployingLinux/en-US/images/icon.svg
new file mode 100644
index 0000000..c471a60
--- /dev/null
+++ b/Workshops/DeployingLinux/en-US/images/icon.svg
@@ -0,0 +1,3936 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+<svg
+ xmlns:ns="http://ns.adobe.com/AdobeSVGViewerExtensions/3/"
+ xmlns:a="http://ns.adobe.com/AdobeSVGViewerExtensions/3.0/"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://web.resource.org/cc/"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ version="1.0"
+ width="32"
+ height="32"
+ id="svg3017"
+ sodipodi:version="0.32"
+ inkscape:version="0.44+devel"
+ sodipodi:docname="book.svg"
+ sodipodi:docbase="/home/andy/Desktop">
+ <metadata
+ id="metadata489">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <sodipodi:namedview
+ inkscape:window-height="480"
+ inkscape:window-width="858"
+ inkscape:pageshadow="0"
+ inkscape:pageopacity="0.0"
+ guidetolerance="10.0"
+ gridtolerance="10.0"
+ objecttolerance="10.0"
+ borderopacity="1.0"
+ bordercolor="#666666"
+ pagecolor="#ffffff"
+ id="base"
+ inkscape:zoom="1"
+ inkscape:cx="16"
+ inkscape:cy="15.944056"
+ inkscape:window-x="0"
+ inkscape:window-y="33"
+ inkscape:current-layer="svg3017" />
+ <defs
+ id="defs3019">
+ <linearGradient
+ id="linearGradient2381">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop2383" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="stop2385" />
+ </linearGradient>
+ <linearGradient
+ x1="415.73831"
+ y1="11.854"
+ x2="418.13361"
+ y2="18.8104"
+ id="XMLID_1758_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8362,0.5206,-1.1904,0.992,147.62,-30.9374)">
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="0"
+ id="stop3903" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop3905" />
+ <a:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="500.70749"
+ y1="-13.2441"
+ x2="513.46442"
+ y2="-2.1547"
+ id="XMLID_1757_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop3890" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop3892" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="XMLID_1755_">
+ <use
+ id="use3874"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_343_" />
+ </clipPath>
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop3877" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop3879" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop3881" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop3883" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="471.0806"
+ y1="201.07761"
+ x2="481.91711"
+ y2="210.4977"
+ id="XMLID_1754_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#6498c1;stop-opacity:1"
+ offset="0.005618"
+ id="stop3863" />
+ <stop
+ style="stop-color:#79a9cc;stop-opacity:1"
+ offset="0.2332"
+ id="stop3865" />
+ <stop
+ style="stop-color:#a4cde2;stop-opacity:1"
+ offset="0.74049997"
+ id="stop3867" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="1"
+ id="stop3869" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="5.618000e-003" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="0.4438" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="XMLID_1753_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop3851" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop3853" />
+ <a:midPointStop
+ style="stop-color:#B2B2B2"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B2B2B2"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="XMLID_1751_">
+ <use
+ id="use3837"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_338_" />
+ </clipPath>
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop3840" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop3842" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop3844" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop3846" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="468.2915"
+ y1="204.7612"
+ x2="479.39871"
+ y2="214.4166"
+ id="XMLID_1750_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop3830" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop3832" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop3818" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop3820" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="501.0903"
+ y1="-19.2544"
+ x2="531.85413"
+ y2="0.72390002"
+ id="XMLID_1748_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop3803" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop3805" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop3807" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop3809" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="XMLID_2275_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop9947" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop9949" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop9951" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop9953" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="XMLID_2273_">
+ <use
+ id="use9933"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_960_" />
+ </clipPath>
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="XMLID_2274_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop9936" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop9938" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop9940" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop9942" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="478.21341"
+ y1="-131.9297"
+ x2="469.85818"
+ y2="-140.28481"
+ id="XMLID_2272_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.5592,0.829,-0.829,0.5592,101.3357,-104.791)">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop9917" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop9919" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop9921" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop9923" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <marker
+ refX="0"
+ refY="0"
+ orient="auto"
+ style="overflow:visible"
+ id="TriangleInM">
+ <path
+ d="M 5.77,0 L -2.88,5 L -2.88,-5 L 5.77,0 z "
+ transform="scale(-0.4,-0.4)"
+ style="fill:#5c5c4f"
+ id="path3197" />
+ </marker>
+ <linearGradient
+ x1="200.7363"
+ y1="100.4028"
+ x2="211.99519"
+ y2="89.143997"
+ id="XMLID_3298_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#bfbfbf;stop-opacity:1"
+ offset="0"
+ id="stop20103" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop20105" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#BFBFBF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#BFBFBF" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#F2F2F2" />
+ </linearGradient>
+ <linearGradient
+ x1="200.7363"
+ y1="100.4028"
+ x2="211.99519"
+ y2="89.143997"
+ id="linearGradient36592"
+ xlink:href="#XMLID_3298_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="181.2925"
+ y1="110.8481"
+ x2="192.6369"
+ y2="99.5037"
+ id="XMLID_3297_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="stop20096" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop20098" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="181.2925"
+ y1="110.8481"
+ x2="192.6369"
+ y2="99.5037"
+ id="linearGradient36595"
+ xlink:href="#XMLID_3297_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="211.77589"
+ y1="105.7749"
+ x2="212.6619"
+ y2="108.2092"
+ id="XMLID_3296_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#0f6124;stop-opacity:1"
+ offset="0"
+ id="stop20087" />
+ <stop
+ style="stop-color:#219630;stop-opacity:1"
+ offset="1"
+ id="stop20089" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#0F6124" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#0F6124" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#219630" />
+ </linearGradient>
+ <linearGradient
+ x1="211.77589"
+ y1="105.7749"
+ x2="212.6619"
+ y2="108.2092"
+ id="linearGradient36677"
+ xlink:href="#XMLID_3296_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="208.9834"
+ y1="116.8296"
+ x2="200.0811"
+ y2="96.834602"
+ id="XMLID_3295_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop20076" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.5"
+ id="stop20078" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop20080" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="208.9834"
+ y1="116.8296"
+ x2="200.0811"
+ y2="96.834602"
+ id="linearGradient36604"
+ xlink:href="#XMLID_3295_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="195.5264"
+ y1="97.911102"
+ x2="213.5213"
+ y2="115.9061"
+ id="XMLID_3294_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="0"
+ id="stop20069" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop20071" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="195.5264"
+ y1="97.911102"
+ x2="213.5213"
+ y2="115.9061"
+ id="linearGradient36607"
+ xlink:href="#XMLID_3294_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="186.1938"
+ y1="109.1343"
+ x2="206.6881"
+ y2="88.639999"
+ id="XMLID_3293_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop20056" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.16850001"
+ id="stop20058" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.23029999"
+ id="stop20060" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.2809"
+ id="stop20062" />
+ <stop
+ style="stop-color:#c2c2c2;stop-opacity:1"
+ offset="0.5"
+ id="stop20064" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.1685"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.2303"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.2809"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#C2C2C2" />
+ </linearGradient>
+ <linearGradient
+ x1="186.1938"
+ y1="109.1343"
+ x2="206.6881"
+ y2="88.639999"
+ id="linearGradient36610"
+ xlink:href="#XMLID_3293_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="184.8569"
+ y1="112.2676"
+ x2="211.94099"
+ y2="89.541397"
+ id="XMLID_3292_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop20043" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.16850001"
+ id="stop20045" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.23029999"
+ id="stop20047" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.2809"
+ id="stop20049" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop20051" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.1685"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.2303"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.2809"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="184.8569"
+ y1="112.2676"
+ x2="211.94099"
+ y2="89.541397"
+ id="linearGradient36613"
+ xlink:href="#XMLID_3292_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <marker
+ refX="0"
+ refY="0"
+ orient="auto"
+ style="overflow:visible"
+ id="TriangleOutM">
+ <path
+ d="M 5.77,0 L -2.88,5 L -2.88,-5 L 5.77,0 z "
+ transform="scale(0.4,0.4)"
+ style="fill:#5c5c4f;fill-rule:evenodd;stroke-width:1pt;marker-start:none"
+ id="path3238" />
+ </marker>
+ <linearGradient
+ x1="165.3"
+ y1="99.5"
+ x2="165.3"
+ y2="115.9"
+ id="XMLID_3457_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="0"
+ id="stop8309" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8311" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="1"
+ id="stop8313" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#999999" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#999999" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#B2B2B2" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#B2B2B2" />
+ </linearGradient>
+ <linearGradient
+ x1="165.3"
+ y1="99.5"
+ x2="165.3"
+ y2="115.9"
+ id="lg1997"
+ xlink:href="#XMLID_3457_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="175"
+ y1="99.800003"
+ x2="175"
+ y2="112.5"
+ id="XMLID_3456_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="0"
+ id="stop8300" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="0.60000002"
+ id="stop8302" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="1"
+ id="stop8304" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="0.6"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#191919" />
+ </linearGradient>
+ <linearGradient
+ x1="175"
+ y1="99.800003"
+ x2="175"
+ y2="112.5"
+ id="lg2000"
+ xlink:href="#XMLID_3456_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="168.8"
+ y1="107.1"
+ x2="164.5"
+ y2="110"
+ id="XMLID_3455_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="0"
+ id="stop8291" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="0.69999999"
+ id="stop8293" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="1"
+ id="stop8295" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.7"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#191919" />
+ </linearGradient>
+ <linearGradient
+ x1="168.8"
+ y1="107.1"
+ x2="164.5"
+ y2="110"
+ id="lg2003"
+ xlink:href="#XMLID_3455_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ id="lg63694">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop63696" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="stop63698" />
+ </linearGradient>
+ <linearGradient
+ x1="458"
+ y1="483"
+ x2="465.20001"
+ y2="271.39999"
+ id="lg2006"
+ xlink:href="#lg63694"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(6.3e-2,0,0,6.3e-2,-1.3,-9.8)" />
+ <linearGradient
+ x1="176.3"
+ y1="110.1"
+ x2="158.7"
+ y2="105"
+ id="XMLID_3453_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="0"
+ id="stop8271" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="0.2"
+ id="stop8273" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop8275" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.2"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="176.3"
+ y1="110.1"
+ x2="158.7"
+ y2="105"
+ id="lg2009"
+ xlink:href="#XMLID_3453_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="173.60001"
+ y1="118.9"
+ x2="172.8"
+ y2="128.2"
+ id="XMLID_3449_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8232" />
+ <stop
+ style="stop-color:#fff95e;stop-opacity:1"
+ offset="0.60000002"
+ id="stop8234" />
+ <stop
+ style="stop-color:#ecd600;stop-opacity:1"
+ offset="1"
+ id="stop8236" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.6"
+ style="stop-color:#FFF95E" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFF95E" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#ECD600" />
+ </linearGradient>
+ <linearGradient
+ x1="173.60001"
+ y1="118.9"
+ x2="172.8"
+ y2="128.2"
+ id="lg2016"
+ xlink:href="#XMLID_3449_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <radialGradient
+ cx="284.60001"
+ cy="172.60001"
+ r="6.5"
+ fx="284.60001"
+ fy="172.60001"
+ id="XMLID_3448_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.4,0,0,1.4,-237.3,-126.8)">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8219" />
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8221" />
+ <stop
+ style="stop-color:#c96b00;stop-opacity:1"
+ offset="0.89999998"
+ id="stop8223" />
+ <stop
+ style="stop-color:#9a5500;stop-opacity:1"
+ offset="1"
+ id="stop8225" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.9"
+ style="stop-color:#C96B00" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#C96B00" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#9A5500" />
+ </radialGradient>
+ <radialGradient
+ cx="284.60001"
+ cy="172.60001"
+ r="6.5"
+ fx="284.60001"
+ fy="172.60001"
+ id="rg2020"
+ xlink:href="#XMLID_3448_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.513992,0,0,2.347576,-689.1621,-378.5717)" />
+ <linearGradient
+ x1="158.10001"
+ y1="123"
+ x2="164.2"
+ y2="126.6"
+ id="XMLID_3447_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecd600;stop-opacity:1"
+ offset="0"
+ id="stop8204" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8206" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop8208" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECD600" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECD600" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="158.10001"
+ y1="123"
+ x2="164.2"
+ y2="126.6"
+ id="lg2026"
+ xlink:href="#XMLID_3447_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <radialGradient
+ cx="280.89999"
+ cy="163.7"
+ r="10.1"
+ fx="280.89999"
+ fy="163.7"
+ id="XMLID_3446_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.4,0,0,1.4,-237.3,-126.8)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop8197" />
+ <stop
+ style="stop-color:#fff95e;stop-opacity:1"
+ offset="1"
+ id="stop8199" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#FFFFFF" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#FFF95E" />
+ </radialGradient>
+ <radialGradient
+ cx="280.89999"
+ cy="163.7"
+ r="10.1"
+ fx="280.89999"
+ fy="163.7"
+ id="rg2029"
+ xlink:href="#XMLID_3446_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.7,0,0,1.7,-457.5,-266.8)" />
+ <linearGradient
+ x1="156.5"
+ y1="122.7"
+ x2="180.10001"
+ y2="122.7"
+ id="XMLID_3445_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8184" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.2"
+ id="stop8186" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8188" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.40000001"
+ id="stop8190" />
+ <stop
+ style="stop-color:#d68100;stop-opacity:1"
+ offset="1"
+ id="stop8192" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.2"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.4"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#D68100" />
+ </linearGradient>
+ <linearGradient
+ x1="156.5"
+ y1="122.7"
+ x2="180.10001"
+ y2="122.7"
+ id="lg2032"
+ xlink:href="#XMLID_3445_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="156.39999"
+ y1="115.4"
+ x2="180.10001"
+ y2="115.4"
+ id="XMLID_3444_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8171" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.2"
+ id="stop8173" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8175" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.40000001"
+ id="stop8177" />
+ <stop
+ style="stop-color:#d68100;stop-opacity:1"
+ offset="1"
+ id="stop8179" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.2"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.4"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#D68100" />
+ </linearGradient>
+ <linearGradient
+ x1="156.39999"
+ y1="115.4"
+ x2="180.10001"
+ y2="115.4"
+ id="lg2035"
+ xlink:href="#XMLID_3444_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="379.70001"
+ y1="167.89999"
+ x2="383.89999"
+ y2="172.89999"
+ id="lg4286_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8,0.2,-0.2,0.8,78.8,38.1)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s16159" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.1"
+ id="s16161" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="1"
+ id="s16163" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.1" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#737373"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="379.60001"
+ y1="167.8"
+ x2="383.79999"
+ y2="172"
+ id="lg6416"
+ xlink:href="#lg4286_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.622156,0.623859,-0.623859,2.62182,-882.9706,-673.7921)" />
+ <linearGradient
+ x1="384.20001"
+ y1="169.8"
+ x2="384.79999"
+ y2="170.39999"
+ id="lg4285_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8,0.2,-0.2,0.8,78.8,38.1)">
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="0"
+ id="s16152" />
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="1"
+ id="s16154" />
+ <ns:midPointStop
+ style="stop-color:#737373"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#737373"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#D9D9D9"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="384.20001"
+ y1="169.8"
+ x2="384.79999"
+ y2="170.39999"
+ id="lg6453"
+ xlink:href="#lg4285_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.6,0.6,-0.6,2.6,-883,-673.8)" />
+ <linearGradient
+ x1="380.5"
+ y1="172.60001"
+ x2="382.79999"
+ y2="173.7"
+ id="lg4284_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8,0.2,-0.2,0.8,78.8,38.1)">
+ <stop
+ style="stop-color:gray;stop-opacity:1"
+ offset="0"
+ id="s16145" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="1"
+ id="s16147" />
+ <ns:midPointStop
+ style="stop-color:#808080"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#808080"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#E5E5E5"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="380.5"
+ y1="172.60001"
+ x2="382.79999"
+ y2="173.7"
+ id="lg6456"
+ xlink:href="#lg4284_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.6,0.6,-0.6,2.6,-883,-673.8)" />
+ <radialGradient
+ cx="347.29999"
+ cy="244.5"
+ r="5.1999998"
+ fx="347.29999"
+ fy="244.5"
+ id="lg4282_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)">
+ <stop
+ style="stop-color:#333;stop-opacity:1"
+ offset="0"
+ id="s16135" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="s16137" />
+ <ns:midPointStop
+ style="stop-color:#333333"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#333333"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#999999"
+ offset="1" />
+ </radialGradient>
+ <linearGradient
+ x1="310.39999"
+ y1="397.70001"
+ x2="310.89999"
+ y2="399.5"
+ id="lg4280_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.7,-0.7,0.7,0.7,-153.4,180.6)">
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="0"
+ id="s16111" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.60000002"
+ id="s16113" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="1"
+ id="s16115" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.6" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="310.39999"
+ y1="397.70001"
+ x2="310.89999"
+ y2="399.5"
+ id="lg6467"
+ xlink:href="#lg4280_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.4,-2.4,2.4,2.4,-1663.6,-195)" />
+ <linearGradient
+ x1="310.89999"
+ y1="395.79999"
+ x2="313.29999"
+ y2="403.10001"
+ id="lg4279_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.7,-0.7,0.7,0.7,-153.4,180.6)">
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0"
+ id="s16100" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.40000001"
+ id="s16102" />
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="0.89999998"
+ id="s16104" />
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="1"
+ id="s16106" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.4" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0.9" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="310.89999"
+ y1="395.79999"
+ x2="313.29999"
+ y2="403.10001"
+ id="lg6465"
+ xlink:href="#lg4279_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.4,-2.4,2.4,2.4,-1663.6,-195)" />
+ <linearGradient
+ x1="307.79999"
+ y1="395.20001"
+ x2="313.79999"
+ y2="413.60001"
+ id="lg4278_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.7,-0.7,0.7,0.7,-153.4,180.6)">
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0"
+ id="s16091" />
+ <stop
+ style="stop-color:#fcd72f;stop-opacity:1"
+ offset="0.40000001"
+ id="s16093" />
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="1"
+ id="s16095" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FCD72F"
+ offset="0.4" />
+ <ns:midPointStop
+ style="stop-color:#FCD72F"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="306.5"
+ y1="393"
+ x2="309"
+ y2="404"
+ id="lg6400"
+ xlink:href="#lg4278_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.4,-2.4,2.4,2.4,-1663.6,-195)" />
+ <linearGradient
+ x1="352.10001"
+ y1="253.60001"
+ x2="348.5"
+ y2="237.8"
+ id="lg4276_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)">
+ <stop
+ style="stop-color:#ffff87;stop-opacity:1"
+ offset="0"
+ id="s16077" />
+ <stop
+ style="stop-color:#ffad00;stop-opacity:1"
+ offset="1"
+ id="s16079" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFAD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="335.60001"
+ y1="354.79999"
+ x2="337.89999"
+ y2="354.79999"
+ id="lg4275_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9,-0.5,0.5,0.9,-121.7,105.1)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="s16057" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.80000001"
+ id="s16059" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="s16061" />
+ <ns:midPointStop
+ style="stop-color:#D9D9D9"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#D9D9D9"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.8" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="335.60001"
+ y1="354.79999"
+ x2="337.89999"
+ y2="354.79999"
+ id="lg6463"
+ xlink:href="#lg4275_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.9,-1.7,1.7,2.9,-1557,-448.7)" />
+ <linearGradient
+ x1="337.39999"
+ y1="353.10001"
+ x2="339.39999"
+ y2="357.10001"
+ id="lg4274_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9,-0.5,0.5,0.9,-121.7,105.1)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s16048" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.1"
+ id="s16050" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s16052" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.1" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="337.39999"
+ y1="353.10001"
+ x2="339.39999"
+ y2="357.10001"
+ id="lg6461"
+ xlink:href="#lg4274_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.9,-1.7,1.7,2.9,-1557,-448.7)" />
+ <linearGradient
+ x1="334.39999"
+ y1="355.5"
+ x2="335.5"
+ y2="356.79999"
+ id="lg4273_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9,-0.5,0.5,0.9,-121.7,105.1)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s16041" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s16043" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="5.6e-003" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="334.39999"
+ y1="355.5"
+ x2="335.5"
+ y2="356.79999"
+ id="lg6381"
+ xlink:href="#lg4273_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.9,-1.7,1.7,2.9,-1557,-448.7)" />
+ <linearGradient
+ x1="348.39999"
+ y1="247.39999"
+ x2="354.10001"
+ y2="242"
+ id="lg4271_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)">
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0"
+ id="s16025" />
+ <stop
+ style="stop-color:#9e9e9e;stop-opacity:1"
+ offset="0.40000001"
+ id="s16027" />
+ <stop
+ style="stop-color:black;stop-opacity:1"
+ offset="1"
+ id="s16029" />
+ <ns:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#000000"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="351.29999"
+ y1="257.29999"
+ x2="346.29999"
+ y2="235.5"
+ id="lg4270_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ffff87;stop-opacity:1"
+ offset="0"
+ id="s16007" />
+ <stop
+ style="stop-color:#ffad00;stop-opacity:1"
+ offset="1"
+ id="s16009" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFAD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="351.29999"
+ y1="257.29999"
+ x2="346.29999"
+ y2="235.5"
+ id="lg6459"
+ xlink:href="#lg4270_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)" />
+ <linearGradient
+ x1="43.799999"
+ y1="32.5"
+ x2="63.299999"
+ y2="66.400002"
+ id="XMLID_2708_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop75318" />
+ <stop
+ style="stop-color:#fffcea;stop-opacity:1"
+ offset="1"
+ id="stop75320" />
+ <a:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#FFFCEA"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="43.799999"
+ y1="32.5"
+ x2="63.299999"
+ y2="66.400002"
+ id="lg1907"
+ xlink:href="#XMLID_2708_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)" />
+ <linearGradient
+ x1="52.5"
+ y1="40.400002"
+ x2="58.200001"
+ y2="64"
+ id="XMLID_2707_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ffdea0;stop-opacity:1"
+ offset="0"
+ id="stop75305" />
+ <stop
+ style="stop-color:#ffd89e;stop-opacity:1"
+ offset="0.30000001"
+ id="stop75307" />
+ <stop
+ style="stop-color:#ffd79e;stop-opacity:1"
+ offset="0.30000001"
+ id="stop75309" />
+ <stop
+ style="stop-color:#dbaf6d;stop-opacity:1"
+ offset="0.69999999"
+ id="stop75311" />
+ <stop
+ style="stop-color:#6f4c24;stop-opacity:1"
+ offset="1"
+ id="stop75313" />
+ <a:midPointStop
+ style="stop-color:#FFDEA0"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#FFDEA0"
+ offset="0.6" />
+ <a:midPointStop
+ style="stop-color:#FFD79E"
+ offset="0.3" />
+ <a:midPointStop
+ style="stop-color:#FFD79E"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#DBAF6D"
+ offset="0.7" />
+ <a:midPointStop
+ style="stop-color:#DBAF6D"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#6F4C24"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="52.5"
+ y1="40.400002"
+ x2="58.200001"
+ y2="64"
+ id="lg1910"
+ xlink:href="#XMLID_2707_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)" />
+ <linearGradient
+ x1="58"
+ y1="73.199997"
+ x2="44.5"
+ y2="19"
+ id="XMLID_2704_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)">
+ <stop
+ style="stop-color:#d4a96c;stop-opacity:1"
+ offset="0.5"
+ id="stop75284" />
+ <stop
+ style="stop-color:#dcb273;stop-opacity:1"
+ offset="0.60000002"
+ id="stop75286" />
+ <stop
+ style="stop-color:#f0ca87;stop-opacity:1"
+ offset="0.80000001"
+ id="stop75288" />
+ <stop
+ style="stop-color:#ffdc96;stop-opacity:1"
+ offset="0.69999999"
+ id="stop75290" />
+ <stop
+ style="stop-color:#c18a42;stop-opacity:1"
+ offset="1"
+ id="stop75292" />
+ <a:midPointStop
+ style="stop-color:#D4A96C"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#D4A96C"
+ offset="0.6" />
+ <a:midPointStop
+ style="stop-color:#FFDC96"
+ offset="0.7" />
+ <a:midPointStop
+ style="stop-color:#FFDC96"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#C18A42"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="53.700001"
+ y1="32"
+ x2="53.700001"
+ y2="64.599998"
+ id="XMLID_2703_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e5c9b0;stop-opacity:1"
+ offset="0"
+ id="stop75268" />
+ <stop
+ style="stop-color:#e5c9b0;stop-opacity:1"
+ offset="0.40000001"
+ id="stop75270" />
+ <stop
+ style="stop-color:#c0aa94;stop-opacity:1"
+ offset="1"
+ id="stop75272" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0.4" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#C0AA94"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="53.700001"
+ y1="32"
+ x2="53.700001"
+ y2="64.599998"
+ id="lg1916"
+ xlink:href="#XMLID_2703_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)" />
+ <linearGradient
+ x1="224.31"
+ y1="19.450001"
+ x2="214.33"
+ y2="11.46"
+ id="XMLID_419_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#404040;stop-opacity:1"
+ offset="0"
+ id="s1903" />
+ <stop
+ style="stop-color:#6d6d6d;stop-opacity:1"
+ offset="0.33000001"
+ id="s1905" />
+ <stop
+ style="stop-color:#e9e9e9;stop-opacity:1"
+ offset="1"
+ id="s1907" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#404040" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#404040" />
+ <a:midPointStop
+ offset="0.33"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#E9E9E9" />
+ </linearGradient>
+ <linearGradient
+ x1="221.84"
+ y1="32.779999"
+ x2="212.2"
+ y2="20.27"
+ id="lg1988"
+ xlink:href="#XMLID_419_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.33,0,0,1.31,-274.2,-5.2)" />
+ <linearGradient
+ x1="228.35001"
+ y1="33.279999"
+ x2="215.42999"
+ y2="33.279999"
+ id="lg1900"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s1902" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="s1906" />
+ <a:midPointStop
+ style="stop-color:#575757"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#575757"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#6D6D6D"
+ offset="0.33" />
+ <a:midPointStop
+ style="stop-color:#6D6D6D"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#D3D3D3"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="234.81"
+ y1="33.279999"
+ x2="228.27"
+ y2="33.279999"
+ id="lg1908"
+ xlink:href="#lg1900"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.33,0,0,1.31,-274.2,-5.2)" />
+ <linearGradient
+ x1="228.35001"
+ y1="33.279999"
+ x2="215.42999"
+ y2="33.279999"
+ id="XMLID_416_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#575757;stop-opacity:1"
+ offset="0"
+ id="s1874" />
+ <stop
+ style="stop-color:#6d6d6d;stop-opacity:1"
+ offset="0.33000001"
+ id="s1876" />
+ <stop
+ style="stop-color:#d3d3d3;stop-opacity:1"
+ offset="1"
+ id="s1878" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#575757" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#575757" />
+ <a:midPointStop
+ offset="0.33"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#D3D3D3" />
+ </linearGradient>
+ <linearGradient
+ x1="228.35001"
+ y1="33.279999"
+ x2="215.42999"
+ y2="33.279999"
+ id="lg1991"
+ xlink:href="#XMLID_416_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.33,0,0,1.31,-274.2,-5.2)" />
+ <radialGradient
+ cx="603.19"
+ cy="230.77"
+ r="1.67"
+ fx="603.19"
+ fy="230.77"
+ id="x5010_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.1,0,0,1.1,-54.33,-75.4)">
+ <stop
+ style="stop-color:#c9ffc9;stop-opacity:1"
+ offset="0"
+ id="stop29201" />
+ <stop
+ style="stop-color:#23a11f;stop-opacity:1"
+ offset="1"
+ id="stop29203" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#C9FFC9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#C9FFC9" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#23A11F" />
+ </radialGradient>
+ <radialGradient
+ cx="603.19"
+ cy="230.77"
+ r="1.67"
+ fx="603.19"
+ fy="230.77"
+ id="radialGradient5711"
+ xlink:href="#x5010_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.23,0,0,1.23,-709.93,-245.02)" />
+ <linearGradient
+ x1="592.31"
+ y1="162.60001"
+ x2="609.32001"
+ y2="145.59"
+ id="lg5722"
+ xlink:href="#x5003_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="601.48999"
+ y1="170.16"
+ x2="613.84003"
+ y2="170.16"
+ id="x5002_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop29134" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.2"
+ id="stop29136" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="stop29138" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.20"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#999999" />
+ </linearGradient>
+ <linearGradient
+ x1="601.48999"
+ y1="170.16"
+ x2="613.84003"
+ y2="170.16"
+ id="lg5725"
+ xlink:href="#x5002_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.23"
+ id="x5004_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop29157" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop29159" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.23"
+ id="lg5728"
+ xlink:href="#x5004_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="592.31"
+ y1="162.60001"
+ x2="609.32001"
+ y2="145.59"
+ id="x5003_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0"
+ id="stop29143" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="1"
+ id="stop29145" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#E5E5E5" />
+ </linearGradient>
+ <linearGradient
+ x1="592.31"
+ y1="162.60001"
+ x2="609.32001"
+ y2="145.59"
+ id="lg5732"
+ xlink:href="#x5003_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.24001"
+ id="x5000_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop29124" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop29126" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.24001"
+ id="lg5735"
+ xlink:href="#x5000_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="308.54999"
+ y1="149.89999"
+ x2="299.72"
+ y2="148.83"
+ id="XMLID_2433_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d6d6d6;stop-opacity:1"
+ offset="0"
+ id="71615" />
+ <stop
+ style="stop-color:#a5a5a5;stop-opacity:1"
+ offset="1"
+ id="71617" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D6D6D6" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D6D6D6" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#A5A5A5" />
+ </linearGradient>
+ <linearGradient
+ x1="308.54999"
+ y1="149.89999"
+ x2="299.72"
+ y2="148.83"
+ id="lg1952"
+ xlink:href="#XMLID_2433_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.03,0,0,1.03,-279.57,-124.36)" />
+ <radialGradient
+ cx="307.39999"
+ cy="121"
+ r="23.35"
+ fx="307.39999"
+ fy="121"
+ id="XMLID_2432_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.98,0,0,0.98,2.88,2.75)">
+ <stop
+ style="stop-color:#d2d2d2;stop-opacity:1"
+ offset="0.19"
+ id="71592" />
+ <stop
+ style="stop-color:#cfcfcf;stop-opacity:1"
+ offset="0.44999999"
+ id="71594" />
+ <stop
+ style="stop-color:#c7c7c7;stop-opacity:1"
+ offset="0.60000002"
+ id="71596" />
+ <stop
+ style="stop-color:#b9b9b9;stop-opacity:1"
+ offset="0.74000001"
+ id="71598" />
+ <stop
+ style="stop-color:#a4a4a4;stop-opacity:1"
+ offset="0.86000001"
+ id="71600" />
+ <stop
+ style="stop-color:#8a8a8a;stop-opacity:1"
+ offset="0.95999998"
+ id="71602" />
+ <stop
+ style="stop-color:gray;stop-opacity:1"
+ offset="1"
+ id="71604" />
+ <a:midPointStop
+ offset="0.19"
+ style="stop-color:#D2D2D2" />
+ <a:midPointStop
+ offset="0.8"
+ style="stop-color:#D2D2D2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#808080" />
+ </radialGradient>
+ <radialGradient
+ cx="307.39999"
+ cy="121"
+ r="23.35"
+ fx="307.39999"
+ fy="121"
+ id="radialGradient2331"
+ xlink:href="#XMLID_2432_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-276.62,-121.54)" />
+ <linearGradient
+ x1="294.13"
+ y1="127.07"
+ x2="294.13"
+ y2="142.2"
+ id="XMLID_2430_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b5d8ff;stop-opacity:1"
+ offset="0"
+ id="71582" />
+ <stop
+ style="stop-color:black;stop-opacity:1"
+ offset="1"
+ id="71584" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B5D8FF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B5D8FF" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#000000" />
+ </linearGradient>
+ <linearGradient
+ x1="294.13"
+ y1="127.07"
+ x2="294.13"
+ y2="142.2"
+ id="lg2820"
+ xlink:href="#XMLID_2430_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.03,0,0,1.03,-279.57,-124.36)" />
+ <linearGradient
+ x1="279.10999"
+ y1="148.03"
+ x2="309.16"
+ y2="148.03"
+ id="XMLID_2429_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e1e1e1;stop-opacity:1"
+ offset="0"
+ id="71564" />
+ <stop
+ style="stop-color:#e1e1e1;stop-opacity:1"
+ offset="0.25"
+ id="71566" />
+ <stop
+ style="stop-color:#a5a5a5;stop-opacity:1"
+ offset="0.44"
+ id="71568" />
+ <stop
+ style="stop-color:#a5a5a5;stop-opacity:1"
+ offset="1"
+ id="71570" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.25"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.44"
+ style="stop-color:#A5A5A5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#A5A5A5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#A5A5A5" />
+ </linearGradient>
+ <linearGradient
+ x1="279.10999"
+ y1="148.03"
+ x2="309.16"
+ y2="148.03"
+ id="lg2818"
+ xlink:href="#XMLID_2429_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.03,0,0,1.03,-279.57,-124.36)" />
+ <radialGradient
+ cx="622.34302"
+ cy="14.449"
+ r="26.496"
+ fx="622.34302"
+ fy="14.449"
+ id="lg3499_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.851,0,0,0.849,69.297,51.658)">
+ <stop
+ style="stop-color:#23468e;stop-opacity:1"
+ offset="0"
+ id="stop10972" />
+ <stop
+ style="stop-color:#012859;stop-opacity:1"
+ offset="1"
+ id="stop10974" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#23468E" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#23468E" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#012859" />
+ </radialGradient>
+ <radialGradient
+ cx="622.34302"
+ cy="14.449"
+ r="26.496"
+ fx="622.34302"
+ fy="14.449"
+ id="rg5791"
+ xlink:href="#lg3499_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.858,0,0,0.857,-511.7,9.02)" />
+ <linearGradient
+ x1="616.112"
+ y1="76.247002"
+ x2="588.14099"
+ y2="60.742001"
+ id="lg3497_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#01326e;stop-opacity:1"
+ offset="0"
+ id="stop10962" />
+ <stop
+ style="stop-color:#012859;stop-opacity:1"
+ offset="1"
+ id="stop10964" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#01326E" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#01326E" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#012859" />
+ </linearGradient>
+ <linearGradient
+ x1="617.698"
+ y1="82.445999"
+ x2="585.95203"
+ y2="54.848999"
+ id="lg3496_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="stop10950" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop10952" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="617.698"
+ y1="82.445999"
+ x2="585.95203"
+ y2="54.848999"
+ id="lg5794"
+ xlink:href="#lg3496_"
+ gradientUnits="userSpaceOnUse" />
+ <linearGradient
+ x1="601.39001"
+ y1="55.341"
+ x2="588.29199"
+ y2="71.515999"
+ id="lg3495_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop10941" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.52200001"
+ id="stop10943" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop10945" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.522"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="601.39001"
+ y1="55.341"
+ x2="588.29199"
+ y2="71.515999"
+ id="lg5771"
+ xlink:href="#lg3495_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.009,0,0,1.009,-581.615,-43.098)" />
+ <linearGradient
+ x1="611.34601"
+ y1="55.279999"
+ x2="590.39001"
+ y2="81.157997"
+ id="lg3494_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop10932" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.52200001"
+ id="stop10934" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop10936" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.522"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="611.34601"
+ y1="55.279999"
+ x2="590.39001"
+ y2="81.157997"
+ id="lg5774"
+ xlink:href="#lg3494_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.009,0,0,1.009,-581.616,-43.098)" />
+ <linearGradient
+ x1="798.72998"
+ y1="69.839996"
+ x2="799.04999"
+ y2="70.709999"
+ id="g3302_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#005e00;stop-opacity:1"
+ offset="0"
+ id="s6504" />
+ <stop
+ style="stop-color:#23a11f;stop-opacity:1"
+ offset="1"
+ id="s6506" />
+ <a:midPointstop
+ style="stop-color:#005E00"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#005E00"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#23A11F"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="798.72998"
+ y1="69.839996"
+ x2="799.04999"
+ y2="70.709999"
+ id="lg5851"
+ xlink:href="#g3302_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,-60.001)" />
+ <linearGradient
+ x1="779.19"
+ y1="122.73"
+ x2="811.69"
+ y2="149.74001"
+ id="g3301_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,129.19)">
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0"
+ id="s6483" />
+ <stop
+ style="stop-color:#eee;stop-opacity:1"
+ offset="0.17"
+ id="s6485" />
+ <stop
+ style="stop-color:#e3e3e3;stop-opacity:1"
+ offset="0.34"
+ id="s6487" />
+ <stop
+ style="stop-color:#cfcfcf;stop-opacity:1"
+ offset="0.50999999"
+ id="s6489" />
+ <stop
+ style="stop-color:#b4b4b4;stop-opacity:1"
+ offset="0.67000002"
+ id="s6491" />
+ <stop
+ style="stop-color:#919191;stop-opacity:1"
+ offset="0.83999997"
+ id="s6493" />
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="1"
+ id="s6495" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.71" />
+ <a:midPointstop
+ style="stop-color:#666666"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="779.19"
+ y1="122.73"
+ x2="811.69"
+ y2="149.74001"
+ id="lg5855"
+ xlink:href="#g3301_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,-0.316,0,1.263,-926.036,103.123)" />
+ <clipPath
+ id="g3299_">
+ <use
+ id="use6469"
+ x="0"
+ y="0"
+ width="1005.92"
+ height="376.97"
+ xlink:href="#g101_" />
+ </clipPath>
+ <radialGradient
+ cx="1189.9301"
+ cy="100.05"
+ r="40.400002"
+ fx="1189.9301"
+ fy="100.05"
+ id="g3300_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.34,-8.46e-2,0,0.34,394.16,137.13)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s6472" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="s6474" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#000000"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1199.74"
+ cy="97.150002"
+ r="40.400002"
+ fx="1199.74"
+ fy="97.150002"
+ id="rg5860"
+ xlink:href="#g3300_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.409,-0.107,0,0.429,-451.489,113.149)" />
+ <linearGradient
+ x1="796.38"
+ y1="67.580002"
+ x2="781.28003"
+ y2="58.549999"
+ id="g3298_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#4c8bca;stop-opacity:1"
+ offset="0"
+ id="s6462" />
+ <stop
+ style="stop-color:#b7e9ff;stop-opacity:1"
+ offset="1"
+ id="s6464" />
+ <a:midPointstop
+ style="stop-color:#4C8BCA"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#4C8BCA"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B7E9FF"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="800.97998"
+ y1="140.72"
+ x2="777.71997"
+ y2="121.76"
+ id="g3297_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,129.19)">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="s6448" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s6450" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="800.97998"
+ y1="140.72"
+ x2="777.71997"
+ y2="121.76"
+ id="lg5890"
+ xlink:href="#g3297_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,129.19)" />
+ <linearGradient
+ x1="790.03998"
+ y1="-16.33"
+ x2="779.84003"
+ y2="-3.73"
+ id="g3296_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(0,70.17)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="s6439" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.51999998"
+ id="s6441" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s6443" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.52" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="790.03998"
+ y1="-16.33"
+ x2="779.84003"
+ y2="-3.73"
+ id="lg5866"
+ xlink:href="#g3296_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,28.6)" />
+ <linearGradient
+ x1="785.84003"
+ y1="72.989998"
+ x2="785.26001"
+ y2="76.279999"
+ id="g3293_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s6412" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="1"
+ id="s6414" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#737373"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="785.84003"
+ y1="72.989998"
+ x2="785.26001"
+ y2="76.279999"
+ id="lg5871"
+ xlink:href="#g3293_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,-60.001)" />
+ <linearGradient
+ x1="789.37"
+ y1="69.879997"
+ x2="791.03998"
+ y2="77.120003"
+ id="g3292_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="0"
+ id="s6403" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.28"
+ id="s6405" />
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="1"
+ id="s6407" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.28" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#666666"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="789.37"
+ y1="69.879997"
+ x2="791.03998"
+ y2="77.120003"
+ id="lg5874"
+ xlink:href="#g3292_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,-60.001)" />
+ <linearGradient
+ x1="786.65997"
+ y1="136.12"
+ x2="786.71002"
+ y2="134.33"
+ id="g3290_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,137.29)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="s6380" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="1"
+ id="s6382" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="786.65997"
+ y1="136.12"
+ x2="786.71002"
+ y2="134.33"
+ id="lg5878"
+ xlink:href="#g3290_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,-0.316,0,1.263,-926.036,113.351)" />
+ <radialGradient
+ cx="1458.77"
+ cy="-5.0999999"
+ r="35.130001"
+ fx="1458.77"
+ fy="-5.0999999"
+ id="g3289_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.42,0,0,0.42,167.09,79.84)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s6371" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="s6373" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1458.77"
+ cy="-5.0999999"
+ r="35.130001"
+ fx="1458.77"
+ fy="-5.0999999"
+ id="rg5881"
+ xlink:href="#g3289_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.505,0,0,0.53,-724.957,40.636)" />
+ <radialGradient
+ cx="1612.98"
+ cy="-4.4699998"
+ r="36.580002"
+ fx="1612.98"
+ fy="-4.4699998"
+ id="g3288_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.34,0,0,0.36,238.56,86.87)">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="s6362" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0.63999999"
+ id="s6364" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="1"
+ id="s6366" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.64" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#737373"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1612.98"
+ cy="-4.4699998"
+ r="36.580002"
+ fx="1612.98"
+ fy="-4.4699998"
+ id="rg5884"
+ xlink:href="#g3288_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.408,0,0,0.448,-638.943,49.495)" />
+ <radialGradient
+ cx="1470.5"
+ cy="-10.21"
+ r="33.290001"
+ fx="1470.5"
+ fy="-10.21"
+ id="g3287_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.42,0,0,0.42,167.09,79.84)">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="s6347" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0.38999999"
+ id="s6349" />
+ <stop
+ style="stop-color:#b1b1b1;stop-opacity:1"
+ offset="0.75"
+ id="s6351" />
+ <stop
+ style="stop-color:#aaa;stop-opacity:1"
+ offset="0.88"
+ id="s6353" />
+ <stop
+ style="stop-color:#9e9e9e;stop-opacity:1"
+ offset="0.97000003"
+ id="s6355" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="s6357" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.39" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.87" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1470.5"
+ cy="-10.21"
+ r="33.290001"
+ fx="1470.5"
+ fy="-10.21"
+ id="rg5887"
+ xlink:href="#g3287_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.505,0,0,0.53,-724.957,40.636)" />
+ <pattern
+ patternTransform="matrix(0.592927,0,0,0.592927,78,462)"
+ id="cream-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-365.3146,-513.505)"
+ id="g3047">
+ id="path2858" />
+ <path
+ inkscape:label="#path2854"
+ sodipodi:nodetypes="czzzz"
+ style="fill:#e3dcc0"
+ id="path3060"
+ d="M 390.31462,529.50504 C 390.31462,534.47304 386.28262,538.50504 381.31462,538.50504 C 376.34662,538.50504 372.31462,534.47304 372.31462,529.50504 C 372.31462,524.53704 376.34662,520.50504 381.31462,520.50504 C 386.28262,520.50504 390.31462,524.53704 390.31462,529.50504 z " />
+</g>
+ </pattern>
+ <pattern
+ patternTransform="matrix(0.733751,0,0,0.733751,67,367)"
+ id="dark-cream-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-408.0946,-513.505)"
+ id="dark-cream-spot"
+ inkscape:label="#g3043">
+ <path
+ sodipodi:nodetypes="czzzz"
+ style="fill:#c8c5ac"
+ d="M 433.09458,529.50504 C 433.09458,534.47304 429.06258,538.50504 424.09458,538.50504 C 419.12658,538.50504 415.09458,534.47304 415.09458,529.50504 C 415.09458,524.53704 419.12658,520.50504 424.09458,520.50504 C 429.06258,520.50504 433.09458,524.53704 433.09458,529.50504 z "
+ id="path2953" />
+ </g>
+ </pattern>
+ <pattern
+ patternTransform="matrix(0.375,0,0,0.375,379,400)"
+ id="white-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-484.3997,-513.505)"
+ id="white-spot"
+ inkscape:label="#g3035">
+ <path
+ style="opacity:0.25;fill:white"
+ id="path3033"
+ d="M 509.39967,529.50504 C 509.39967,534.47304 505.36767,538.50504 500.39967,538.50504 C 495.43167,538.50504 491.39967,534.47304 491.39967,529.50504 C 491.39967,524.53704 495.43167,520.50504 500.39967,520.50504 C 505.36767,520.50504 509.39967,524.53704 509.39967,529.50504 z "
+ sodipodi:nodetypes="czzzz" />
+ </g>
+ </pattern>
+ <pattern
+ patternTransform="matrix(0.455007,0,0,0.455007,-5e-5,1.9e-5)"
+ id="black-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-448.3997,-513.505)"
+ id="black-spot"
+ inkscape:label="#g3039">
+ <path
+ sodipodi:nodetypes="czzzz"
+ d="M 473.39967,529.50504 C 473.39967,534.47304 469.36767,538.50504 464.39967,538.50504 C 459.43167,538.50504 455.39967,534.47304 455.39967,529.50504 C 455.39967,524.53704 459.43167,520.50504 464.39967,520.50504 C 469.36767,520.50504 473.39967,524.53704 473.39967,529.50504 z "
+ id="path2961"
+ style="opacity:0.25;fill:black" />
+ </g>
+ </pattern>
+ <linearGradient
+ x1="501.0903"
+ y1="-19.2544"
+ x2="531.85413"
+ y2="0.72390002"
+ id="linearGradient17334"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop17336" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop17338" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop17340" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop17342" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.5112"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.6461"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#16336E" />
+ </linearGradient>
+ <linearGradient
+ x1="415.73831"
+ y1="11.854"
+ x2="418.13361"
+ y2="18.8104"
+ id="linearGradient17426"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8362,0.5206,-1.1904,0.992,147.62,-30.9374)">
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="0"
+ id="stop17428" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop17430" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#F2F2F2" />
+ </linearGradient>
+ <linearGradient
+ x1="478.21341"
+ y1="-131.9297"
+ x2="469.85818"
+ y2="-140.28481"
+ id="linearGradient17434"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.5592,0.829,-0.829,0.5592,101.3357,-104.791)">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop17436" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop17438" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop17440" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop17442" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#F3403F" />
+ <a:midPointStop
+ offset="0.4213"
+ style="stop-color:#F3403F" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#A6100C" />
+ </linearGradient>
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17709"
+ xlink:href="#XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)" />
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17711"
+ xlink:href="#XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="linearGradient17713"
+ xlink:href="#XMLID_1753_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17715"
+ xlink:href="#XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="500.70749"
+ y1="-13.2441"
+ x2="513.46442"
+ y2="-2.1547"
+ id="linearGradient17717"
+ xlink:href="#XMLID_1757_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="linearGradient17721"
+ xlink:href="#XMLID_2274_"
+ gradientUnits="userSpaceOnUse" />
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="linearGradient17723"
+ xlink:href="#XMLID_2275_"
+ gradientUnits="userSpaceOnUse" />
+ <linearGradient
+ x1="500.70749"
+ y1="-13.2441"
+ x2="513.46442"
+ y2="-2.1547"
+ id="linearGradient17416"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop17418" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop17420" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <defs
+ id="defs9929">
+ <path
+ d="M 489.21,209.35 L 485.35,203.63 C 483.63,204.25 473.47,208.93 471.5,210.18 C 470.57,210.77 470.17,211.16 469.72,212.48 C 470.93,212.31 471.72,212.49 473.42,213.04 C 473.26,214.77 473.24,215.74 473.57,218.2 C 474.01,216.88 474.41,216.49 475.34,215.9 C 477.33,214.65 487.49,209.97 489.21,209.35 z "
+ id="XMLID_960_" />
+ </defs>
+ <clipPath
+ id="clipPath17448">
+ <use
+ id="use17450"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_960_" />
+ </clipPath>
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="linearGradient17452"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop17454" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop17456" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop17458" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop17460" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="linearGradient17463"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop17465" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop17467" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop17469" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop17471" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="linearGradient17807"
+ xlink:href="#XMLID_2275_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-177.1654,35.43307)" />
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="linearGradient17810"
+ xlink:href="#XMLID_2274_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-177.1654,35.43307)" />
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17812"
+ xlink:href="#XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)" />
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17814"
+ xlink:href="#XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="linearGradient17816"
+ xlink:href="#XMLID_1753_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17818"
+ xlink:href="#XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17347"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop17349" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop17351" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#96BAD6" />
+ </linearGradient>
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="linearGradient17379"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop17381" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop17383" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#F2F2F2" />
+ </linearGradient>
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17862"
+ xlink:href="#XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,-166.1427,-0.18283)" />
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17864"
+ xlink:href="#XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <defs
+ id="defs3859">
+ <polygon
+ points="465.54,213.52 481.94,217.46 482.74,216.71 487.46,198.05 471.08,194.07 470.26,194.83 465.54,213.52 "
+ id="XMLID_343_" />
+ </defs>
+ <linearGradient
+ x1="471.0806"
+ y1="201.07761"
+ x2="481.91711"
+ y2="210.4977"
+ id="linearGradient17389"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#6498c1;stop-opacity:1"
+ offset="0.005618"
+ id="stop17391" />
+ <stop
+ style="stop-color:#79a9cc;stop-opacity:1"
+ offset="0.2332"
+ id="stop17393" />
+ <stop
+ style="stop-color:#a4cde2;stop-opacity:1"
+ offset="0.74049997"
+ id="stop17395" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="1"
+ id="stop17397" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="5.618000e-003" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="0.4438" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="clipPath17400">
+ <use
+ id="use17402"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_343_" />
+ </clipPath>
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17404"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop17406" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop17408" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop17410" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop17412" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17882"
+ xlink:href="#XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <defs
+ id="defs3826">
+ <polygon
+ points="463.52,216.14 480.56,220.24 481.36,219.5 483.03,202.04 469.05,196.69 468.24,197.45 463.52,216.14 "
+ id="XMLID_338_" />
+ </defs>
+ <linearGradient
+ x1="468.2915"
+ y1="204.7612"
+ x2="479.39871"
+ y2="214.4166"
+ id="linearGradient17357"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop17359" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop17361" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="clipPath17364">
+ <use
+ id="use17366"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_338_" />
+ </clipPath>
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17368"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop17370" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop17372" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop17374" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop17376" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398"
+ id="linearGradient2387"
+ xlink:href="#linearGradient2381"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)" />
+ <linearGradient
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398"
+ id="linearGradient5105"
+ xlink:href="#linearGradient2381"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)" />
+ <linearGradient
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398"
+ id="linearGradient5145"
+ xlink:href="#linearGradient2381"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)" />
+ <linearGradient
+ inkscape:collect="always"
+ xlink:href="#linearGradient2381"
+ id="linearGradient2371"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)"
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398" />
+ </defs>
+ <g
+ transform="matrix(0.437808,-0.437808,0.437808,0.437808,-220.8237,43.55311)"
+ id="g5089">
+ <path
+ d="M 8.4382985,-6.28125 C 7.8309069,-6.28125 4.125,-0.33238729 4.125,1.96875 L 4.125,28.6875 C 4.125,29.533884 4.7068159,29.8125 5.28125,29.8125 L 30.84375,29.8125 C 31.476092,29.8125 31.968751,29.319842 31.96875,28.6875 L 31.96875,23.46875 L 32.25,23.46875 C 32.74684,23.46875 33.156249,23.059339 33.15625,22.5625 L 33.15625,-5.375 C 33.15625,-5.8718398 32.74684,-6.28125 32.25,-6.28125 L 8.4382985,-6.28125 z "
+ transform="translate(282.8327,227.1903)"
+ style="fill:#5c5c4f;stroke:black;stroke-width:3.23021388;stroke-miterlimit:4;stroke-dasharray:none"
+ id="path5091" />
+ <rect
+ width="27.85074"
+ height="29.369793"
+ rx="1.1414107"
+ ry="1.1414107"
+ x="286.96509"
+ y="227.63805"
+ style="fill:#032c87"
+ id="rect5093" />
+ <path
+ d="M 288.43262,225.43675 L 313.67442,225.43675 L 313.67442,254.80655 L 287.29827,254.83069 L 288.43262,225.43675 z "
+ style="fill:white"
+ id="rect5095" />
+ <path
+ d="M 302.44536,251.73726 C 303.83227,259.59643 301.75225,263.02091 301.75225,263.02091 C 303.99609,261.41329 305.71651,259.54397 306.65747,257.28491 C 307.62455,259.47755 308.49041,261.71357 310.9319,263.27432 C 310.9319,263.27432 309.33686,256.07392 309.22047,251.73726 L 302.44536,251.73726 z "
+ style="fill:#a70000;fill-opacity:1;stroke-width:2"
+ id="path5097" />
+ <rect
+ width="25.241802"
+ height="29.736675"
+ rx="0.89682275"
+ ry="0.89682275"
+ x="290.73544"
+ y="220.92249"
+ style="fill:#809cc9"
+ id="rect5099" />
+ <path
+ d="M 576.47347,725.93939 L 582.84431,726.35441 L 583.25121,755.8725 C 581.35919,754.55465 576.39694,752.1117 574.98889,754.19149 L 574.98889,727.42397 C 574.98889,726.60151 575.65101,725.93939 576.47347,725.93939 z "
+ transform="matrix(0.499065,-0.866565,0,1,0,0)"
+ style="fill:#4573b3;fill-opacity:1"
+ id="rect5101" />
+ <path
+ d="M 293.2599,221.89363 L 313.99908,221.89363 C 314.45009,221.89363 314.81318,222.25673 314.81318,222.70774 C 315.02865,229.0361 295.44494,244.47124 292.44579,240.30491 L 292.44579,222.70774 C 292.44579,222.25673 292.80889,221.89363 293.2599,221.89363 z "
+ style="opacity:0.65536726;fill:url(#linearGradient2371);fill-opacity:1"
+ id="path5103" />
+ </g>
+</svg>
diff --git a/Workshops/PuppetWorkshop/Makefile b/Workshops/PuppetWorkshop/Makefile
new file mode 100644
index 0000000..ef2009f
--- /dev/null
+++ b/Workshops/PuppetWorkshop/Makefile
@@ -0,0 +1,15 @@
+#Makefile for PuppetWorkshop
+
+XML_LANG = en-US
+DOCNAME = PuppetWorkshop
+PRODUCT = Fedora
+BRAND = fedora
+
+#OTHER_LANGS = as-IN bn-IN de-DE es-ES fr-FR gu-IN hi-IN it-IT ja-JP kn-IN ko-KR ml-IN mr-IN or-IN pa-IN pt-BR ru-RU si-LK ta-IN te-IN zh-CN zh-TW
+
+# Extra Parameters start here
+
+# Extra Parameters stop here
+COMMON_CONFIG = /usr/share/publican
+include $(COMMON_CONFIG)/make/Makefile.common
+
diff --git a/Workshops/PuppetWorkshop/en-US/Appendix.xml b/Workshops/PuppetWorkshop/en-US/Appendix.xml
new file mode 100644
index 0000000..37b3e31
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Appendix.xml
@@ -0,0 +1,176 @@
+<?xml version='1.0'?>
+<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<part id="PuppetWorkshop-Appendices">
+ <title>Appendices</title>
+ <appendix id="PuppetWorkshop-Appendix-Terminology">
+ <title>Puppet Terminology</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>class</title>
+ <para>
+ A class is a collection of resources applied to a node with a single include statement. It groups together a comprehensible set of resources. A class <emphasis>ypclient</emphasis> would manage the <code>File["/etc/nsswitch.conf"]</code>, <code>File["/etc/yp.conf"]</code>, <code>Package["ypbind"]</code>, and <code>Service["ypbind"]</code> resources.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>fact</title>
+ <para>
+ A client-side generated aspect of the node the puppet client runs on. Example facts are the amount of available memory, the hostname, the fully qualified domain name, the operating system (version).
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>manifest</title>
+ <para>
+ The collection of classes, modules and resources that the <xref linkend="PuppetWorkshop-Appendix-Terminology-puppetmaster" /> uses to distribute the appropriate configuration to a <xref linkend="PuppetWorkshop-Appendix-Terminology-puppet" />.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>module</title>
+ <para>
+ module
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>node</title>
+ <para>
+ The client, a node, is an operating system instance running the puppet client application. This can be a regular operating system running directly on top of actual hardware, a virtual guest as well as a virtual host.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-Appendix-Terminology-puppet">
+ <title>puppet</title>
+ <para>
+ The client, a node, runs the <application>puppetd</application> daemon or service, and is referred to as the <emphasis>puppet</emphasis>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-Appendix-Terminology-puppetmaster">
+ <title>puppetmaster</title>
+ <para>
+ The puppetmaster is the node that runs the server-side application to a puppet setup.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>resource</title>
+ <para>
+ A resource is an instantiated <xref linkend="PuppetWorkshop-Appendix-Terminology-type" />
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>system resource</title>
+ <para>
+<!-- A system resource is a resource available on the node whether it is managed by puppet or not. Unlike in other cases, this term does not as much to system hardware resources such as the CPU or memory available to the operating system, because that.
+//-->
+ A system resource is a resource available on the node whether it is managed by puppet or not. Unlike what is otherwise understood by system resources, the puppet definition of system resources does not so much refer to resources like CPU or memory, but rather to whether or not a package is installed or what version of said package, or the $osversion, and so on and so forth.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-Appendix-Terminology-type">
+ <title>type</title>
+ <para>
+ definition
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </appendix>
+ <appendix id="PuppetWorkshop-Appendix-ExampleSSLFrontendReverseProxyLoadBalancerConfiguration">
+ <title>Example SSL Frontend Reverse Proxy Load Balancer Configuration</title>
+ <para>
+<screen>
+<ifModule !mod_proxy.c>
+ LoadModule proxy_module modules/mod_proxy.so
+</IfModule>
+
+<IfModule !mod_proxy_http.c>
+ LoadModule proxy_http_module modules/mod_proxy_http.so
+</IfModule>
+
+<IfModule !mod_proxy_balancer.c>
+ LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
+</IfModule>
+
+<IfModule !mod_headers.c>
+ LoadModule headers_module modules/mod_headers.so
+</IfModule>
+
+<IfModule !mod_ssl.c>
+ LoadModule ssl_module modules/mod_ssl.so
+</IfModule>
+
+<IfModule !mod_authz_host.c>
+ LoadModule authz_host_module modules/mod_authz_host.so
+</IfModule>
+
+<IfModule !mod_log_config.c>
+ LoadModule log_config_module modules/mod_log_config.so
+</IfModule>
+
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+ Order deny,allow
+ Deny from all
+</Directory>
+
+<Proxy balancer://master.puppetmanaged.org>
+ BalancerMember http://127.0.0.1:8141 keepalive=on retry=30
+</Proxy>
+
+<VirtualHost *:8140>
+ ServerName master.puppetmanaged.org
+ SSLEngine on
+ SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
+ SSLCertificateFile /var/lib/puppet/ssl/certs/master.puppetmanaged.org.pem
+ SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/master.puppetmanaged.org.pem
+ SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
+ SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
+ SSLVerifyClient optional
+ SSLVerifyDepth 1
+ SSLOptions +StdEnvVars
+
+ # The following client headers allow the same configuration to work with Pound.
+ RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
+ RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
+ RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
+
+ <Location />
+ SetHandler balancer-manager
+ Order allow,deny
+ Allow from all
+ </Location>
+
+ ProxyPass / balancer://master.puppetmanaged.org:8140/ timeout=180
+ ProxyPassReverse / balancer://master.puppetmanaged.org:8140/
+ ProxyPreserveHost on
+ SetEnv force-proxy-request-1.0 1
+ SetEnv proxy-nokeepalive 1
+
+ ErrorLog logs/master.puppetmanaged.org-balancer-error_log
+ CustomLog logs/master.puppetmanaged.org-balancer-access_log combined
+ CustomLog logs/master.puppetmanaged.org-balancer-ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+</VirtualHost>
+</screen>
+ </para>
+ </appendix>
+ <xi:include href="Revision_History.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+</part>
diff --git a/Workshops/PuppetWorkshop/en-US/Author_Group.xml b/Workshops/PuppetWorkshop/en-US/Author_Group.xml
new file mode 100644
index 0000000..c9ba622
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Author_Group.xml
@@ -0,0 +1,24 @@
+<?xml version='1.0'?>
+<!DOCTYPE authorgroup PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<authorgroup>
+ <author>
+ <firstname>Jeroen</firstname>
+ <surname>van Meeuwen</surname>
+ <affiliation>
+ <orgname>Operator Groep Delft</orgname>
+ <orgdiv>Sr. System Engineer</orgdiv>
+ </affiliation>
+ <email>j.van.meeuwen(a)ogd.nl</email>
+ </author>
+ <author>
+ <firstname>Stefan</firstname>
+ <surname>Hartsuiker</surname>
+ <affiliation>
+ <orgname>Operator Groep Delft</orgname>
+ <orgdiv>System Engineer</orgdiv>
+ </affiliation>
+ <email>s.hartsuiker(a)ogd.nl</email>
+ </author>
+</authorgroup>
diff --git a/Workshops/PuppetWorkshop/en-US/Book_Info.xml b/Workshops/PuppetWorkshop/en-US/Book_Info.xml
new file mode 100644
index 0000000..2c5296f
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Book_Info.xml
@@ -0,0 +1,29 @@
+<?xml version='1.0'?>
+<!DOCTYPE bookinfo PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<bookinfo id="PuppetWorkshop-Product_Name_and_Version">
+ <title>Puppet Workshop</title>
+ <subtitle>Puppet Workshop</subtitle>
+ <issuenum>0.1</issuenum>
+ <productnumber>1</productnumber>
+ <edition>1</edition>
+ <pubsnumber>1</pubsnumber>
+ <abstract><para>This is a Configuration Management workshop (based on Puppet)</para></abstract>
+ <corpauthor>
+ <inlinemediaobject>
+ <imageobject>
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
+ </imageobject>
+ </inlinemediaobject>
+ </corpauthor>
+ <copyright>
+ <year>&YEAR;</year>
+ <holder>&HOLDER;</holder>
+ </copyright>
+ <xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+</bookinfo>
+
+
+
diff --git a/Workshops/PuppetWorkshop/en-US/Chapter.xml b/Workshops/PuppetWorkshop/en-US/Chapter.xml
new file mode 100644
index 0000000..e32f15e
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Chapter.xml
@@ -0,0 +1,25 @@
+<?xml version='1.0'?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<chapter id="PuppetWorkshop-Test">
+ <title>Test</title>
+ <para>
+ This is a test paragraph
+ </para>
+ <section id="PuppetWorkshop-Test-Section_1_Test">
+ <title>Section 1 Test</title>
+ <para>
+ Test of a section
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-Test-Section_2_Test">
+ <title>Section 2 Test</title>
+ <para>
+ Test of a section
+ </para>
+ </section>
+
+</chapter>
+
diff --git a/Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml b/Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml
new file mode 100644
index 0000000..34b6b81
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Common_Content/Feedback.xml
@@ -0,0 +1,45 @@
+<?xml version='1.0'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<section>
+ <title>We Need Feedback!</title>
+ <indexterm>
+ <primary>feedback</primary>
+ <secondary>contact information for this manual</secondary>
+ </indexterm>
+ <para>
+ We would love to see your feedback!
+ </para>
+ <para>
+ Our mailing lists are as follows:
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title><ulink url="http://lists.fedorahosted.org/mailman/listinfo/courses-users/" /></title>
+ <para>
+ Our "users" mailing list where anyone can comment on the course materials offered, provide other means of feedback and ask questions when things appear to not be as clear as they intend to be.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title><ulink url="http://lists.fedorahosted.org/mailman/listinfo/courses-devel/" /></title>
+ <para>
+ Our development mailing list for anyone seeking to get involved in the project.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title><ulink url="http://lists.fedorahosted.org/mailman/listinfo/courses-commits/" /></title>
+ <para>
+ This mailing list is used to send any changes made to any of the documents to anyone subscribed.
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+</section>
+
+
diff --git a/Workshops/PuppetWorkshop/en-US/Preface.xml b/Workshops/PuppetWorkshop/en-US/Preface.xml
new file mode 100644
index 0000000..d8e4a06
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Preface.xml
@@ -0,0 +1,12 @@
+<?xml version='1.0'?>
+<!DOCTYPE preface PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<preface id="PuppetWorkshop-Preface">
+ <title>Preface</title>
+ <para>
+ paragraph
+ </para>
+ <xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+</preface>
diff --git a/Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent b/Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent
new file mode 100644
index 0000000..fc041ac
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/PuppetWorkshop.ent
@@ -0,0 +1,4 @@
+<!ENTITY PRODUCT "Documentation">
+<!ENTITY BOOKID "PuppetWorkshop">
+<!ENTITY HOLDER "Jeroen van Meeuwen">
+<!ENTITY YEAR "2008">
diff --git a/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
new file mode 100644
index 0000000..ec54e83
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Puppet_Workshop.xml
@@ -0,0 +1,1076 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.docbook.org/xml/4.4/docbookx.dtd">
+
+<book id="PuppetWorkshop">
+
+ <xi:include href="Book_Info.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Preface.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
+ <part id="PuppetWorkshop-Part">
+ <title>Puppet Workshop</title>
+ <chapter id="PuppetWorkshop-Introduction">
+ <title>Introduction</title>
+ <para>
+ Welcome to the Puppet Workshop (or Configuration Management workshop). Today's workshop is comprised of the following topics:
+ </para>
+ <para>
+ <segmentedlist>
+ <segtitle>Topic</segtitle>
+ <seglistitem>
+ <seg>Introduction to Configuration Management</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>Introduction to Puppet</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>Puppet Terminology</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>How Puppet Works</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>Puppet Features</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>Troubleshooting Puppet</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>Setting up Puppet</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>How to use Puppet</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>Other Things To Do With Puppet</seg>
+ </seglistitem>
+ <seglistitem>
+ <seg>Best Practices</seg>
+ </seglistitem>
+ </segmentedlist>
+ </para>
+ </chapter>
+
+ <chapter id="PuppetWorkshop-IntroductionToConfigurationManagement">
+ <title>Introduction to Configuration Management</title>
+
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement">
+ <title>What is Configuration Management?</title>
+ <para>
+ Within virtually every organization, there's probably a number of systems running Linux, Solaris, Mac OS X or HP-UX. All these machines need to be configured to be able to function properly. Some will need special drivers, and all of them will need correct DNS settings, certain packages installed and certain other packages removed. Most probably, the more systems, the more these diverge in the configuration they need, and potentially diverge in the way this configuration needs to be applied to a given operating system or operating system version.
+ </para>
+ <para>
+ More specifically, an organization may have a couple of webservers, fileservers, a DNS and a DHCP server, a number of desktop PCs, and a number of laptops. The laptops may need slightly different system configuration (no LDAP authentication, and with a VPN client installed, for example), and the desktop PCs may need different applications installed then the servers, and so forth. Yet, between, say, a hundred desktop PCs, you would want the configuration to be as similar as possible. You may want to diverge between a software developer's desktop PC and a desktop PC in Human Resources, but in essence these are desktop profiles diverging on the application level, applied upon a stable system configuration which remains the same, or similar at least.
+ </para>
+ <para>
+ By the time the organization grows, replaces the hardware, upgrades to another version of the operating system, or applies changes, the challenge to making everything work yet maintain a similar configuration between all nodes becomes bigger. While every attempt made to control the situation can be called a form of configuration management, the solution without a configuration management framework is often comprised of:
+ </para>
+ <para>
+ <orderedlist>
+ <listitem>
+ <para>
+ a number of scripts (with or without revision control), to move around files, install packages, perform daily check-ups,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ NFS mounts with programs pre-installed, so that nodes can mount these NFS shares and the software needs to be provided once, in one location, for all to share,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ file server shares with pre-compiled drivers, or driver sources being compiled on the nodes by scripts running on the nodes,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ terminal servers or desktop servers like with FreeNX, so that configuration concentrates on a smaller number of boxes
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ <para>
+ This means that work-arounds for actual (user) problems maybe require an additional if-then-else in one or the other script, and updates to programs installed require manual compilation and installation. The success rate of these solutions never reaches 100%, and as it turns out the longer such a implemented solution runs, the more exotic problems become and the more machines will fail to remain up-to-date regardless of any attempt made to fix the issue; simply because it becomes to diversive and unmaintainable.
+ </para>
+
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagement">
+ <title>Configuration Management</title>
+ <para>
+ Generally speaking, with configuration management, it's about managing the configuration of one or more organizational resources in order to have it be in a state in which it can perform the operations required by, and possibly critical to, the organization's operations.
+ </para>
+ <para>
+ In this workshop though, we are not going to explore configuration management of a coffee machine. Instead we look at the computers in a network running any platform but the one from a prominent proprietary North America-based vendor. We are talking automation and further enhancement of Computer Systems Administration.
+ </para>
+ <para>
+ When managing the operating system and software running on mainframes, servers, desktop PCs and laptops, you may find yourself looking for answers to questions such as:
+ </para>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ How do I manage what packages are installed on a given system?
+ <itemizedlist>
+ <listitem>
+ <para>
+ How do I manage the configuration of those packages (this software)?
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ How do I make sure these packages are updated?
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ How do I make sure the services that every machine needs to run are actually running?
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ How do I manage monitoring the services or a machine's state?
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ A job needs to run periodically (maybe via <application>crontab</application>), but how do I make sure it is run, and how can I change or remove the job later?
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Given different operating systems and operating system versions, how do I make sure I apply the correct routine for adding a user, starting a service, install/update/remove a package?
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagementRequirements">
+ <title>Configuration Management Requirements</title>
+ <para>
+ This section is about what you would want Configuration Management to do for you:
+ </para>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>Maintain consistency across systems</title>
+ <para>
+ Consistency across systems is key in understanding where a problem might come from. If each and every system is unique, you may end up searching for unique aspects of the system's configuration in order to determine the cause of a problem, while if systems are consistent to some extend, you may have found the problem even before your users report it.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Consistency !== Equality</title>
+ <para>
+ Of course keeping system consistent in their configuration doesn't say all your systems should be entirely equal, because that would not be feasible for many organizations and defeat the purpose of configuration management. Needless to say though, having all systems be entirely unique defeats part of the purpose of configuration management as well.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Categorize systems</title>
+ <para>
+ Categorizing systems into categories like (for example) <emphasis>desktop</emphasis>, <emphasis>server</emphasis> and/or <emphasis>laptop</emphasis>, helps in applying changes to one category, such as installing <application>GNOME</application> or keeping systems up-to-date according to a schedule that may (servers) or may not (desktops, laptops) need a service or maintenance window.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Different profiles</title>
+ <para>
+ More generally speaking, different profiles for each of these categories may be defined as well, of course. A developer's desktop most likely has different requirements then a publicly accessible booth at the reception desk.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Version Control</title>
+ <para>
+ Version control lets you keep track of changes applied to the overall configuration management framework, which is important because since you are managing different aspects of a number of systems, if something goes wrong the changes applied to the configuration of puppet will most likely be the first clue as to what caused the new problem and lets you recover relatively fast.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Overview of systems' tasks and services</title>
+ <para>
+ Being able to quickly tell what a system does exactly, and how it differs from another system not only aids in performing risk assessments (impact of a given change), but may also help in determining the impact of a change beforehand, as well as determine the impact of an unexpected system interruption. Providing an example to the latter I suppose if you update httpd across systems (whether tested or untested), but the new software version doesn't work as expected, a configuration management framework should be able to quickly give you an overview of impacted systems and services.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Updating systems</title>
+ <para>
+ Some systems can be updated irregularly, such as desktop PCs, but need to be kept up-to-date nonetheless. Other systems need to have service and/or maintenance windows, such as servers.
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+
+ </section>
+
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement">
+ <title>Problems without Configuration Management</title>
+ <para>
+ There's a number of challenges in applying configuration management, such as:
+ </para>
+ <para>
+ <orderedlist>
+ <listitem>
+ <formalpara>
+ <title>Different operating systems</title>
+ <para>
+ If you have a diverse organization in terms of the operating systems your nodes run, applying the same thing to a set of different operating systems is challenging in that adding a user or setting a password on one operating system isn't the same as adding a user or setting a password on another operating system. Of course the same applies to installing, updating or removing a package, and so forth. Of course the more different operating systems you have, the harder managing any given resource becomes.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Different distributions</title>
+ <para>
+ Although an organization may not have different distributions running right now, sooner or later, an organization will migrate from one distribution to another; That is practically inevitable. If an organization does have different distributions running, practical problems such as the location of certain files become evident, as well as different interfaces to resource-management (like adding a user with <application>useradd</application> or <application>adduser</application>).
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Different versions of distributions</title>
+ <para>
+ Different versions of distributions, or more accurately the different versions of the utilities, as well as the configuration settings for updated programs that come with the distributions, can form a challenge when or if the organization does not have a proper configuration management framework in place. Note that even though an organization may not have different versions of a distribution right now, at some point the organization will need to upgrade to the next available release.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Different tasks to perform</title>
+ <para>
+ Each different system in an organization is performing one or more tasks that may be unique to the system or may be shared between a group of systems, but with many different tasks being performed throughout the organization's infrastructure, keeping track of what system performs which task, keeping these systems up to date and configuring them to have the required packages installed for each of the tasks they perform, tackling the problem becomes harder.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Different ways to perform a task</title>
+ <para>
+ Within an organization that has multiple servers performing the same task, keeping a similar state or perform a task in a similar manner is challenging in that without configuration management, you are most likely to find three or more ways to purge old files from <filename>/tmp/</filename> and <filename>/var/tmp/</filename>, for example. The same differentiation may apply to how webservers' VirtualHost's are configured, or how a NFS share is mounted (mount options in particular).
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Different nodes</title>
+ <para>
+ This one goes to hardware-specific needs and configuration. When each of the systems in an organization are not all of the same brand, make and model, or each system has different harddisk layouts, or needs different videocard drivers, you are basically keeping lists and making choices based on this list.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Different services</title>
+ <para>
+ Different services of course are configured differently, as far as configuration file locations and syntax are concerned. However, figuring out the best way to apply certain configuration to a system for each service is less efficient without configuration management. You might adjust a script or two and/or adjust the source repository from which you pull updates to each machine, but the changes may turn out to only apply to that system that needed the exception to the rule instead of focussing on a more general solution to the problem once, and apply that solution multiple times, over and over again.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Interfaces to a system resource</title>
+ <para>
+ This is probably the hardest one if you are not using any configuration management framework. Given different operating systems, distributions and/or distribution versions, in which case any combination of the three only makes the problem harder to solve, you are most likely to encounter so many different ways to manage a resource, that a simple script or routine cannot cover all of them. One example is adding a user to the system, and making the user a group member of several groups. You may find routines ranging from using <application>useradd</application> or <application>adduser</application> depending on the distribution used, to writing out ldifs from a template and using <application>ldapadd</application> or <application>ldapmodify</application> depending on whether the user already exists or not.
+ </para>
+ </formalpara>
+ </listitem>
+ </orderedlist>
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-IntroductionToConfigurationManagement-NotSoTechnicalAspects">
+ <title>Not So Technical Aspects</title>
+ <para>
+ In addition to the problems you may encounter with or without configuration management, there's a number of problems or challenges that are not so technical, but you may want to see resolved by a configuration management utility;
+ </para>
+ <para>
+ <orderedlist>
+ <listitem>
+ <formalpara>
+ <title>Applying changes</title>
+ <para>
+ Applying changes to multiple machines at once may become a problem depending on the size of the organization or the amount of control that you have over systems, remotely. There was a time when changing the DNS servers for a set of systems required one to log on to the console of each system and edit <filename>/etc/resolv.conf</filename> manually. You can see the problem become bigger if the organization does not have 20 systems, but 1200.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Keeping track of changes</title>
+ <para>
+ Another challenge is keeping track of the changes applied to each system. Even with configuration management, errors can be made and systems might behave unexpectedly, in which case you will want to know what changed on these systems, and how to recover to an operational state. Keeping track of changes without a configuration management framework however is a little harder, but with configuration management, you have reports (changes applied to a system in a nice overview), and most advisebly you have the configuration for Puppet stored in a Source Control Management system, or SCM system, like CVS, SVN, Mercurial, or GIT.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Staging changes</title>
+ <para>
+ Staging changes is a huge must-have in case changes are radical or might destroy a normal system's operation (even if temporary). For such changes, you would want to test the changes first, and with Puppet, you get this in the form of <emphasis>environments</emphasis>.
+ </para>
+ </formalpara>
+ </listitem>
+ </orderedlist>
+ </para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-IntroductionToPuppet">
+ <title>Introduction To Puppet</title>
+ <para>
+ Puppet is a solution to the problems set forth in <xref linkend="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement" />.
+ </para>
+
+ <section id="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo">
+ <title>What Does Puppet Do?</title>
+ <para>
+ Puppet offers a high-level abstraction of system resources like you would encounter on any given system, such as users, services and packages. Seeing as how different operating systems and different distributions each have different interfaces, so-called <emphasis>providers</emphasis> in puppet terms, to these system resources, scripting a package to be installed, updated, removed or be of a certain version includes a lot of <code>if-then-else</code> statements in a script you'd write to manage that particular system resource, the package.
+ </para>
+ <para>
+ On Debian, Ubuntu and derivative distributions for example, the package provider may be <application>apt</application>, <application>dpkg</application>, <application>smart</application>, <application>alien</application>, <application>PackageKit</application>, while on Fedora, Red Hat and it's derivatives, the package provider may be <application>rpm</application>, <application>yum</application>, <application>PackageKit</application>, <application>apt</application> or <application>smart</application>.
+ </para>
+ <para>
+ Another difference between distributions is how services can be started, or configured to start up when the machine boots. A <application>service</application> script may be available, or <filename>/etc/init.d/</filename> may contain scripts to start and stop a service. Also, some of these service providers may have <code>status</code>, <code>reload</code> and <code>restart</code> command parameters, whereas others may not have. Additionally, using <application>chkconfig</application> to configure the runlevels the service should be enabled or disabled in may not be available on all systems.
+ </para>
+ <para>
+ By abstracting these system resources into <emphasis>types</emphasis>, Puppet takes on the headaches for most operating system and distribution specific interfaces to managing these system resources. It knows, or figures out all by itself, what provider to use given a <emphasis>type</emphasis>.
+ </para>
+ <formalpara>
+ <title>Abstraction of system resources</title>
+ <para>
+ Abstraction of the system resources into so-called <emphasis>types</emphasis> causes the administrator to only need to configure a type, such as <emphasis>package</emphasis>, <emphasis>user</emphasis>, <emphasis>cron</emphasis>, and so forth. The configuration management utility itself will figure out what package manager backend to use, whether it's apt, yum, rpm, dpkg, smart or PackageKit.
+ </para>
+ </formalpara>
+ <para>
+ Puppet example to ensure user <emphasis>sysadmin</emphasis> exists on a system:
+ <screen>user { "sysadmin":
+ ensure => present
+}</screen>
+ </para>
+ <para>
+ Puppet example to ensure the <emphasis>ypbind</emphasis> package is installed and the most recent version, <emphasis>ypbind</emphasis> is correctly configured, and the <emphasis>ypbind</emphasis> service is running:
+ <screen>package { "ypbind":
+ ensure => latest
+}
+
+file { "/etc/yp.conf":
+ source => "puppet://$server/files/yp.conf",
+ notify => Service["ypbind"],
+ require => Package["ypbind"]
+}
+
+service { "ypbind":
+ enable => true,
+ ensure => running,
+ require => [
+ File["/etc/yp.conf"],
+ Package["ypbind"]
+ ]
+}</screen>
+ </para>
+ <para>
+ The above example is called a <emphasis>manifest</emphasis>, built out of <emphasis>types</emphasis> (package, file, service), which, once defined in a manifest, are referred to as <emphasis>resources</emphasis>. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
+ </para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-PuppetTerminology">
+ <title>Puppet Terminology</title>
+ <para>
+ Terminology used in this documentation. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>class</title>
+ <para>
+ A class is a collection of resources applied to a node with a single include statement. It groups together a comprehensible set of resources. A class <emphasis>ypclient</emphasis> would manage the <code>File["/etc/nsswitch.conf"]</code>, <code>File["/etc/yp.conf"]</code>, <code>Package["ypbind"]</code>, and <code>Service["ypbind"]</code> resources.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>fileserver</title>
+ <para>
+ The fileserver is where the puppet pulls files from. It is normally integrated with the puppetmaster, but it can be an entirely different server, too.
+ </para>
+ </formalpara>
+ <para>
+ The fileserver serves files to puppets that request them, but it also serves <emphasis>templates</emphasis>, which are parsed on the fileserver (puppetmaster), and passed on to the client as a whole new file.
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>manifest</title>
+ <para>
+ The collection of classes, modules and resources that the <xref linkend="PuppetWorkshop-PuppetTerminology-puppetmaster" /> uses to distribute the appropriate configuration to a <xref linkend="PuppetWorkshop-PuppetTerminology-puppet" />.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>module</title>
+ <para>
+ A module is a placeholder for files, manifests, plugins and templates. Creating a module has numerous advantages such as separate version control, separate staging from development through testing to production, and so forth.
+ </para>
+ </formalpara>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Modules" />, <xref linkend="PuppetWorkshop-HowToUsePuppet-Plugins" />
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>node</title>
+ <para>
+ The client, a node, is an operating system instance running the puppet client application. This can be a regular operating system running directly on top of actual hardware, a virtual guest as well as a virtual host.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-PuppetTerminology-puppet">
+ <title>puppet</title>
+ <para>
+ The client, a node, runs the <application>puppetd</application> daemon or service, and is referred to as the <emphasis>puppet</emphasis>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-PuppetTerminology-puppetmaster">
+ <title>puppetmaster</title>
+ <para>
+ The puppetmaster is the node that runs the server-side application to a puppet setup.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>resource</title>
+ <para>
+ A resource is an instantiated <xref linkend="PuppetWorkshop-PuppetTerminology-type" />
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>system resource</title>
+ <para>
+<!--
+FIXME:
+//-->
+ A system resource is a resource available on the node whether it is managed by puppet or not. Unlike what is otherwise understood by system resources, the puppet definition of system resources does not so much refer to resources like CPU or memory, but rather to whether or not a package is installed or what version of said package, or the $osversion, and so on and so forth.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara id="PuppetWorkshop-PuppetTerminology-type">
+ <title>type</title>
+ <para>
+ definition
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </chapter>
+
+ <chapter id="PuppetWorkshop-HowPuppetWorks">
+ <title>How Puppet Works</title>
+ <para>
+ This is an overview of how puppet works -in a working setup.
+ </para>
+ <para>
+ <orderedlist>
+ <listitem>
+ <formalpara>
+ <title>The puppet starts for the first time</title>
+ <para>
+ It generates a certificate using the node's FQDN.
+ </para>
+ </formalpara>
+ <note>
+ <para>
+ Although not required, it is strongly recommended to have the client use a FQDN that is registered in DNS (forward as well as reverse).
+ </para>
+ </note>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet submits the certificate to the puppetmaster</title>
+ <para>
+ The puppetmaster, also the Certificate Authority, or <emphasis>puppetca</emphasis>, needs to sign the certificate before the client can be considered authenticated.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet waits 300 seconds for a signed certificate</title>
+ <para>
+ It this configurable timeout of 300 seconds<footnote><para>Specify the timeout with <code>--waitforcert [seconds]</code></para></footnote> has passed, the puppet quits.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppetmaster signs the certificate</title>
+ <para>
+ To do so, you can either configure the puppetmaster to automatically sign certificates or sign manually. Automatically signing certificates is generally a very bad idea. To manually sign a certificate, use:
+ </para>
+ </formalpara>
+ <para>
+ <screen># <userinput>puppetca --sign <fqdn></userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet receives the signed certificate</title>
+ <para>
+ Immediately thereafter, the puppet starts a configuration run.
+ </para>
+ </formalpara>
+ <warning>
+ <para>
+ The time on both the puppetmaster and the puppet must be within 5 minutes of eachother as the certificate generated and signed has a validity period. If the difference in time of these two nodes is more then 5 minutes, you will get a "Certificates not trusted" type of error.
+ </para>
+ </warning>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet generates all the facts</title>
+ <para>
+ Most configurations rely on client information to make decisions. When the Puppet client starts, it loads the Facter Ruby library, collects all of the facts that it can, and passes those facts to the interpreter. When you use Puppet over a network, these facts are passed over the network to the server and the server uses them to compile the client's configuration.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppetmaster parses it's manifests</title>
+ <para>
+ The puppetmaster parses through all it's manifests, including the manifests not applicable to the puppet that is polling. It only sends out the manifest applicable to the puppet polling, however.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet receives the manifests</title>
+ <para>
+ When the puppet receives the manifests, it may still contain variables such as <code>$hostname</code>, <code>$operatingsystem</code> and others, which the puppet fills out with the appropriate values.
+ </para>
+ </formalpara>
+<!-- <warning>
+ <para>
+ All variables in the manifest sent to the client should be based on facts rather then fiction.
+ </para>
+ </warning>-->
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet applies the manifest</title>
+ <para>
+ While the puppet applies the manifest, it pulls files from the puppetmaster's <emphasis>fileserver</emphasis> after checking the local checksum against the remote checksum. When running with debug output, this will show as
+ <screen>debug: Calling fileserver.list
+debug: //Node[node1.example.com]/File[/tmp/foo]/checksum: Initializing checksum hash
+debug: //Node[node1.example.com]/File[/tmp/foo]: Creating checksum {md5}85e53dc9439253a1ec9ca87aeffd9b0b
+debug: Calling fileserver.describe</screen>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>Files that are replaced are backed up</title>
+ <para>
+ The puppet sends a copy of the files it replaces back to the puppetmaster.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet reports to the puppetmaster</title>
+ <para>
+ A detailed report of what the puppet has done with the manifests is sent back to the puppetmaster.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>The puppet waits for 30 minutes</title>
+ <para>
+ The next run the puppet performs/polls for is after a configurable timeperiod, which defaults to 30 minutes.
+ </para>
+ </formalpara>
+ </listitem>
+ </orderedlist>
+ </para>
+ <para>
+ A puppet setup is comprised out of the following parts:
+ </para>
+ <formalpara>
+ <title>The Puppetmaster</title>
+ <para>
+ The puppetmaster of course is the core element in a puppet setup. Not only is it responsible for the handing over the manifest to the client, it also takes care of serving the files needed by the manifest, as well as
+ </para>
+ </formalpara>
+ </chapter>
+
+ <chapter id="PuppetWorkshop-PuppetFeatures">
+ <title>Puppet Features</title>
+ <para>
+ paragraph
+ </para>
+ </chapter>
+
+ <chapter id="PuppetWorkshop-TroubleshootingPuppet">
+ <title>Troubleshooting Puppet</title>
+ <para>
+ This section is about troubleshooting the puppetmaster and puppet
+ </para>
+ </chapter>
+
+ <chapter id="PuppetWorkshop-SettingUpPuppet">
+ <title>Setting Up Puppet</title>
+ <para>
+ In this section, we are going to set up a puppetmaster, and a puppet client. The puppetmaster is going to run the <emphasis>mongrel</emphasis> server-type, for setting up a puppetmaster for larger environments.
+ </para>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Installation">
+ <title>Installation</title>
+ <para>
+ The default server type for the puppetmaster is called <emphasis>webrick</emphasis>, a single-threaded webserver. The webserver handles the puppets' requests for manifests, certificate exchanges, as well requests for files and templates. Being single-threaded, the webrick webserver can only handle one client at a time. While the puppets poll the puppetmaster with a default interval of 30 minutes, and configuration runs can take longer then 60 seconds, putting more then 25 clients in front of a puppetmaster with a webrick webserver is a very, very bad idea.
+ </para>
+ <para>
+ There is a multi-threaded webserver in Ruby, called <emphasis>mongrel</emphasis>. This is a simple, multi-threaded, but not very feature-rich webserver. For one, it does not perform SSL. For scalability purposes though, the mongrel server type is an absolute must, and can better be chosen as the webserver to handle the puppets' requests, right from the beginning. This however requires a frontend that performs the SSL part of the communications between the puppetmaster and the puppets. We choose Apache's HTTPd for it's excellent performance, flexible configuration, excellent configuration syntax, and because it can be set up as a reverse proxy load balancer, allowing more then one puppetmaster behind the scenes if necessary.
+ </para>
+ <para>
+ Install the required packages for the puppetmaster:
+ </para>
+ <formalpara>
+ <title>Smaller organizations (< ~25 clients)</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ The puppetmaster.
+ </para>
+ <para>
+ <screen># <userinput>yum install puppet-server</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
+ </para>
+ <para>
+ <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ (optional) The Ruby RRDtool library.
+ </para>
+ <para>
+ <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Larger organizations (> ~25 clients)</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ A webserver capable of performing as a frontend SSL reverse proxy load balancer, such as the Apache HTTPd webserver.
+ </para>
+ <para>
+ <screen># <userinput>yum install httpd</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The Ruby mongrel library, for better scalability.
+ </para>
+ <para>
+ <screen># <userinput>yum install rubygem-mongrel</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The puppetmaster.
+ </para>
+ <para>
+ <screen># <userinput>yum install puppet-server</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
+ </para>
+ <para>
+ <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ (optional) The Ruby RRDtool library.
+ </para>
+ <para>
+ <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration">
+ <title>Configuration</title>
+ <para>
+ In this section, we walk you through the initial configuration of a puppetmaster with the mongrel server type.
+ </para>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster">
+ <title>Configuring the Puppetmaster</title>
+ <para>
+ The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values. There's 4 sections of interest,
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>[main]</title>
+ <para>
+ Primarily file locations, directory settings and other globals applicable to both the puppet as well as the puppetmaster.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetca]</title>
+ <para>
+ Puppet Certificate Authority (puppetca) settings.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetd]</title>
+ <para>
+ Puppet client daemon settings.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
+ <para>
+ Puppetmaster daemon settings.
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Settings">
+ <title>Relevant Settings</title>
+ <formalpara>
+ <title>Relevant Settings For The First Run</title>
+ <para>
+ For the first run of the puppetmaster, the following settings require configuration:
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>[main]</title>
+ <para>
+ The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <code>logdir = /var/log/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>rundir = /var/run/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>ssldir = $vardir/ssl/</code>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <note>
+ <para>
+ If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
+ </para>
+ </note>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>certname</title>
+ <para>
+ The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>certdnsnames</title>
+ <para>
+ A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
+ <orderedlist>
+ <listitem>
+ <para>
+ The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Any other hostname or fully qualified domain name you want to use for the puppetmaster.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <para>
+ Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
+ ca = <replaceable>true</replaceable></screen>
+ The default is often set to <code>true</code>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Whether or not to use autosigning of certificates, using
+ <screen>[puppetca]
+ autosign = <replaceable>false</replaceable></screen>
+ The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Other Relevant Settings</title>
+ <para>
+ The following settings require review before the puppetmaster is going in production.
+ <itemizedlist>
+ <listitem>
+ <para>
+ A list of environments using a comma seperated list, in
+ <screen>[puppetmasterd]
+ environments = <replaceable>development,testing,production</replaceable></screen>
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
+ <screen>[puppetmasterd]
+ reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
+ tagmap = <replaceable>/path/to/tagmail.conf</replaceable></screen>
+ for reporting changes applied to puppets, via email.
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Sitepp">
+ <title>Minimal site.pp</title>
+ <para>
+ Create a minimal <code>site.pp</code> in <filename>/etc/puppet/manifests/site.pp</filename> for the puppetmaster to parse on it's initial startup. Below is an example.
+ </para>
+ <screen>#
+# site.pp for any domain
+#
+
+$server = "<replaceable>master.puppetmanaged.org</replaceable>"
+
+# The default node
+
+node default {
+}</screen>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-ServiceConfiguration">
+ <title>Service Configuration</title>
+ <para>
+ On Red Hat based systems, use <filename>/etc/sysconfig/puppetmaster</filename> to configure the service. It has three variables set, of which <code>PUPPETMASTER_MANIFEST</code> needs to point to the default manifest to use.
+ </para>
+ </section>
+
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-SSLFrontendReverseProxyLoadBalancer">
+ <title>Configuring the SSL Frontend Reverse Proxy Load Balancer</title>
+ <para>
+ A webserver needs to be configured to handle the SSL XML-RPC requests from the puppets, because the mongrel server type is not capable of performing SSL.
+ </para>
+ <para>
+ The webserver is going to listen on port 8140, the default port for the puppetmaster to listen for clients. It is going to forward traffic (after being decrypted) to the puppetmaster on 127.0.0.1:8141.
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer">
+ <title>Configuring the Database Server</title>
+ <para>
+ para
+ </para>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-SQLite3">
+ <title>SQLite3</title>
+ <para>
+ para
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-MySQL">
+ <title>MySQL</title>
+ <para>
+ para
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-Postgresql">
+ <title>PostgreSQL</title>
+ <para>
+ para
+ </para>
+ </section>
+
+ </section>
+
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-HowToUsePuppet">
+ <title>How To Use Puppet</title>
+ <para>
+ This is a first section
+ </para>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-Modules">
+ <title>Using Modules</title>
+ <para>
+ About using modules
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-Plugins">
+ <title>Using Plugins</title>
+ <para>
+ About the use of plugins
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-HowToUsePuppet-Environments">
+ <title>Environments</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-OtherThingsToDoWithPuppet">
+ <title>Other Things To Do With Puppet</title>
+ <para>
+ This is a first section
+ </para>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting">
+ <title>Tweaking Reporting</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomTypes">
+ <title>Writing Custom Types</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFacts">
+ <title>Writing Custom Facts</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFunctions">
+ <title>Writing Custom Functions</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
+ </chapter>
+
+ <chapter id="PuppetWorkshop-BestPractices">
+ <title>Best Practices</title>
+ <para>
+ This is a first section
+ </para>
+ </chapter>
+
+ </part>
+
+ <xi:include href="Appendix.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
+</book>
+
+<!-- Local variables:
+ mode: xml
+ fill-column: 72
+ End:
+-->
+
+<!--
+ vim: softtabstop=4:shiftwidth=4:expandtab
+-->
diff --git a/Workshops/PuppetWorkshop/en-US/Revision_History.xml b/Workshops/PuppetWorkshop/en-US/Revision_History.xml
new file mode 100644
index 0000000..68432a0
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/Revision_History.xml
@@ -0,0 +1,26 @@
+<?xml version='1.0'?>
+<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+
+<appendix id="appe-Publican-Revision_History">
+ <title>Revision History</title>
+ <simpara>
+ <revhistory>
+ <revision>
+ <revnumber>1.0</revnumber>
+ <date></date>
+ <author>
+ <firstname></firstname>
+ <surname></surname>
+ <email></email>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member></member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ </revhistory>
+ </simpara>
+</appendix>
+
diff --git a/Workshops/PuppetWorkshop/en-US/images/icon.svg b/Workshops/PuppetWorkshop/en-US/images/icon.svg
new file mode 100644
index 0000000..c471a60
--- /dev/null
+++ b/Workshops/PuppetWorkshop/en-US/images/icon.svg
@@ -0,0 +1,3936 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+<svg
+ xmlns:ns="http://ns.adobe.com/AdobeSVGViewerExtensions/3/"
+ xmlns:a="http://ns.adobe.com/AdobeSVGViewerExtensions/3.0/"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://web.resource.org/cc/"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ version="1.0"
+ width="32"
+ height="32"
+ id="svg3017"
+ sodipodi:version="0.32"
+ inkscape:version="0.44+devel"
+ sodipodi:docname="book.svg"
+ sodipodi:docbase="/home/andy/Desktop">
+ <metadata
+ id="metadata489">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <sodipodi:namedview
+ inkscape:window-height="480"
+ inkscape:window-width="858"
+ inkscape:pageshadow="0"
+ inkscape:pageopacity="0.0"
+ guidetolerance="10.0"
+ gridtolerance="10.0"
+ objecttolerance="10.0"
+ borderopacity="1.0"
+ bordercolor="#666666"
+ pagecolor="#ffffff"
+ id="base"
+ inkscape:zoom="1"
+ inkscape:cx="16"
+ inkscape:cy="15.944056"
+ inkscape:window-x="0"
+ inkscape:window-y="33"
+ inkscape:current-layer="svg3017" />
+ <defs
+ id="defs3019">
+ <linearGradient
+ id="linearGradient2381">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop2383" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="stop2385" />
+ </linearGradient>
+ <linearGradient
+ x1="415.73831"
+ y1="11.854"
+ x2="418.13361"
+ y2="18.8104"
+ id="XMLID_1758_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8362,0.5206,-1.1904,0.992,147.62,-30.9374)">
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="0"
+ id="stop3903" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop3905" />
+ <a:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="500.70749"
+ y1="-13.2441"
+ x2="513.46442"
+ y2="-2.1547"
+ id="XMLID_1757_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop3890" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop3892" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="XMLID_1755_">
+ <use
+ id="use3874"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_343_" />
+ </clipPath>
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop3877" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop3879" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop3881" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop3883" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="471.0806"
+ y1="201.07761"
+ x2="481.91711"
+ y2="210.4977"
+ id="XMLID_1754_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#6498c1;stop-opacity:1"
+ offset="0.005618"
+ id="stop3863" />
+ <stop
+ style="stop-color:#79a9cc;stop-opacity:1"
+ offset="0.2332"
+ id="stop3865" />
+ <stop
+ style="stop-color:#a4cde2;stop-opacity:1"
+ offset="0.74049997"
+ id="stop3867" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="1"
+ id="stop3869" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="5.618000e-003" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="0.4438" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="XMLID_1753_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop3851" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop3853" />
+ <a:midPointStop
+ style="stop-color:#B2B2B2"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B2B2B2"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="XMLID_1751_">
+ <use
+ id="use3837"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_338_" />
+ </clipPath>
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop3840" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop3842" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop3844" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop3846" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="468.2915"
+ y1="204.7612"
+ x2="479.39871"
+ y2="214.4166"
+ id="XMLID_1750_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop3830" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop3832" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop3818" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop3820" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="501.0903"
+ y1="-19.2544"
+ x2="531.85413"
+ y2="0.72390002"
+ id="XMLID_1748_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop3803" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop3805" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop3807" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop3809" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="XMLID_2275_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop9947" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop9949" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop9951" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop9953" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="XMLID_2273_">
+ <use
+ id="use9933"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_960_" />
+ </clipPath>
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="XMLID_2274_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop9936" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop9938" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop9940" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop9942" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="478.21341"
+ y1="-131.9297"
+ x2="469.85818"
+ y2="-140.28481"
+ id="XMLID_2272_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.5592,0.829,-0.829,0.5592,101.3357,-104.791)">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop9917" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop9919" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop9921" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop9923" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <marker
+ refX="0"
+ refY="0"
+ orient="auto"
+ style="overflow:visible"
+ id="TriangleInM">
+ <path
+ d="M 5.77,0 L -2.88,5 L -2.88,-5 L 5.77,0 z "
+ transform="scale(-0.4,-0.4)"
+ style="fill:#5c5c4f"
+ id="path3197" />
+ </marker>
+ <linearGradient
+ x1="200.7363"
+ y1="100.4028"
+ x2="211.99519"
+ y2="89.143997"
+ id="XMLID_3298_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#bfbfbf;stop-opacity:1"
+ offset="0"
+ id="stop20103" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop20105" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#BFBFBF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#BFBFBF" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#F2F2F2" />
+ </linearGradient>
+ <linearGradient
+ x1="200.7363"
+ y1="100.4028"
+ x2="211.99519"
+ y2="89.143997"
+ id="linearGradient36592"
+ xlink:href="#XMLID_3298_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="181.2925"
+ y1="110.8481"
+ x2="192.6369"
+ y2="99.5037"
+ id="XMLID_3297_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="stop20096" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop20098" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="181.2925"
+ y1="110.8481"
+ x2="192.6369"
+ y2="99.5037"
+ id="linearGradient36595"
+ xlink:href="#XMLID_3297_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="211.77589"
+ y1="105.7749"
+ x2="212.6619"
+ y2="108.2092"
+ id="XMLID_3296_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#0f6124;stop-opacity:1"
+ offset="0"
+ id="stop20087" />
+ <stop
+ style="stop-color:#219630;stop-opacity:1"
+ offset="1"
+ id="stop20089" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#0F6124" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#0F6124" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#219630" />
+ </linearGradient>
+ <linearGradient
+ x1="211.77589"
+ y1="105.7749"
+ x2="212.6619"
+ y2="108.2092"
+ id="linearGradient36677"
+ xlink:href="#XMLID_3296_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="208.9834"
+ y1="116.8296"
+ x2="200.0811"
+ y2="96.834602"
+ id="XMLID_3295_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop20076" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.5"
+ id="stop20078" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop20080" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="208.9834"
+ y1="116.8296"
+ x2="200.0811"
+ y2="96.834602"
+ id="linearGradient36604"
+ xlink:href="#XMLID_3295_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="195.5264"
+ y1="97.911102"
+ x2="213.5213"
+ y2="115.9061"
+ id="XMLID_3294_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="0"
+ id="stop20069" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop20071" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="195.5264"
+ y1="97.911102"
+ x2="213.5213"
+ y2="115.9061"
+ id="linearGradient36607"
+ xlink:href="#XMLID_3294_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="186.1938"
+ y1="109.1343"
+ x2="206.6881"
+ y2="88.639999"
+ id="XMLID_3293_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop20056" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.16850001"
+ id="stop20058" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.23029999"
+ id="stop20060" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.2809"
+ id="stop20062" />
+ <stop
+ style="stop-color:#c2c2c2;stop-opacity:1"
+ offset="0.5"
+ id="stop20064" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.1685"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.2303"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.2809"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#C2C2C2" />
+ </linearGradient>
+ <linearGradient
+ x1="186.1938"
+ y1="109.1343"
+ x2="206.6881"
+ y2="88.639999"
+ id="linearGradient36610"
+ xlink:href="#XMLID_3293_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <linearGradient
+ x1="184.8569"
+ y1="112.2676"
+ x2="211.94099"
+ y2="89.541397"
+ id="XMLID_3292_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop20043" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.16850001"
+ id="stop20045" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.23029999"
+ id="stop20047" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0.2809"
+ id="stop20049" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop20051" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.1685"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.2303"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.2809"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="184.8569"
+ y1="112.2676"
+ x2="211.94099"
+ y2="89.541397"
+ id="linearGradient36613"
+ xlink:href="#XMLID_3292_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.029078,0,0,1,-183.2624,-79.44655)" />
+ <marker
+ refX="0"
+ refY="0"
+ orient="auto"
+ style="overflow:visible"
+ id="TriangleOutM">
+ <path
+ d="M 5.77,0 L -2.88,5 L -2.88,-5 L 5.77,0 z "
+ transform="scale(0.4,0.4)"
+ style="fill:#5c5c4f;fill-rule:evenodd;stroke-width:1pt;marker-start:none"
+ id="path3238" />
+ </marker>
+ <linearGradient
+ x1="165.3"
+ y1="99.5"
+ x2="165.3"
+ y2="115.9"
+ id="XMLID_3457_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="0"
+ id="stop8309" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8311" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="1"
+ id="stop8313" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#999999" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#999999" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#B2B2B2" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#B2B2B2" />
+ </linearGradient>
+ <linearGradient
+ x1="165.3"
+ y1="99.5"
+ x2="165.3"
+ y2="115.9"
+ id="lg1997"
+ xlink:href="#XMLID_3457_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="175"
+ y1="99.800003"
+ x2="175"
+ y2="112.5"
+ id="XMLID_3456_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="0"
+ id="stop8300" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="0.60000002"
+ id="stop8302" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="1"
+ id="stop8304" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="0.6"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#191919" />
+ </linearGradient>
+ <linearGradient
+ x1="175"
+ y1="99.800003"
+ x2="175"
+ y2="112.5"
+ id="lg2000"
+ xlink:href="#XMLID_3456_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="168.8"
+ y1="107.1"
+ x2="164.5"
+ y2="110"
+ id="XMLID_3455_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="0"
+ id="stop8291" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="0.69999999"
+ id="stop8293" />
+ <stop
+ style="stop-color:#191919;stop-opacity:1"
+ offset="1"
+ id="stop8295" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.7"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#191919" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#191919" />
+ </linearGradient>
+ <linearGradient
+ x1="168.8"
+ y1="107.1"
+ x2="164.5"
+ y2="110"
+ id="lg2003"
+ xlink:href="#XMLID_3455_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ id="lg63694">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop63696" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="stop63698" />
+ </linearGradient>
+ <linearGradient
+ x1="458"
+ y1="483"
+ x2="465.20001"
+ y2="271.39999"
+ id="lg2006"
+ xlink:href="#lg63694"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(6.3e-2,0,0,6.3e-2,-1.3,-9.8)" />
+ <linearGradient
+ x1="176.3"
+ y1="110.1"
+ x2="158.7"
+ y2="105"
+ id="XMLID_3453_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="0"
+ id="stop8271" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="0.2"
+ id="stop8273" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop8275" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#666666" />
+ <a:midPointstop
+ offset="0.2"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#737373" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="176.3"
+ y1="110.1"
+ x2="158.7"
+ y2="105"
+ id="lg2009"
+ xlink:href="#XMLID_3453_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="173.60001"
+ y1="118.9"
+ x2="172.8"
+ y2="128.2"
+ id="XMLID_3449_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8232" />
+ <stop
+ style="stop-color:#fff95e;stop-opacity:1"
+ offset="0.60000002"
+ id="stop8234" />
+ <stop
+ style="stop-color:#ecd600;stop-opacity:1"
+ offset="1"
+ id="stop8236" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.6"
+ style="stop-color:#FFF95E" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFF95E" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#ECD600" />
+ </linearGradient>
+ <linearGradient
+ x1="173.60001"
+ y1="118.9"
+ x2="172.8"
+ y2="128.2"
+ id="lg2016"
+ xlink:href="#XMLID_3449_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <radialGradient
+ cx="284.60001"
+ cy="172.60001"
+ r="6.5"
+ fx="284.60001"
+ fy="172.60001"
+ id="XMLID_3448_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.4,0,0,1.4,-237.3,-126.8)">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8219" />
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8221" />
+ <stop
+ style="stop-color:#c96b00;stop-opacity:1"
+ offset="0.89999998"
+ id="stop8223" />
+ <stop
+ style="stop-color:#9a5500;stop-opacity:1"
+ offset="1"
+ id="stop8225" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.9"
+ style="stop-color:#C96B00" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#C96B00" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#9A5500" />
+ </radialGradient>
+ <radialGradient
+ cx="284.60001"
+ cy="172.60001"
+ r="6.5"
+ fx="284.60001"
+ fy="172.60001"
+ id="rg2020"
+ xlink:href="#XMLID_3448_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.513992,0,0,2.347576,-689.1621,-378.5717)" />
+ <linearGradient
+ x1="158.10001"
+ y1="123"
+ x2="164.2"
+ y2="126.6"
+ id="XMLID_3447_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecd600;stop-opacity:1"
+ offset="0"
+ id="stop8204" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8206" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop8208" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECD600" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECD600" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="158.10001"
+ y1="123"
+ x2="164.2"
+ y2="126.6"
+ id="lg2026"
+ xlink:href="#XMLID_3447_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <radialGradient
+ cx="280.89999"
+ cy="163.7"
+ r="10.1"
+ fx="280.89999"
+ fy="163.7"
+ id="XMLID_3446_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.4,0,0,1.4,-237.3,-126.8)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop8197" />
+ <stop
+ style="stop-color:#fff95e;stop-opacity:1"
+ offset="1"
+ id="stop8199" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#FFFFFF" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#FFF95E" />
+ </radialGradient>
+ <radialGradient
+ cx="280.89999"
+ cy="163.7"
+ r="10.1"
+ fx="280.89999"
+ fy="163.7"
+ id="rg2029"
+ xlink:href="#XMLID_3446_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.7,0,0,1.7,-457.5,-266.8)" />
+ <linearGradient
+ x1="156.5"
+ y1="122.7"
+ x2="180.10001"
+ y2="122.7"
+ id="XMLID_3445_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8184" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.2"
+ id="stop8186" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8188" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.40000001"
+ id="stop8190" />
+ <stop
+ style="stop-color:#d68100;stop-opacity:1"
+ offset="1"
+ id="stop8192" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.2"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.4"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#D68100" />
+ </linearGradient>
+ <linearGradient
+ x1="156.5"
+ y1="122.7"
+ x2="180.10001"
+ y2="122.7"
+ id="lg2032"
+ xlink:href="#XMLID_3445_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="156.39999"
+ y1="115.4"
+ x2="180.10001"
+ y2="115.4"
+ id="XMLID_3444_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ecb300;stop-opacity:1"
+ offset="0"
+ id="stop8171" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.2"
+ id="stop8173" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.30000001"
+ id="stop8175" />
+ <stop
+ style="stop-color:#ffe900;stop-opacity:1"
+ offset="0.40000001"
+ id="stop8177" />
+ <stop
+ style="stop-color:#d68100;stop-opacity:1"
+ offset="1"
+ id="stop8179" />
+ <a:midPointstop
+ offset="0"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#ECB300" />
+ <a:midPointstop
+ offset="0.2"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.3"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFFFB3" />
+ <a:midPointstop
+ offset="0.4"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="0.5"
+ style="stop-color:#FFE900" />
+ <a:midPointstop
+ offset="1"
+ style="stop-color:#D68100" />
+ </linearGradient>
+ <linearGradient
+ x1="156.39999"
+ y1="115.4"
+ x2="180.10001"
+ y2="115.4"
+ id="lg2035"
+ xlink:href="#XMLID_3444_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.2,0,0,1.2,-175.9,-114.6)" />
+ <linearGradient
+ x1="379.70001"
+ y1="167.89999"
+ x2="383.89999"
+ y2="172.89999"
+ id="lg4286_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8,0.2,-0.2,0.8,78.8,38.1)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s16159" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.1"
+ id="s16161" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="1"
+ id="s16163" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.1" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#737373"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="379.60001"
+ y1="167.8"
+ x2="383.79999"
+ y2="172"
+ id="lg6416"
+ xlink:href="#lg4286_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.622156,0.623859,-0.623859,2.62182,-882.9706,-673.7921)" />
+ <linearGradient
+ x1="384.20001"
+ y1="169.8"
+ x2="384.79999"
+ y2="170.39999"
+ id="lg4285_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8,0.2,-0.2,0.8,78.8,38.1)">
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="0"
+ id="s16152" />
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="1"
+ id="s16154" />
+ <ns:midPointStop
+ style="stop-color:#737373"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#737373"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#D9D9D9"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="384.20001"
+ y1="169.8"
+ x2="384.79999"
+ y2="170.39999"
+ id="lg6453"
+ xlink:href="#lg4285_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.6,0.6,-0.6,2.6,-883,-673.8)" />
+ <linearGradient
+ x1="380.5"
+ y1="172.60001"
+ x2="382.79999"
+ y2="173.7"
+ id="lg4284_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8,0.2,-0.2,0.8,78.8,38.1)">
+ <stop
+ style="stop-color:gray;stop-opacity:1"
+ offset="0"
+ id="s16145" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="1"
+ id="s16147" />
+ <ns:midPointStop
+ style="stop-color:#808080"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#808080"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#E5E5E5"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="380.5"
+ y1="172.60001"
+ x2="382.79999"
+ y2="173.7"
+ id="lg6456"
+ xlink:href="#lg4284_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.6,0.6,-0.6,2.6,-883,-673.8)" />
+ <radialGradient
+ cx="347.29999"
+ cy="244.5"
+ r="5.1999998"
+ fx="347.29999"
+ fy="244.5"
+ id="lg4282_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)">
+ <stop
+ style="stop-color:#333;stop-opacity:1"
+ offset="0"
+ id="s16135" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="s16137" />
+ <ns:midPointStop
+ style="stop-color:#333333"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#333333"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#999999"
+ offset="1" />
+ </radialGradient>
+ <linearGradient
+ x1="310.39999"
+ y1="397.70001"
+ x2="310.89999"
+ y2="399.5"
+ id="lg4280_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.7,-0.7,0.7,0.7,-153.4,180.6)">
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="0"
+ id="s16111" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.60000002"
+ id="s16113" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="1"
+ id="s16115" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.6" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="310.39999"
+ y1="397.70001"
+ x2="310.89999"
+ y2="399.5"
+ id="lg6467"
+ xlink:href="#lg4280_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.4,-2.4,2.4,2.4,-1663.6,-195)" />
+ <linearGradient
+ x1="310.89999"
+ y1="395.79999"
+ x2="313.29999"
+ y2="403.10001"
+ id="lg4279_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.7,-0.7,0.7,0.7,-153.4,180.6)">
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0"
+ id="s16100" />
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0.40000001"
+ id="s16102" />
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="0.89999998"
+ id="s16104" />
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="1"
+ id="s16106" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.4" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0.9" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="310.89999"
+ y1="395.79999"
+ x2="313.29999"
+ y2="403.10001"
+ id="lg6465"
+ xlink:href="#lg4279_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.4,-2.4,2.4,2.4,-1663.6,-195)" />
+ <linearGradient
+ x1="307.79999"
+ y1="395.20001"
+ x2="313.79999"
+ y2="413.60001"
+ id="lg4278_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.7,-0.7,0.7,0.7,-153.4,180.6)">
+ <stop
+ style="stop-color:#ffffb3;stop-opacity:1"
+ offset="0"
+ id="s16091" />
+ <stop
+ style="stop-color:#fcd72f;stop-opacity:1"
+ offset="0.40000001"
+ id="s16093" />
+ <stop
+ style="stop-color:#ffcd00;stop-opacity:1"
+ offset="1"
+ id="s16095" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFB3"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FCD72F"
+ offset="0.4" />
+ <ns:midPointStop
+ style="stop-color:#FCD72F"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFCD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="306.5"
+ y1="393"
+ x2="309"
+ y2="404"
+ id="lg6400"
+ xlink:href="#lg4278_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.4,-2.4,2.4,2.4,-1663.6,-195)" />
+ <linearGradient
+ x1="352.10001"
+ y1="253.60001"
+ x2="348.5"
+ y2="237.8"
+ id="lg4276_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)">
+ <stop
+ style="stop-color:#ffff87;stop-opacity:1"
+ offset="0"
+ id="s16077" />
+ <stop
+ style="stop-color:#ffad00;stop-opacity:1"
+ offset="1"
+ id="s16079" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFAD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="335.60001"
+ y1="354.79999"
+ x2="337.89999"
+ y2="354.79999"
+ id="lg4275_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9,-0.5,0.5,0.9,-121.7,105.1)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="s16057" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.80000001"
+ id="s16059" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="s16061" />
+ <ns:midPointStop
+ style="stop-color:#D9D9D9"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#D9D9D9"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.8" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="335.60001"
+ y1="354.79999"
+ x2="337.89999"
+ y2="354.79999"
+ id="lg6463"
+ xlink:href="#lg4275_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.9,-1.7,1.7,2.9,-1557,-448.7)" />
+ <linearGradient
+ x1="337.39999"
+ y1="353.10001"
+ x2="339.39999"
+ y2="357.10001"
+ id="lg4274_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9,-0.5,0.5,0.9,-121.7,105.1)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s16048" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.1"
+ id="s16050" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s16052" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.1" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="337.39999"
+ y1="353.10001"
+ x2="339.39999"
+ y2="357.10001"
+ id="lg6461"
+ xlink:href="#lg4274_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.9,-1.7,1.7,2.9,-1557,-448.7)" />
+ <linearGradient
+ x1="334.39999"
+ y1="355.5"
+ x2="335.5"
+ y2="356.79999"
+ id="lg4273_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9,-0.5,0.5,0.9,-121.7,105.1)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s16041" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s16043" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="5.6e-003" />
+ <ns:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="334.39999"
+ y1="355.5"
+ x2="335.5"
+ y2="356.79999"
+ id="lg6381"
+ xlink:href="#lg4273_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(2.9,-1.7,1.7,2.9,-1557,-448.7)" />
+ <linearGradient
+ x1="348.39999"
+ y1="247.39999"
+ x2="354.10001"
+ y2="242"
+ id="lg4271_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)">
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0"
+ id="s16025" />
+ <stop
+ style="stop-color:#9e9e9e;stop-opacity:1"
+ offset="0.40000001"
+ id="s16027" />
+ <stop
+ style="stop-color:black;stop-opacity:1"
+ offset="1"
+ id="s16029" />
+ <ns:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#F2F2F2"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#000000"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="351.29999"
+ y1="257.29999"
+ x2="346.29999"
+ y2="235.5"
+ id="lg4270_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ffff87;stop-opacity:1"
+ offset="0"
+ id="s16007" />
+ <stop
+ style="stop-color:#ffad00;stop-opacity:1"
+ offset="1"
+ id="s16009" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0" />
+ <ns:midPointStop
+ style="stop-color:#FFFF87"
+ offset="0.5" />
+ <ns:midPointStop
+ style="stop-color:#FFAD00"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="351.29999"
+ y1="257.29999"
+ x2="346.29999"
+ y2="235.5"
+ id="lg6459"
+ xlink:href="#lg4270_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(3.4,0,0,3.4,-1148,-802)" />
+ <linearGradient
+ x1="43.799999"
+ y1="32.5"
+ x2="63.299999"
+ y2="66.400002"
+ id="XMLID_2708_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="stop75318" />
+ <stop
+ style="stop-color:#fffcea;stop-opacity:1"
+ offset="1"
+ id="stop75320" />
+ <a:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#FFFCEA"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="43.799999"
+ y1="32.5"
+ x2="63.299999"
+ y2="66.400002"
+ id="lg1907"
+ xlink:href="#XMLID_2708_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)" />
+ <linearGradient
+ x1="52.5"
+ y1="40.400002"
+ x2="58.200001"
+ y2="64"
+ id="XMLID_2707_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#ffdea0;stop-opacity:1"
+ offset="0"
+ id="stop75305" />
+ <stop
+ style="stop-color:#ffd89e;stop-opacity:1"
+ offset="0.30000001"
+ id="stop75307" />
+ <stop
+ style="stop-color:#ffd79e;stop-opacity:1"
+ offset="0.30000001"
+ id="stop75309" />
+ <stop
+ style="stop-color:#dbaf6d;stop-opacity:1"
+ offset="0.69999999"
+ id="stop75311" />
+ <stop
+ style="stop-color:#6f4c24;stop-opacity:1"
+ offset="1"
+ id="stop75313" />
+ <a:midPointStop
+ style="stop-color:#FFDEA0"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#FFDEA0"
+ offset="0.6" />
+ <a:midPointStop
+ style="stop-color:#FFD79E"
+ offset="0.3" />
+ <a:midPointStop
+ style="stop-color:#FFD79E"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#DBAF6D"
+ offset="0.7" />
+ <a:midPointStop
+ style="stop-color:#DBAF6D"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#6F4C24"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="52.5"
+ y1="40.400002"
+ x2="58.200001"
+ y2="64"
+ id="lg1910"
+ xlink:href="#XMLID_2707_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)" />
+ <linearGradient
+ x1="58"
+ y1="73.199997"
+ x2="44.5"
+ y2="19"
+ id="XMLID_2704_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)">
+ <stop
+ style="stop-color:#d4a96c;stop-opacity:1"
+ offset="0.5"
+ id="stop75284" />
+ <stop
+ style="stop-color:#dcb273;stop-opacity:1"
+ offset="0.60000002"
+ id="stop75286" />
+ <stop
+ style="stop-color:#f0ca87;stop-opacity:1"
+ offset="0.80000001"
+ id="stop75288" />
+ <stop
+ style="stop-color:#ffdc96;stop-opacity:1"
+ offset="0.69999999"
+ id="stop75290" />
+ <stop
+ style="stop-color:#c18a42;stop-opacity:1"
+ offset="1"
+ id="stop75292" />
+ <a:midPointStop
+ style="stop-color:#D4A96C"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#D4A96C"
+ offset="0.6" />
+ <a:midPointStop
+ style="stop-color:#FFDC96"
+ offset="0.7" />
+ <a:midPointStop
+ style="stop-color:#FFDC96"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#C18A42"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="53.700001"
+ y1="32"
+ x2="53.700001"
+ y2="64.599998"
+ id="XMLID_2703_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e5c9b0;stop-opacity:1"
+ offset="0"
+ id="stop75268" />
+ <stop
+ style="stop-color:#e5c9b0;stop-opacity:1"
+ offset="0.40000001"
+ id="stop75270" />
+ <stop
+ style="stop-color:#c0aa94;stop-opacity:1"
+ offset="1"
+ id="stop75272" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0.4" />
+ <a:midPointStop
+ style="stop-color:#E5C9B0"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#C0AA94"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="53.700001"
+ y1="32"
+ x2="53.700001"
+ y2="64.599998"
+ id="lg1916"
+ xlink:href="#XMLID_2703_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-29,-22.6)" />
+ <linearGradient
+ x1="224.31"
+ y1="19.450001"
+ x2="214.33"
+ y2="11.46"
+ id="XMLID_419_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#404040;stop-opacity:1"
+ offset="0"
+ id="s1903" />
+ <stop
+ style="stop-color:#6d6d6d;stop-opacity:1"
+ offset="0.33000001"
+ id="s1905" />
+ <stop
+ style="stop-color:#e9e9e9;stop-opacity:1"
+ offset="1"
+ id="s1907" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#404040" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#404040" />
+ <a:midPointStop
+ offset="0.33"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#E9E9E9" />
+ </linearGradient>
+ <linearGradient
+ x1="221.84"
+ y1="32.779999"
+ x2="212.2"
+ y2="20.27"
+ id="lg1988"
+ xlink:href="#XMLID_419_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.33,0,0,1.31,-274.2,-5.2)" />
+ <linearGradient
+ x1="228.35001"
+ y1="33.279999"
+ x2="215.42999"
+ y2="33.279999"
+ id="lg1900"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s1902" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="s1906" />
+ <a:midPointStop
+ style="stop-color:#575757"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#575757"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#6D6D6D"
+ offset="0.33" />
+ <a:midPointStop
+ style="stop-color:#6D6D6D"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#D3D3D3"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="234.81"
+ y1="33.279999"
+ x2="228.27"
+ y2="33.279999"
+ id="lg1908"
+ xlink:href="#lg1900"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.33,0,0,1.31,-274.2,-5.2)" />
+ <linearGradient
+ x1="228.35001"
+ y1="33.279999"
+ x2="215.42999"
+ y2="33.279999"
+ id="XMLID_416_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#575757;stop-opacity:1"
+ offset="0"
+ id="s1874" />
+ <stop
+ style="stop-color:#6d6d6d;stop-opacity:1"
+ offset="0.33000001"
+ id="s1876" />
+ <stop
+ style="stop-color:#d3d3d3;stop-opacity:1"
+ offset="1"
+ id="s1878" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#575757" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#575757" />
+ <a:midPointStop
+ offset="0.33"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#6D6D6D" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#D3D3D3" />
+ </linearGradient>
+ <linearGradient
+ x1="228.35001"
+ y1="33.279999"
+ x2="215.42999"
+ y2="33.279999"
+ id="lg1991"
+ xlink:href="#XMLID_416_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.33,0,0,1.31,-274.2,-5.2)" />
+ <radialGradient
+ cx="603.19"
+ cy="230.77"
+ r="1.67"
+ fx="603.19"
+ fy="230.77"
+ id="x5010_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.1,0,0,1.1,-54.33,-75.4)">
+ <stop
+ style="stop-color:#c9ffc9;stop-opacity:1"
+ offset="0"
+ id="stop29201" />
+ <stop
+ style="stop-color:#23a11f;stop-opacity:1"
+ offset="1"
+ id="stop29203" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#C9FFC9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#C9FFC9" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#23A11F" />
+ </radialGradient>
+ <radialGradient
+ cx="603.19"
+ cy="230.77"
+ r="1.67"
+ fx="603.19"
+ fy="230.77"
+ id="radialGradient5711"
+ xlink:href="#x5010_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.23,0,0,1.23,-709.93,-245.02)" />
+ <linearGradient
+ x1="592.31"
+ y1="162.60001"
+ x2="609.32001"
+ y2="145.59"
+ id="lg5722"
+ xlink:href="#x5003_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="601.48999"
+ y1="170.16"
+ x2="613.84003"
+ y2="170.16"
+ id="x5002_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop29134" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0.2"
+ id="stop29136" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="stop29138" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.20"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#FFFFFF" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#999999" />
+ </linearGradient>
+ <linearGradient
+ x1="601.48999"
+ y1="170.16"
+ x2="613.84003"
+ y2="170.16"
+ id="lg5725"
+ xlink:href="#x5002_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.23"
+ id="x5004_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop29157" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop29159" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.23"
+ id="lg5728"
+ xlink:href="#x5004_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="592.31"
+ y1="162.60001"
+ x2="609.32001"
+ y2="145.59"
+ id="x5003_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0"
+ id="stop29143" />
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="1"
+ id="stop29145" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#E5E5E5" />
+ </linearGradient>
+ <linearGradient
+ x1="592.31"
+ y1="162.60001"
+ x2="609.32001"
+ y2="145.59"
+ id="lg5732"
+ xlink:href="#x5003_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.24001"
+ id="x5000_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop29124" />
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="1"
+ id="stop29126" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#FFFFFF" />
+ </linearGradient>
+ <linearGradient
+ x1="592.20001"
+ y1="156.45"
+ x2="609.98999"
+ y2="174.24001"
+ id="lg5735"
+ xlink:href="#x5000_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.12,0,0,1.12,-649.08,-160.62)" />
+ <linearGradient
+ x1="308.54999"
+ y1="149.89999"
+ x2="299.72"
+ y2="148.83"
+ id="XMLID_2433_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d6d6d6;stop-opacity:1"
+ offset="0"
+ id="71615" />
+ <stop
+ style="stop-color:#a5a5a5;stop-opacity:1"
+ offset="1"
+ id="71617" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D6D6D6" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D6D6D6" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#A5A5A5" />
+ </linearGradient>
+ <linearGradient
+ x1="308.54999"
+ y1="149.89999"
+ x2="299.72"
+ y2="148.83"
+ id="lg1952"
+ xlink:href="#XMLID_2433_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.03,0,0,1.03,-279.57,-124.36)" />
+ <radialGradient
+ cx="307.39999"
+ cy="121"
+ r="23.35"
+ fx="307.39999"
+ fy="121"
+ id="XMLID_2432_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.98,0,0,0.98,2.88,2.75)">
+ <stop
+ style="stop-color:#d2d2d2;stop-opacity:1"
+ offset="0.19"
+ id="71592" />
+ <stop
+ style="stop-color:#cfcfcf;stop-opacity:1"
+ offset="0.44999999"
+ id="71594" />
+ <stop
+ style="stop-color:#c7c7c7;stop-opacity:1"
+ offset="0.60000002"
+ id="71596" />
+ <stop
+ style="stop-color:#b9b9b9;stop-opacity:1"
+ offset="0.74000001"
+ id="71598" />
+ <stop
+ style="stop-color:#a4a4a4;stop-opacity:1"
+ offset="0.86000001"
+ id="71600" />
+ <stop
+ style="stop-color:#8a8a8a;stop-opacity:1"
+ offset="0.95999998"
+ id="71602" />
+ <stop
+ style="stop-color:gray;stop-opacity:1"
+ offset="1"
+ id="71604" />
+ <a:midPointStop
+ offset="0.19"
+ style="stop-color:#D2D2D2" />
+ <a:midPointStop
+ offset="0.8"
+ style="stop-color:#D2D2D2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#808080" />
+ </radialGradient>
+ <radialGradient
+ cx="307.39999"
+ cy="121"
+ r="23.35"
+ fx="307.39999"
+ fy="121"
+ id="radialGradient2331"
+ xlink:href="#XMLID_2432_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-276.62,-121.54)" />
+ <linearGradient
+ x1="294.13"
+ y1="127.07"
+ x2="294.13"
+ y2="142.2"
+ id="XMLID_2430_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#b5d8ff;stop-opacity:1"
+ offset="0"
+ id="71582" />
+ <stop
+ style="stop-color:black;stop-opacity:1"
+ offset="1"
+ id="71584" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B5D8FF" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B5D8FF" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#000000" />
+ </linearGradient>
+ <linearGradient
+ x1="294.13"
+ y1="127.07"
+ x2="294.13"
+ y2="142.2"
+ id="lg2820"
+ xlink:href="#XMLID_2430_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.03,0,0,1.03,-279.57,-124.36)" />
+ <linearGradient
+ x1="279.10999"
+ y1="148.03"
+ x2="309.16"
+ y2="148.03"
+ id="XMLID_2429_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e1e1e1;stop-opacity:1"
+ offset="0"
+ id="71564" />
+ <stop
+ style="stop-color:#e1e1e1;stop-opacity:1"
+ offset="0.25"
+ id="71566" />
+ <stop
+ style="stop-color:#a5a5a5;stop-opacity:1"
+ offset="0.44"
+ id="71568" />
+ <stop
+ style="stop-color:#a5a5a5;stop-opacity:1"
+ offset="1"
+ id="71570" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.25"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E1E1E1" />
+ <a:midPointStop
+ offset="0.44"
+ style="stop-color:#A5A5A5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#A5A5A5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#A5A5A5" />
+ </linearGradient>
+ <linearGradient
+ x1="279.10999"
+ y1="148.03"
+ x2="309.16"
+ y2="148.03"
+ id="lg2818"
+ xlink:href="#XMLID_2429_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.03,0,0,1.03,-279.57,-124.36)" />
+ <radialGradient
+ cx="622.34302"
+ cy="14.449"
+ r="26.496"
+ fx="622.34302"
+ fy="14.449"
+ id="lg3499_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.851,0,0,0.849,69.297,51.658)">
+ <stop
+ style="stop-color:#23468e;stop-opacity:1"
+ offset="0"
+ id="stop10972" />
+ <stop
+ style="stop-color:#012859;stop-opacity:1"
+ offset="1"
+ id="stop10974" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#23468E" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#23468E" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#012859" />
+ </radialGradient>
+ <radialGradient
+ cx="622.34302"
+ cy="14.449"
+ r="26.496"
+ fx="622.34302"
+ fy="14.449"
+ id="rg5791"
+ xlink:href="#lg3499_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.858,0,0,0.857,-511.7,9.02)" />
+ <linearGradient
+ x1="616.112"
+ y1="76.247002"
+ x2="588.14099"
+ y2="60.742001"
+ id="lg3497_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#01326e;stop-opacity:1"
+ offset="0"
+ id="stop10962" />
+ <stop
+ style="stop-color:#012859;stop-opacity:1"
+ offset="1"
+ id="stop10964" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#01326E" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#01326E" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#012859" />
+ </linearGradient>
+ <linearGradient
+ x1="617.698"
+ y1="82.445999"
+ x2="585.95203"
+ y2="54.848999"
+ id="lg3496_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="stop10950" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop10952" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#E5E5E5" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="617.698"
+ y1="82.445999"
+ x2="585.95203"
+ y2="54.848999"
+ id="lg5794"
+ xlink:href="#lg3496_"
+ gradientUnits="userSpaceOnUse" />
+ <linearGradient
+ x1="601.39001"
+ y1="55.341"
+ x2="588.29199"
+ y2="71.515999"
+ id="lg3495_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop10941" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.52200001"
+ id="stop10943" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop10945" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.522"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="601.39001"
+ y1="55.341"
+ x2="588.29199"
+ y2="71.515999"
+ id="lg5771"
+ xlink:href="#lg3495_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.009,0,0,1.009,-581.615,-43.098)" />
+ <linearGradient
+ x1="611.34601"
+ y1="55.279999"
+ x2="590.39001"
+ y2="81.157997"
+ id="lg3494_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="stop10932" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.52200001"
+ id="stop10934" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="stop10936" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#D9D9D9" />
+ <a:midPointStop
+ offset="0.522"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#F2F2F2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#CCCCCC" />
+ </linearGradient>
+ <linearGradient
+ x1="611.34601"
+ y1="55.279999"
+ x2="590.39001"
+ y2="81.157997"
+ id="lg5774"
+ xlink:href="#lg3494_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.009,0,0,1.009,-581.616,-43.098)" />
+ <linearGradient
+ x1="798.72998"
+ y1="69.839996"
+ x2="799.04999"
+ y2="70.709999"
+ id="g3302_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#005e00;stop-opacity:1"
+ offset="0"
+ id="s6504" />
+ <stop
+ style="stop-color:#23a11f;stop-opacity:1"
+ offset="1"
+ id="s6506" />
+ <a:midPointstop
+ style="stop-color:#005E00"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#005E00"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#23A11F"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="798.72998"
+ y1="69.839996"
+ x2="799.04999"
+ y2="70.709999"
+ id="lg5851"
+ xlink:href="#g3302_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,-60.001)" />
+ <linearGradient
+ x1="779.19"
+ y1="122.73"
+ x2="811.69"
+ y2="149.74001"
+ id="g3301_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,129.19)">
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0"
+ id="s6483" />
+ <stop
+ style="stop-color:#eee;stop-opacity:1"
+ offset="0.17"
+ id="s6485" />
+ <stop
+ style="stop-color:#e3e3e3;stop-opacity:1"
+ offset="0.34"
+ id="s6487" />
+ <stop
+ style="stop-color:#cfcfcf;stop-opacity:1"
+ offset="0.50999999"
+ id="s6489" />
+ <stop
+ style="stop-color:#b4b4b4;stop-opacity:1"
+ offset="0.67000002"
+ id="s6491" />
+ <stop
+ style="stop-color:#919191;stop-opacity:1"
+ offset="0.83999997"
+ id="s6493" />
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="1"
+ id="s6495" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.71" />
+ <a:midPointstop
+ style="stop-color:#666666"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="779.19"
+ y1="122.73"
+ x2="811.69"
+ y2="149.74001"
+ id="lg5855"
+ xlink:href="#g3301_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,-0.316,0,1.263,-926.036,103.123)" />
+ <clipPath
+ id="g3299_">
+ <use
+ id="use6469"
+ x="0"
+ y="0"
+ width="1005.92"
+ height="376.97"
+ xlink:href="#g101_" />
+ </clipPath>
+ <radialGradient
+ cx="1189.9301"
+ cy="100.05"
+ r="40.400002"
+ fx="1189.9301"
+ fy="100.05"
+ id="g3300_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.34,-8.46e-2,0,0.34,394.16,137.13)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s6472" />
+ <stop
+ style="stop-color:white;stop-opacity:0"
+ offset="1"
+ id="s6474" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#000000"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1199.74"
+ cy="97.150002"
+ r="40.400002"
+ fx="1199.74"
+ fy="97.150002"
+ id="rg5860"
+ xlink:href="#g3300_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.409,-0.107,0,0.429,-451.489,113.149)" />
+ <linearGradient
+ x1="796.38"
+ y1="67.580002"
+ x2="781.28003"
+ y2="58.549999"
+ id="g3298_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#4c8bca;stop-opacity:1"
+ offset="0"
+ id="s6462" />
+ <stop
+ style="stop-color:#b7e9ff;stop-opacity:1"
+ offset="1"
+ id="s6464" />
+ <a:midPointstop
+ style="stop-color:#4C8BCA"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#4C8BCA"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B7E9FF"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="800.97998"
+ y1="140.72"
+ x2="777.71997"
+ y2="121.76"
+ id="g3297_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,129.19)">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="s6448" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s6450" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="800.97998"
+ y1="140.72"
+ x2="777.71997"
+ y2="121.76"
+ id="lg5890"
+ xlink:href="#g3297_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,129.19)" />
+ <linearGradient
+ x1="790.03998"
+ y1="-16.33"
+ x2="779.84003"
+ y2="-3.73"
+ id="g3296_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(0,70.17)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="s6439" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.51999998"
+ id="s6441" />
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="1"
+ id="s6443" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.52" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#CCCCCC"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="790.03998"
+ y1="-16.33"
+ x2="779.84003"
+ y2="-3.73"
+ id="lg5866"
+ xlink:href="#g3296_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,28.6)" />
+ <linearGradient
+ x1="785.84003"
+ y1="72.989998"
+ x2="785.26001"
+ y2="76.279999"
+ id="g3293_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s6412" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="1"
+ id="s6414" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#737373"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="785.84003"
+ y1="72.989998"
+ x2="785.26001"
+ y2="76.279999"
+ id="lg5871"
+ xlink:href="#g3293_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,-60.001)" />
+ <linearGradient
+ x1="789.37"
+ y1="69.879997"
+ x2="791.03998"
+ y2="77.120003"
+ id="g3292_"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="0"
+ id="s6403" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="0.28"
+ id="s6405" />
+ <stop
+ style="stop-color:#666;stop-opacity:1"
+ offset="1"
+ id="s6407" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.28" />
+ <a:midPointstop
+ style="stop-color:#F2F2F2"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#666666"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="789.37"
+ y1="69.879997"
+ x2="791.03998"
+ y2="77.120003"
+ id="lg5874"
+ xlink:href="#g3292_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,0,0,1.263,-926.036,-60.001)" />
+ <linearGradient
+ x1="786.65997"
+ y1="136.12"
+ x2="786.71002"
+ y2="134.33"
+ id="g3290_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1,-0.25,0,1,0,137.29)">
+ <stop
+ style="stop-color:#d9d9d9;stop-opacity:1"
+ offset="0"
+ id="s6380" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="1"
+ id="s6382" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#D9D9D9"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="786.65997"
+ y1="136.12"
+ x2="786.71002"
+ y2="134.33"
+ id="lg5878"
+ xlink:href="#g3290_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.204,-0.316,0,1.263,-926.036,113.351)" />
+ <radialGradient
+ cx="1458.77"
+ cy="-5.0999999"
+ r="35.130001"
+ fx="1458.77"
+ fy="-5.0999999"
+ id="g3289_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.42,0,0,0.42,167.09,79.84)">
+ <stop
+ style="stop-color:white;stop-opacity:1"
+ offset="0"
+ id="s6371" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="s6373" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#FFFFFF"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1458.77"
+ cy="-5.0999999"
+ r="35.130001"
+ fx="1458.77"
+ fy="-5.0999999"
+ id="rg5881"
+ xlink:href="#g3289_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.505,0,0,0.53,-724.957,40.636)" />
+ <radialGradient
+ cx="1612.98"
+ cy="-4.4699998"
+ r="36.580002"
+ fx="1612.98"
+ fy="-4.4699998"
+ id="g3288_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.34,0,0,0.36,238.56,86.87)">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="s6362" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0.63999999"
+ id="s6364" />
+ <stop
+ style="stop-color:#737373;stop-opacity:1"
+ offset="1"
+ id="s6366" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.64" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#737373"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1612.98"
+ cy="-4.4699998"
+ r="36.580002"
+ fx="1612.98"
+ fy="-4.4699998"
+ id="rg5884"
+ xlink:href="#g3288_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.408,0,0,0.448,-638.943,49.495)" />
+ <radialGradient
+ cx="1470.5"
+ cy="-10.21"
+ r="33.290001"
+ fx="1470.5"
+ fy="-10.21"
+ id="g3287_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.42,0,0,0.42,167.09,79.84)">
+ <stop
+ style="stop-color:#e5e5e5;stop-opacity:1"
+ offset="0"
+ id="s6347" />
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0.38999999"
+ id="s6349" />
+ <stop
+ style="stop-color:#b1b1b1;stop-opacity:1"
+ offset="0.75"
+ id="s6351" />
+ <stop
+ style="stop-color:#aaa;stop-opacity:1"
+ offset="0.88"
+ id="s6353" />
+ <stop
+ style="stop-color:#9e9e9e;stop-opacity:1"
+ offset="0.97000003"
+ id="s6355" />
+ <stop
+ style="stop-color:#999;stop-opacity:1"
+ offset="1"
+ id="s6357" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0" />
+ <a:midPointstop
+ style="stop-color:#E5E5E5"
+ offset="0.5" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.39" />
+ <a:midPointstop
+ style="stop-color:#B2B2B2"
+ offset="0.87" />
+ <a:midPointstop
+ style="stop-color:#999999"
+ offset="1" />
+ </radialGradient>
+ <radialGradient
+ cx="1470.5"
+ cy="-10.21"
+ r="33.290001"
+ fx="1470.5"
+ fy="-10.21"
+ id="rg5887"
+ xlink:href="#g3287_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.505,0,0,0.53,-724.957,40.636)" />
+ <pattern
+ patternTransform="matrix(0.592927,0,0,0.592927,78,462)"
+ id="cream-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-365.3146,-513.505)"
+ id="g3047">
+ id="path2858" />
+ <path
+ inkscape:label="#path2854"
+ sodipodi:nodetypes="czzzz"
+ style="fill:#e3dcc0"
+ id="path3060"
+ d="M 390.31462,529.50504 C 390.31462,534.47304 386.28262,538.50504 381.31462,538.50504 C 376.34662,538.50504 372.31462,534.47304 372.31462,529.50504 C 372.31462,524.53704 376.34662,520.50504 381.31462,520.50504 C 386.28262,520.50504 390.31462,524.53704 390.31462,529.50504 z " />
+</g>
+ </pattern>
+ <pattern
+ patternTransform="matrix(0.733751,0,0,0.733751,67,367)"
+ id="dark-cream-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-408.0946,-513.505)"
+ id="dark-cream-spot"
+ inkscape:label="#g3043">
+ <path
+ sodipodi:nodetypes="czzzz"
+ style="fill:#c8c5ac"
+ d="M 433.09458,529.50504 C 433.09458,534.47304 429.06258,538.50504 424.09458,538.50504 C 419.12658,538.50504 415.09458,534.47304 415.09458,529.50504 C 415.09458,524.53704 419.12658,520.50504 424.09458,520.50504 C 429.06258,520.50504 433.09458,524.53704 433.09458,529.50504 z "
+ id="path2953" />
+ </g>
+ </pattern>
+ <pattern
+ patternTransform="matrix(0.375,0,0,0.375,379,400)"
+ id="white-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-484.3997,-513.505)"
+ id="white-spot"
+ inkscape:label="#g3035">
+ <path
+ style="opacity:0.25;fill:white"
+ id="path3033"
+ d="M 509.39967,529.50504 C 509.39967,534.47304 505.36767,538.50504 500.39967,538.50504 C 495.43167,538.50504 491.39967,534.47304 491.39967,529.50504 C 491.39967,524.53704 495.43167,520.50504 500.39967,520.50504 C 505.36767,520.50504 509.39967,524.53704 509.39967,529.50504 z "
+ sodipodi:nodetypes="czzzz" />
+ </g>
+ </pattern>
+ <pattern
+ patternTransform="matrix(0.455007,0,0,0.455007,-5e-5,1.9e-5)"
+ id="black-spots"
+ height="32"
+ width="32"
+ patternUnits="userSpaceOnUse">
+ <g
+ transform="translate(-448.3997,-513.505)"
+ id="black-spot"
+ inkscape:label="#g3039">
+ <path
+ sodipodi:nodetypes="czzzz"
+ d="M 473.39967,529.50504 C 473.39967,534.47304 469.36767,538.50504 464.39967,538.50504 C 459.43167,538.50504 455.39967,534.47304 455.39967,529.50504 C 455.39967,524.53704 459.43167,520.50504 464.39967,520.50504 C 469.36767,520.50504 473.39967,524.53704 473.39967,529.50504 z "
+ id="path2961"
+ style="opacity:0.25;fill:black" />
+ </g>
+ </pattern>
+ <linearGradient
+ x1="501.0903"
+ y1="-19.2544"
+ x2="531.85413"
+ y2="0.72390002"
+ id="linearGradient17334"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop17336" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop17338" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop17340" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop17342" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.5112"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B4DAEA" />
+ <a:midPointStop
+ offset="0.6461"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#16336E" />
+ </linearGradient>
+ <linearGradient
+ x1="415.73831"
+ y1="11.854"
+ x2="418.13361"
+ y2="18.8104"
+ id="linearGradient17426"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.8362,0.5206,-1.1904,0.992,147.62,-30.9374)">
+ <stop
+ style="stop-color:#ccc;stop-opacity:1"
+ offset="0"
+ id="stop17428" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop17430" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#CCCCCC" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#F2F2F2" />
+ </linearGradient>
+ <linearGradient
+ x1="478.21341"
+ y1="-131.9297"
+ x2="469.85818"
+ y2="-140.28481"
+ id="linearGradient17434"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.5592,0.829,-0.829,0.5592,101.3357,-104.791)">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop17436" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop17438" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop17440" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop17442" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#F3403F" />
+ <a:midPointStop
+ offset="0.4213"
+ style="stop-color:#F3403F" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#A6100C" />
+ </linearGradient>
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17709"
+ xlink:href="#XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)" />
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17711"
+ xlink:href="#XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="linearGradient17713"
+ xlink:href="#XMLID_1753_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17715"
+ xlink:href="#XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="500.70749"
+ y1="-13.2441"
+ x2="513.46442"
+ y2="-2.1547"
+ id="linearGradient17717"
+ xlink:href="#XMLID_1757_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="linearGradient17721"
+ xlink:href="#XMLID_2274_"
+ gradientUnits="userSpaceOnUse" />
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="linearGradient17723"
+ xlink:href="#XMLID_2275_"
+ gradientUnits="userSpaceOnUse" />
+ <linearGradient
+ x1="500.70749"
+ y1="-13.2441"
+ x2="513.46442"
+ y2="-2.1547"
+ id="linearGradient17416"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop17418" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop17420" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <defs
+ id="defs9929">
+ <path
+ d="M 489.21,209.35 L 485.35,203.63 C 483.63,204.25 473.47,208.93 471.5,210.18 C 470.57,210.77 470.17,211.16 469.72,212.48 C 470.93,212.31 471.72,212.49 473.42,213.04 C 473.26,214.77 473.24,215.74 473.57,218.2 C 474.01,216.88 474.41,216.49 475.34,215.9 C 477.33,214.65 487.49,209.97 489.21,209.35 z "
+ id="XMLID_960_" />
+ </defs>
+ <clipPath
+ id="clipPath17448">
+ <use
+ id="use17450"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_960_" />
+ </clipPath>
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="linearGradient17452"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop17454" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop17456" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop17458" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop17460" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="linearGradient17463"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#f3403f;stop-opacity:1"
+ offset="0"
+ id="stop17465" />
+ <stop
+ style="stop-color:#d02a28;stop-opacity:1"
+ offset="0.37889999"
+ id="stop17467" />
+ <stop
+ style="stop-color:#b21714;stop-opacity:1"
+ offset="0.77649999"
+ id="stop17469" />
+ <stop
+ style="stop-color:#a6100c;stop-opacity:1"
+ offset="1"
+ id="stop17471" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#F3403F"
+ offset="0.4213" />
+ <a:midPointStop
+ style="stop-color:#A6100C"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="481.23969"
+ y1="212.5742"
+ x2="472.92981"
+ y2="207.4967"
+ id="linearGradient17807"
+ xlink:href="#XMLID_2275_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-177.1654,35.43307)" />
+ <linearGradient
+ x1="473.7681"
+ y1="209.17529"
+ x2="486.98099"
+ y2="213.2001"
+ id="linearGradient17810"
+ xlink:href="#XMLID_2274_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="translate(-177.1654,35.43307)" />
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17812"
+ xlink:href="#XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)" />
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17814"
+ xlink:href="#XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="linearGradient17816"
+ xlink:href="#XMLID_1753_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17818"
+ xlink:href="#XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17347"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,11.0227,-35.6159)">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop17349" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop17351" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#5387BA" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#96BAD6" />
+ </linearGradient>
+ <linearGradient
+ x1="516.57672"
+ y1="-15.769"
+ x2="516.57672"
+ y2="0.84280002"
+ id="linearGradient17379"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b2b2b2;stop-opacity:1"
+ offset="0"
+ id="stop17381" />
+ <stop
+ style="stop-color:#f2f2f2;stop-opacity:1"
+ offset="1"
+ id="stop17383" />
+ <a:midPointStop
+ offset="0"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="0.5"
+ style="stop-color:#B2B2B2" />
+ <a:midPointStop
+ offset="1"
+ style="stop-color:#F2F2F2" />
+ </linearGradient>
+ <linearGradient
+ x1="502.70749"
+ y1="115.3013"
+ x2="516.39001"
+ y2="127.1953"
+ id="linearGradient17862"
+ xlink:href="#XMLID_1749_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.9703,0.2419,-0.2419,0.9703,-166.1427,-0.18283)" />
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17864"
+ xlink:href="#XMLID_1756_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <defs
+ id="defs3859">
+ <polygon
+ points="465.54,213.52 481.94,217.46 482.74,216.71 487.46,198.05 471.08,194.07 470.26,194.83 465.54,213.52 "
+ id="XMLID_343_" />
+ </defs>
+ <linearGradient
+ x1="471.0806"
+ y1="201.07761"
+ x2="481.91711"
+ y2="210.4977"
+ id="linearGradient17389"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#6498c1;stop-opacity:1"
+ offset="0.005618"
+ id="stop17391" />
+ <stop
+ style="stop-color:#79a9cc;stop-opacity:1"
+ offset="0.2332"
+ id="stop17393" />
+ <stop
+ style="stop-color:#a4cde2;stop-opacity:1"
+ offset="0.74049997"
+ id="stop17395" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="1"
+ id="stop17397" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="5.618000e-003" />
+ <a:midPointStop
+ style="stop-color:#6498C1"
+ offset="0.4438" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="clipPath17400">
+ <use
+ id="use17402"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_343_" />
+ </clipPath>
+ <linearGradient
+ x1="505.62939"
+ y1="-14.9526"
+ x2="527.49402"
+ y2="-0.7536"
+ id="linearGradient17404"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop17406" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop17408" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop17410" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop17412" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17882"
+ xlink:href="#XMLID_1752_"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)" />
+ <defs
+ id="defs3826">
+ <polygon
+ points="463.52,216.14 480.56,220.24 481.36,219.5 483.03,202.04 469.05,196.69 468.24,197.45 463.52,216.14 "
+ id="XMLID_338_" />
+ </defs>
+ <linearGradient
+ x1="468.2915"
+ y1="204.7612"
+ x2="479.39871"
+ y2="214.4166"
+ id="linearGradient17357"
+ gradientUnits="userSpaceOnUse">
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0"
+ id="stop17359" />
+ <stop
+ style="stop-color:#96bad6;stop-opacity:1"
+ offset="1"
+ id="stop17361" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#96BAD6"
+ offset="1" />
+ </linearGradient>
+ <clipPath
+ id="clipPath17364">
+ <use
+ id="use17366"
+ x="0"
+ y="0"
+ width="744.09448"
+ height="600"
+ xlink:href="#XMLID_338_" />
+ </clipPath>
+ <linearGradient
+ x1="506.09909"
+ y1="-11.5137"
+ x2="527.99609"
+ y2="2.7063999"
+ id="linearGradient17368"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.6868,0.4269,-0.9821,0.821,111.6149,-5.7901)">
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0"
+ id="stop17370" />
+ <stop
+ style="stop-color:#b4daea;stop-opacity:1"
+ offset="0.51120001"
+ id="stop17372" />
+ <stop
+ style="stop-color:#5387ba;stop-opacity:1"
+ offset="0.64609998"
+ id="stop17374" />
+ <stop
+ style="stop-color:#16336e;stop-opacity:1"
+ offset="1"
+ id="stop17376" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5112" />
+ <a:midPointStop
+ style="stop-color:#B4DAEA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.6461" />
+ <a:midPointStop
+ style="stop-color:#5387BA"
+ offset="0.5" />
+ <a:midPointStop
+ style="stop-color:#16336E"
+ offset="1" />
+ </linearGradient>
+ <linearGradient
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398"
+ id="linearGradient2387"
+ xlink:href="#linearGradient2381"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)" />
+ <linearGradient
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398"
+ id="linearGradient5105"
+ xlink:href="#linearGradient2381"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)" />
+ <linearGradient
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398"
+ id="linearGradient5145"
+ xlink:href="#linearGradient2381"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)" />
+ <linearGradient
+ inkscape:collect="always"
+ xlink:href="#linearGradient2381"
+ id="linearGradient2371"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(0.90776,0,0,0.90776,24.35648,49.24131)"
+ x1="296.4996"
+ y1="188.81061"
+ x2="317.32471"
+ y2="209.69398" />
+ </defs>
+ <g
+ transform="matrix(0.437808,-0.437808,0.437808,0.437808,-220.8237,43.55311)"
+ id="g5089">
+ <path
+ d="M 8.4382985,-6.28125 C 7.8309069,-6.28125 4.125,-0.33238729 4.125,1.96875 L 4.125,28.6875 C 4.125,29.533884 4.7068159,29.8125 5.28125,29.8125 L 30.84375,29.8125 C 31.476092,29.8125 31.968751,29.319842 31.96875,28.6875 L 31.96875,23.46875 L 32.25,23.46875 C 32.74684,23.46875 33.156249,23.059339 33.15625,22.5625 L 33.15625,-5.375 C 33.15625,-5.8718398 32.74684,-6.28125 32.25,-6.28125 L 8.4382985,-6.28125 z "
+ transform="translate(282.8327,227.1903)"
+ style="fill:#5c5c4f;stroke:black;stroke-width:3.23021388;stroke-miterlimit:4;stroke-dasharray:none"
+ id="path5091" />
+ <rect
+ width="27.85074"
+ height="29.369793"
+ rx="1.1414107"
+ ry="1.1414107"
+ x="286.96509"
+ y="227.63805"
+ style="fill:#032c87"
+ id="rect5093" />
+ <path
+ d="M 288.43262,225.43675 L 313.67442,225.43675 L 313.67442,254.80655 L 287.29827,254.83069 L 288.43262,225.43675 z "
+ style="fill:white"
+ id="rect5095" />
+ <path
+ d="M 302.44536,251.73726 C 303.83227,259.59643 301.75225,263.02091 301.75225,263.02091 C 303.99609,261.41329 305.71651,259.54397 306.65747,257.28491 C 307.62455,259.47755 308.49041,261.71357 310.9319,263.27432 C 310.9319,263.27432 309.33686,256.07392 309.22047,251.73726 L 302.44536,251.73726 z "
+ style="fill:#a70000;fill-opacity:1;stroke-width:2"
+ id="path5097" />
+ <rect
+ width="25.241802"
+ height="29.736675"
+ rx="0.89682275"
+ ry="0.89682275"
+ x="290.73544"
+ y="220.92249"
+ style="fill:#809cc9"
+ id="rect5099" />
+ <path
+ d="M 576.47347,725.93939 L 582.84431,726.35441 L 583.25121,755.8725 C 581.35919,754.55465 576.39694,752.1117 574.98889,754.19149 L 574.98889,727.42397 C 574.98889,726.60151 575.65101,725.93939 576.47347,725.93939 z "
+ transform="matrix(0.499065,-0.866565,0,1,0,0)"
+ style="fill:#4573b3;fill-opacity:1"
+ id="rect5101" />
+ <path
+ d="M 293.2599,221.89363 L 313.99908,221.89363 C 314.45009,221.89363 314.81318,222.25673 314.81318,222.70774 C 315.02865,229.0361 295.44494,244.47124 292.44579,240.30491 L 292.44579,222.70774 C 292.44579,222.25673 292.80889,221.89363 293.2599,221.89363 z "
+ style="opacity:0.65536726;fill:url(#linearGradient2371);fill-opacity:1"
+ id="path5103" />
+ </g>
+</svg>
diff --git a/en-US/Books/ClassRoom/Manual-Book_Info.xml b/en-US/Books/ClassRoom/Manual-Book_Info.xml
index 82dadc2..e04ac70 100644
--- a/en-US/Books/ClassRoom/Manual-Book_Info.xml
+++ b/en-US/Books/ClassRoom/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/ClassRoom/Manual-Preface.xml b/en-US/Books/ClassRoom/Manual-Preface.xml
index dc1e707..dc37059 100644
--- a/en-US/Books/ClassRoom/Manual-Preface.xml
+++ b/en-US/Books/ClassRoom/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Advanced/Course-Book_Info.xml b/en-US/Books/Linux/Advanced/Course-Book_Info.xml
index 04ad0b2..d5bd65b 100644
--- a/en-US/Books/Linux/Advanced/Course-Book_Info.xml
+++ b/en-US/Books/Linux/Advanced/Course-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Advanced/Course-Preface.xml b/en-US/Books/Linux/Advanced/Course-Preface.xml
index f2196f6..9518e23 100644
--- a/en-US/Books/Linux/Advanced/Course-Preface.xml
+++ b/en-US/Books/Linux/Advanced/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Advanced/Manual-Book_Info.xml b/en-US/Books/Linux/Advanced/Manual-Book_Info.xml
index 11d335f..2931300 100644
--- a/en-US/Books/Linux/Advanced/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/Advanced/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Advanced/Manual-Preface.xml b/en-US/Books/Linux/Advanced/Manual-Preface.xml
index e5e1942..ec266f2 100644
--- a/en-US/Books/Linux/Advanced/Manual-Preface.xml
+++ b/en-US/Books/Linux/Advanced/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Basic/Course-Book_Info.xml b/en-US/Books/Linux/Basic/Course-Book_Info.xml
index 4a31ee0..f8d8257 100644
--- a/en-US/Books/Linux/Basic/Course-Book_Info.xml
+++ b/en-US/Books/Linux/Basic/Course-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Basic/Course-Preface.xml b/en-US/Books/Linux/Basic/Course-Preface.xml
index 13b52fc..9c6f550 100644
--- a/en-US/Books/Linux/Basic/Course-Preface.xml
+++ b/en-US/Books/Linux/Basic/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Basic/Manual-Book_Info.xml b/en-US/Books/Linux/Basic/Manual-Book_Info.xml
index edbf500..ea4f38c 100644
--- a/en-US/Books/Linux/Basic/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/Basic/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Basic/Manual-Preface.xml b/en-US/Books/Linux/Basic/Manual-Preface.xml
index 272a4c0..6cf872e 100644
--- a/en-US/Books/Linux/Basic/Manual-Preface.xml
+++ b/en-US/Books/Linux/Basic/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml b/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml
index 96a77d0..845bb07 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml b/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml
index 1918605..58f44f6 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml b/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml
index 677a6fe..45381e8 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml b/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml
index f0f1be3..5032da5 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml b/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml
index a3ff1e6..49498ce 100644
--- a/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml
+++ b/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/RHCETraining/Course-Preface.xml b/en-US/Books/Linux/RHCETraining/Course-Preface.xml
index d341b12..0008a64 100644
--- a/en-US/Books/Linux/RHCETraining/Course-Preface.xml
+++ b/en-US/Books/Linux/RHCETraining/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml b/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml
index 170369a..8bf3a9e 100644
--- a/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/RHCETraining/Manual-Preface.xml b/en-US/Books/Linux/RHCETraining/Manual-Preface.xml
index e3ea344..6fe80bf 100644
--- a/en-US/Books/Linux/RHCETraining/Manual-Preface.xml
+++ b/en-US/Books/Linux/RHCETraining/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Senior/Course-Book_Info.xml b/en-US/Books/Linux/Senior/Course-Book_Info.xml
index bb0eb4d..ed1407c 100644
--- a/en-US/Books/Linux/Senior/Course-Book_Info.xml
+++ b/en-US/Books/Linux/Senior/Course-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Senior/Course-Preface.xml b/en-US/Books/Linux/Senior/Course-Preface.xml
index 1d9aff8..57db973 100644
--- a/en-US/Books/Linux/Senior/Course-Preface.xml
+++ b/en-US/Books/Linux/Senior/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Senior/Manual-Book_Info.xml b/en-US/Books/Linux/Senior/Manual-Book_Info.xml
index ea895cc..2a132e3 100644
--- a/en-US/Books/Linux/Senior/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/Senior/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Senior/Manual-Preface.xml b/en-US/Books/Linux/Senior/Manual-Preface.xml
index 5072c4a..83bd9d6 100644
--- a/en-US/Books/Linux/Senior/Manual-Preface.xml
+++ b/en-US/Books/Linux/Senior/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/PuppetWorkshop/Author_Group.xml b/en-US/Books/PuppetWorkshop/Author_Group.xml
deleted file mode 100644
index c9ba622..0000000
--- a/en-US/Books/PuppetWorkshop/Author_Group.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE authorgroup PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-]>
-
-<authorgroup>
- <author>
- <firstname>Jeroen</firstname>
- <surname>van Meeuwen</surname>
- <affiliation>
- <orgname>Operator Groep Delft</orgname>
- <orgdiv>Sr. System Engineer</orgdiv>
- </affiliation>
- <email>j.van.meeuwen(a)ogd.nl</email>
- </author>
- <author>
- <firstname>Stefan</firstname>
- <surname>Hartsuiker</surname>
- <affiliation>
- <orgname>Operator Groep Delft</orgname>
- <orgdiv>System Engineer</orgdiv>
- </affiliation>
- <email>s.hartsuiker(a)ogd.nl</email>
- </author>
-</authorgroup>
diff --git a/en-US/Books/PuppetWorkshop/Course-Appendix.xml b/en-US/Books/PuppetWorkshop/Course-Appendix.xml
deleted file mode 100644
index 37b3e31..0000000
--- a/en-US/Books/PuppetWorkshop/Course-Appendix.xml
+++ /dev/null
@@ -1,176 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-]>
-
-<part id="PuppetWorkshop-Appendices">
- <title>Appendices</title>
- <appendix id="PuppetWorkshop-Appendix-Terminology">
- <title>Puppet Terminology</title>
- <para>
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>class</title>
- <para>
- A class is a collection of resources applied to a node with a single include statement. It groups together a comprehensible set of resources. A class <emphasis>ypclient</emphasis> would manage the <code>File["/etc/nsswitch.conf"]</code>, <code>File["/etc/yp.conf"]</code>, <code>Package["ypbind"]</code>, and <code>Service["ypbind"]</code> resources.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>fact</title>
- <para>
- A client-side generated aspect of the node the puppet client runs on. Example facts are the amount of available memory, the hostname, the fully qualified domain name, the operating system (version).
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>manifest</title>
- <para>
- The collection of classes, modules and resources that the <xref linkend="PuppetWorkshop-Appendix-Terminology-puppetmaster" /> uses to distribute the appropriate configuration to a <xref linkend="PuppetWorkshop-Appendix-Terminology-puppet" />.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>module</title>
- <para>
- module
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>node</title>
- <para>
- The client, a node, is an operating system instance running the puppet client application. This can be a regular operating system running directly on top of actual hardware, a virtual guest as well as a virtual host.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara id="PuppetWorkshop-Appendix-Terminology-puppet">
- <title>puppet</title>
- <para>
- The client, a node, runs the <application>puppetd</application> daemon or service, and is referred to as the <emphasis>puppet</emphasis>
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara id="PuppetWorkshop-Appendix-Terminology-puppetmaster">
- <title>puppetmaster</title>
- <para>
- The puppetmaster is the node that runs the server-side application to a puppet setup.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>resource</title>
- <para>
- A resource is an instantiated <xref linkend="PuppetWorkshop-Appendix-Terminology-type" />
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>system resource</title>
- <para>
-<!-- A system resource is a resource available on the node whether it is managed by puppet or not. Unlike in other cases, this term does not as much to system hardware resources such as the CPU or memory available to the operating system, because that.
-//-->
- A system resource is a resource available on the node whether it is managed by puppet or not. Unlike what is otherwise understood by system resources, the puppet definition of system resources does not so much refer to resources like CPU or memory, but rather to whether or not a package is installed or what version of said package, or the $osversion, and so on and so forth.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara id="PuppetWorkshop-Appendix-Terminology-type">
- <title>type</title>
- <para>
- definition
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
- </appendix>
- <appendix id="PuppetWorkshop-Appendix-ExampleSSLFrontendReverseProxyLoadBalancerConfiguration">
- <title>Example SSL Frontend Reverse Proxy Load Balancer Configuration</title>
- <para>
-<screen>
-<ifModule !mod_proxy.c>
- LoadModule proxy_module modules/mod_proxy.so
-</IfModule>
-
-<IfModule !mod_proxy_http.c>
- LoadModule proxy_http_module modules/mod_proxy_http.so
-</IfModule>
-
-<IfModule !mod_proxy_balancer.c>
- LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
-</IfModule>
-
-<IfModule !mod_headers.c>
- LoadModule headers_module modules/mod_headers.so
-</IfModule>
-
-<IfModule !mod_ssl.c>
- LoadModule ssl_module modules/mod_ssl.so
-</IfModule>
-
-<IfModule !mod_authz_host.c>
- LoadModule authz_host_module modules/mod_authz_host.so
-</IfModule>
-
-<IfModule !mod_log_config.c>
- LoadModule log_config_module modules/mod_log_config.so
-</IfModule>
-
-<Directory />
- Options FollowSymLinks
- AllowOverride None
- Order deny,allow
- Deny from all
-</Directory>
-
-<Proxy balancer://master.puppetmanaged.org>
- BalancerMember http://127.0.0.1:8141 keepalive=on retry=30
-</Proxy>
-
-<VirtualHost *:8140>
- ServerName master.puppetmanaged.org
- SSLEngine on
- SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
- SSLCertificateFile /var/lib/puppet/ssl/certs/master.puppetmanaged.org.pem
- SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/master.puppetmanaged.org.pem
- SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
- SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
- SSLVerifyClient optional
- SSLVerifyDepth 1
- SSLOptions +StdEnvVars
-
- # The following client headers allow the same configuration to work with Pound.
- RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
- RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
- RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
-
- <Location />
- SetHandler balancer-manager
- Order allow,deny
- Allow from all
- </Location>
-
- ProxyPass / balancer://master.puppetmanaged.org:8140/ timeout=180
- ProxyPassReverse / balancer://master.puppetmanaged.org:8140/
- ProxyPreserveHost on
- SetEnv force-proxy-request-1.0 1
- SetEnv proxy-nokeepalive 1
-
- ErrorLog logs/master.puppetmanaged.org-balancer-error_log
- CustomLog logs/master.puppetmanaged.org-balancer-access_log combined
- CustomLog logs/master.puppetmanaged.org-balancer-ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-</VirtualHost>
-</screen>
- </para>
- </appendix>
- <xi:include href="Revision_History.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-</part>
diff --git a/en-US/Books/PuppetWorkshop/Course-Book_Info.xml b/en-US/Books/PuppetWorkshop/Course-Book_Info.xml
deleted file mode 100644
index d7a78f8..0000000
--- a/en-US/Books/PuppetWorkshop/Course-Book_Info.xml
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE bookinfo PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-]>
-
-<bookinfo id="PuppetWorkshop-Product_Name_and_Version">
- <title>Puppet Workshop</title>
- <subtitle>Puppet Workshop</subtitle>
- <issuenum>0.1</issuenum>
- <productnumber>1</productnumber>
- <abstract><para>This is a Configuration Management workshop (based on Puppet)</para></abstract>
- <corpauthor>
- <inlinemediaobject>
- <imageobject>
- <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
- </imageobject>
- </inlinemediaobject>
- </corpauthor>
- <copyright>
- <year>&YEAR;</year>
- <holder>&HOLDER;</holder>
- </copyright>
- <xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-</bookinfo>
-
-
-
diff --git a/en-US/Books/PuppetWorkshop/Course-Preface.xml b/en-US/Books/PuppetWorkshop/Course-Preface.xml
deleted file mode 100644
index d8e4a06..0000000
--- a/en-US/Books/PuppetWorkshop/Course-Preface.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE preface PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-]>
-
-<preface id="PuppetWorkshop-Preface">
- <title>Preface</title>
- <para>
- paragraph
- </para>
- <xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-</preface>
diff --git a/en-US/Books/PuppetWorkshop/Course.xml b/en-US/Books/PuppetWorkshop/Course.xml
deleted file mode 100644
index eb4dc14..0000000
--- a/en-US/Books/PuppetWorkshop/Course.xml
+++ /dev/null
@@ -1,1076 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.docbook.org/xml/4.4/docbookx.dtd">
-
-<book id="PuppetWorkshop">
-
- <xi:include href="Course-Book_Info.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Course-Preface.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-
- <part id="PuppetWorkshop-Part">
- <title>Puppet Workshop</title>
- <chapter id="PuppetWorkshop-Introduction">
- <title>Introduction</title>
- <para>
- Welcome to the Puppet Workshop (or Configuration Management workshop). Today's workshop is comprised of the following topics:
- </para>
- <para>
- <segmentedlist>
- <segtitle>Topic</segtitle>
- <seglistitem>
- <seg>Introduction to Configuration Management</seg>
- </seglistitem>
- <seglistitem>
- <seg>Introduction to Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Puppet Terminology</seg>
- </seglistitem>
- <seglistitem>
- <seg>How Puppet Works</seg>
- </seglistitem>
- <seglistitem>
- <seg>Puppet Features</seg>
- </seglistitem>
- <seglistitem>
- <seg>Troubleshooting Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Setting up Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>How to use Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Other Things To Do With Puppet</seg>
- </seglistitem>
- <seglistitem>
- <seg>Best Practices</seg>
- </seglistitem>
- </segmentedlist>
- </para>
- </chapter>
-
- <chapter id="PuppetWorkshop-IntroductionToConfigurationManagement">
- <title>Introduction to Configuration Management</title>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement">
- <title>What is Configuration Management?</title>
- <para>
- Within virtually every organization, there's probably a number of systems running Linux, Solaris, Mac OS X or HP-UX. All these machines need to be configured to be able to function properly. Some will need special drivers, and all of them will need correct DNS settings, certain packages installed and certain other packages removed. Most probably, the more systems, the more these diverge in the configuration they need, and potentially diverge in the way this configuration needs to be applied to a given operating system or operating system version.
- </para>
- <para>
- More specifically, an organization may have a couple of webservers, fileservers, a DNS and a DHCP server, a number of desktop PCs, and a number of laptops. The laptops may need slightly different system configuration (no LDAP authentication, and with a VPN client installed, for example), and the desktop PCs may need different applications installed then the servers, and so forth. Yet, between, say, a hundred desktop PCs, you would want the configuration to be as similar as possible. You may want to diverge between a software developer's desktop PC and a desktop PC in Human Resources, but in essence these are desktop profiles diverging on the application level, applied upon a stable system configuration which remains the same, or similar at least.
- </para>
- <para>
- By the time the organization grows, replaces the hardware, upgrades to another version of the operating system, or applies changes, the challenge to making everything work yet maintain a similar configuration between all nodes becomes bigger. While every attempt made to control the situation can be called a form of configuration management, the solution without a configuration management framework is often comprised of:
- </para>
- <para>
- <orderedlist>
- <listitem>
- <para>
- a number of scripts (with or without revision control), to move around files, install packages, perform daily check-ups,
- </para>
- </listitem>
- <listitem>
- <para>
- NFS mounts with programs pre-installed, so that nodes can mount these NFS shares and the software needs to be provided once, in one location, for all to share,
- </para>
- </listitem>
- <listitem>
- <para>
- file server shares with pre-compiled drivers, or driver sources being compiled on the nodes by scripts running on the nodes,
- </para>
- </listitem>
- <listitem>
- <para>
- terminal servers or desktop servers like with FreeNX, so that configuration concentrates on a smaller number of boxes
- </para>
- </listitem>
- </orderedlist>
- </para>
- <para>
- This means that work-arounds for actual (user) problems maybe require an additional if-then-else in one or the other script, and updates to programs installed require manual compilation and installation. The success rate of these solutions never reaches 100%, and as it turns out the longer such a implemented solution runs, the more exotic problems become and the more machines will fail to remain up-to-date regardless of any attempt made to fix the issue; simply because it becomes to diversive and unmaintainable.
- </para>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagement">
- <title>Configuration Management</title>
- <para>
- Generally speaking, with configuration management, it's about managing the configuration of one or more organizational resources in order to have it be in a state in which it can perform the operations required by, and possibly critical to, the organization's operations.
- </para>
- <para>
- In this workshop though, we are not going to explore configuration management of a coffee machine. Instead we look at the computers in a network running any platform but the one from a prominent proprietary North America-based vendor. We are talking automation and further enhancement of Computer Systems Administration.
- </para>
- <para>
- When managing the operating system and software running on mainframes, servers, desktop PCs and laptops, you may find yourself looking for answers to questions such as:
- </para>
- <para>
- <itemizedlist>
- <listitem>
- <para>
- How do I manage what packages are installed on a given system?
- <itemizedlist>
- <listitem>
- <para>
- How do I manage the configuration of those packages (this software)?
- </para>
- </listitem>
- <listitem>
- <para>
- How do I make sure these packages are updated?
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </listitem>
- <listitem>
- <para>
- How do I make sure the services that every machine needs to run are actually running?
- </para>
- </listitem>
- <listitem>
- <para>
- How do I manage monitoring the services or a machine's state?
- </para>
- </listitem>
- <listitem>
- <para>
- A job needs to run periodically (maybe via <application>crontab</application>), but how do I make sure it is run, and how can I change or remove the job later?
- </para>
- </listitem>
- <listitem>
- <para>
- Given different operating systems and operating system versions, how do I make sure I apply the correct routine for adding a user, starting a service, install/update/remove a package?
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </section>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-WhatIsConfigurationManagement-ConfigurationManagementRequirements">
- <title>Configuration Management Requirements</title>
- <para>
- This section is about what you would want Configuration Management to do for you:
- </para>
- <para>
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>Maintain consistency across systems</title>
- <para>
- Consistency across systems is key in understanding where a problem might come from. If each and every system is unique, you may end up searching for unique aspects of the system's configuration in order to determine the cause of a problem, while if systems are consistent to some extend, you may have found the problem even before your users report it.
- </para>
- </formalpara>
- <formalpara>
- <title>Consistency !== Equality</title>
- <para>
- Of course keeping system consistent in their configuration doesn't say all your systems should be entirely equal, because that would not be feasible for many organizations and defeat the purpose of configuration management. Needless to say though, having all systems be entirely unique defeats part of the purpose of configuration management as well.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Categorize systems</title>
- <para>
- Categorizing systems into categories like (for example) <emphasis>desktop</emphasis>, <emphasis>server</emphasis> and/or <emphasis>laptop</emphasis>, helps in applying changes to one category, such as installing <application>GNOME</application> or keeping systems up-to-date according to a schedule that may (servers) or may not (desktops, laptops) need a service or maintenance window.
- </para>
- </formalpara>
- <formalpara>
- <title>Different profiles</title>
- <para>
- More generally speaking, different profiles for each of these categories may be defined as well, of course. A developer's desktop most likely has different requirements then a publicly accessible booth at the reception desk.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Version Control</title>
- <para>
- Version control lets you keep track of changes applied to the overall configuration management framework, which is important because since you are managing different aspects of a number of systems, if something goes wrong the changes applied to the configuration of puppet will most likely be the first clue as to what caused the new problem and lets you recover relatively fast.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Overview of systems' tasks and services</title>
- <para>
- Being able to quickly tell what a system does exactly, and how it differs from another system not only aids in performing risk assessments (impact of a given change), but may also help in determining the impact of a change beforehand, as well as determine the impact of an unexpected system interruption. Providing an example to the latter I suppose if you update httpd across systems (whether tested or untested), but the new software version doesn't work as expected, a configuration management framework should be able to quickly give you an overview of impacted systems and services.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Updating systems</title>
- <para>
- Some systems can be updated irregularly, such as desktop PCs, but need to be kept up-to-date nonetheless. Other systems need to have service and/or maintenance windows, such as servers.
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
- </section>
-
- </section>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement">
- <title>Problems without Configuration Management</title>
- <para>
- There's a number of challenges in applying configuration management, such as:
- </para>
- <para>
- <orderedlist>
- <listitem>
- <formalpara>
- <title>Different operating systems</title>
- <para>
- If you have a diverse organization in terms of the operating systems your nodes run, applying the same thing to a set of different operating systems is challenging in that adding a user or setting a password on one operating system isn't the same as adding a user or setting a password on another operating system. Of course the same applies to installing, updating or removing a package, and so forth. Of course the more different operating systems you have, the harder managing any given resource becomes.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Different distributions</title>
- <para>
- Although an organization may not have different distributions running right now, sooner or later, an organization will migrate from one distribution to another; That is practically inevitable. If an organization does have different distributions running, practical problems such as the location of certain files become evident, as well as different interfaces to resource-management (like adding a user with <application>useradd</application> or <application>adduser</application>).
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Different versions of distributions</title>
- <para>
- Different versions of distributions, or more accurately the different versions of the utilities, as well as the configuration settings for updated programs that come with the distributions, can form a challenge when or if the organization does not have a proper configuration management framework in place. Note that even though an organization may not have different versions of a distribution right now, at some point the organization will need to upgrade to the next available release.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Different tasks to perform</title>
- <para>
- Each different system in an organization is performing one or more tasks that may be unique to the system or may be shared between a group of systems, but with many different tasks being performed throughout the organization's infrastructure, keeping track of what system performs which task, keeping these systems up to date and configuring them to have the required packages installed for each of the tasks they perform, tackling the problem becomes harder.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Different ways to perform a task</title>
- <para>
- Within an organization that has multiple servers performing the same task, keeping a similar state or perform a task in a similar manner is challenging in that without configuration management, you are most likely to find three or more ways to purge old files from <filename>/tmp/</filename> and <filename>/var/tmp/</filename>, for example. The same differentiation may apply to how webservers' VirtualHost's are configured, or how a NFS share is mounted (mount options in particular).
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Different nodes</title>
- <para>
- This one goes to hardware-specific needs and configuration. When each of the systems in an organization are not all of the same brand, make and model, or each system has different harddisk layouts, or needs different videocard drivers, you are basically keeping lists and making choices based on this list.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Different services</title>
- <para>
- Different services of course are configured differently, as far as configuration file locations and syntax are concerned. However, figuring out the best way to apply certain configuration to a system for each service is less efficient without configuration management. You might adjust a script or two and/or adjust the source repository from which you pull updates to each machine, but the changes may turn out to only apply to that system that needed the exception to the rule instead of focussing on a more general solution to the problem once, and apply that solution multiple times, over and over again.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Interfaces to a system resource</title>
- <para>
- This is probably the hardest one if you are not using any configuration management framework. Given different operating systems, distributions and/or distribution versions, in which case any combination of the three only makes the problem harder to solve, you are most likely to encounter so many different ways to manage a resource, that a simple script or routine cannot cover all of them. One example is adding a user to the system, and making the user a group member of several groups. You may find routines ranging from using <application>useradd</application> or <application>adduser</application> depending on the distribution used, to writing out ldifs from a template and using <application>ldapadd</application> or <application>ldapmodify</application> depending on whether the user already exists or not.
- </para>
- </formalpara>
- </listitem>
- </orderedlist>
- </para>
- </section>
-
- <section id="PuppetWorkshop-IntroductionToConfigurationManagement-NotSoTechnicalAspects">
- <title>Not So Technical Aspects</title>
- <para>
- In addition to the problems you may encounter with or without configuration management, there's a number of problems or challenges that are not so technical, but you may want to see resolved by a configuration management utility;
- </para>
- <para>
- <orderedlist>
- <listitem>
- <formalpara>
- <title>Applying changes</title>
- <para>
- Applying changes to multiple machines at once may become a problem depending on the size of the organization or the amount of control that you have over systems, remotely. There was a time when changing the DNS servers for a set of systems required one to log on to the console of each system and edit <filename>/etc/resolv.conf</filename> manually. You can see the problem become bigger if the organization does not have 20 systems, but 1200.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Keeping track of changes</title>
- <para>
- Another challenge is keeping track of the changes applied to each system. Even with configuration management, errors can be made and systems might behave unexpectedly, in which case you will want to know what changed on these systems, and how to recover to an operational state. Keeping track of changes without a configuration management framework however is a little harder, but with configuration management, you have reports (changes applied to a system in a nice overview), and most advisebly you have the configuration for Puppet stored in a Source Control Management system, or SCM system, like CVS, SVN, Mercurial, or GIT.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Staging changes</title>
- <para>
- Staging changes is a huge must-have in case changes are radical or might destroy a normal system's operation (even if temporary). For such changes, you would want to test the changes first, and with Puppet, you get this in the form of <emphasis>environments</emphasis>.
- </para>
- </formalpara>
- </listitem>
- </orderedlist>
- </para>
- </section>
-
- </chapter>
-
- <chapter id="PuppetWorkshop-IntroductionToPuppet">
- <title>Introduction To Puppet</title>
- <para>
- Puppet is a solution to the problems set forth in <xref linkend="PuppetWorkshop-IntroductionToConfigurationManagement-ProblemsWithoutConfigurationManagement" />.
- </para>
-
- <section id="PuppetWorkshop-IntroductionToPuppet-WhatDoesPuppetDo">
- <title>What Does Puppet Do?</title>
- <para>
- Puppet offers a high-level abstraction of system resources like you would encounter on any given system, such as users, services and packages. Seeing as how different operating systems and different distributions each have different interfaces, so-called <emphasis>providers</emphasis> in puppet terms, to these system resources, scripting a package to be installed, updated, removed or be of a certain version includes a lot of <code>if-then-else</code> statements in a script you'd write to manage that particular system resource, the package.
- </para>
- <para>
- On Debian, Ubuntu and derivative distributions for example, the package provider may be <application>apt</application>, <application>dpkg</application>, <application>smart</application>, <application>alien</application>, <application>PackageKit</application>, while on Fedora, Red Hat and it's derivatives, the package provider may be <application>rpm</application>, <application>yum</application>, <application>PackageKit</application>, <application>apt</application> or <application>smart</application>.
- </para>
- <para>
- Another difference between distributions is how services can be started, or configured to start up when the machine boots. A <application>service</application> script may be available, or <filename>/etc/init.d/</filename> may contain scripts to start and stop a service. Also, some of these service providers may have <code>status</code>, <code>reload</code> and <code>restart</code> command parameters, whereas others may not have. Additionally, using <application>chkconfig</application> to configure the runlevels the service should be enabled or disabled in may not be available on all systems.
- </para>
- <para>
- By abstracting these system resources into <emphasis>types</emphasis>, Puppet takes on the headaches for most operating system and distribution specific interfaces to managing these system resources. It knows, or figures out all by itself, what provider to use given a <emphasis>type</emphasis>.
- </para>
- <formalpara>
- <title>Abstraction of system resources</title>
- <para>
- Abstraction of the system resources into so-called <emphasis>types</emphasis> causes the administrator to only need to configure a type, such as <emphasis>package</emphasis>, <emphasis>user</emphasis>, <emphasis>cron</emphasis>, and so forth. The configuration management utility itself will figure out what package manager backend to use, whether it's apt, yum, rpm, dpkg, smart or PackageKit.
- </para>
- </formalpara>
- <para>
- Puppet example to ensure user <emphasis>sysadmin</emphasis> exists on a system:
- <screen>user { "sysadmin":
- ensure => present
-}</screen>
- </para>
- <para>
- Puppet example to ensure the <emphasis>ypbind</emphasis> package is installed and the most recent version, <emphasis>ypbind</emphasis> is correctly configured, and the <emphasis>ypbind</emphasis> service is running:
- <screen>package { "ypbind":
- ensure => latest
-}
-
-file { "/etc/yp.conf":
- source => "puppet://$server/files/yp.conf",
- notify => Service["ypbind"],
- require => Package["ypbind"]
-}
-
-service { "ypbind":
- enable => true,
- ensure => running,
- require => [
- File["/etc/yp.conf"],
- Package["ypbind"]
- ]
-}</screen>
- </para>
- <para>
- The above example is called a <emphasis>manifest</emphasis>, built out of <emphasis>types</emphasis> (package, file, service), which, once defined in a manifest, are referred to as <emphasis>resources</emphasis>. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
- </para>
- </section>
-
- </chapter>
-
- <chapter id="PuppetWorkshop-PuppetTerminology">
- <title>Puppet Terminology</title>
- <para>
- Terminology used in this documentation. See also <xref linkend="PuppetWorkshop-Appendix-Terminology" />
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>class</title>
- <para>
- A class is a collection of resources applied to a node with a single include statement. It groups together a comprehensible set of resources. A class <emphasis>ypclient</emphasis> would manage the <code>File["/etc/nsswitch.conf"]</code>, <code>File["/etc/yp.conf"]</code>, <code>Package["ypbind"]</code>, and <code>Service["ypbind"]</code> resources.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>fileserver</title>
- <para>
- The fileserver is where the puppet pulls files from. It is normally integrated with the puppetmaster, but it can be an entirely different server, too.
- </para>
- </formalpara>
- <para>
- The fileserver serves files to puppets that request them, but it also serves <emphasis>templates</emphasis>, which are parsed on the fileserver (puppetmaster), and passed on to the client as a whole new file.
- </para>
- </listitem>
- <listitem>
- <formalpara>
- <title>manifest</title>
- <para>
- The collection of classes, modules and resources that the <xref linkend="PuppetWorkshop-PuppetTerminology-puppetmaster" /> uses to distribute the appropriate configuration to a <xref linkend="PuppetWorkshop-PuppetTerminology-puppet" />.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>module</title>
- <para>
- A module is a placeholder for files, manifests, plugins and templates. Creating a module has numerous advantages such as separate version control, separate staging from development through testing to production, and so forth.
- </para>
- </formalpara>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Modules" />, <xref linkend="PuppetWorkshop-HowToUsePuppet-Plugins" />
- </para>
- </listitem>
- <listitem>
- <formalpara>
- <title>node</title>
- <para>
- The client, a node, is an operating system instance running the puppet client application. This can be a regular operating system running directly on top of actual hardware, a virtual guest as well as a virtual host.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara id="PuppetWorkshop-PuppetTerminology-puppet">
- <title>puppet</title>
- <para>
- The client, a node, runs the <application>puppetd</application> daemon or service, and is referred to as the <emphasis>puppet</emphasis>
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara id="PuppetWorkshop-PuppetTerminology-puppetmaster">
- <title>puppetmaster</title>
- <para>
- The puppetmaster is the node that runs the server-side application to a puppet setup.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>resource</title>
- <para>
- A resource is an instantiated <xref linkend="PuppetWorkshop-PuppetTerminology-type" />
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>system resource</title>
- <para>
-<!--
-FIXME:
-//-->
- A system resource is a resource available on the node whether it is managed by puppet or not. Unlike what is otherwise understood by system resources, the puppet definition of system resources does not so much refer to resources like CPU or memory, but rather to whether or not a package is installed or what version of said package, or the $osversion, and so on and so forth.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara id="PuppetWorkshop-PuppetTerminology-type">
- <title>type</title>
- <para>
- definition
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
- </chapter>
-
- <chapter id="PuppetWorkshop-HowPuppetWorks">
- <title>How Puppet Works</title>
- <para>
- This is an overview of how puppet works -in a working setup.
- </para>
- <para>
- <orderedlist>
- <listitem>
- <formalpara>
- <title>The puppet starts for the first time</title>
- <para>
- It generates a certificate using the node's FQDN.
- </para>
- </formalpara>
- <note>
- <para>
- Although not required, it is strongly recommended to have the client use a FQDN that is registered in DNS (forward as well as reverse).
- </para>
- </note>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet submits the certificate to the puppetmaster</title>
- <para>
- The puppetmaster, also the Certificate Authority, or <emphasis>puppetca</emphasis>, needs to sign the certificate before the client can be considered authenticated.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet waits 300 seconds for a signed certificate</title>
- <para>
- It this configurable timeout of 300 seconds<footnote><para>Specify the timeout with <code>--waitforcert [seconds]</code></para></footnote> has passed, the puppet quits.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppetmaster signs the certificate</title>
- <para>
- To do so, you can either configure the puppetmaster to automatically sign certificates or sign manually. Automatically signing certificates is generally a very bad idea. To manually sign a certificate, use:
- </para>
- </formalpara>
- <para>
- <screen># <userinput>puppetca --sign <fqdn></userinput></screen>
- </para>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet receives the signed certificate</title>
- <para>
- Immediately thereafter, the puppet starts a configuration run.
- </para>
- </formalpara>
- <warning>
- <para>
- The time on both the puppetmaster and the puppet must be within 5 minutes of eachother as the certificate generated and signed has a validity period. If the difference in time of these two nodes is more then 5 minutes, you will get a "Certificates not trusted" type of error.
- </para>
- </warning>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet generates all the facts</title>
- <para>
- Most configurations rely on client information to make decisions. When the Puppet client starts, it loads the Facter Ruby library, collects all of the facts that it can, and passes those facts to the interpreter. When you use Puppet over a network, these facts are passed over the network to the server and the server uses them to compile the client's configuration.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppetmaster parses it's manifests</title>
- <para>
- The puppetmaster parses through all it's manifests, including the manifests not applicable to the puppet that is polling. It only sends out the manifest applicable to the puppet polling, however.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet receives the manifests</title>
- <para>
- When the puppet receives the manifests, it may still contain variables such as <code>$hostname</code>, <code>$operatingsystem</code> and others, which the puppet fills out with the appropriate values.
- </para>
- </formalpara>
-<!-- <warning>
- <para>
- All variables in the manifest sent to the client should be based on facts rather then fiction.
- </para>
- </warning>-->
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet applies the manifest</title>
- <para>
- While the puppet applies the manifest, it pulls files from the puppetmaster's <emphasis>fileserver</emphasis> after checking the local checksum against the remote checksum. When running with debug output, this will show as
- <screen>debug: Calling fileserver.list
-debug: //Node[node1.example.com]/File[/tmp/foo]/checksum: Initializing checksum hash
-debug: //Node[node1.example.com]/File[/tmp/foo]: Creating checksum {md5}85e53dc9439253a1ec9ca87aeffd9b0b
-debug: Calling fileserver.describe</screen>
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>Files that are replaced are backed up</title>
- <para>
- The puppet sends a copy of the files it replaces back to the puppetmaster.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet reports to the puppetmaster</title>
- <para>
- A detailed report of what the puppet has done with the manifests is sent back to the puppetmaster.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>The puppet waits for 30 minutes</title>
- <para>
- The next run the puppet performs/polls for is after a configurable timeperiod, which defaults to 30 minutes.
- </para>
- </formalpara>
- </listitem>
- </orderedlist>
- </para>
- <para>
- A puppet setup is comprised out of the following parts:
- </para>
- <formalpara>
- <title>The Puppetmaster</title>
- <para>
- The puppetmaster of course is the core element in a puppet setup. Not only is it responsible for the handing over the manifest to the client, it also takes care of serving the files needed by the manifest, as well as
- </para>
- </formalpara>
- </chapter>
-
- <chapter id="PuppetWorkshop-PuppetFeatures">
- <title>Puppet Features</title>
- <para>
- paragraph
- </para>
- </chapter>
-
- <chapter id="PuppetWorkshop-TroubleshootingPuppet">
- <title>Troubleshooting Puppet</title>
- <para>
- This section is about troubleshooting the puppetmaster and puppet
- </para>
- </chapter>
-
- <chapter id="PuppetWorkshop-SettingUpPuppet">
- <title>Setting Up Puppet</title>
- <para>
- In this section, we are going to set up a puppetmaster, and a puppet client. The puppetmaster is going to run the <emphasis>mongrel</emphasis> server-type, for setting up a puppetmaster for larger environments.
- </para>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Installation">
- <title>Installation</title>
- <para>
- The default server type for the puppetmaster is called <emphasis>webrick</emphasis>, a single-threaded webserver. The webserver handles the puppets' requests for manifests, certificate exchanges, as well requests for files and templates. Being single-threaded, the webrick webserver can only handle one client at a time. While the puppets poll the puppetmaster with a default interval of 30 minutes, and configuration runs can take longer then 60 seconds, putting more then 25 clients in front of a puppetmaster with a webrick webserver is a very, very bad idea.
- </para>
- <para>
- There is a multi-threaded webserver in Ruby, called <emphasis>mongrel</emphasis>. This is a simple, multi-threaded, but not very feature-rich webserver. For one, it does not perform SSL. For scalability purposes though, the mongrel server type is an absolute must, and can better be chosen as the webserver to handle the puppets' requests, right from the beginning. This however requires a frontend that performs the SSL part of the communications between the puppetmaster and the puppets. We choose Apache's HTTPd for it's excellent performance, flexible configuration, excellent configuration syntax, and because it can be set up as a reverse proxy load balancer, allowing more then one puppetmaster behind the scenes if necessary.
- </para>
- <para>
- Install the required packages for the puppetmaster:
- </para>
- <formalpara>
- <title>Smaller organizations (< ~25 clients)</title>
- <para>
- <itemizedlist>
- <listitem>
- <para>
- The puppetmaster.
- </para>
- <para>
- <screen># <userinput>yum install puppet-server</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
- </para>
- <para>
- <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) The Ruby RRDtool library.
- </para>
- <para>
- <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- <formalpara>
- <title>Larger organizations (> ~25 clients)</title>
- <para>
- <itemizedlist>
- <listitem>
- <para>
- A webserver capable of performing as a frontend SSL reverse proxy load balancer, such as the Apache HTTPd webserver.
- </para>
- <para>
- <screen># <userinput>yum install httpd</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- The Ruby mongrel library, for better scalability.
- </para>
- <para>
- <screen># <userinput>yum install rubygem-mongrel</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- The puppetmaster.
- </para>
- <para>
- <screen># <userinput>yum install puppet-server</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) A database server (one of MySQL, SQLite3 or Postgresql), and the appropriate Ruby library. During this workshop, we use MySQL.
- </para>
- <para>
- <screen># <userinput>yum install mysql-server ruby-mysql</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) The Ruby RRDtool library.
- </para>
- <para>
- <screen># <userinput>yum install ruby-RRDtool</userinput></screen>
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration">
- <title>Configuration</title>
- <para>
- In this section, we walk you through the initial configuration of a puppetmaster with the mongrel server type.
- </para>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster">
- <title>Configuring the Puppetmaster</title>
- <para>
- The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values. There's 4 sections of interest,
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>[main]</title>
- <para>
- Primarily file locations, directory settings and other globals applicable to both the puppet as well as the puppetmaster.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetca]</title>
- <para>
- Puppet Certificate Authority (puppetca) settings.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetd]</title>
- <para>
- Puppet client daemon settings.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetmasterd]</title>
- <para>
- Puppetmaster daemon settings.
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Settings">
- <title>Relevant Settings</title>
- <formalpara>
- <title>Relevant Settings For The First Run</title>
- <para>
- For the first run of the puppetmaster, the following settings require configuration:
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>[main]</title>
- <para>
- The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
- <itemizedlist>
- <listitem>
- <para>
- <code>logdir = /var/log/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>rundir = /var/run/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>ssldir = $vardir/ssl/</code>
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- <note>
- <para>
- If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
- </para>
- </note>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetmasterd]</title>
- <para>
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>certname</title>
- <para>
- The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>certdnsnames</title>
- <para>
- A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
- <orderedlist>
- <listitem>
- <para>
- The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- Any other hostname or fully qualified domain name you want to use for the puppetmaster.
- </para>
- </listitem>
- </orderedlist>
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <para>
- Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
- ca = <replaceable>true</replaceable></screen>
- The default is often set to <code>true</code>.
- </para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use autosigning of certificates, using
- <screen>[puppetca]
- autosign = <replaceable>false</replaceable></screen>
- The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- <formalpara>
- <title>Other Relevant Settings</title>
- <para>
- The following settings require review before the puppetmaster is going in production.
- <itemizedlist>
- <listitem>
- <para>
- A list of environments using a comma seperated list, in
- <screen>[puppetmasterd]
- environments = <replaceable>development,testing,production</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
- </para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
- <screen>[puppetmasterd]
- reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- <listitem>
- <para>
- The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
- tagmap = <replaceable>/path/to/tagmail.conf</replaceable></screen>
- for reporting changes applied to puppets, via email.
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </formalpara>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Sitepp">
- <title>Minimal site.pp</title>
- <para>
- Create a minimal <code>site.pp</code> in <filename>/etc/puppet/manifests/site.pp</filename> for the puppetmaster to parse on it's initial startup. Below is an example.
- </para>
- <screen>#
-# site.pp for any domain
-#
-
-$server = "<replaceable>master.puppetmanaged.org</replaceable>"
-
-# The default node
-
-node default {
-}</screen>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-ServiceConfiguration">
- <title>Service Configuration</title>
- <para>
- On Red Hat based systems, use <filename>/etc/sysconfig/puppetmaster</filename> to configure the service. It has three variables set, of which <code>PUPPETMASTER_MANIFEST</code> needs to point to the default manifest to use.
- </para>
- </section>
-
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-SSLFrontendReverseProxyLoadBalancer">
- <title>Configuring the SSL Frontend Reverse Proxy Load Balancer</title>
- <para>
- A webserver needs to be configured to handle the SSL XML-RPC requests from the puppets, because the mongrel server type is not capable of performing SSL.
- </para>
- <para>
- The webserver is going to listen on port 8140, the default port for the puppetmaster to listen for clients. It is going to forward traffic (after being decrypted) to the puppetmaster on 127.0.0.1:8141.
- </para>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer">
- <title>Configuring the Database Server</title>
- <para>
- para
- </para>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-SQLite3">
- <title>SQLite3</title>
- <para>
- para
- </para>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-MySQL">
- <title>MySQL</title>
- <para>
- para
- </para>
- </section>
-
- <section id="PuppetWorkshop-SettingUpPuppet-Configuration-DatabaseServer-Postgresql">
- <title>PostgreSQL</title>
- <para>
- para
- </para>
- </section>
-
- </section>
-
- </section>
-
- </chapter>
-
- <chapter id="PuppetWorkshop-HowToUsePuppet">
- <title>How To Use Puppet</title>
- <para>
- This is a first section
- </para>
-
- <section id="PuppetWorkshop-HowToUsePuppet-Modules">
- <title>Using Modules</title>
- <para>
- About using modules
- </para>
- </section>
-
- <section id="PuppetWorkshop-HowToUsePuppet-Plugins">
- <title>Using Plugins</title>
- <para>
- About the use of plugins
- </para>
- </section>
-
- <section id="PuppetWorkshop-HowToUsePuppet-Environments">
- <title>Environments</title>
- <para>
- paragraph
- </para>
- </section>
-
- </chapter>
-
- <chapter id="PuppetWorkshop-OtherThingsToDoWithPuppet">
- <title>Other Things To Do With Puppet</title>
- <para>
- This is a first section
- </para>
-
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting">
- <title>Tweaking Reporting</title>
- <para>
- paragraph
- </para>
- </section>
-
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomTypes">
- <title>Writing Custom Types</title>
- <para>
- paragraph
- </para>
- </section>
-
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFacts">
- <title>Writing Custom Facts</title>
- <para>
- paragraph
- </para>
- </section>
-
- <section id="PuppetWorkshop-OtherThingsToDoWithPuppet-WritingCustomFunctions">
- <title>Writing Custom Functions</title>
- <para>
- paragraph
- </para>
- </section>
-
- </chapter>
-
- <chapter id="PuppetWorkshop-BestPractices">
- <title>Best Practices</title>
- <para>
- This is a first section
- </para>
- </chapter>
-
- </part>
-
- <xi:include href="Course-Appendix.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-
-</book>
-
-<!-- Local variables:
- mode: xml
- fill-column: 72
- End:
--->
-
-<!--
- vim: softtabstop=4:shiftwidth=4:expandtab
--->
diff --git a/en-US/Books/PuppetWorkshop/Revision_History.xml b/en-US/Books/PuppetWorkshop/Revision_History.xml
deleted file mode 100644
index fda893e..0000000
--- a/en-US/Books/PuppetWorkshop/Revision_History.xml
+++ /dev/null
@@ -1,26 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-]>
-
-<appendix>
- <title>Revision History</title>
- <para>
- <revhistory>
- <revision>
- <revnumber>1.0</revnumber>
- <date></date>
- <author>
- <firstname></firstname>
- <surname></surname>
- <email></email>
- </author>
- <revdescription>
- <simplelist>
- <member></member>
- </simplelist>
- </revdescription>
- </revision>
- </revhistory>
- </para>
-</appendix>
-
diff --git a/en-US/Books/Template/Course-Book_Info.xml b/en-US/Books/Template/Course-Book_Info.xml
index bbbead0..1248e27 100644
--- a/en-US/Books/Template/Course-Book_Info.xml
+++ b/en-US/Books/Template/Course-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Template/Course-Preface.xml b/en-US/Books/Template/Course-Preface.xml
index e0a39ea..1db3c7c 100644
--- a/en-US/Books/Template/Course-Preface.xml
+++ b/en-US/Books/Template/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Template/Manual-Book_Info.xml b/en-US/Books/Template/Manual-Book_Info.xml
index 677a6fe..45381e8 100644
--- a/en-US/Books/Template/Manual-Book_Info.xml
+++ b/en-US/Books/Template/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Template/Manual-Preface.xml b/en-US/Books/Template/Manual-Preface.xml
index f0f1be3..5032da5 100644
--- a/en-US/Books/Template/Manual-Preface.xml
+++ b/en-US/Books/Template/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Courses.xml b/en-US/Courses.xml
index 39034a0..00287a7 100644
--- a/en-US/Courses.xml
+++ b/en-US/Courses.xml
@@ -95,14 +95,6 @@
//-->
- <listitem>
- <para>
- <xref linkend="PuppetWorkshop" />
- </para>
- <para>
- A workshop on implementing puppet for configuration management, including best practices.
- </para>
- </listitem>
</itemizedlist>
</para>
</formalpara>
@@ -190,6 +182,4 @@
<xi:include href="Books/Linux/RHCETraining/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Books/Linux/RHCETraining/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Books/PuppetWorkshop/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-
</set>
diff --git a/en-US/Template/Course-Book_Info.xml b/en-US/Template/Course-Book_Info.xml
index 8638489..1248e27 100644
--- a/en-US/Template/Course-Book_Info.xml
+++ b/en-US/Template/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='PNG' fileref="../Common_Content/images/title_logo.png" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Template/Course-Preface.xml b/en-US/Template/Course-Preface.xml
index f2196f6..9518e23 100644
--- a/en-US/Template/Course-Preface.xml
+++ b/en-US/Template/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Template/Manual-Book_Info.xml b/en-US/Template/Manual-Book_Info.xml
index 927d102..a2501eb 100644
--- a/en-US/Template/Manual-Book_Info.xml
+++ b/en-US/Template/Manual-Book_Info.xml
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Template/Manual-Preface.xml b/en-US/Template/Manual-Preface.xml
index e5e1942..ec266f2 100644
--- a/en-US/Template/Manual-Preface.xml
+++ b/en-US/Template/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
commit 02ccaf559e2c1d2477cc644c1c0a6ac520753fe3
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Tue Oct 7 17:17:22 2008 +0200
Fix svg vs. png, update puppet workshop
diff --git a/en-US/Book_Info.xml b/en-US/Book_Info.xml
index 257bd6b..56cd609 100644
--- a/en-US/Book_Info.xml
+++ b/en-US/Book_Info.xml
@@ -13,7 +13,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
diff --git a/en-US/Books/ClassRoom/Manual-Book_Info.xml b/en-US/Books/ClassRoom/Manual-Book_Info.xml
index f13db49..82dadc2 100644
--- a/en-US/Books/ClassRoom/Manual-Book_Info.xml
+++ b/en-US/Books/ClassRoom/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="../../Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/ClassRoom/Manual-Preface.xml b/en-US/Books/ClassRoom/Manual-Preface.xml
index dc37059..dc1e707 100644
--- a/en-US/Books/ClassRoom/Manual-Preface.xml
+++ b/en-US/Books/ClassRoom/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Advanced/Course-Book_Info.xml b/en-US/Books/Linux/Advanced/Course-Book_Info.xml
index e51aed4..04ad0b2 100644
--- a/en-US/Books/Linux/Advanced/Course-Book_Info.xml
+++ b/en-US/Books/Linux/Advanced/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Advanced/Course-Preface.xml b/en-US/Books/Linux/Advanced/Course-Preface.xml
index 9518e23..f2196f6 100644
--- a/en-US/Books/Linux/Advanced/Course-Preface.xml
+++ b/en-US/Books/Linux/Advanced/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Advanced/Manual-Book_Info.xml b/en-US/Books/Linux/Advanced/Manual-Book_Info.xml
index bbb53b6..11d335f 100644
--- a/en-US/Books/Linux/Advanced/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/Advanced/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Advanced/Manual-Preface.xml b/en-US/Books/Linux/Advanced/Manual-Preface.xml
index ec266f2..e5e1942 100644
--- a/en-US/Books/Linux/Advanced/Manual-Preface.xml
+++ b/en-US/Books/Linux/Advanced/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Basic/Course-Book_Info.xml b/en-US/Books/Linux/Basic/Course-Book_Info.xml
index 50ed197..4a31ee0 100644
--- a/en-US/Books/Linux/Basic/Course-Book_Info.xml
+++ b/en-US/Books/Linux/Basic/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Basic/Course-Preface.xml b/en-US/Books/Linux/Basic/Course-Preface.xml
index 9c6f550..13b52fc 100644
--- a/en-US/Books/Linux/Basic/Course-Preface.xml
+++ b/en-US/Books/Linux/Basic/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Basic/Manual-Book_Info.xml b/en-US/Books/Linux/Basic/Manual-Book_Info.xml
index 2bbe714..edbf500 100644
--- a/en-US/Books/Linux/Basic/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/Basic/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Basic/Manual-Preface.xml b/en-US/Books/Linux/Basic/Manual-Preface.xml
index 6cf872e..272a4c0 100644
--- a/en-US/Books/Linux/Basic/Manual-Preface.xml
+++ b/en-US/Books/Linux/Basic/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml b/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml
index ed7bc0d..96a77d0 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml b/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml
index 58f44f6..1918605 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml b/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml
index 80fa3e4..677a6fe 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml b/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml
index 5032da5..f0f1be3 100644
--- a/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml
+++ b/en-US/Books/Linux/ConfigurationManagement/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml b/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml
index df4c47f..a3ff1e6 100644
--- a/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml
+++ b/en-US/Books/Linux/RHCETraining/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/RHCETraining/Course-Preface.xml b/en-US/Books/Linux/RHCETraining/Course-Preface.xml
index 0008a64..d341b12 100644
--- a/en-US/Books/Linux/RHCETraining/Course-Preface.xml
+++ b/en-US/Books/Linux/RHCETraining/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml b/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml
index 0617a41..170369a 100644
--- a/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/RHCETraining/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/RHCETraining/Manual-Preface.xml b/en-US/Books/Linux/RHCETraining/Manual-Preface.xml
index 6fe80bf..e3ea344 100644
--- a/en-US/Books/Linux/RHCETraining/Manual-Preface.xml
+++ b/en-US/Books/Linux/RHCETraining/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Senior/Course-Appendix.xml b/en-US/Books/Linux/Senior/Course-Appendix.xml
index a60cb29..0d58f4c 100644
--- a/en-US/Books/Linux/Senior/Course-Appendix.xml
+++ b/en-US/Books/Linux/Senior/Course-Appendix.xml
@@ -103,6 +103,7 @@
<seg></seg>
<seg></seg>
<seg>Your Total Score</seg>
+ <seg></seg>
</seglistitem>
</segmentedlist>
</para>
diff --git a/en-US/Books/Linux/Senior/Course-Book_Info.xml b/en-US/Books/Linux/Senior/Course-Book_Info.xml
index 52de931..bb0eb4d 100644
--- a/en-US/Books/Linux/Senior/Course-Book_Info.xml
+++ b/en-US/Books/Linux/Senior/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Senior/Course-Preface.xml b/en-US/Books/Linux/Senior/Course-Preface.xml
index 57db973..1d9aff8 100644
--- a/en-US/Books/Linux/Senior/Course-Preface.xml
+++ b/en-US/Books/Linux/Senior/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Linux/Senior/Manual-Book_Info.xml b/en-US/Books/Linux/Senior/Manual-Book_Info.xml
index 029f93c..ea895cc 100644
--- a/en-US/Books/Linux/Senior/Manual-Book_Info.xml
+++ b/en-US/Books/Linux/Senior/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Linux/Senior/Manual-Preface.xml b/en-US/Books/Linux/Senior/Manual-Preface.xml
index 83bd9d6..5072c4a 100644
--- a/en-US/Books/Linux/Senior/Manual-Preface.xml
+++ b/en-US/Books/Linux/Senior/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/PuppetWorkshop/Course-Book_Info.xml b/en-US/Books/PuppetWorkshop/Course-Book_Info.xml
index 1fc5c97..d7a78f8 100644
--- a/en-US/Books/PuppetWorkshop/Course-Book_Info.xml
+++ b/en-US/Books/PuppetWorkshop/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="../Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/PuppetWorkshop/Course-Preface.xml b/en-US/Books/PuppetWorkshop/Course-Preface.xml
index d021421..d8e4a06 100644
--- a/en-US/Books/PuppetWorkshop/Course-Preface.xml
+++ b/en-US/Books/PuppetWorkshop/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/PuppetWorkshop/Course.xml b/en-US/Books/PuppetWorkshop/Course.xml
index 5a4dfda..eb4dc14 100644
--- a/en-US/Books/PuppetWorkshop/Course.xml
+++ b/en-US/Books/PuppetWorkshop/Course.xml
@@ -642,6 +642,12 @@ debug: Calling fileserver.describe</screen>
<section id="PuppetWorkshop-SettingUpPuppet-Installation">
<title>Installation</title>
<para>
+ The default server type for the puppetmaster is called <emphasis>webrick</emphasis>, a single-threaded webserver. The webserver handles the puppets' requests for manifests, certificate exchanges, as well requests for files and templates. Being single-threaded, the webrick webserver can only handle one client at a time. While the puppets poll the puppetmaster with a default interval of 30 minutes, and configuration runs can take longer then 60 seconds, putting more then 25 clients in front of a puppetmaster with a webrick webserver is a very, very bad idea.
+ </para>
+ <para>
+ There is a multi-threaded webserver in Ruby, called <emphasis>mongrel</emphasis>. This is a simple, multi-threaded, but not very feature-rich webserver. For one, it does not perform SSL. For scalability purposes though, the mongrel server type is an absolute must, and can better be chosen as the webserver to handle the puppets' requests, right from the beginning. This however requires a frontend that performs the SSL part of the communications between the puppetmaster and the puppets. We choose Apache's HTTPd for it's excellent performance, flexible configuration, excellent configuration syntax, and because it can be set up as a reverse proxy load balancer, allowing more then one puppetmaster behind the scenes if necessary.
+ </para>
+ <para>
Install the required packages for the puppetmaster:
</para>
<formalpara>
@@ -689,7 +695,7 @@ debug: Calling fileserver.describe</screen>
</listitem>
<listitem>
<para>
- The Ruby mongrel library
+ The Ruby mongrel library, for better scalability.
</para>
<para>
<screen># <userinput>yum install rubygem-mongrel</userinput></screen>
@@ -727,53 +733,19 @@ debug: Calling fileserver.describe</screen>
<section id="PuppetWorkshop-SettingUpPuppet-Configuration">
<title>Configuration</title>
<para>
- para
+ In this section, we walk you through the initial configuration of a puppetmaster with the mongrel server type.
</para>
<section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster">
<title>Configuring the Puppetmaster</title>
<para>
- <itemizedlist>
- <listitem>
- <para>
- Configure in /etc/puppet/puppet.conf section [puppetmasterd] certname and certdnsaliases
- </para>
- </listitem>
- <listitem>
- <para>
- Configure a minimal manifest (site.pp)
- </para>
- </listitem>
- <listitem>
- <para>
- Start the puppetmaster once (generate certificates)
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) configure reporting
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) configure storeconfigs
- </para>
- </listitem>
- <listitem>
- <para>
- (optional) configure graphing
- </para>
- </listitem>
- </itemizedlist>
- </para>
- <para>
The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values. There's 4 sections of interest,
<itemizedlist>
<listitem>
<formalpara>
<title>[main]</title>
<para>
- para
+ Primarily file locations, directory settings and other globals applicable to both the puppet as well as the puppetmaster.
</para>
</formalpara>
</listitem>
@@ -781,7 +753,7 @@ debug: Calling fileserver.describe</screen>
<formalpara>
<title>[puppetca]</title>
<para>
- para
+ Puppet Certificate Authority (puppetca) settings.
</para>
</formalpara>
</listitem>
@@ -789,7 +761,7 @@ debug: Calling fileserver.describe</screen>
<formalpara>
<title>[puppetd]</title>
<para>
- para
+ Puppet client daemon settings.
</para>
</formalpara>
</listitem>
@@ -797,155 +769,188 @@ debug: Calling fileserver.describe</screen>
<formalpara>
<title>[puppetmasterd]</title>
<para>
- para
+ Puppetmaster daemon settings.
</para>
</formalpara>
</listitem>
</itemizedlist>
</para>
- <formalpara>
- <title>First run relevant settings</title>
- <para>
- For the first run of the puppetmaster, we need to configure the following:
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>[main]</title>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Settings">
+ <title>Relevant Settings</title>
+ <formalpara>
+ <title>Relevant Settings For The First Run</title>
+ <para>
+ For the first run of the puppetmaster, the following settings require configuration:
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>[main]</title>
+ <para>
+ The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <code>logdir = /var/log/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>rundir = /var/run/puppet/</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <code>ssldir = $vardir/ssl/</code>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <note>
+ <para>
+ If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
+ </para>
+ </note>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>certname</title>
+ <para>
+ The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>certdnsnames</title>
+ <para>
+ A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
+ <orderedlist>
+ <listitem>
+ <para>
+ The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Any other hostname or fully qualified domain name you want to use for the puppetmaster.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <para>
+ Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
+ ca = <replaceable>true</replaceable></screen>
+ The default is often set to <code>true</code>.
+ </para>
+ </listitem>
+ <listitem>
<para>
- The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
- <itemizedlist>
- <listitem>
- <para>
- <code>logdir = /var/log/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>rundir = /var/run/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>ssldir = $vardir/ssl/</code>
- </para>
- </listitem>
- </itemizedlist>
+ Whether or not to use autosigning of certificates, using
+ <screen>[puppetca]
+ autosign = <replaceable>false</replaceable></screen>
+ The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
</para>
- </formalpara>
- <note>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ <formalpara>
+ <title>Other Relevant Settings</title>
+ <para>
+ The following settings require review before the puppetmaster is going in production.
+ <itemizedlist>
+ <listitem>
<para>
- If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
+ A list of environments using a comma seperated list, in
+ <screen>[puppetmasterd]
+ environments = <replaceable>development,testing,production</replaceable></screen>
</para>
- </note>
- </listitem>
- <listitem>
- <formalpara>
- <title>[puppetmasterd]</title>
<para>
- <itemizedlist>
- <listitem>
- <formalpara>
- <title>certname</title>
- <para>
- The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>certdnsnames</title>
- <para>
- A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
- <orderedlist>
- <listitem>
- <para>
- The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>
- </para>
- </listitem>
- <listitem>
- <para>
- <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
- </para>
- </listitem>
- <listitem>
- <para>
- Any other hostname or fully qualified domain name you want to use for the puppetmaster.
- </para>
- </listitem>
- </orderedlist>
- </para>
- </formalpara>
- </listitem>
- </itemizedlist>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
</para>
- </formalpara>
- </listitem>
- <listitem>
- <para>
- Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
- ca = <replaceable>true</replaceable></screen>
- The default is often set to <code>true</code>.
- </para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use autosigning of certificates, using
- <screen>[puppetca]
- autosign = <replaceable>false</replaceable></screen>
- The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
- </para>
- </listitem>
- </itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
+ <screen>[puppetmasterd]
+ reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
+ tagmap = <replaceable>/path/to/tagmail.conf</replaceable></screen>
+ for reporting changes applied to puppets, via email.
+ </para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-Sitepp">
+ <title>Minimal site.pp</title>
+ <para>
+ Create a minimal <code>site.pp</code> in <filename>/etc/puppet/manifests/site.pp</filename> for the puppetmaster to parse on it's initial startup. Below is an example.
</para>
- </formalpara>
- <formalpara>
- <title>Other relevant settings</title>
+ <screen>#
+# site.pp for any domain
+#
+
+$server = "<replaceable>master.puppetmanaged.org</replaceable>"
+
+# The default node
+
+node default {
+}</screen>
+ </section>
+
+ <section id="PuppetWorkshop-SettingUpPuppet-Configuration-Puppetmaster-ServiceConfiguration">
+ <title>Service Configuration</title>
<para>
- <itemizedlist>
- <listitem>
- <para>
- A list of environments using a comma seperated list, in
- <screen>[puppetmasterd]
- environments = <replaceable>development,testing,production</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
- </para>
- </listitem>
- <listitem>
- <para>
- Whether or not to use reporting, and what reporting to use (tagmail, store, rrdgraph). To configure the types or reports that should be used by the puppetmaster, use a comma separated list without spaces, in:
- <screen>[puppetmasterd]
- reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- <listitem>
- <para>
- The location of tagmail.conf, in order to map tags you give to resources to email addresses the reports should be sent to; <screen>[main]
- tagmap = <replaceable>/path/to/tagmail.conf</replaceable></screen>
- for reporting changes applied to puppets, via email.
- </para>
- <para>
- <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
- </para>
- </listitem>
- </itemizedlist>
+ On Red Hat based systems, use <filename>/etc/sysconfig/puppetmaster</filename> to configure the service. It has three variables set, of which <code>PUPPETMASTER_MANIFEST</code> needs to point to the default manifest to use.
</para>
- </formalpara>
+ </section>
+
</section>
<section id="PuppetWorkshop-SettingUpPuppet-Configuration-SSLFrontendReverseProxyLoadBalancer">
<title>Configuring the SSL Frontend Reverse Proxy Load Balancer</title>
<para>
- para
+ A webserver needs to be configured to handle the SSL XML-RPC requests from the puppets, because the mongrel server type is not capable of performing SSL.
+ </para>
+ <para>
+ The webserver is going to listen on port 8140, the default port for the puppetmaster to listen for clients. It is going to forward traffic (after being decrypted) to the puppetmaster on 127.0.0.1:8141.
</para>
</section>
diff --git a/en-US/Books/Template/Course-Book_Info.xml b/en-US/Books/Template/Course-Book_Info.xml
index c70921a..bbbead0 100644
--- a/en-US/Books/Template/Course-Book_Info.xml
+++ b/en-US/Books/Template/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Template/Course-Preface.xml b/en-US/Books/Template/Course-Preface.xml
index 1db3c7c..e0a39ea 100644
--- a/en-US/Books/Template/Course-Preface.xml
+++ b/en-US/Books/Template/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Books/Template/Manual-Book_Info.xml b/en-US/Books/Template/Manual-Book_Info.xml
index 80fa3e4..677a6fe 100644
--- a/en-US/Books/Template/Manual-Book_Info.xml
+++ b/en-US/Books/Template/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Books/Template/Manual-Preface.xml b/en-US/Books/Template/Manual-Preface.xml
index 5032da5..f0f1be3 100644
--- a/en-US/Books/Template/Manual-Preface.xml
+++ b/en-US/Books/Template/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Courses.xml b/en-US/Courses.xml
index 5174ea6..39034a0 100644
--- a/en-US/Courses.xml
+++ b/en-US/Courses.xml
@@ -111,7 +111,7 @@
<!-- Here's where you add your include statement to your book on the shelf -->
- <book>
+ <book id="CoursesGeneral-Book">
<title/>
<article id="CoursesGeneral">
<title>General Information about Courses</title>
@@ -174,41 +174,22 @@
</section>
</article>
-
</book>
- <set>
- <title>Class Room Manual</title>
- <xi:include href="Books/ClassRoom/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- </set>
-
- <set>
- <title>Linux Basic Course</title>
- <xi:include href="Books/Linux/Basic/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Books/Linux/Basic/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- </set>
-
- <set>
- <title>Linux Advanced Course</title>
- <xi:include href="Books/Linux/Advanced/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Books/Linux/Advanced/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- </set>
-
- <set>
- <title>Linux Senior Course Track</title>
- <xi:include href="Books/Linux/Senior/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Books/Linux/Senior/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- </set>
-
- <set>
- <title>RHCE Training, Course Track</title>
- <xi:include href="Books/Linux/RHCETraining/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="Books/Linux/RHCETraining/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- </set>
-
- <set>
- <title>Puppet Workshop</title>
- <xi:include href="Books/PuppetWorkshop/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- </set>
+ <xi:include href="Books/ClassRoom/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
+ <xi:include href="Books/Linux/Basic/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Books/Linux/Basic/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
+ <xi:include href="Books/Linux/Advanced/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Books/Linux/Advanced/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
+ <xi:include href="Books/Linux/Senior/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Books/Linux/Senior/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
+ <xi:include href="Books/Linux/RHCETraining/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Books/Linux/RHCETraining/Manual.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+
+ <xi:include href="Books/PuppetWorkshop/Course.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</set>
diff --git a/en-US/Template/Course-Book_Info.xml b/en-US/Template/Course-Book_Info.xml
index d7beac6..8638489 100644
--- a/en-US/Template/Course-Book_Info.xml
+++ b/en-US/Template/Course-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="../../../Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="../Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Template/Course-Preface.xml b/en-US/Template/Course-Preface.xml
index 9518e23..f2196f6 100644
--- a/en-US/Template/Course-Preface.xml
+++ b/en-US/Template/Course-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
diff --git a/en-US/Template/Manual-Book_Info.xml b/en-US/Template/Manual-Book_Info.xml
index 64021b2..927d102 100644
--- a/en-US/Template/Manual-Book_Info.xml
+++ b/en-US/Template/Manual-Book_Info.xml
@@ -11,7 +11,7 @@
<corpauthor>
<inlinemediaobject>
<imageobject>
- <imagedata format='SVG' fileref="../../../Common_Content/images/title_logo.svg" />
+ <imagedata format='PNG' fileref="../Common_Content/images/title_logo.png" />
</imageobject>
</inlinemediaobject>
</corpauthor>
@@ -19,7 +19,7 @@
<year>&YEAR;</year>
<holder>&HOLDER;</holder>
</copyright>
- <xi:include href="../../../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
diff --git a/en-US/Template/Manual-Preface.xml b/en-US/Template/Manual-Preface.xml
index ec266f2..e5e1942 100644
--- a/en-US/Template/Manual-Preface.xml
+++ b/en-US/Template/Manual-Preface.xml
@@ -7,6 +7,6 @@
<para>
paragraph
</para>
- <xi:include href="../../../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="../../../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Conventions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="../Common_Content/Feedback.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</preface>
15 years, 7 months
en-US/Books
by Jeroen van Meeuwen
en-US/Books/PuppetWorkshop/Course.xml | 109 +++++++++++++++++-----------------
1 file changed, 57 insertions(+), 52 deletions(-)
New commits:
commit c67b39cbf0c3b4204c700b3c155fa4dfdd2a9523
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Sun Oct 5 22:50:50 2008 +0200
Updates
diff --git a/en-US/Books/PuppetWorkshop/Course.xml b/en-US/Books/PuppetWorkshop/Course.xml
index 874d81d..5a4dfda 100644
--- a/en-US/Books/PuppetWorkshop/Course.xml
+++ b/en-US/Books/PuppetWorkshop/Course.xml
@@ -810,63 +810,28 @@ debug: Calling fileserver.describe</screen>
<itemizedlist>
<listitem>
<formalpara>
- <title>certname</title>
+ <title>[main]</title>
<para>
- The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
- </para>
- </formalpara>
- </listitem>
- <listitem>
- <formalpara>
- <title>certdnsnames</title>
- <para>
- A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
- <orderedlist>
- <listitem>
- <para>
- The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
- </para>
- </listitem>
+ The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
+ <itemizedlist>
<listitem>
<para>
- <literal>puppet</literal>
+ <code>logdir = /var/log/puppet/</code>
</para>
</listitem>
<listitem>
<para>
- <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
+ <code>rundir = /var/run/puppet/</code>
</para>
</listitem>
<listitem>
<para>
- Any other hostname or fully qualified domain name you want to use for the puppetmaster.
+ <code>ssldir = $vardir/ssl/</code>
</para>
</listitem>
- </orderedlist>
+ </itemizedlist>
</para>
</formalpara>
- </listitem>
- <listitem>
- <para>
- The locations where puppet seeks it's configuration and puts it's transitional data. The most important setting is <literal>vardir</literal>, which should be set to <filename>/var/lib/puppet/</filename>. Further settings include:
- <itemizedlist>
- <listitem>
- <para>
- <code>logdir = /var/log/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>rundir = /var/run/puppet/</code>
- </para>
- </listitem>
- <listitem>
- <para>
- <code>ssldir = $vardir/ssl/</code>
- </para>
- </listitem>
- </itemizedlist>
- </para>
<note>
<para>
If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
@@ -874,6 +839,53 @@ debug: Calling fileserver.describe</screen>
</note>
</listitem>
<listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>certname</title>
+ <para>
+ The puppetmaster certificate's Common Name (CN), for which by default the system's hostname is used. The hostname of the system is a pretty reasonable value.
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>certdnsnames</title>
+ <para>
+ A colon (<literal>:</literal>) seperated list of DNS names resolving to the puppetmaster. Include here:
+ <orderedlist>
+ <listitem>
+ <para>
+ The short hostname of the system, using the output of: <screen># <userinput>hostname -s</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>puppet</literal>, followed by the DNS domain name of the system, using the output of <screen># <userinput>dnsdomainname</userinput></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Any other hostname or fully qualified domain name you want to use for the puppetmaster.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
<para>
Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
ca = <replaceable>true</replaceable></screen>
@@ -911,6 +923,9 @@ debug: Calling fileserver.describe</screen>
<screen>[puppetmasterd]
reports = <replaceable>tagmail,store,rrdgraph</replaceable></screen>
</para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
+ </para>
</listitem>
<listitem>
<para>
@@ -922,16 +937,6 @@ debug: Calling fileserver.describe</screen>
<emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-OtherThingsToDoWithPuppet-TweakingReporting" />
</para>
</listitem>
- <listitem>
- <para>
- what type of configuration store to use (sqlite3, mysql, postgresql)
- </para>
- </listitem>
- <listitem>
- <para>
- database settings for use with storeconfigs
- </para>
- </listitem>
</itemizedlist>
</para>
</formalpara>
15 years, 7 months
3 commits - en-US/Books
by Jeroen van Meeuwen
en-US/Books/PuppetWorkshop/Course.xml | 60 +++++++++++++++++++++++++++++-----
1 file changed, 52 insertions(+), 8 deletions(-)
New commits:
commit c0c53ec7e6eac2d8d2d135a2a333e82a674bf656
Merge: 4ce0ad4... f2da6a4...
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Sun Oct 5 21:04:03 2008 +0200
Merge branch 'master' of ssh://git.fedorahosted.org/git/courses
commit 4ce0ad4ceda0cdb83f6229e10c8c1506c354a372
Merge: b36c924... 848e9f0...
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Sun Oct 5 20:58:07 2008 +0200
Merge branch 'master' of ssh://git.fedorahosted.org/git/courses
commit b36c924d1b67d824ebe767cbc641a8d1ae454445
Author: Jeroen van Meeuwen (Fedora Unity) <kanarip(a)fedoraunity.org>
Date: Sun Oct 5 20:57:59 2008 +0200
Updates
diff --git a/en-US/Books/PuppetWorkshop/Course.xml b/en-US/Books/PuppetWorkshop/Course.xml
index 5010acc..a4ec5b3 100644
--- a/en-US/Books/PuppetWorkshop/Course.xml
+++ b/en-US/Books/PuppetWorkshop/Course.xml
@@ -767,7 +767,41 @@ debug: Calling fileserver.describe</screen>
</itemizedlist>
</para>
<para>
- The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values.
+ The configuration file for puppet and puppetmaster is <filename>/etc/puppet/puppet.conf</filename>. It is a file in INI-like format with sections, keys and values. There's 4 sections of interest,
+ <itemizedlist>
+ <listitem>
+ <formalpara>
+ <title>[main]</title>
+ <para>
+ para
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetca]</title>
+ <para>
+ para
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetd]</title>
+ <para>
+ para
+ </para>
+ </formalpara>
+ </listitem>
+ <listitem>
+ <formalpara>
+ <title>[puppetmasterd]</title>
+ <para>
+ para
+ </para>
+ </formalpara>
+ </listitem>
+ </itemizedlist>
</para>
<formalpara>
<title>First run relevant settings</title>
@@ -841,17 +875,17 @@ debug: Calling fileserver.describe</screen>
</listitem>
<listitem>
<para>
- Whether or not to use autosigning of certificates, using
- <screen>[puppetca]
- autosign = <replaceable>false</replaceable></screen>
- The default is to <emphasis>not</emphasis> use autosigning.
+ Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
+ ca = <replaceable>true</replaceable></screen>
+ The default is often set to <code>true</code>.
</para>
</listitem>
<listitem>
<para>
- Another setting to check is whether or not this puppetmaster is going to be the Certificate Authority <screen>[puppetmasterd]
- ca = <replaceable>true</replaceable></screen>
- The default is often set to <code>true</code>.
+ Whether or not to use autosigning of certificates, using
+ <screen>[puppetca]
+ autosign = <replaceable>false</replaceable></screen>
+ The default is to <emphasis>not</emphasis> use autosigning. Only applicable if <code>puppetca</code> is set to <code>true</code>.
</para>
</listitem>
</itemizedlist>
@@ -867,6 +901,9 @@ debug: Calling fileserver.describe</screen>
<screen>[puppetmasterd]
environments = <replaceable>development,testing,production</replaceable></screen>
</para>
+ <para>
+ <emphasis>See also</emphasis>: <xref linkend="PuppetWorkshop-HowToUsePuppet-Environments" />
+ </para>
</listitem>
<listitem>
<para>
@@ -960,6 +997,13 @@ debug: Calling fileserver.describe</screen>
</para>
</section>
+ <section id="PuppetWorkshop-HowToUsePuppet-Environments">
+ <title>Environments</title>
+ <para>
+ paragraph
+ </para>
+ </section>
+
</chapter>
<chapter id="PuppetWorkshop-OtherThingsToDoWithPuppet">
15 years, 7 months
en-US/Books
by Stefan Alexander Hartsuiker
en-US/Books/PuppetWorkshop/Course-Appendix.xml | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
New commits:
commit f2da6a41a4f0513dbb66bf079c6f66cd8e20e5a1
Author: S.A. Hartsuiker <shartsuiker(a)stefan-vaio.lan>
Date: Sun Oct 5 20:58:19 2008 +0200
Used same revised system resource definition
diff --git a/en-US/Books/PuppetWorkshop/Course-Appendix.xml b/en-US/Books/PuppetWorkshop/Course-Appendix.xml
index e87a9bb..37b3e31 100644
--- a/en-US/Books/PuppetWorkshop/Course-Appendix.xml
+++ b/en-US/Books/PuppetWorkshop/Course-Appendix.xml
@@ -76,7 +76,9 @@
<formalpara>
<title>system resource</title>
<para>
- A system resource is a resource available on the node whether it is managed by puppet or not. Unlike in other cases, this term does not as much to system hardware resources such as the CPU or memory available to the operating system, because that.
+<!-- A system resource is a resource available on the node whether it is managed by puppet or not. Unlike in other cases, this term does not as much to system hardware resources such as the CPU or memory available to the operating system, because that.
+//-->
+ A system resource is a resource available on the node whether it is managed by puppet or not. Unlike what is otherwise understood by system resources, the puppet definition of system resources does not so much refer to resources like CPU or memory, but rather to whether or not a package is installed or what version of said package, or the $osversion, and so on and so forth.
</para>
</formalpara>
</listitem>
15 years, 7 months
en-US/Books
by Stefan Alexander Hartsuiker
en-US/Books/PuppetWorkshop/Course.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 848e9f0937f3365b858176b2ab7a9f5092dd0ee0
Author: S.A. Hartsuiker <shartsuiker(a)stefan-vaio.lan>
Date: Sun Oct 5 18:47:54 2008 +0200
Rewrote the note about the variable settings in Configuring the Puppetmaster
diff --git a/en-US/Books/PuppetWorkshop/Course.xml b/en-US/Books/PuppetWorkshop/Course.xml
index 5010acc..61428ec 100644
--- a/en-US/Books/PuppetWorkshop/Course.xml
+++ b/en-US/Books/PuppetWorkshop/Course.xml
@@ -835,7 +835,7 @@ debug: Calling fileserver.describe</screen>
</para>
<note>
<para>
- If you used a package to install puppet, the defaults. It is the upstream puppet package that cannot coher with each and every distribution or operating system it is available for, and therefor has a set of defaults that will work, but will need to be changed on most platforms.
+ If you used a package to install puppet, the defaults should work, but may not comply with your backup strategy. It is the upstream puppet package that cannot cater to each and every distribution or operating system it is available for, and therefore has a set of defaults that will work, but will need to be changed on most platforms.
</para>
</note>
</listitem>
15 years, 7 months