Puppet mark two

Posted on October 26th, 2007 by matt

Spent today working from home, rewriting our Puppet configs from the ground up to take advantage of having learned a few things since the writing the first version of the configs.

To be more accurate, I’ve learned a lot about the limitations and idiom of Puppet so it really has been a complete rewrite.

The original configs had a really big node defined called “solaris” which had all the resources defined right there in the node. It was getting really unwieldy, pretty difficult to follow, ludicrious amounts of nesting and stuff.

The new version follows a rule set out on puppet-users by Luke Kanies. To paraphrase: only put “include” statements and variable definitions in nodes. Anything where there is only one per host goes into a class, anything with possibly several goes in a define.

So my “solaris” node now reads:

node solaris {
        include root
        include postfix
        include pca
        include puppetd
        include sshd
        include syslog
        include ntp
}

and I’m considering the merits of making this a class instead, but I like the node foo inherits solaris {} idiom a lot more than:


node foo { include solaris }

which would be the alternative.

Another thing I’ve done in this run is to write a new define called myfile. I use this in place of the file type and it (a) removes the need to fully specify the URI for the “source” parameter and (b) automates searching for host, os-site, site, os, and generic configs. This makes the resulting Puppet configs much cleaner and a whole lot easier to write.

Have added a new custom fact, zonename, which I’m using in the ntp class because there’s no point running xntpd in a non-global zone.

The new service-based classes are specifying config files and making much better use of the service type along with the subscribe parameter to automatically restart services when configs change. This is pretty basic Puppet but I was getting really overwhelmed by the previous stab at configuring things so never really made much use of it.

I’m trying to be reasonably platform-agnostic but there are still a few places where I assume that the platform is Solaris.

The puppetd class took a good ten minutes of staring-at to get right. So very many levels of nested stuff (OK, just two nested case statements) that the run of braces was making my head hurt. But this is an exception because it’s defining how to make puppetd run on SMF and non-SMF systems. Everything else thusfar has been services that ship with the OS.

There’s more work to be done but I’m confident that the way I’ve laid things out now is much more sensible and will scale without giving anyone the heebie-jeebies.

Popularity: 39% [?]

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Slashdot

Tags: Tech //

Discussion Area - Leave a Comment




« KDE, part 2 Kubuntu and sound »