On Thu, Jun 20, 2013 at 4:20 PM, Eric Aiken <[email protected]> wrote:
> I'm new to puppet and working my way through the documentation. I'm > struggling with the puppet labs module repo. > > I've toyed with numerous automation and configuration methodologies over > the decades. Perhaps I'm seeing puppet wrong, Compared with CFEngine > there is a a lot I like, but I'm not sure why I'm still having to re-invent > the wheel for a linux server distribution. What I mean is, why at this > point in the linux lifecycle, there are not standard modules for the 10,50 > or 100 things that an admin must change to deploy a linux server in prod or > dev > > Even though puppetlabs has a modules repo, if you look for some basic > modules: sudoer, resolv.conf, ifcfg, there a numerous "instances" > of modules by users. Each with their own idiosyncrasies. Why do admins > have to keep re-inventing the wheel for each iteration of Config Mgmt and > Monitoring tools. > > Has anyone created a "repo" of puppet modules for a given linux distro. > In my case CentOS. Seems there should be (at this point) > /etc/puppet/modules/CentOSx, that includes all the necessary > modules/manifest etc. that only need to be tweaked for local settings or > deleted for lack of need. According to the documentation and books i'm > working through, i'll need to download and modify module by module 10's to > 100+ modules/manifests/.pp files for a basic CentOS server running a java > app. Not counting the effort necessary for best practices of parametrize > classes. > > What am I missing here? > > I've had a number of jobs now that all used Linux and all did "sort of the same things" and yet in almost every case the configuration of the systems ended up radically different. In some cases this was due to security requirements, or legacy issues, or personal tastes amongst the people involved in how to "best" setup things. In some cases we just used init scripts, in others we wanted to integrate monit to restart services automatically, in some we needed to do weird pam stuff to log console keystrokes. What I'm driving at here is that there's just so many different things you can do with things as simple as sudoers that everyone reinvents the wheel for their specific circumstance. The trouble with generic modules that are flexible enough to handle all use cases is that they become complex! I've written a sudoers module that relied heavily on "augeas" to parse and do all kinds of sudoers stuff to enable really complex sudoer magic. At the very next job we pushed out a single sudoers file to all servers. In a situation like that do you really want all the complexity of a module that includes functions, maybe providers, defines, all kinds of stuff that is difficult to maintain yourself when you can write a couple of quick classes that do exactly what you want? :) Thanks, -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
