On 05/04/2013 02:25 PM, Luke Bigum wrote:
On Saturday, May 4, 2013 12:43:57 PM UTC+1, Martin Langhoff wrote:On Fri, May 3, 2013 at 4:43 PM, Schofield <[email protected] <javascript:>> wrote: > Everything else is managed by puppet. Do you manage complex network setups (bonding, routing) via puppet? There is a certain degree of chicken-and-egg in that; how do you handle managing configuration without breaking the network that delivers the puppet config to the host? We have a very generic kickstart that runs Puppet as a final step, and in that first Puppet run I have a module that writes out /etc/sysconfig/network-script/ files, which includes routes, rules, bonding, vlans, bridges, etc. All the information is stored in Hiera. We do not use Puppet to restart networking or attempt to fix up any discrepancies, someone has to come along and "service network restart". So we use Puppet to provision what the networking should look like, but not enforce it. This means an Admin can come along and mess around with the networking and thus things can deviate from what Puppet says they should be. However, since all the information is stored in Hiera I can have Puppet export out nagios checks that do things along the lines of "this interface is not up but it should be" and "this interface does not belong to the bond it should". Do you manage complex disk setups (RAID arrays, DRBD) via Puppet? Any hints as to how? I haven't tried to manage DRBD but the config should be simple. You're going to run into problems if you try to create a DRBD disk across two servers at the same time - Puppet can't orchestrate the commands that need to be run on each server, for that you would need MCollective and unless you were creating 100s of DRBD disks, I wouldn't bother and I'd do it by hand. I do manage iSCSI disks, LVM and file systems in Puppet though. There's a manual step where we have to go to our storage appliances and create the iSCSI disk first, then put the iSCSI target ID into Hiera, but the rest is clockwork. It provisions only, it doesn't attempt to resize or reformat file systems if it finds a discrepancy. To counteract that, like the networking scripts, I can export nagios checks that say "this file system is 30 Gig and ext3, but it's supposed to be 10 Gig and ext4" which tells me someone's gone and made on-box changes that aren't back-ported to Puppet / Hiera. Or perhaps you only use Puppet so extensively in VMs, where you don't have to deal with all these pesky issues? I have Puppet create our VMs, which calls our kickstart, which calls Puppet ;-)
I wrote cobbler module for Puppet, so we have all the cobbler settings in hiera and manage it via custom types :D So Puppet manages Cobbler which generates kickstart, which runs puppet :D
-- Jakov Sosic www.srce.unizg.hr -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
