Three thoughts. The first would be to have node definitions for monitor on
both dev and test environments, doing a minimal amount of work to generate
nagios host definitions in a disjoint directory that you include in your
nagios config.
So:
/var/lib/{puppet,puppet-dev,puppet-test}
/etc/{puppet,puppet-dev,puppet-test}
/etc/nagios/object/{dev,test}
To further isolate your nagios box from harm, dev and test environment runs
can be done from an unprivileged user and puppet agent runs can be tied to
host/service additions/removals in dev/test. I know this idea directly
violates you saying "So... setting up all 3 puppet stacks to export
resources that are realized somehow on the Nagios server isn't a
possibility, as bad manifests/modules could affect the monitoring of one of
the dev or test hosts." but it seems the least-harm least-gross way to do
this.
The other way that came to mind was an aperiodic dump/insert of relevant
postgresql tables relating to exported resources from dev/test into the
production postgresql puppetdb. This would require investigating the schema
in use, and cleanup could get tricky.
The third way that came to mind was to use the inventory service
http://docs.puppetlabs.com/guides/inventory_service.html to loop over
hostnames, GET'ing yaml from dev/test and PUT'ing it onto the production
server. I don't know how deletions would be handled, there, or even what
you'd want your failure mode to be.
Jeff
On Mon, Dec 2, 2013 at 8:39 PM, Jason Antman <[email protected]> wrote:
> Hello,
>
> I have 3 puppet stacks (master, puppetdb, enc) - dev, test/qa and prod.
> Dev is used for initial development and testing of code (including
> puppet), which is then promoted to test and then prod.
>
> I'd like to start using the nagios types to configure monitoring, via
> exported resources (yes I'm aware of the issues with the builtins, but
> they'll have to do for now). I only have one Nagios server, and I'd like
> to reliably monitor at least some stuff on the dev and test puppet
> nodes. So... setting up all 3 puppet stacks to export resources that are
> realized somehow on the Nagios server isn't a possibility, as bad
> manifests/modules could affect the monitoring of one of the dev or test
> hosts.
>
> What's the safe way to "freeze" exported resources, or prevent them from
> being changed? The best that I can come up with so far is to have the
> nagios server connected to the production puppetmaster, and when I want
> to update the (exported resource) monitoring configuration for one of
> the dev or test nodes, have to do a one-time run on each node in
> question against the prod puppet master.
>
> Any other thoughts or theories?
>
> Thanks,
> Jason Antman
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/529D363C.4030202%40jasonantman.com
> .
> For more options, visit https://groups.google.com/groups/opt_out.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAHahqg0BadZAtitdE75A0QLqT7VDU5U_2mm5yHCWNxurwEVSxw%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
