I'm new to puppet and have been exploring different ways of configuring manifests, ranging from huge single manifests, through per-node and am currently looking at the role/profile patterns.
One thing I've been looking at is using a mix of puppet and hiera to set up a hierarchy based around server roles (i.e. web. database, logging etc.) using the environment and a custom fact set on the agents using /etc/facter/facts.d. For me this seems an efficient way to describe a configuration since it can avoid a lot of duplication. However, some of the team I'm working with have concerns around the fact that we're letting the agents dictate what manifests get passed to them since they define the role & environment facts. I've been told that if someone found a 'root-level' exploit they could change the facts to retrieve whatever manifest they want - my response is if we get to that stage, all bets are off since they can just stop puppet, download rpm's etc. However I wanted to gauge the feeling of the experts - is this a risky solution, or do others feel that as we implement other security factors (firewalls, correct file permissions, certificates) that this is an acceptable route to investigate? Thanks in advance for you thoughts. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b24c11a0-1e0a-459f-9873-de80fccd41a9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
