Bob Apthorpe
2007-Apr-30 06:33 UTC
Best Practice: how to organize puppetmaster directories?
Hi,
While puppet creates its own directories for internal stuff (puppetca,
state, etc.), there''s a fair bit of latitude given to where things like
manifests and uploaded files live. I didn''t get much guidance from the
docs when I first set things up so I mostly poked at things until the
worked. Take a look at the following and let me know if this looks
reasonable; if so, it probably ought to be documented somewhere to ease
initial setup.
----
The manifests, nodes, certs, and a few other configuration bits live
under /etc/puppet:
/etc/puppet
|-- classes.txt
|-- dev_classes
| `-- [ a bunch of developmental or obsolete manifests ]
|-- fileserver.conf
|-- manifests
| |-- classes
| | `-- [ all of the manifests I''m using in production ]
| |-- nodes
| | `-- [ each of my servers, by name ]
| `-- site.pp
|-- puppetd.conf
`-- ssl
`-- [ all of puppetmaster''s keys, certs, and csrs ]
Files uploaded via fileserver live under /var/lib/puppet. Generic files
live under dist, full packages live under depot, and host-specific stuff
lives under private/[hostname]:
/var/lib/puppet
|-- depot
| `-- tar
| `-- BBCLT-bbc1.9g-btf.tar
|-- dist
| `-- apps
| |-- diagnostics
| | `-- ralsh
| |-- mail
| | `-- aliases
| |-- ntp
| | `-- ntp.conf
| |-- puppet_client
| | |-- puppet.sysconfig
| | `-- puppetd.init
| |-- resolver
| | `-- resolv.conf
| |-- sudo
| | `-- sudoers
| `-- syslog
| `-- syslog.conf
`-- private
`-- [clientname].example.edu
`-- apps
|-- apcupsd
| `-- apcupsd.conf
|-- bigbrother
|-- shells
`-- sshd
No idea what lives under /var/puppet - filebucket, logs, pidfiles, state
info, graphs, templates. Aside from the GraphViz .dot files, I never
poke around under /var/puppet.
Thanks,
-- Bob
Luke Kanies
2007-Apr-30 14:51 UTC
Re: Best Practice: how to organize puppetmaster directories?
On Apr 30, 2007, at 1:33 AM, Bob Apthorpe wrote:> While puppet creates its own directories for internal stuff (puppetca, > state, etc.), there''s a fair bit of latitude given to where things > like > manifests and uploaded files live. I didn''t get much guidance from the > docs when I first set things up so I mostly poked at things until the > worked. Take a look at the following and let me know if this looks > reasonable; if so, it probably ought to be documented somewhere to > ease > initial setup.That all seems reasonable, assuming it''s all in SVN or some such. Looks like it''s time for you to create a Wiki page. :) -- My favorite was a professor at a University I Used To Be Associated With who claimed that our requirement of a non-alphabetic character in our passwords was an abridgement of his freedom of speech. -- Jacob Haller --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
David Lutterkort
2007-Apr-30 21:42 UTC
Re: Best Practice: how to organize puppetmaster directories?
On Mon, 2007-04-30 at 01:33 -0500, Bob Apthorpe wrote:> The manifests, nodes, certs, and a few other configuration bits live > under /etc/puppet: > > /etc/puppet > |-- classes.txt > |-- dev_classes > | `-- [ a bunch of developmental or obsolete manifests ] > |-- fileserver.conf > |-- manifests > | |-- classes > | | `-- [ all of the manifests I''m using in production ] > | |-- nodes > | | `-- [ each of my servers, by name ] > | `-- site.pp > |-- puppetd.conf > `-- ssl > `-- [ all of puppetmaster''s keys, certs, and csrs ]This all looks good; I would move classes.txt and ssl/ into /var/lib/puppet though since they are modified by the running server. You''d probably also want to add a directory /etc/puppet/modules to the above list; the default modulepath is $confdir/modules:/usr/share/puppet/modules David
Digant C Kasundra
2007-May-01 23:23 UTC
Re: Best Practice: how to organize puppetmaster directories?
--On Monday, April 30, 2007 01:33:35 -0500 Bob Apthorpe <apthorpe@cynistar.net> wrote:> Hi, > > While puppet creates its own directories for internal stuff (puppetca, > state, etc.), there''s a fair bit of latitude given to where things like > manifests and uploaded files live. I didn''t get much guidance from the > docs when I first set things up so I mostly poked at things until the > worked. Take a look at the following and let me know if this looks > reasonable; if so, it probably ought to be documented somewhere to ease > initial setup. > > ---- > > The manifests, nodes, certs, and a few other configuration bits live > under /etc/puppet: > > /etc/puppet >| -- classes.txt >| -- dev_classes >| `-- [ a bunch of developmental or obsolete manifests ] >| -- fileserver.conf >| -- manifests >| | -- classes >| | `-- [ all of the manifests I''m using in production ] >| | -- nodes >| | `-- [ each of my servers, by name ] >| `-- site.pp >| -- puppetd.conf > `-- ssl > `-- [ all of puppetmaster''s keys, certs, and csrs ] > > Files uploaded via fileserver live under /var/lib/puppet. Generic files > live under dist, full packages live under depot, and host-specific stuff > lives under private/[hostname]: > > /var/lib/puppet >| -- depot >| `-- tar >| `-- BBCLT-bbc1.9g-btf.tar >| -- dist >| `-- apps >| | -- diagnostics >| | `-- ralsh >| | -- mail >| | `-- aliases >| | -- ntp >| | `-- ntp.conf >| | -- puppet_client >| | | -- puppet.sysconfig >| | `-- puppetd.init >| | -- resolver >| | `-- resolv.conf >| | -- sudo >| | `-- sudoers >| `-- syslog >| `-- syslog.conf > `-- private > `-- [clientname].example.edu > `-- apps > |-- apcupsd > | `-- apcupsd.conf > |-- bigbrother > |-- shells > `-- sshd > > No idea what lives under /var/puppet - filebucket, logs, pidfiles, state > info, graphs, templates. Aside from the GraphViz .dot files, I never > poke around under /var/puppet. >There is a Stanford Best Practice around this that needs a bit of an update around modules but I think you might find it helpful: <http://www.reductivelabs.com/trac/puppet/wiki/StanfordPuppetBestPractices> -- Digant C Kasundra <digant@stanford.edu> Technical Lead, ITS Unix Systems and Applications, Stanford University