Hey guys. I am starting out with puppet and am in the process of writing a bootstrap script for the clients and a capistrano recipe for the server. I have the client bootstrap done which installs ruby, puppet, sets a host name, and then points the client at the puppet server and now I am in the process of setting up the puppet server. My first attempt was to set up a git project for puppet, an admin user on the server and then use capistrano to deploy my puppet config and all manifests into a directory in the admin users home. Basically this would be the contents of the /etc/puppet directory. The idea was that I would deploy to /home/admin_user/infrastructure and then symlink that directory or /etc/puppet. This didn''t work because puppet blows away the symlink and sets up a blank directory in /etc/puppet. So I am wondering what to do next. Some options... 1. I could use rsync after deploy to copy the contents to /etc/puppet but I noticed that the manifests directory are owned by the user puppet so I don''t know how well that would work. 2. I could manually set up a /etc/puppet/puppet.conf which points to the manifests in the /home/admin directory and manage the puppet conf with puppet. 3. I could use something other than capistrano. I am familiar with capistrano so I would prefer to stay with it but I am willing to learn something else if it would be better. I also have a question as to whether the ssl directory should be managed by puppet itself or me. I kind of presumed everything in /etc/puppet would be managed by me and everything in /var/lib/puppet would be managed by puppet is that right? So does anybody have a nice capistrano config.rb for puppet? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Jacob Helwig
2011-Nov-09 22:18 UTC
Re: [Puppet Users] Starting out with puppet and capistrano
On 2011-11-09 13:38 , Tim Uckun wrote:> Hey guys. > > I am starting out with puppet and am in the process of writing a > bootstrap script for the clients and a capistrano recipe for the > server. I have the client bootstrap done which installs ruby, puppet, > sets a host name, and then points the client at the puppet server and > now I am in the process of setting up the puppet server. > > My first attempt was to set up a git project for puppet, an admin user > on the server and then use capistrano to deploy my puppet config and > all manifests into a directory in the admin users home. Basically this > would be the contents of the /etc/puppet directory. The idea was that > I would deploy to /home/admin_user/infrastructure and then symlink > that directory or /etc/puppet. This didn''t work because puppet blows > away the symlink and sets up a blank directory in /etc/puppet. > > So I am wondering what to do next. Some options... > > 1. I could use rsync after deploy to copy the contents to /etc/puppet > but I noticed that the manifests directory are owned by the user > puppet so I don''t know how well that would work. > 2. I could manually set up a /etc/puppet/puppet.conf which points to > the manifests in the /home/admin directory and manage the puppet conf > with puppet. > 3. I could use something other than capistrano. I am familiar with > capistrano so I would prefer to stay with it but I am willing to learn > something else if it would be better. > > I also have a question as to whether the ssl directory should be > managed by puppet itself or me. I kind of presumed everything in > /etc/puppet would be managed by me and everything in /var/lib/puppet > would be managed by puppet is that right? > > So does anybody have a nice capistrano config.rb for puppet? >Dunno if it''s the best way, but I went with #2 for my setup. It''s very basic, and has been working great for me. Full setup below for the benefit of those that aren''t familiar with Capistrano. Sorry for the line wrapping in the puppet.conf, but I haven''t gotten Thunderbird fully trained yet. /etc/puppet/puppet.conf: [master] manifestdir = /u/apps/puppet-manifest/current/manifests modulepath /u/apps/puppet-manifest/current/modules:/usr/share/puppet/modules config_version = ''cat /u/apps/puppet-manifest/current/REVISION'' Capfile: require ''rubygems'' require ''railsless-deploy'' load ''deploy'' if respond_to?(:namespace) # cap2 differentiator Dir[ ''vendor/gems/*/recipes/*.rb'', ''vendor/plugins/*/recipes/*.rb'' ].each do |plugin| load(plugin) end load ''config/deploy'' config/deploy.rb: set :application, "puppet-manifest" set :repository, <repo-here> set :scm, :git set :branch, ''master'' set :deploy_via, :remote_cache # Needed to deploy vcsrepo (submodule) set :git_enable_submodules, true role :app, <puppet master''s hostname> set :user, ''app'' set :use_sudo, false default_run_options[:pty] = true ssh_options[:forward_agent] = true # this tells capistrano what to do when you deploy namespace :deploy do desc <<-DESC A macro-task that updates the code and fixes the symlink. DESC task :default do transaction do update_code symlink end end task :update_code, :except => { :no_release => true } do on_rollback { run "rm -rf #{release_path}; true" } strategy.deploy! end after :deploy, ''deploy:cleanup'' end -- Jacob Helwig http://about.me/jhelwig
Tim Uckun
2011-Nov-09 22:39 UTC
Re: [Puppet Users] Starting out with puppet and capistrano
Thanks Jacob. I will give this a go and see what happens. Cheers. On Thu, Nov 10, 2011 at 11:18 AM, Jacob Helwig <jacob@puppetlabs.com> wrote:> On 2011-11-09 13:38 , Tim Uckun wrote: >> Hey guys. >> >> I am starting out with puppet and am in the process of writing a >> bootstrap script for the clients and a capistrano recipe for the >> server. I have the client bootstrap done which installs ruby, puppet, >> sets a host name, and then points the client at the puppet server and >> now I am in the process of setting up the puppet server. >> >> My first attempt was to set up a git project for puppet, an admin user >> on the server and then use capistrano to deploy my puppet config and >> all manifests into a directory in the admin users home. Basically this >> would be the contents of the /etc/puppet directory. The idea was that >> I would deploy to /home/admin_user/infrastructure and then symlink >> that directory or /etc/puppet. This didn''t work because puppet blows >> away the symlink and sets up a blank directory in /etc/puppet. >> >> So I am wondering what to do next. Some options... >> >> 1. I could use rsync after deploy to copy the contents to /etc/puppet >> but I noticed that the manifests directory are owned by the user >> puppet so I don''t know how well that would work. >> 2. I could manually set up a /etc/puppet/puppet.conf which points to >> the manifests in the /home/admin directory and manage the puppet conf >> with puppet. >> 3. I could use something other than capistrano. I am familiar with >> capistrano so I would prefer to stay with it but I am willing to learn >> something else if it would be better. >> >> I also have a question as to whether the ssl directory should be >> managed by puppet itself or me. I kind of presumed everything in >> /etc/puppet would be managed by me and everything in /var/lib/puppet >> would be managed by puppet is that right? >> >> So does anybody have a nice capistrano config.rb for puppet? >> > > Dunno if it''s the best way, but I went with #2 for my setup. It''s very > basic, and has been working great for me. Full setup below for the > benefit of those that aren''t familiar with Capistrano. > > Sorry for the line wrapping in the puppet.conf, but I haven''t gotten > Thunderbird fully trained yet. > > /etc/puppet/puppet.conf: > > [master] > manifestdir = /u/apps/puppet-manifest/current/manifests > modulepath > /u/apps/puppet-manifest/current/modules:/usr/share/puppet/modules > > config_version = ''cat /u/apps/puppet-manifest/current/REVISION'' > > Capfile: > require ''rubygems'' > require ''railsless-deploy'' > > load ''deploy'' if respond_to?(:namespace) # cap2 differentiator > Dir[ > ''vendor/gems/*/recipes/*.rb'', > ''vendor/plugins/*/recipes/*.rb'' > ].each do |plugin| > load(plugin) > end > > load ''config/deploy'' > > config/deploy.rb: > set :application, "puppet-manifest" > set :repository, <repo-here> > set :scm, :git > set :branch, ''master'' > set :deploy_via, :remote_cache > > # Needed to deploy vcsrepo (submodule) > set :git_enable_submodules, true > > role :app, <puppet master''s hostname> > > set :user, ''app'' > set :use_sudo, false > > default_run_options[:pty] = true > ssh_options[:forward_agent] = true > > # this tells capistrano what to do when you deploy > namespace :deploy do > > desc <<-DESC > A macro-task that updates the code and fixes the symlink. > DESC > task :default do > transaction do > update_code > symlink > end > end > > task :update_code, :except => { :no_release => true } do > on_rollback { run "rm -rf #{release_path}; true" } > strategy.deploy! > end > > after :deploy, ''deploy:cleanup'' > end > > > -- > Jacob Helwig > http://about.me/jhelwig > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Tim Uckun
2011-Nov-09 22:42 UTC
Re: [Puppet Users] Starting out with puppet and capistrano
Oh what about the SSL directory? Should I attempt to manage that or just let puppet manage it. Also does it make more sense to keep that in /etc/puppet or /var/lib/puppet? Cheers. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Jacob Helwig
2011-Nov-09 22:49 UTC
Re: [Puppet Users] Starting out with puppet and capistrano
On 2011-11-09 14:42 , Tim Uckun wrote:> Oh what about the SSL directory? Should I attempt to manage that or > just let puppet manage it. > > Also does it make more sense to keep that in /etc/puppet or /var/lib/puppet? > > Cheers. >I just left it alone at the defaults, and let Puppet take care of it. -- Jacob Helwig http://about.me/jhelwig