On Thu, Jun 20, 2013 at 4:20 PM, Eric Aiken <ericaiken@gmail.com> wrote:
> I''m new to puppet and working my way through the documentation.
I''m
> struggling with the puppet labs module repo.
>
> I''ve toyed with numerous automation and configuration
methodologies over
> the decades. Perhaps I''m seeing puppet wrong, Compared with
CFEngine
> there is a a lot I like, but I''m not sure why I''m still
having to re-invent
> the wheel for a linux server distribution. What I mean is, why at this
> point in the linux lifecycle, there are not standard modules for the 10,50
> or 100 things that an admin must change to deploy a linux server in prod or
> dev
>
> Even though puppetlabs has a modules repo, if you look for some basic
> modules: sudoer, resolv.conf, ifcfg, there a numerous
"instances"
> of modules by users. Each with their own idiosyncrasies. Why do admins
> have to keep re-inventing the wheel for each iteration of Config Mgmt and
> Monitoring tools.
>
> Has anyone created a "repo" of puppet modules for a given linux
distro.
> In my case CentOS. Seems there should be (at this point)
> /etc/puppet/modules/CentOSx, that includes all the necessary
> modules/manifest etc. that only need to be tweaked for local settings or
> deleted for lack of need. According to the documentation and books
i''m
> working through, i''ll need to download and modify module by module
10''s to
> 100+ modules/manifests/.pp files for a basic CentOS server running a java
> app. Not counting the effort necessary for best practices of parametrize
> classes.
>
> What am I missing here?
>
>
I''ve had a number of jobs now that all used Linux and all did
"sort of the
same things" and yet in almost every case the configuration of the systems
ended up radically different. In some cases this was due to security
requirements, or legacy issues, or personal tastes amongst the people
involved in how to "best" setup things. In some cases we just used
init
scripts, in others we wanted to integrate monit to restart services
automatically, in some we needed to do weird pam stuff to log console
keystrokes.
What I''m driving at here is that there''s just so many
different things you
can do with things as simple as sudoers that everyone reinvents the wheel
for their specific circumstance. The trouble with generic modules that are
flexible enough to handle all use cases is that they become complex!
I''ve
written a sudoers module that relied heavily on "augeas" to parse and
do
all kinds of sudoers stuff to enable really complex sudoer magic. At the
very next job we pushed out a single sudoers file to all servers.
In a situation like that do you really want all the complexity of a module
that includes functions, maybe providers, defines, all kinds of stuff that
is difficult to maintain yourself when you can write a couple of quick
classes that do exactly what you want? :)
Thanks,
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.