Let''s say I have two different geographic sites. They are pretty much identical ie. each site has a machine called web1 which is a web server, etc. Except there are couple site-specific settings ie. outgoing DNS servers are different, SSL certs are different etc. On the puppetmaster I can put in a file called e.g. /etc/sideid which would uniquely identify a site ie. siteX or siteY. How would I on the managed nodes get these fact propagated so that - siteX-web1 gets certificate for web1.siteX.domain.com - siteY-web1 gets certificate for web1.siteY.domain.com The key is that I want to keep these sites nearly identical without needing to generate bunch of configuration duplication. Thanks, Vladimir
On Thu, Oct 11, 2007 at 05:39:44PM -0400, Vladimir wrote:> Let''s say I have two different geographic sites. They are pretty much > identical ie. each site has a machine called web1 which is a web server, > etc. Except there are couple site-specific settings ie. outgoing DNS > servers are different, SSL certs are different etc. > > On the puppetmaster I can put in a file called e.g. > > /etc/sideid > > which would uniquely identify a site ie. siteX or siteY. How would I on > the managed nodes get these fact propagated so that > > - siteX-web1 gets certificate for web1.siteX.domain.com > - siteY-web1 gets certificate for web1.siteY.domain.comWhat''s wrong with just giving the machines at each site that FQDN? Works wonderfully for me. If you''re worried about people getting confused by the hostname being the same, modify the default shell prompt to give you the first two parts of the FQDN instead of just the hostname.> The key is that I want to keep these sites nearly identical without > needing to generate bunch of configuration duplication.That''s what Puppet''s good at, after all. - Matt
If you set up your DNS entries as: foo.siteX.domain.com You could easily use Puppet''s case statement to distribute a different certificate based on the "domain" fact (which would be siteX.domain.com). You could also build and distribute a custom fact, which would evaluate this on the fly. You can find instructions at http://reductivelabs.com/trac/puppet/wiki/AddingFacts. Adam On 10/11/07, Vladimir <vlists@veus.hr> wrote:> Let''s say I have two different geographic sites. They are pretty much > identical ie. each site has a machine called web1 which is a web server, > etc. Except there are couple site-specific settings ie. outgoing DNS > servers are different, SSL certs are different etc. > > On the puppetmaster I can put in a file called e.g. > > /etc/sideid > > which would uniquely identify a site ie. siteX or siteY. How would I on > the managed nodes get these fact propagated so that > > - siteX-web1 gets certificate for web1.siteX.domain.com > - siteY-web1 gets certificate for web1.siteY.domain.com > > The key is that I want to keep these sites nearly identical without > needing to generate bunch of configuration duplication. > > Thanks, > > Vladimir > _______________________________________________ > Puppet-users mailing list > Puppet-users@madstop.com > https://mail.madstop.com/mailman/listinfo/puppet-users >-- HJK Solutions - We Launch Startups - http://www.hjksolutions.com Adam Jacob, Senior Partner T: (206) 508-4759 E: adam@hjksolutions.com
We did this by writing a custom fact to examine the IP address, as each site is on a different subnet. It''s working well for us. Matt -----Original Message----- From: puppet-users-bounces@madstop.com [mailto:puppet-users-bounces@madstop.com] On Behalf Of Vladimir Sent: Friday, 12 October 2007 7:40 AM To: Puppet User Discussion Subject: [Puppet-users] Specifying geographic related facts Let''s say I have two different geographic sites. They are pretty much identical ie. each site has a machine called web1 which is a web server, etc. Except there are couple site-specific settings ie. outgoing DNS servers are different, SSL certs are different etc. On the puppetmaster I can put in a file called e.g. /etc/sideid which would uniquely identify a site ie. siteX or siteY. How would I on the managed nodes get these fact propagated so that - siteX-web1 gets certificate for web1.siteX.domain.com - siteY-web1 gets certificate for web1.siteY.domain.com The key is that I want to keep these sites nearly identical without needing to generate bunch of configuration duplication. Thanks, Vladimir _______________________________________________ Puppet-users mailing list Puppet-users@madstop.com https://mail.madstop.com/mailman/listinfo/puppet-users
McLeod, Matt wrote:> We did this by writing a custom fact to examine the IP address, as each > site is on a different subnet. It''s working well for us. >I suppose we could something like that however in our case things are bit more complicated since internal IPs in these sites are identical. I figured out a roundabout way of doing it. Basically we have a central subversion repository with all the configs. This machine pushes all the configs up to different sites through a BASH script. What I did then is rename site.pp to site.pp.template. I stuck following in the beginning of the file $site_id="===SITEID===" Then in my BASH script I find out what SITEID I am syncing to # Generate Site.pp that contains SITEID in it cat $SVN_CHECKOUT/puppet-manifests/site.pp.template | sed "s/===SITEID===/$SITEID/g" > $SVN_CHECKOUT/puppet-manifests/site.pp When I am done rsyncing I delete rm -f $SVN_CHECKOUT/puppet-manifests/site.pp Now siteA has site.pp that starts with $site_id="siteA" while siteB has $site_id="siteB" I hope this helps someone :-). Vladimir> -----Original Message----- > From: puppet-users-bounces@madstop.com > [mailto:puppet-users-bounces@madstop.com] On Behalf Of Vladimir > Sent: Friday, 12 October 2007 7:40 AM > To: Puppet User Discussion > Subject: [Puppet-users] Specifying geographic related facts > > Let''s say I have two different geographic sites. They are pretty much > identical ie. each site has a machine called web1 which is a web server, > > etc. Except there are couple site-specific settings ie. outgoing DNS > servers are different, SSL certs are different etc. > > On the puppetmaster I can put in a file called e.g. > > /etc/sideid > > which would uniquely identify a site ie. siteX or siteY. How would I on > the managed nodes get these fact propagated so that > > - siteX-web1 gets certificate for web1.siteX.domain.com > - siteY-web1 gets certificate for web1.siteY.domain.com > > The key is that I want to keep these sites nearly identical without > needing to generate bunch of configuration duplication. > > Thanks, > > Vladimir > _______________________________________________ > Puppet-users mailing list > Puppet-users@madstop.com > https://mail.madstop.com/mailman/listinfo/puppet-users > _______________________________________________ > Puppet-users mailing list > Puppet-users@madstop.com > https://mail.madstop.com/mailman/listinfo/puppet-users >
Reasonably Related Threads
- How to capture multiple graph pages to .png ?
- change url based on account name
- how to adjust titles on sub-plots in levelplot / contour plot?
- Server locking up everyday around 3:30 AM - (INFO: task wget:13608 blocked for more than 120 seconds) need sleep, help.
- DLM Problem?
