Hi all, So far, I''m finding puppet to be quite excellent. I feel a bit novice, despite having done admin and programming for almost two decades. I''m a Perl developer by nature, but am open to learn Ruby and Python. Code all has so many similarities, and I can grok what any code does. The question I have is one where I''d like to know what I should be looking at - what is the best way to automate EC2 instances with Puppet. What I''ve done so far is to define two types of servers and have even created an AMI which has puppet pre-installed and starts up pointing to my puppet server. This works quite well for the most part. I do have to iron out dependencies better so things install in a better order. The part I don''t quite yet grasp is how I could automate: * Having the certificate requests for these new instances automatically signed * Creating a new node for a new instance, once it is up and I know the host/ip. As you know, you don''t know that until Amazon assigns this. How could I automate this? My first impulse is to write Perl or Ruby code to write a nodes.pp file, but I''m guessing there is a better way to do this (???) Thanks in advance for any help on these questions! I''m sure there are those out there who''ve been through setting this up already. Thanks! Patrick --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Op dinsdag 15 september 2009 01:29:09 schreef CaptTofu:> * Having the certificate requests for these new instances > automatically signed > * Creating a new node for a new instance, once it is up and I know the > host/ip. As you know, you don''t know that until Amazon assigns this. > How could I automate this? My first impulse is to write Perl or Ruby > code to write a nodes.pp file, but I''m guessing there is a better way > to do this (???)I have puppet configuring all my EC2 images from (almost) scratch to do whatever it is they should be doing. I only have a single node definition for all of them, and use --fqdn to force them to all pretend to be the same node to the puppetmaster. To distinguish the images from each other, I use the user data, and made a factor plugin that will pull that in as ''key=value''. The node description then uses those variables to work out what to do, basically with a lot of if statements. As all our EC2 servers are simple variations on a theme (glassfish Java application servers running a webapp backed with postgresql), it''s quite effective. About 20 minutes after startup, all going well, the instance is completely configured and running (it takes a while as it''s pulling a lot of small things over a fairly high-latency connection.) The plugins and some other misc scripts are here: https://code.launchpad.net/~eythian/+junk/ec2facts an example of what I put in the user data is: inst_glassfish=true inst_apache2=true inst_apache2ssl=true inst_postgresql=true apache_domain=my.domain.com apache_template=default gf_appcontext=context gf_apps3path=s3bucket/path/webapp.war pg_database=dbname pg_db_username=username pg_db_password=password pg_db_backup=s3bucket/backup/location gf_connpool=ConnectionPool gf_jdbcname=jdbc/TheDB gf_autoredeploy=false ebs_volume_id=vol-12345678 gf_restartondeploy=true -- Robin <robin@kallisti.net.nz> JabberID: <eythian@jabber.kallisti.net.nz> http://www.kallisti.net.nz/blog ||| http://identi.ca/eythian PGP Key 0xA99CEB6D = 5957 6D23 8B16 EFAB FEF8 7175 14D3 6485 A99C EB6D
On Sep 14, 6:49 am, Robin Sheat <ro...@kallisti.net.nz> wrote:> Op dinsdag 15 september 2009 01:29:09 schreef CaptTofu: > > > * Having the certificate requests for these new instances > > automatically signed > > * Creating a new node for a new instance, once it is up and I know the > > host/ip. As you know, you don''t know that until Amazon assigns this. > > How could I automate this? My first impulse is to write Perl or Ruby > > code to write a nodes.pp file, but I''m guessing there is a better way > > to do this (???) > > I have puppet configuring all my EC2 images from (almost) scratch to do > whatever it is they should be doing. I only have a single node definition for > all of them, and use --fqdn to force them to all pretend to be the same node > to the puppetmaster. > > To distinguish the images from each other, I use the user data, and made a > factor plugin that will pull that in as ''key=value''. The node description then > uses those variables to work out what to do, basically with a lot of if > statements. > > As all our EC2 servers are simple variations on a theme (glassfish Java > application servers running a webapp backed with postgresql), it''s quite > effective. About 20 minutes after startup, all going well, the instance is > completely configured and running (it takes a while as it''s pulling a lot of > small things over a fairly high-latency connection.) > > The plugins and some other misc scripts are here:https://code.launchpad.net/~eythian/+junk/ec2facts > > an example of what I put in the user data is: > inst_glassfish=true > inst_apache2=true > inst_apache2ssl=true > inst_postgresql=true > apache_domain=my.domain.com > apache_template=default > gf_appcontext=context > gf_apps3path=s3bucket/path/webapp.war > pg_database=dbname > pg_db_username=username > pg_db_password=password > pg_db_backup=s3bucket/backup/location > gf_connpool=ConnectionPool > gf_jdbcname=jdbc/TheDB > gf_autoredeploy=false > ebs_volume_id=vol-12345678 > gf_restartondeploy=true > > -- > Robin <ro...@kallisti.net.nz> JabberID: <eyth...@jabber.kallisti.net.nz>http://www.kallisti.net.nz/blog ||| http://identi.ca/eythian > > PGP Key 0xA99CEB6D = 5957 6D23 8B16 EFAB FEF8 7175 14D3 6485 A99C EB6D > > signature.asc > < 1KViewDownloadhttps://fedorahosted.org/pipermail/cobbler/2009-May/003973.html I posted how Speakeasy deals with certs during a kickstart on the Cobbler list awhile back, though you could easily use this implementation without kickstart. Basically the new host runs ''curl -k https://puppetca | tar xC /'' and puppetca runs a simple script that generates the cert. Cheers, -g --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---