Puppet users - Mar 2013 - Configure One Host to Not Get Client Configuration, but Instead the Server Config Best Practices

I have been doing something with puppet that is working for me 100% but I 
am not sure this is the best way to be doing things and wanted to see what 
the community feels about it and if anyone has any suggestions.  This 
problems relates to me having a common ''base'' class which I
put common
server configuration in to be distributed to all my servers.  The example I 
am using is with NTP clients and NTP server.

In my base class I have something like this:
  "include ntp"

The issue with this is that the NTP clients and servers need to have 
different ntp.conf files.  For example, I want the NTP clients to be 
configured to use the local NTP server as their NTP server, and my local 
NTP server to use CentOS''s NTP servers.  I have been using some basic
if
else logic to deal with this to give it the appropriate server or client 
file.  Is this the best way to do this?  Are there better ways to do this 
besides doing an ''include ntp::client'' for every node in my
nodes.pp.  I
like my nodes.pp to be clean and organizes.

*class ntp inherits ntp::params* {
  package { "ntp":
    ensure => "installed"
  }
  
  # Black magic to automatically detect the NTP servers and set them as 
servers
  # This works by the params class. If that server''s IP is in the 
ntp_servers array,
  # it will be setup as an NTP server.
  if $::ipaddress in $ntp_servers {
  # NTP Server Stuff
  file { "/etc/ntp.conf":
    owner => ''root'',
    group => ''root'',
    mode => 0444,
    source => ["puppet:///modules/ntp/ntp.conf.$::hostname", 
"puppet:///modules/ntp/ntp.conf.server"],
    require => Package["ntp"],
  }
  file { "/etc/ntp/step-tickers":
    owner => ''root'',
    group => ''root'',
    mode => 0444,
    source => "puppet:///ntp/step-tickers.server",
    require => Package["ntp"],
  }
  }
  else{
  # This is for regular NTP clients
file {"/etc/ntp.conf":
owner => ''root'',
    group => ''root'',
    mode => 0444,
    require => Package["ntp"],
    content => template("ntp/ntp.conf.erb"),
}
file {''/etc/ntp/step-tickers'':
owner => ''root'',
    group => ''root'',
    mode => 0444,
    require => Package["ntp"],
    content => template("ntp/step-tickers.erb"),
}
  }
    
  service { "ntpd":
    enable => true,
    ensure => "running",
    hasrestart => true,
    hasstatus => true,
    require => Package["ntp"],
  }
  
  exec { "ntpd restart":
    path => ["/etc/init.d"],
    subscribe => [
File["/etc/ntp/step-tickers"]
],
    refreshonly => true,
  }
}

*class ntp::params* {
  case $::environment {
  ''production'': { $ntp_servers =
[''192.168.20.103'',''192.168.20.115''] }
  default: { $ntp_servers = 
[''192.168.5.10'',''192.168.10.248'',''192.168.10.247''
] }
  }
}



-- 
_____________________________________________________
This email and any files transmitted with it are confidential and intended 
solely for the addressee.  If you received this email in error, please do 
not disclose the contents to anyone; kindly notify the sender by return 
email and delete this email and any attachments from your system.

© 2011 Currensee Inc. is a member of the National Futures Association (NFA) 
Member ID 0403251 | Over the counter retail foreign currency (Forex) 
trading may involve significant risk of loss. It is not suitable for all 
investors and you should make sure you understand the risks involved before 
trading and seek independent advice if necessary. Performance, strategies 
and charts shown are not necessarily predictive of any particular result 
and past performance is no indication of future results. Investor returns 
may vary from Trade Leader returns based on slippage, fees, broker spreads, 
volatility or other market conditions.

Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

In general, the pattern to use here would be to use hiera. It allows 
separation of manifest and data. In your case, instead of having 
conditional logic in the class itself, at compilation time the master would 
look up the value for a variable, say ntp::server, in a hierarchy of data. 
For the master, this would return the centos servers, and for everyone 
else, it would return the master. Then you manage ntp.conf as a template 
instead of a static file.



On Monday, March 4, 2013 12:57:23 PM UTC-8, phundisk
wrote:
>
> I have been doing something with puppet that is working for me 100% but I 
> am not sure this is the best way to be doing things and wanted to see what 
> the community feels about it and if anyone has any suggestions.  This 
> problems relates to me having a common ''base'' class which
I put common
> server configuration in to be distributed to all my servers.  The example I
> am using is with NTP clients and NTP server.
>
> In my base class I have something like this:
>   "include ntp"
>
> The issue with this is that the NTP clients and servers need to have 
> different ntp.conf files.  For example, I want the NTP clients to be 
> configured to use the local NTP server as their NTP server, and my local 
> NTP server to use CentOS''s NTP servers.  I have been using some
basic if
> else logic to deal with this to give it the appropriate server or client 
> file.  Is this the best way to do this?  Are there better ways to do this 
> besides doing an ''include ntp::client'' for every node in
my nodes.pp.  I
> like my nodes.pp to be clean and organizes.
>
> *class ntp inherits ntp::params* {
>   package { "ntp":
>     ensure => "installed"
>   }
>   
>   # Black magic to automatically detect the NTP servers and set them as 
> servers
>   # This works by the params class. If that server''s IP is in the 
> ntp_servers array,
>   # it will be setup as an NTP server.
>   if $::ipaddress in $ntp_servers {
>   # NTP Server Stuff
>   file { "/etc/ntp.conf":
>     owner => ''root'',
>     group => ''root'',
>     mode => 0444,
>     source => ["puppet:///modules/ntp/ntp.conf.$::hostname", 
> "puppet:///modules/ntp/ntp.conf.server"],
>     require => Package["ntp"],
>   }
>   file { "/etc/ntp/step-tickers":
>     owner => ''root'',
>     group => ''root'',
>     mode => 0444,
>     source => "puppet:///ntp/step-tickers.server",
>     require => Package["ntp"],
>   }
>   }
>   else{
>   # This is for regular NTP clients
> file {"/etc/ntp.conf":
> owner => ''root'',
>     group => ''root'',
>     mode => 0444,
>     require => Package["ntp"],
>     content => template("ntp/ntp.conf.erb"),
> }
> file {''/etc/ntp/step-tickers'':
> owner => ''root'',
>     group => ''root'',
>     mode => 0444,
>     require => Package["ntp"],
>     content => template("ntp/step-tickers.erb"),
> }
>   }
>     
>   service { "ntpd":
>     enable => true,
>     ensure => "running",
>     hasrestart => true,
>     hasstatus => true,
>     require => Package["ntp"],
>   }
>   
>   exec { "ntpd restart":
>     path => ["/etc/init.d"],
>     subscribe => [
> File["/etc/ntp/step-tickers"]
> ],
>     refreshonly => true,
>   }
> }
>
> *class ntp::params* {
>   case $::environment {
>   ''production'': { $ntp_servers =
[''192.168.20.103'',''192.168.20.115''] }
>   default: { $ntp_servers = 
>
[''192.168.5.10'',''192.168.10.248'',''192.168.10.247''
] }
>   }
> }
>
>
>
> _____________________________________________________
> This email and any files transmitted with it are confidential and intended 
> solely for the addressee.  If you received this email in error, please do 
> not disclose the contents to anyone; kindly notify the sender by return 
> email and delete this email and any attachments from your system.
>
> © 2011 Currensee Inc. is a member of the National Futures Association 
> (NFA) Member ID 0403251 | Over the counter retail foreign currency (Forex) 
> trading may involve significant risk of loss. It is not suitable for all 
> investors and you should make sure you understand the risks involved before
> trading and seek independent advice if necessary. Performance, strategies 
> and charts shown are not necessarily predictive of any particular result 
> and past performance is no indication of future results. Investor returns 
> may vary from Trade Leader returns based on slippage, fees, broker spreads,
> volatility or other market conditions.
>
> Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

On Monday, March 4, 2013 2:57:23 PM UTC-6, phundisk
wrote:
>
> I have been doing something with puppet that is working for me 100% but I 
> am not sure this is the best way to be doing things and wanted to see what 
> the community feels about it and if anyone has any suggestions.  This 
> problems relates to me having a common ''base'' class which
I put common
> server configuration in to be distributed to all my servers.  The example I
> am using is with NTP clients and NTP server.
>
> In my base class I have something like this:
>   "include ntp"
>
> The issue with this is that the NTP clients and servers need to have 
> different ntp.conf files.  For example, I want the NTP clients to be 
> configured to use the local NTP server as their NTP server, and my local 
> NTP server to use CentOS''s NTP servers.  I have been using some
basic if
> else logic to deal with this to give it the appropriate server or client 
> file.  Is this the best way to do this?  Are there better ways to do this 
> besides doing an ''include ntp::client'' for every node in
my nodes.pp.  I
> like my nodes.pp to be clean and organizes.
>
>
The classical solution to this sort of issue was to use class inheritance 
to override the contents of the ntp.conf files of your ntp servers.  Hiera 
is a better solution in many cases, but the inheritance approach might 
still be useful on occasion.  The needed subclass would look something like 
this:

class ntp::server inherits ntp {
  File[''/etc/ntp.conf''] {
    content => template(''ntp_conf_server.erb'')
  }
}

Your ntp servers would include that class in addition to the common 
baseline class, but other machines would get the intended (client) 
configuration from the baseline class without any specific mention of ntp.


John



-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.