Tim Mooney
2014-Jul-17 18:30 UTC
[Puppet Users] advice and best practices for environments
All- I'm looking for some advice/wisdom/guidance about workflow and configuration from sites that have been using environments for a while. I'll happily take advice from anyone, but I'm especially interested in tips from people that are using subversion as their VCS and are not using an ENC. The TL;DR list of questions I have is roughly: - how are you controlling which nodes get assigned to which environments? Templated puppet.conf and hiera()? Some other method? - how are you using hiera with environments, especially in relation to the environments limitations[1] page? - what about custom puppet:/// mount points (outside of modules)? The puppet doc overview of environments say that custom file paths are not supported with environments[2], but that's not mentioned on the limitations[1] page. - do you use dynamic environments, and if so what's your subversion workflow look like? The puppet docs call these Temporary Test Environments [3] [1] - http://docs.puppetlabs.com/puppet/latest/reference/environments_limitations.html [2] - http://docs.puppetlabs.com/guides/environment.html?utm_campaign=docs&utm_medium=blog&utm_source=puppetlabs.com&utm_content=environments [3] - http://docs.puppetlabs.com/puppet/latest/reference/environments_suggestions.html Additional details on our environment: We've been using puppet since 2.6.x, and are currently at 3.4.2. We're looking to go to 3.6.x and also update our configuration for both directory environments and the manifests dir, to be more prepared for what 4.x will likely require. We're not currently using any environments <hangs head in shame/>, so the workflow and configuration needed for a non-git deployment has me a little confused. We don't use an ENC -- we have Puppet Dashboard, but use it rarely, and only for reporting. As part of the move to 3.6.x, I would want to switch us from site.pp with "import nodes/*.pp" to a manifests directory. Our current /etc/puppet/hiera.yaml looks like: --- :backends: - yaml :hierarchy: - secure/fqdn/%{clientcert} - fqdn/%{clientcert} - secure/location/%{location} - location/%{location} - secure/common - common :yaml: :datadir: /etc/puppet/hiera-data %{location} is a custom fact associated with a particular datacenter. We are using one custom puppet:/// file mount point (fileserver.conf): [secure] path /etc/puppet/secure/%H allow * Our modulepath in our current puppet.conf on the master looks like: modulepath = /etc/puppet/modules:/usr/share/puppet/modules:/etc/puppet/forge-modules Any tips and advice people have regarding workflow with environments and subversion would be greatly appreciated! Thanks, Tim -- Tim Mooney Tim.Mooney@ndsu.edu Enterprise Computing & Infrastructure 701-231-1076 (Voice) Room 242-J6, Quentin Burdick Building 701-231-8541 (Fax) North Dakota State University, Fargo, ND 58105-5164 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/alpine.SOC.2.11.1406261426440.15804%40dogbert.cc.ndsu.NoDak.edu. For more options, visit https://groups.google.com/d/optout.