On Thu, Sep 18, 2008 at 6:56 AM, Leah <[EMAIL PROTECTED]> wrote: > > I've set up puppet and had it running, but never bothered to set up an > version control. I've decided it is time to get it all in version > control as the system is about to become production and I need to keep > track of who is changing things and what is being changed.
Good plan. > I am looking at storing all my configs in Git as that seems to be the > version control of choice here and it's time I learned it. I was > wondering what other people do to automatically update their puppet > server with the latest version from git. I was looking at using some > sort of git hook, but I'm not sure how to implement it efficiently and > securely with a shared repository on another server. I went looking > on the wiki, but could only find information about doing this with > subversion. I can't even say how bad an idea it is to automatically update from your version control system. Always make a conscious decision to push changes to "production". What we do is we have several environments: one defined for each person working on puppet (2 of us for now), one "staging" environment, and one "production" environment. When we bootstrap machines, they get a puppet.conf that puts them into the "production" environment. The various environments point to separate directories, each of which is a working copy (we use SVN, but this is totally about process, not specific software). The developer directories are usually a checkout of a branch. The staging directory is the checkout of whatever we propose to put into production. The production directory is a checkout of a specific tag. A developer who wants to add something does development in his own environment and points his development machine(s) or VM(s) at this environment. Once he is ready he asks the release manager (me) to stage the changes. I usually merge the branch to trunk and tag it, then update the staging environment to this tag. We have a representative sample of our machines set up with a second instance of puppet, running with --noop, set to the staging environment. We wait a couple of hours (currently long enough to verify our setup, this time may grow in the future) and if we don't see anything scary in the logs from these machines we update the production environment to this tag. Otherwise, we tell the developer to keep trying and revert the change in the repository. --Paul --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
