On Saturday, May 4, 2013 12:43:57 PM UTC+1, Martin Langhoff wrote: > On Fri, May 3, 2013 at 4:43 PM, Schofield <dbsch...@gmail.com<javascript:>> > wrote: > > Everything else is managed by puppet. > > Do you manage complex network setups (bonding, routing) via puppet? > There is a certain degree of chicken-and-egg in that; how do you > handle managing configuration without breaking the network that > delivers the puppet config to the host? >
We have a very generic kickstart that runs Puppet as a final step, and in that first Puppet run I have a module that writes out /etc/sysconfig/network-script/ files, which includes routes, rules, bonding, vlans, bridges, etc. All the information is stored in Hiera. We do not use Puppet to restart networking or attempt to fix up any discrepancies, someone has to come along and "service network restart". So we use Puppet to provision what the networking should look like, but not enforce it. This means an Admin can come along and mess around with the networking and thus things can deviate from what Puppet says they should be. However, since all the information is stored in Hiera I can have Puppet export out nagios checks that do things along the lines of "this interface is not up but it should be" and "this interface does not belong to the bond it should". Do you manage complex disk setups (RAID arrays, DRBD) via Puppet? Any > hints as to how? > I haven't tried to manage DRBD but the config should be simple. You're going to run into problems if you try to create a DRBD disk across two servers at the same time - Puppet can't orchestrate the commands that need to be run on each server, for that you would need MCollective and unless you were creating 100s of DRBD disks, I wouldn't bother and I'd do it by hand. I do manage iSCSI disks, LVM and file systems in Puppet though. There's a manual step where we have to go to our storage appliances and create the iSCSI disk first, then put the iSCSI target ID into Hiera, but the rest is clockwork. It provisions only, it doesn't attempt to resize or reformat file systems if it finds a discrepancy. To counteract that, like the networking scripts, I can export nagios checks that say "this file system is 30 Gig and ext3, but it's supposed to be 10 Gig and ext4" which tells me someone's gone and made on-box changes that aren't back-ported to Puppet / Hiera. Or perhaps you only use Puppet so extensively in VMs, where you don't > have to deal with all these pesky issues? > I have Puppet create our VMs, which calls our kickstart, which calls Puppet ;-) For some tasks we _don't_ use VMs (high perf HA DB servers, asterisk > servers are two top examples). I find that managing the config of > those boxes is enormously important to retain sanity... > Of course, we use lots of almost-identical VMs for things that are a > good fit for VMs (webservers, etc)... > > > > m > -- > martin....@gmail.com <javascript:> > - ask interesting questions > - don't get distracted with shiny stuff - working code first > ~ http://docs.moodle.org/en/User:Martin_Langhoff > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
