[Puppet Users] Re: Puppet Site.pp hierarchy (multi-tenant) question
If you worry that 1 team will add node classification of another one, then the only way is via enviroments, each enviroment will have it's own site.pp if that's not the case, you can just put "include nodes.d" in the site.pp, create a directory named "nodes.d" and then have different files for each team. On Tuesday, January 29, 2013 11:34:56 AM UTC+2, jim wrote: > > Hello all, > > I was wondering if someone could please help or explain the best approach > to setting up puppet as our first requirement is to support multi-tenant > within our company what I mean by this is we have different teams > supporting different O/S or the same O/S but different configurations, > > Team A - Windows O/S Config A > Team B - Linux O/S Config B > Department C - Windows O/S Configs C & D > > From what I've been reading there seems multiple ways of doing this, some > are being phased out, and some are aren't that clear. > > The easiest option would be to add different manifests for different > groups / teams within site.pp, but if I make changes to the sub-manifests, > i'd need to "touch" the site.pp file for changes to kick in, which could > also effect the other teams / group changes and cause outages ? > > Can some please recommend the best approach to multi-tenant or at least > pass on your experiences ? > > Kind Regards > > James > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Puppet Site.pp hierarchy (multi-tenant) question
On Tuesday, 29 January 2013 04:34:56 UTC-5, jim wrote:
>
> The easiest option would be to add different manifests for different
> groups / teams within site.pp, but if I make changes to the sub-manifests,
> i'd need to "touch" the site.pp file for changes to kick in, which could
> also effect the other teams / group changes and cause outages ?
>
> Can some please recommend the best approach to multi-tenant or at least
> pass on your experiences ?
>
You probably have several difference choices that might have different
drawbacks or benefits depending on exactly how you're managing things.
One option that comes to mind is to use something like 'environments' to
define a different site.pp file for each tenant. Each tenant could "claim"
the machines under their control by setting a property on the console or in
the agent's puppet.conf like so:
[agent]
tenant = "teamA"
In your master's puppet.conf, something like this:
[master]
manifest = "/usr/local/etc/puppet/tenant/${tenant}/manifests/site.pp
And so Team A's site.pp would be at:
/usr/local/etc/puppet/tenant/teamA/manifests/site.pp
You could arrange the directory/manifest structure there any way you want.
This would be equally as valid:
[master]
manifest = "/usr/local/etc/puppet/manifests/${tenant}-site.pp
Any method of getting the 'tenant' global variable defined would work.
Which to choose is a matter of pereference. Some examples: a puppet.conf
definition, a custom fact, a piece of data pulled from Hiera... The
documentation on setting up environments might be of interest to you.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
