On Mon, Nov 7, 2016 at 3:44 AM, Bjørge Solli wrote:
> Hi
>
> I do not wish for my juniors to need to learn Puppet at all:-) Hint: They
> work in support center and mostly on windows.
>
Puppet Enterprise gives you a web GUI and role-based access control so that
you can
Hi
I do not wish for my juniors to need to learn Puppet at all:-) Hint:
They work in support center and mostly on windows.
We think we can expand our hiera hierarchy like this to achieve
separation in a non-complicated way:
:hierarchy:
- "customers/%{::domain}/%{::hostname}"
-
Sounds like you could use a little code-review process (such as Gerrit)
managing the hiera repo. That coupled with something like
hiera-eyaml-gpg (or similar) would allow you to have your junior admins
submit changes for review allowing such hiera configs to be worked on by
multiple parties and
Hi Rob, thanks for your reply.
The main defaults is for every host (all customers, datacenters, etc),
but some, like a jump-host or managed-file-transfer-host, will need to
have different values. Doing this in hiera is fine for those who are
allowed to edit hiera, but setting up machines for
You mentioned that a specific role would like a different value, but is
there another logical division between the two configs? Perhaps
per-datacenter, or per-network, or some other differentiator? At a worst
case scenario, per individual node? You could add whatever that
differentiator is to your
Hi
Setup: Puppet 4, profiles and roles, hiera
Trying to understand what is the best way to solve this problem:
I have a base-profile that includes default setup of sshd. The
sshd-profile sets up sane defaults, reads specific setups from hiera and
uses separate resources to manage each