Basic puppet: Writing infrastructure configuration with an ENC, style, how-to?

puppet foreman

I barely know enough Puppet to ask this question.

I think I understand that the configuration for a particular node would consist of a collection of modules, with some node-specific glue. From the tutorials and documentation, it appears that the node-specific resources would be in a manifests/site.pp file, in node /nodename/ { } resources, with "includes" for the relevant classes, and resources to make node-specific configuration changes.

Now enter an External Node Classifier (ENC) such as theForeman.

From my reading of the ENC documentation, I COULD use node /nodename/ { } resources in a site.pp, but I can't declare any new resources. It's basically not recommended. The generated YAML is all just includes and variable settings.

So what does one do for configuration specific to a given node or a host group -- the wiring that integrates all your included classes?

Do you end up creating a class that's specific to the node? Where do you put that class, in a node-specific module? Or do you make a catch-all module for your site-specific configuration with classes that can be assigned to a specific node?


Solution 1:

One approach to this is expressed in Designing Puppet – Roles and Profiles. The basic tenets are as follows:

  • A node includes one role, and one only.
  • A role includes one or more profiles to define the type of server
  • A profile includes and manages modules to define a logical technical stack
  • Modules manage resources
  • Modules should only be responsible for managing aspects of the component they are written for

Solution 2:

I am assuming you are telling Foreman to import from a puppet master, if so I would suggest setting up your puppet dir like this:

puppet
puppet/manifests
puppet/manifests/site.pp
puppet/manifests/nodes/default.pp
puppet/manifests/nodes/{server-type}.pp
...
puppet/modules
puppet/modules/{module1}
puppet/modules/{module1}/files
puppet/modules/{module1}/manefests
puppet/modules/{module1}/templates
...
etc

you would then include this line in the site.pp file:

import 'nodes/*'

Then, in default.pp create your base server:

node default {
    #this is where you put all of the puppet directives you want on every server.
    #for example if you wanted screen on all of your servers
    package{ "screen": ensure -> installed; }
}

Then in another file under nodes, say web.pp you could include that and then set the directives for all web servers like so:

node /^web0[1-9]\.example\.com$/ inherits default {
    #this will inherit all of the settings in the default node and then do anything else you add.
    #like installing nginx
    package { "nginx": ensure -> installed; }
}

You can even chain inherits like in this db.pp file:

node db inherits default {
    #install postgresql-9.3
    package { "postgresql-9.3": ensure -> installed; }
}

node /^db0[1-9]\.example\.com$/ inherits db {
    #This block can even be empty unless you need something here.
}

Related

How would we automate networking in a puppet environment?
Restrict the visibility of EC2 instances using IAM accounts
Write to Windows Event Log when an IIS site is started or stopped
How to start Mongo daemon with auth support
Is it possible to detect rx+ rx- tx+ tx- wires with multimeter?
Can't change password of FreeIPA admin - "Current password's minimum life has not expired"
Show real server name in nginx logs and params passed to fastcgi?
stop an apt-get upgrade
How to use terraform.io to change the image of a stateful server without downtime or data loss?
Service is not starting on Centos on boot
What is an acceptable secure time source in a datacentre environment?
Office365 DirSync Active Directory Integration