G'day.
We are using Puppet to manage hosts on our network at work, and one
aspect that is causing me some cognitive discomfort is the question:
How to best manage location-specific configuration
We have three network, with different topologies, which communicate
between themselves: one at a data center, one at our head office, and a
third that has machines physically in the data center but logically able
to access only the Fitzroy network, no Internet at all.[1]
This poses some questions on how to best manage configuration based on
location, since we have similar-but-not-identical requirements on the
different networks:
A good example of this is NTP:
In head office and the data center we want a single, local machine to
fetch NTP information from the outside world, and then all other
machines to fetch time from that.
In the third, limited, network we want one local machine to fetch time
from Fitzroy, and then all other machines on the local network to fetch
time from it.
So, we have these machine configurations:
NTP master: fetch from an upstream server, serve local subnet
NTP client: fetch from local server, serve no one
We need, for each host, to configure it as either an NTP master or
client, talking to the appropriate servers — and the upstream server
varies based on location.
I can see several solutions, none of which really appeal:
1. On every node declare the NTP server(s) to use, and use a template in
the NTP manifest to build ntp.conf appropriately.
2. In each location set a variable ($ntp_server) to the correct hostname
of the upstream NTP server, and use that together with an if
statement matching on fqdn to determine if this is an NTP server or
not.
3. Use a 'declare' rather than a class and variable, and pass the NTP
server name(s) as an argument, but otherwise like 2.
What I would really like is for the NTP manifest to be sufficiently
smart that it can work this all out itself.
Oh, and not to have to do something like this:
node default { include <location> } # <location> is one of -1, -2, etc
class <location-1> { $foo = 'bar'; include ntp }
class <location-2> { $foo = 'baz'; include ntp }
It would be much nicer, and cleaner, if I could simply include NTP at
the top level, after the location include, and have things "just work"
for the local network.
So, any suggests on the best practice for managing this sort of variable
configuration?
Regards,
Daniel
Footnotes:
[1] Contractual obligation.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
