If you look at the reply from Russ Allbery you will notice he wrote "
We've only gotten bitten by this once, when there was a bug in Puppet
that occasionally caused it to overwrite managed files with their own
checksums."
I'm thinking to myself that bugs will always happen and that this
particular kind of bug would not necessarily show on a staging
environment as it only "occasionally" happens.
Now consider a company running hundreds of production servers with
puppet running continuously every hour and over the night random
servers start to fail. By the time someone understands that puppet is
to blame and stops it (one may think there is an attack), more servers
may fail. At this point you may have 10,20,100 servers down and no
puppet to fix them as the current version has a bug that randomly
("occasionally") kills files.
Why would anyone want to put himself in this situation instead of
running puppet on a need to deploy basis?
I was looking for "cached catalog" but could not find a reference to
it in the documentation, can you point me there?
Thanks
On Dec 29, 7:45 am, Scott Smith <sc...@ohlol.net> wrote:
> berber wrote:
> > Puppet runs every hour or so on our production servers and makes sure
> > they stick to the manifest. I'm curious to know if this is advised for
> > production.
>
> > In theory, if something breaks in puppet for whatever reason, all of
> > our production servers may be hurt simultaneously.
>
> 1) Don't disable using the cached catalog in case of failure
> 2) Treat your Puppet deployments like software deployments. STAGE THEM!!
>
> If you stage manifest releases you know exactly what they will do in
> production.
>
> -scott
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
