Matt Juszczak <m...@atopia.net> writes:
> I have a "basenode" class which installs most of the packages needed on a
> specific server. For the database servers, we ensure mysql is installed,
> setup the directory structure, etc.
>
> But what about "one off" servers?
There is no such thing.[1]
> For instance, I have a tools server, that sort of runs random one-off tools
> in production.
Just you wait: one day it will turn out you have to handle "medical in
confidence" data, and you need some one-off tools dealing with some of it, and
your auditors will insist that it can't be on the same machine as anything
else without the other tools also being audited and secured...
No such thing as one off. Just "only one of 'em right now". Then you buy
another data center. ;)
[...]
> Would you guys have installed those packages manually, knowing that you
> won't ever really have to launch another server exactly like it, or would
> you have added those packages to puppet so that they would be installed
> should the box ever need to be re-configured from scratch?
>From long experience, you should store *everything* you write in version
control, build using the OS packaging tools, and deploy them through the CMS.
Done right this should only slow you down a tiny bit getting a random script
out, and it will sure speed you when it turns out this was the project that
needs it.
> How far would you go to keep puppet and your system 100% in sync?
Well, three minutes writing and committing "install this Python stuff" in my
puppet manifests doesn't seem to bad to me, especially since the odds that it
costs you anything much to /keep/ it installed on the "random tools" server
are pretty slim.
That said: as far as is cost-effective. Some jobs, like partitioning disks
and building file systems, don't live in puppet because they are better
handled by people, or by other tools.
Daniel
I can't give you anything but a rule of thumb about which jobs fit into which
bucket, though. Which, without my thumb, probably isn't too much help :)
Footnotes:
[1] This is not strictly true: some servers declared to be "one off" are
really one-off servers. Some turn out to be required long beyond their
predicted life, or to be duplicated, or whatever. I never mastered the
trick of predicting which is which. :)
--
✣ Daniel Pittman ✉ dan...@rimspace.net ☎ +61 401 155 707
♽ made with 100 percent post-consumer electrons
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
