Hello, Steven VanDevender wrote, > Douglas Garstang writes: > > On Thu, Sep 1, 2011 at 1:35 PM, Steven VanDevender > <ste...@uoregon.edu>wrote: > > > > > Douglas Garstang writes: > > > > Was that in reply to my original post, or a subsequent reply? You did > > > see > > > > where I said /etc/puppet was a working copy, right? > > > > > > It sounds like you need to get to the point where no one does their > > > edits under /etc/puppet on the puppetmaster, because you're obviously > > > running into the problems that result when people edit there rather than > > > in local working copies. Once you actually start using the features of > > > a distributed version control system in the way it's intended to work, > > > you won't have those problems. > > > > Editing files locally under /etc/puppet as an individual user is not > > mutually exclusive with editing files in a distributed working copy owned > by > > the same user. > > Except, of course, that editing the working copy under /etc/puppet > causes problems and editing a working copy somewhere else doesn't > (assuming you're otherwise using proper version control procedures). > > If your process is broken, you have to fix it. Everyone on your system > administration team has to agree to use the same proper processes for > their work.
At my place, we do something like below: - Puppet master manifests are hosted in svn repo - A change review process using bugzilla. A peer has to "ack" the bug containing the diff. The rules of peer review is "common sense" :) - All SVN commits have to refer the associated Bugzilla ticket. Svn commit emails is lined to bugzilla to make it easier - The SVN is checked out every 1min on a node under /home/puppet - This node uses atomic-rsync to replicate the directory into every puppet master, we have one per colo at this time. - The local colo puppet master use --confdir=/home/puppet at startup The only pending todo is to have a pre-commit svn hook which does puppet --parseonly. Otherwise, things have been very manageable as far as accountability is concerned. The team which actually does commits is around 10 so far. Hth. -- http://shankerbalan.net/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
