On Wed, Aug 1, 2012 at 3:35 PM, Nick Fagerlund < nick.fagerl...@puppetlabs.com> wrote:
> Hey, Mitchell, > > HMM. Sounds like the docs team needs to get on this. > > (<-- is 1/2 the docs team) > > I'm going to name some special directory or file names below. These are > all puppet config settings, and you can get the current value for them on > any machine by running puppet master --configprint <setting>. > > SSL STUFF: > > Location: "ssldir" (varies by distro; use --configprint to discover.) > > Important and irreplaceable. If you lose the SSL info on your CA puppet > master, you'll have to go through all of your agent nodes, delete their > ssldir, and request a new certificate. Doable, but a huge pain in the ass. > > There shouldn't be any crucial ssl info outside the ssldir, unless one of > the "ca*" settings got messed with in your puppet.conf. Don't worry about > ssl info on non-master nodes; you can decommission their old cert w/ puppet > cert clean, and issue them a new one when you bring them back to life. > > MODULES AND MANIFESTS > > Location: every directory in "modulepath," the "manifest" file (AKA > site.pp), and anything `import`-ed into the main manifest. > > Hopefully you have this under version control in an external git repo or > something anyway, but yeah, make sure this is well-backed-up. > > PUPPET.CONF > > This might well have external service configurations, database passwords, > all kinds of stuff. Probably back it up. > > AUTH.CONF > > Just because if you poked a hole for an external service, you'll want a > reminder around about how it was rigged. > > HIERA/EXTLOOKUP DATA > > If you're using it, you probably know where it is. It is probably very > important, and should probably also be in version control anyway. > > DASHBOARD/CONSOLE DATA > > You'll have to dump the MySQL databases on a regular basis. There are rake > tasks to help with that. > > MCOLLECTIVE STUFF > > Hopefully you're managing your MCollective keys and plugins with puppet > anyway, so you've already handled this by backing up your modules and hiera > data. > > CUSTOM ENC DATA/CODE > > If you built an ENC, you should be backing up its data source. > > > I feel like that's about it? Did I miss anything? > Looks good. Most of our data (hiera, modules, and conf) is in version control so the only thing we really need to back up is SSL. Perfect! Thanks, Mitchelll > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/fW14AzNzHZoJ. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.