On Thursday, September 26, 2013 4:00:25 PM UTC-5, TimV wrote: > > I've got a basic puppet deployment up and running with some basic modules > in place for configuration management. Running 3.3.0 on server and clients. > > My next stumbling block is how to I manage hosts that have host or > application specific needs? > > Example: > I have basic sudo file that I am managing via puppet, in it I've got our > standard admins listed under root. I can deploy this to most machines, but > what about one off machines that have a slightly different grouping of > admins? > > Another example: > I've got a baseline Iptables module setup (using the puppetlabs module) > that covers a set of baseline iptable rules. What if I have a machine that > needs slightly different ports open? I don't want to include that in the > baseline, it's pointless. How do I do a "if machine/node = specialcase > then do blah" type rule? > >
There are at least three parts, and I'm not sure which one you're asking about. First is the issue of associating the needed data with the special-case node(s). The most basic mechanism for that is to use node definitions matching just the special case machine(s). If you're using an ENC, of course, you also can program it to issue the appropriate information for the special case nodes. Alternatively, you can also program the special cases directly into your classes, though that's not a very good practice. Or you can use node-sensitive external data, such as hiera can provide for you. Second is the issue of getting the data into your classes. Here your alternatives are global variables, class / definition parameters, and data access functions such as hiera(). The latter two can be used together via Puppet 3's automatic data binding feature, and that's the only way I personally can recommend using class parameters. Third is the issue of pushing out the custom data into actual client-side resources. Resource parameters are the main mechanism for that, but they are more flexible than you may give them credit for. In particular, do not miss the significance of the template() function and its use for interpolating Puppet variables into, for example, the 'content' of a File resource. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
