I have the user in hiera like this:
everydayhero:
colinb:
ensure: 'present'
comment: 'colinb'
uid: '2021'
gid: 'ssh'
groups: ['ssh', 'www-data', 'edh']
I have the user in hiera like this:
everydayhero:
colinb:
ensure: 'present'
comment: 'colinb'
uid: '2021'
gid: 'ssh'
groups: ['ssh', 'www-data', 'edh']
** NEVER DO THIS IN MASTER **
To squash the last 4 commits:
git rebase -i HEAD~4
This will open up vim with the following
pick e948f38 Added some notify statements to see the heira hash
pick 10e19b2 Finalised the proof of concept for using hiera and create_resources to create users
The way we protect each environment is to make each node aware of what enironment it is in (via facter) and then have the puppet master configured to point to different directories for modules and manifests.
The important thing to note here is that we are always working with a full set of the code and nothing changes between staging and production, that is critical.
The environment facter is set currently by using this machines domain.
So for example, if a node has 'edherow.com' as its domain it will look at the hiera setup and go to /etc/hieradata/edherow.com/common.yaml:
---
In an attempt to split our puppet setup so I can have a different version of our puppet code on different environments at the same time I have restructured the puppetmaster directory like this:
/etc/puppet (looking to try and make this redundant)
/etc/puppet/production
/etc/puppet/staging
/etc/puppet/staging2
/etc/puppet/staging3
Here is my current /etc/puppet/puppet.conf setup
filter { | |
# strip the syslog PRI part and create facility and severity fields. | |
# the original syslog message is saved in field %{syslog_raw_message}. | |
# the extracted PRI is available in the %{syslog_pri} field. | |
# | |
# You get %{syslog_facility_code} and %{syslog_severity_code} fields. | |
# You also get %{syslog_facility} and %{syslog_severity} fields if the | |
# use_labels option is set True (the default) on syslog_pri filter. | |
grok { | |
type => "syslog-relay" |
input { | |
stdin { type => "stdin-type"} | |
generator { type => "generator-type" message => "generated event" } | |
} | |
output { | |
librato { | |
type => "generator-type" | |
account_id => "foo@foo.com" | |
api_token => "1231231231231231231231" | |
gauge => ["value", "%{sequence}","source","%{@source_host}", "name", "bar_bytes"] |
Should the hiera call be done like this:
apps::cron { 'braintree-initiate_settlement':
app_name => $app_name,
app_root => $app_root,
time => hiera('braintree::cron::initiate_settlement'),
rake => true,
}
Module
# == Class: sdiff
#
# This class adds a wrapper for the diff command puppet uses.
# It introduces the ability to suppress diff output, useful for encrypted data.
#
# This module requires changes to the puppet.conf file that is on the agents,
# suggest under the [main] section.
Module
# == Class: sdiff
#
# This class adds a wrapper for the diff command puppet uses.
# It introduces the ability to suppress diff output, useful for encrypted data.
#
# This module requires changes to the puppet.conf file that is on the agents,
# suggest under the [main] section.