justinhennessy

I have the user in hiera like this:

everydayhero:
  colinb:
    ensure:   'present'
    comment:  'colinb'
    uid:      '2021'
    gid:      'ssh'
    groups:   ['ssh', 'www-data', 'edh']

justinhennessy

** NEVER DO THIS IN MASTER **

To squash the last 4 commits:

git rebase -i HEAD~4

This will open up vim with the following

pick e948f38 Added some notify statements to see the heira hash

pick 10e19b2 Finalised the proof of concept for using hiera and create_resources to create users

justinhennessy

The way we protect each environment is to make each node aware of what enironment it is in (via facter) and then have the puppet master configured to point to different directories for modules and manifests.

The important thing to note here is that we are always working with a full set of the code and nothing changes between staging and production, that is critical.

The environment facter is set currently by using this machines domain.

So for example, if a node has 'edherow.com' as its domain it will look at the hiera setup and go to /etc/hieradata/edherow.com/common.yaml:

---

justinhennessy

Supporter

# US Portal
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^US$
RewriteCond %{HTTP_HOST} ^<%= @domain %>$
RewriteRule ^(\/)$ <%= @redirect_urls['us'] %> [R=301,L]

# UK Portal
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(GB|UK)$

RewriteCond %{HTTP_HOST} ^<%= @domain %>$

justinhennessy

In an attempt to split our puppet setup so I can have a different version of our puppet code on different environments at the same time I have restructured the puppetmaster directory like this:

/etc/puppet (looking to try and make this redundant)
/etc/puppet/production
/etc/puppet/staging
/etc/puppet/staging2
/etc/puppet/staging3

Here is my current /etc/puppet/puppet.conf setup

justinhennessy

filter {
  # strip the syslog PRI part and create facility and severity fields.
  # the original syslog message is saved in field %{syslog_raw_message}.
  # the extracted PRI is available in the %{syslog_pri} field.
  #
  # You get %{syslog_facility_code} and %{syslog_severity_code} fields.
  # You also get %{syslog_facility} and %{syslog_severity} fields if the
  # use_labels option is set True (the default) on syslog_pri filter.
  grok {
    type => "syslog-relay"

justinhennessy

input { 
	stdin { type => "stdin-type"}
	generator { type => "generator-type" message => "generated event" }
}
output {
	librato {
		type => "generator-type"
		account_id => "foo@foo.com"
		api_token => "1231231231231231231231"
		gauge => ["value", "%{sequence}","source","%{@source_host}", "name", "bar_bytes"]

justinhennessy

Should the hiera call be done like this:

apps::cron { 'braintree-initiate_settlement':
     app_name => $app_name,
     app_root => $app_root,
     time => hiera('braintree::cron::initiate_settlement'),
     rake => true,
   }

justinhennessy

Module

# == Class: sdiff
#
# This class adds a wrapper for the diff command puppet uses.
# It introduces the ability to suppress diff output, useful for encrypted data.
#
# This module requires changes to the puppet.conf file that is on the agents,
# suggest under the [main] section.

justinhennessy

Module

# == Class: sdiff
#
# This class adds a wrapper for the diff command puppet uses.
# It introduces the ability to suppress diff output, useful for encrypted data.
#
# This module requires changes to the puppet.conf file that is on the agents,
# suggest under the [main] section.