Here are the slides from Gary Larizza's PuppetConf 2016 presentation called Puppet Best Practices: Roles and Profiles. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
16. Best Practice-ish: Roles & Profiles 16
● Focus on having a “complexity escalation path”
● Module in Control Repo? Module in its own Repo?
● Package in profile::mycorp::packages -> package in its own
module
● Team interoperability and comprehension
● i.e. “Do we need a profile for simple, one-module tech?”
● Minimize magic
Your Standard
18. Best Practice-ish: Roles & Profiles 18
● In the Control Repo
● Escalation: Separate
module
● Escalation: Separate
module for each
profile
Profiles - storage
19. Best Practice-ish: Roles & Profiles 18
● In the Control Repo
● Escalation: Separate
module
● Escalation: Separate
module for each
profile
Profiles - storage
20. Best Practice-ish: Roles & Profiles 18
● In the Control Repo
● Escalation: Separate
module
● Escalation: Separate
module for each
profile
Profiles - storage
21. Best Practice-ish: Roles & Profiles 19
● Name the module “profile”
● Or “profiles”
● Or “lamp”
● (i.e. It doesn’t matter because I don’t work with you)
●Escalation: prepend each profile module
●wrapper_apache
●profile_apache
Profiles - naming
22. Best Practice-ish: Roles & Profiles 20
● Name each profile according to tech
● profile::{nginx,apache}
● Escalation: May extend to implementation if it makes
sense
● profile::ssh::{server,client}
Profiles - naming
23. Best Practice-ish: Roles & Profiles 21
Profiles may be parameterized to
provide an API to the implementation
Profiles - usage
24. Best Practice-ish: Roles & Profiles 22
Limit resource-style declaration of a profile
Profiles - usage
class { ‘profile::ntp’: }
include profile::ntp
39. Best Practice-ish: Roles & Profiles 37
Roles may be namespaced for clarity
Roles - naming
● role::app_server::pci
● These names are to assist YOU
40. Best Practice-ish: Roles & Profiles 38
Roles - storage
● In the Control Repo
● Single ‘role’ module
● Escalation: Separate module
● Escalation: Separate module for
each role
41.
42. Best Practice-ish: Roles & Profiles 40
Can roles contain conditional logic?
Roles - naming
● If Windows then IIS profile, if Linux then JBoss
● Separate roles per platform
● What’s more important to track/visualize?