PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
•
2 gostaram•1,993 visualizações
Here are the slides from Gary Larizza's PuppetConf 2016 presentation called Puppet Best Practices: Roles and Profiles. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Destaque
Destaque (20)
Semelhante a PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
Semelhante a PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet (20)
Mais de Puppet
Mais de Puppet (20)
Último
Último (20)
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
- 1. “Best Practices”- Roles & Profiles Gary Larizza
- 8. Knowing your Role(s) …and your Profile(s)
- 9. Best Practice-ish: Roles & Profiles 9
- 10. class profile::jenkins { $jenkins_port = hiera(’jenkins_port’) $java_dist = hiera(’java_dist’) $java_version = hiera(’java_version’) class { ’::jenkins’: install_java => false, port => $jenkins_port, } class { ’::java’: distribution => $java_dist, version => $java_version, before => Class[‘jenkins’], } }
- 11. class role::ci_server { include profile::jenkins include profile::myorg include profile::hubot }
- 12. 1.Lots of tech 2.Lots of terms 3.Lots of variations
- 13. “Best Practices” (i.e. “Some people do this - not me, but some people…”)
- 14. CS-STANDARDS
- 15. CS-STANDARDS
- 16. Best Practice-ish: Roles & Profiles 16 ● Focus on having a “complexity escalation path” ● Module in Control Repo? Module in its own Repo? ● Package in profile::mycorp::packages -> package in its own module ● Team interoperability and comprehension ● i.e. “Do we need a profile for simple, one-module tech?” ● Minimize magic Your Standard
- 17. Profile(s)(to s or not to s…)
- 18. Best Practice-ish: Roles & Profiles 18 ● In the Control Repo ● Escalation: Separate module ● Escalation: Separate module for each profile Profiles - storage
- 19. Best Practice-ish: Roles & Profiles 18 ● In the Control Repo ● Escalation: Separate module ● Escalation: Separate module for each profile Profiles - storage
- 20. Best Practice-ish: Roles & Profiles 18 ● In the Control Repo ● Escalation: Separate module ● Escalation: Separate module for each profile Profiles - storage
- 21. Best Practice-ish: Roles & Profiles 19 ● Name the module “profile” ● Or “profiles” ● Or “lamp” ● (i.e. It doesn’t matter because I don’t work with you) ●Escalation: prepend each profile module ●wrapper_apache ●profile_apache Profiles - naming
- 22. Best Practice-ish: Roles & Profiles 20 ● Name each profile according to tech ● profile::{nginx,apache} ● Escalation: May extend to implementation if it makes sense ● profile::ssh::{server,client} Profiles - naming
- 23. Best Practice-ish: Roles & Profiles 21 Profiles may be parameterized to provide an API to the implementation Profiles - usage
- 24. Best Practice-ish: Roles & Profiles 22 Limit resource-style declaration of a profile Profiles - usage class { ‘profile::ntp’: } include profile::ntp
- 25. Best Practice-ish: Roles & Profiles 23 Profiles may declare other profiles Profiles - usage
- 26. Best Practice-ish: Roles & Profiles 24 ●Only site-specific resources declared in profiles ●Certificates ●Credentials ●Customizations Profiles - usage
- 28. Best Practice-ish: Roles & Profiles 26 Profiles may be platform-based Profiles - usage ● profile::windows::iis ● profile::linux::ntp ● profile::osx::loginwindow
- 29. Best Practice-ish: Roles & Profiles 27 Profiles may be single-point-of-entry Profiles - usage profile::dns_nameservers -> profile::dns_nameservers::{linux,windows}
- 30. Roles(and if we don’t get no tolls…)
- 31. Best Practice-ish: Roles & Profiles 29 Roles - naming sfnetdevap12-01
- 32. Best Practice-ish: Roles & Profiles 30 Roles - naming sfnetdevap12-01
- 33. Best Practice-ish: Roles & Profiles 31 Roles - naming sfnetdevap12-01
- 34. Best Practice-ish: Roles & Profiles 32 Roles - naming sfnetdevap12-01
- 35. Best Practice-ish: Roles & Profiles 33 Roles - naming sfnetdevap12-01
- 36. Best Practice-ish: Roles & Profiles 34 Roles - naming sfnetdevap12-01
- 37. Best Practice-ish: Roles & Profiles 35 Roles - naming role::app_server
- 38. Best Practice-ish: Roles & Profiles 36 Roles are named according to type Roles - naming
- 39. Best Practice-ish: Roles & Profiles 37 Roles may be namespaced for clarity Roles - naming ● role::app_server::pci ● These names are to assist YOU
- 40. Best Practice-ish: Roles & Profiles 38 Roles - storage ● In the Control Repo ● Single ‘role’ module ● Escalation: Separate module ● Escalation: Separate module for each role
- 42. Best Practice-ish: Roles & Profiles 40 Can roles contain conditional logic? Roles - naming ● If Windows then IIS profile, if Linux then JBoss ● Separate roles per platform ● What’s more important to track/visualize?
- 43. Best Practice-ish: Roles & Profiles 41 Can roles be inherited? Roles - naming
- 44. Best Practice-ish: Roles & Profiles 42 Summary DO WHAT CAUSES LESS FRICTION BETWEEN TEAMS AND IS EASY TO FOLLOW!
- 45. Best Practice-ish: Roles & Profiles 43 Questions?
- 46. Best Practice-ish: Roles & Profiles 44 Summary ●Everything is terrible ●No one is happy