Post on 07-Jul-2015
r10k Puppet workflowwhat it is, and why you should be doing it
Bob Rasey
Linuxing for 15 yearsPuppeting for about 18 months
Puppet workflow?
Config management is now code.Best practices for code means
version controlcode reviewenvironments
You’re doing this, right?
Puppet
What is this “version control”?Modules live in directories.How to do environments?What about Puppet Forge modules?What about Hiera data?
Hiera
No more hard-coded things!
Hiera
More code!Lives in its own repository.Also, environments.
Git
Environments - how?one repo per?environment = commit SHA?branches?
Puppet Forge modules
You should be using them.How do you promote through environments?Do you really want to manage them?
Git fork?static copy?pin to Git commit SHA? How?
ComplexityCustom Puppet modules - devCustom Puppet modules - testCustom Puppet modules - productionPuppet Forge modules - devPuppet Forge modules - testPuppet Forge modules - productionHiera data - devHiera data - testHiera data - production
???
Please tell me you’re not going to write some bash / ssh / rsync / cron magic to do this...
r10k
Ruby gemWritten by Adrien TheboDoes all the things
r10k
Two methods do everything:sync Git repos/branches with directories
custom Puppetry - checkhieradata - checkenvironments - check
PuppetfilePuppet Forge - check
r10k - Git
Environments = Git branches.Git repo = a directory.Git branches = directories under that.
r10k - Puppetfile
Puppetfile is like a Ruby gemfile.Describes modules to install.Good for Puppet Forge modules.
Configuration
In your Puppet modules repoa branch for each environment
In each branch (environment)Puppetfile describing Forge modulesenvironment.confmanifests directory with site.ppdist directory contains custom Puppet modules
├──│ └──├──├──│ └──└──
Note: no modules directory!
Because r10k populates it on the server according to what’s in the Puppetfile.
Put custom modules in dist.
Git repo
Configuration
On the Puppet Master/etc/r10k.yaml/etc/puppet/puppet.conf edits
├──│ ├──│ ├──│ ├──│ ├──│ └──└──
├──│ └──├──├──├──│ └──│ └──└──
Contents of /etc/puppet/environments.
albatross module deployed in testing, but not production.
puppetlabs-motd too.
Puppet Master
Configuration
On the node/etc/puppet/puppet.conf
environment = testing
Puppet workflow
Everything should live in gitUse pull requests (code review)Use pre-commit hooks (syntax, style)Test config changes in devPromote code changesStart thinking like a developer
Other stuff
Masterless Puppet via PuppetfileJenkins build triggered by change in repoDynamic environments
Contact
brasey@gmail.com
Further readingAdrien Thebo on creating r10k:http://somethingsinistral.net/blog/rethinking-puppet-deployment/Gary Larizza on doing r10k:http://garylarizza.com/blog/2014/08/31/r10k-plus-directory-environments/Configuring Directory Environments on the Puppet Master:https://github.com/adrienthebo/r10k/blob/master/doc/dynamic-environments/master-configuration.mkdhttps://docs.puppetlabs.com/puppet/latest/reference/environments_configuring.htmlPuppetfile r10k:https://github.com/adrienthebo/r10k/blob/master/doc/puppetfile.mkd