[nycbug-talk] jails: puppet vs. cfengine
Edward Capriolo
edlinuxguru at gmail.com
Wed Sep 8 10:04:17 EDT 2010
On Wed, Sep 8, 2010 at 3:36 AM, Charles Sprickman <spork at bway.net> wrote:
> Hi all,
>
> Not much more to it than that... I've had a cursory look at both and the
> really huge thing for me is having the ability for a config engine to
> understand jails.
>
> If I weren't using jails, I could keep getting by without any
> configuration manager. But with jails I'm now looking at upwards of 30
> "hosts" and growing, which is not easy to manage. One of our biggest
> reasons for throwing stuff in jails is portability. We have an odd
> mixture of hardware, varying amounts of work per jail, and a need to be
> able to shuffle jails from host to host should we either have a hardware
> failure or capacity issues that demand a move of a jail to beefier
> hardware.
>
> If either puppet or cfengine can both understand jails and be able to tie
> a jail and some host config options together (ie: an alias on an interface
> on the host is "connected" to a particular jail), I will be all over that.
>
> Any general jail/config management info more than welcome as well...
>
> Thanks,
>
> Charles
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>
Interesting topic. To be clear, you do not want to run puppet/cfengine
inside the jail? That is probably the preferred way.
I have quick define that lets me create vserver jails with puppet.
define make_vserver($vname, $hostname, $ip, $distro) {
exec { "/usr/sbin/vserver $vname build -m template --hostname
$hostname --interface eth0:$ip/24 -- -d $distro -t
/vservers/Cent5-x86-vs.tar.gz":
unless => "/usr/bin/test -d /vservers/$vname",
}
}
Usage looks like this:
make_vserver { cas2: vname => "cas2", hostname => "cas2.mydomain.com"
, ip => "10.10.12.2", distro => "centos5" }
For puppet you could make modules like File or package and add jail
based information:
service { "cassandra":
enable => true,
ensure => running,
require => File["/etc/init.d/cassandra"]
}
Becomes something like:
jail_service { "cassandra":
jail => "serverhostnamehere"
enable => true,
ensure => running,
require => File["/etc/init.d/cassandra"]
}
Maybe a better solution then this exists out there, but I think
building modules like the jail_service I described would not be very
difficult.
More information about the talk
mailing list