Server Variables in Puppet Templates

Puppet is an invaluable tool for managing a large number of Linux servers. By defining different classes for each service I deploy, I can easily define what runs on each server I control just by changing the site manifest.

A problem I ran into early when I was bringing services into Puppet was slightly different configurations on servers with different specs. For example, I run Tomcat on three servers but one is also running some other services. On this one server the JVM maximum heap size needs to be lower than on the others, but the rest of the Tomcat configuration is the same. To manage this without making a second class definition I used the template system in Puppet.

There are four steps to making this work. First you need to define a default for the variable. Next you need to write the template. Third, connect the template to a file on the client. Finally override the variable where you need it.

Make your Linux servers dance with Puppet

Puppet is a system for replicating configurations to many servers, and it makes managing a Linux1 server farm ridiculously easy. One server runs a master process, while the others run a client which connects to the master2 to get the correct configuration. Clients are identified by hostname, so if your servers don’t have resolvable names you’ll need to put them in the hosts file on the master.

Puppet uses a declarative syntax built on top of ruby for defining rules. The documentation is mediocre at best, so you may struggle at first learning how to write the rules. Just read through the example recipes and test it out with a non-production server. The easiest way I found to test a rule is to run

sudo puppetd --test

on the server that should be getting the configuration. It will tell you there if there are any errors.

The version of puppet in Ubuntu 9.10 doesn’t support defining node names with regular expressions, so you might want to grab the version in Debian sid.

I’m still trying to figure out the best way to split up modules and organize my node definitions, so if you’ve used Puppet leave a comment and let me know what you think.

  1. The website also has packages for BSD and MacOS, but I can’t vouch for them. 

  2. By default the clients connect to a host named puppet, so you should either make an DNS entry for your master, or define the name puppet in your clients’ hosts files. 

Bear on the Lamb

Care bear under arrestBear Grylls‘s show is getting a little long in the tooth, and the staged “danger situations” are getting more and more ridiculous. I know exactly what Bear needs.

U.S. Marshals.

Every week Bear gets dropped in a wilderness location (like Les Stroud really did) and has to evade U.S. Marshals for seven days. The locals will be told that he’s a real fugitive. Set the dogs on him. Heck, they should shoot him on sight, just to add a bit more excitement. The real fun begins when Bear has to betray his camera crew to buy some more time.

Nixon’s Back!!

My previous server was unexpectedly destroyed, but after a call to Joe we’re back up and better than ever. Now that I’m actually paying for my space, I’m inspired to dust off this old thing and give it a new go. I also have a lot more time now since I graduated last May.

I plan to start posting a wider variety of content rather than trying to stick to Linux, development, physics, and LaTeX. I’ve become more active on twitter and Facebook, so I’m dumping short stuff there. I also got a tumblr account as a temporary landing site while this one was down, and I think I’ll be keeping it for meaningless drivel that’s between tweet and blog length. I’ll lovingly handcraft longer, meatier, vastly more important drivel for this site. You’ll get more of my personality, my raw thoughts, and let’s be honest, I haven’t quite been prolific with the geeky material to date.

One step towards the personalization of my personal blog has been to import my old LiveJournal posts. These date back to the heady days of 2001 when “blog” was a new term that was still considered a contraction of “web log.” I was a freshly laid-off refugee of the dot-com bust back then, and I was still too dumb to know I’m not funny. There might be some gems in the archives, but as you dig through try not to get lost in the self-important ramblings of an arrogant young man. If the going is too tough, I promise to keep the site updated with a steady stream of self-important ramblings from an arrogant, slightly less young man.

So thanks for looking at the main site after you stumbled across one of my old LaTeX posts. I hope this isn’t the last update for another two years.

