https using Cloudflare

Why? Lots of good reasons as of July 2018 posted here by Troy Hunt, including that the National Cyber Security Centre (part of GCHQ) says so here – the title of that blog post is ‘serve websites over HTTPS (always)’. As we state in our HTTPS guidance, all websites should use HTTPS, even if they don’t include […]

puppet apply #8 – puppet apply and hiera

Adding classes At present, puppet apply should look something like this: $ sudo scripts/puppetapply.sh + /opt/puppetlabs/bin/puppet apply –test –environment=local /etc/puppetlabs/code/environments/local/manifests Info: Loading facts Notice: Compiled catalog for clientname in environment local in 0.16 seconds Info: Applying configuration version ‘xxx’ Notice: Applied catalog in 0.09 seconds Let’s add back in the clientscope class. This will populate […]

puppet apply #7 – classification via hiera

Hiera introduction Hiera is used to store data. Roles and profiles are about code reusability, and separating data and code is probably the other main pillar of Puppet best practise. Hiera layers the data, allowing you to selectively mask values with others based on properties of the puppet client.  The trick is to pick useful […]

puppet apply #5 – roles and profiles

what are roles and profiles? Roles and profiles are the recommended way from Puppet to organise code. Documentation elsewhere on this includes: https://puppet.com/docs/pe/2017.2/r_n_p_full_example.html Summary: Each node / server / puppet agent has a single role. Webserver, database server, jenkins server, blog-webserver, customer-databaseserver, and so on.  Whatever makes sense in your environment. Profiles provide useful functionality […]

puppet apply #4 – a profile

Putting all our code in site.pp isn’t very scalable. We want to follow Puppet best practise and use roles and profiles, so: cd control-repo # I’m going to assume this from now on git checkout puppetapply02 If you look at manifests/site.pp, there’s an include statement. This is the basis of how node classification is generally done. […]