I’ve played with puppet in the past, but I never actually deployed anything significant with it. I have built manifests for work, to help deploy packages, and I’ve been tinkering with one that does some fancy stuff to install elasticsearch.
This weekend I actually spent the time to get a puppet master set up on ArchLinux, and it went relatively smoothly. I had to apply two patches, however, and one I got to write myself..
The first patch was an already existing pull request, and since puppet is built from AUR anyway, I simply updated my package in my repo (http://home.shlrm.org/arch/$arch) with the patch. Simple enough.
The second patch wasn’t as easy. It was not a noisy failure. Facter did not include facts for the IP addreses of
ipaddress_eth0 and such didn’t exist at all. Turns out that the current version of facter does not deal
well with the 2.0 version of net_tools. I found an already existing defect on their redmine interface.
I then started hacking the source code to add spec tests to verify this things functionality, since there wasn’t any. I knew the regexp stuff was simple, but their contribution agreement requires that you have specs, and that’s what all good developers do anyway. Write tests, watch it fail, then fix it so it doesn’t fail any longer, as well as providing verification that it didn’t break existing functionality. Behavior Driven Development as some might call it. An excellent book on learning how to do BDD, by the way.
Anyway, so an hour of hacking in the facter guts, and the spec tests for them, and I have a pull request open.
It was a fun exercise, and I got to contribute to an excellent open source project that I’m a fan of. Taking that patch,
and applying it to my existing facter package, I was able to regain the facts
were necessary for my unbound config, as well as my maradns config, so that I could tell them to listen on the right interfaces.
You know, good DNS setup, running one authoritative and one recursive resolver. Avoiding security bugs and all that.
Now, with one DNS box deployed via puppet, I can very easily create a second box, assign it the
dns_server class, and
like magic, I’ve got two identical DNS servers and I can very easily make changes to them by modifying the puppet manifests
controlling it all. Fantastic.
Apparently I made a stupid typo, and it caused things to be broken. Whoops. Good catch by the puppet labs guys, doing work late on a Sunday Evening, during the superbowl no less. Well, I can’t say much, I spent all day hacking on it as well.