At work I recently introduced puppet for ... / 2012-08-13

At work I recently introduced puppet for automated system management, after hearing about it from people with very good experiences with it.

Slowly but surely we start to manage the first tasks with puppet: system accounts, ssh configuration, ntp configuration, package removal/addition, postfix configuration and other things we want configured to our standards on all machines. Puppet helps a lot in making configurations standard and making sure (complicated) configuration tasks have been done on every system.

The fact that we are currently setting up quite a number of new virtual machines helps, lots of room to start of with a 'puppetized' config.

Configuration choices can be made based on classes assigned to nodes but also based on 'facts' derived from the machine itself. For example I install package smartmontools on machines with real hardware, it doesn't make sense to install it in virtual machines. Or I can use a variable from a fact in a configuration, which is great if you want mail from machines to be readable when it's in a big mailbox. A sample from the logwatch config:

        file { 'logwatch.conf':
                path => '/etc/logwatch/conf/logwatch.conf',
                ensure => present,
                owner => 'root',
                group => 'root',
                mode => 0444,
                content => "# This file is under puppet control
# Generated by $Id: logwatch.pp 67 2012-08-14 08:14:49Z XXXXX $
# Do not edit on this machine
#
MailTo = XXXXXXXXXXXXXXXXX@XX.XX
MailFrom = Logwatch@$fqdn (Logwatch on $hostname)
",
                require => Package['logwatch'];
        }

And the logwatch mailfolder gets more readable.

With more than a few machines to manage with puppet I like puppetdashboard to see whether all changes have been rolled out to all machines. The 'radiator view' gives a great visual hint whether you need to look at your own puppet dashboard for more info or everything is fine so we use that view on our system monitor screen. And puppetdashboard gives nice counters showing just how much configuration items you are controlling: the current count for our setup is 812 items already, and we're just getting started.