6

Our infrastructure: we run a puppet master for about 250 nodes (about 100 hardware servers). The OS on the nodes itself is fully puppetized.

Now we're looking into extending this puppet setup to the following domains:

  1. IP/DHCP management
  2. APC configuration
  3. switch configuration (via SNMP, we have Arista switches)
  4. inventory management (where is server x racked? how long does the warranty still work?)

Is there a software (opensource or not doesn't matter) that lets us achieve this? I imagine it has a relational data schema like server or switch which can be filled out by web ui. Then, for each of those 4 points there are scripts to extract the data from the tables and push them to the devices.

right, why don't we just take puppet for this?

We'd love to, since we want to have all configuration in one place, but...

1+2 could be done in puppet, but for 250 nodes that looks like a hell of a big puppet manifest. Additionally we want to add VM provisioning via puppet foreman soon, so the "IP reservation system" needs to be "reactive" and hence IMO needs to be outside of puppet.
3 is probably not possible since the switches are not yet ready for puppet,
4 is probably possible with puppet when we'll add a "hardware" layer above the node-layer in puppet.

Any thoughts?

hansaplast
  • 197
  • 1
  • 2
  • 12

2 Answers2

6

AFAIK The Foreman already leads into the right direction, so maybe you should start to play with that.

Besides that take a look at Custom Facts. They are a powerful way to access all kinds of data and make it usable in Puppet manifests. E.g. create a custom fact like $::inventory_ipaddress or even overwrite the $::ipaddress fact with the canonical one to be used for configuration.

For 1: For a large number of hosts it is generally advisable not to have hundreds of node definitions, but rather have a set of roles and profiles.

The general design challenge here is to have a clear flow of information from single source(s) of truth to the provisioning.

For 2+3: you could use puppet to call all kinds of auxillary scripts and tools, but I doubt it is the best tool for the job, because it probably will not be the "source of truth".

For 4: This is somewhere in between. I myself use puppet on EC2 instances to periodically trigger a Zabbix inventory update and use facter to fill e.g. role, OS version, security groups. Caveat here: my normative source of truth is a provisioning tool and my puppet manifests where I can change settings; on the other hand this inventory is only the final outcome to verify results.

mschuett
  • 3,066
  • 20
  • 21
1

It is possible to configure Arista switches using Puppet running on the EOS operating system on the switch itself. Arista even provides an tutorial how to install Puppet themselves: Installing Puppet on EOS So that doesn't have to be a problem.

For the inventory tasks (IP's, locations, waranty) I would recommend Zabbix.

Tim
  • 166
  • 2