Ask Your Question

Where can I find an example of puppet installing all of the part of a web app.

asked 2013-10-02 09:30:27 -0500

Alan gravatar image

Let me clarify. When I say complete web app I mean install and manage the following:

Firewall rules on the firewall

Nginx virtual hosts on the load balancers

Apache virtual hosts on the web servers

Tomcat instances on the apps server

This is in both QA and prod.

Is puppet the correct tool or is this a more a puppet + something else.


edit retag flag offensive close merge delete


How complex are your firewall rules? Are you creating /32 rules to the other servers, and how automated do you want this? Do you want new servers in the cluster ...(more)

Ancillas gravatar imageAncillas ( 2013-10-02 11:33:28 -0500 )edit

The firewall rules mostly are "If inbound traffic arrives to this outside ip address then forward to load balancer on port xxx" The firewall rules are not really the issue ...(more)

Alan gravatar imageAlan ( 2013-10-02 12:23:19 -0500 )edit

3 answers

Sort by ยป oldest newest most voted

answered 2013-10-03 01:19:12 -0500

spuder gravatar image

Take a look at .
They are pushing a standard model for puppet modules called nextgen, The standard includes firewall rules, uninstallation and style guides for markup. You can see some examples that follow this standard here:

Puppet modules are encouraged to be modular. Any module that installs an entire web app goes against best practices.

edit flag offensive delete link more


I am digging into the example42 next gen stuff. Great work there.

Alan gravatar imageAlan ( 2013-10-03 07:22:48 -0500 )edit

answered 2013-10-03 07:50:54 -0500

Alan gravatar image

Please forgive me in advance if this is bad form but i can't seem to find a way to update the original questions.

My concept of a web add needs a little better definition.

Let say I have a app called bestcustomer

I need an apache vhost file on prod-webserver1 and prod-webserver2 for

I need a different apache vhost file on qa-webserver1 and qa-webserver2 for

I can define the file using templates to create the prod and qa configs, I have gotten that far.

I need an nginx vhost on prod-nginxserver1 and ... (more)

edit flag offensive delete link more


This is exactly what hiera is used for. You can have a parameterized class, or a defined type, that accepts some data structure to define how it works. Hiera then ...(more)

Ancillas gravatar imageAncillas ( 2013-10-03 11:06:38 -0500 )edit

In this case, let's say part of your hiera hierarchy is $hostname. You'd have prod-nginxserver1.yaml, and qa-nginxserver1.yaml. Each yaml would have the config options for that ...(more)

Ancillas gravatar imageAncillas ( 2013-10-03 11:09:30 -0500 )edit

answered 2013-10-02 17:33:22 -0500

Ancillas gravatar image

updated 2013-10-02 17:36:47 -0500

You want to classify your nodes differently. You can do this by hostname if you want. Here's the doc.

Now, I'll show you the quickest approach, in my opinion, but note that this isn't quite best practice in that it's better to assign relationships in classes instead of site.pp so that you can easily switch to an ENC if you want, but that's more complicated, and it doesn't seem like we want to jump to that in this case.

Here's an abstract.

Create a module for each piece of your environment. You ... (more)

edit flag offensive delete link more


I am have started working on my ENC as that seems to best practice so I am working on getting past having a site.pp.

Alan gravatar imageAlan ( 2013-10-03 07:25:21 -0500 )edit

This still applies with an ENC, but you have to wrap your classes in a wrapper class. You can't specify order in an ENC, so if you include apache ...(more)

Ancillas gravatar imageAncillas ( 2013-10-03 11:03:29 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools


Asked: 2013-10-02 09:30:27 -0500

Seen: 309 times

Last updated: Oct 03 '13