Ask Your Question
1

Is there a puppet equivalent to publishing commands in saltstack? (publish.publish)

asked 2014-01-27 05:42:09 -0500

videre gravatar image

This question is copied from StackOverflow

The basic need:

  1. Perform operation on agent X
  2. Perform operation on agent Y
  3. Perform operation on agent X

These operations need to be performed in order, which is easily achieved with saltstack using publish.publish. Access to perform operations on agent Y is managed by the salt master.

The closest thing I have been able to find in puppet is 'external resources' (ER), since they can be used to perform operations on other agents, but ER's fall short in many ways:

  • they don't support operation ordering
  • targeting is based on tags, which ...
(more)
edit retag flag offensive close merge delete

3 Answers

Sort by ยป oldest newest most voted
2

answered 2014-01-27 17:51:43 -0500

Ancillas gravatar image

What you are describing is generally known as orchestration. mCollective can be used for orchestration, but it is only loosely coupled with Puppet. Here are a couple ways that I can think of to do what you want to do.

  • Utilize PuppetDB to track the state of your nodes (or agents, according to your lingo) through exported resources. Write logic in your Puppet code to behave accordingly based on the states of other nodes. An example of this might be Nagios and web servers that Nagios monitors. Nagios would pull a list of all web servers from Puppet DB, and ...

(more)
edit flag offensive delete link more

Comments

Thank you for a very informative answer. Would you add your answer on the stackoverflow question? Otherwise I will do it in a weeks time.

videre gravatar imagevidere ( 2014-01-28 02:00:12 -0500 )edit
1

answered 2014-01-27 13:29:06 -0500

nated gravatar image

Can you give an example or two of operations?

In the puppet world sounds like what you are describing would be accomplished by leveraging something like mcollective for triggering a remote action on a node. Performing the coordination part (ie: op1 on nodeA, then op2 on nodeB, then op3 on nodeA) would be a coordination task for yourself to script.

edit flag offensive delete link more

Comments

Basically, agent X installs a service, then agent Y registers agent X with a management server, after which agent X finishes setup of service.

videre gravatar imagevidere ( 2014-01-28 01:45:25 -0500 )edit
0

answered 2014-01-28 01:55:23 -0500

videre gravatar image

updated 2014-01-28 02:00:53 -0500

It could be implemented with ssh.

The setup would consist of the Puppet master managing the private and public authentication keys, distributing the private key to all agent X's, and the public key to agent Y.

Then the sequence could be implemented as 3 exec's on the agent X's.

Security could be restricted by using ssh forced commands, ensuring that only the required operation is available for agent X's to invoke on agent Y.

Comments are welcome, as the security implications are beyond me

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2014-01-27 05:42:09 -0500

Seen: 533 times

Last updated: Jan 28 '14