Configuration management with puppet

I know it has been very quit here and on eAccelerator because I’ve been working really hard on my master thesis. It’s about managing large scale webserver infrastructure. This means it’s a thesis on configuration management applied to the problem of managing webservers and everything related. A lot of the work I’m doing could just as well be applied to any other computer infrastructure.

I’m a heavy open source supporter and I really hate duplicate work, so I always try to reuse existing software and extend or incorporate it. For my thesis I basically had the choice between building a layer on top or extend an existing system. I’ve studied four major open source systems that are referenced a lot in the literature: cfengine, bcfg2, lcfg and Puppet. For reasons I’m going to explain in my thesis (it’s going to be in Dutch), I chose to use puppet and extend it.

Webservers are more or less just a gateway to an application that runs in some sort of environment like WordPress in a Linux-Mysql-Php environment or a Ruby-Rails-Linux-Postgresql environment. This requires installing software, creation configuration files, … Almost all configuration management systems already do this, on Fedora I can even do this by installing the wordpress or drupal package.

However some more powerful features are required that aren’t provided or not sufficiently developed. The virtual/exported resource system in Puppet is a good start but it could be improved a lot. An other features are creation rules like proposed in the PoDIM system by my thesis counselor and my supervisor. Today I finished a first version that introduces these rules in Puppet, available in my features/collection branch of my puppet git repo (listed on the puppet wiki).

These rules allow to say “make sure at least 2 dns server configured on this group of hosts”. Puppet will make sure that if two hosts are available that match the criteria in the rule, they will be configured as a dns server. The servers can then export their ip addresses so all machines in the network can add them in their /etc/resolv.conf This is just one of the great things you could do and I’m very excited about them!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.