README.md - Issue 4810150141493248: Issue 122 - Puppet ENC via Hiera

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Side by Side Diff: README.md

Issue 4810150141493248: Issue 122 - Puppet ENC via Hiera (Closed)

Patch Set: 112 - Puppet ENC via Hiera Created Nov. 27, 2014, 12:29 a.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

OLD	NEW
1 Adblock Plus infrastructure	1 Adblock Plus infrastructure

2 ===========================	2 ===========================

3	3

4 The Adblock Plus infrastructure uses [Puppet](http://puppetlabs.com/)	4 The Adblock Plus infrastructure uses [Puppet](http://puppetlabs.com/)

5 to set up servers, and to have a realistic development environment.	5 to set up servers, and to have a realistic development environment.

6	6

7 Our Puppet manifests are only tested with Ubuntu 12.04 right now.	7 Our Puppet manifests are only tested with Ubuntu 12.04 right now.

8	8

9 Private files	9 Host specific setup

10 -------------	10 -------------------

11	11

12 Some parts of our infrastructure are, obviously, confidential. We have	12 Some infrastructure parts are specific to the environment (such as e.g.

13 htpasswd files, SSH keys and SSL certificates that we need to be	13 development, test and production) whilst passwords, for example,

14 careful with.	14 are confidential. In order to allow for such specific configuration, the

	15 repository requires a set of manual operations during the initial setup:

15	16

16 That's why _modules/private_ is missing, and needs to be placed there	17 ### `modules/private`

17 manually. We provide stub versions of all those files in	18

18 _modules/private-stub_, so just linking or copying that to	19 The `private` module is destined to store confidential information such as

19 _modules/private_ will make everything work locally.	20 [RSA](http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29) keys, `htpasswd`

	21 files and so on. The repository provides a `private-stub` module containing

	22 defaults suitable for development and testing purpose. One can create a

	23 symbolic link to start using the resource:

	24

	25 # UNIX-oid

	26 user@host:~/infrastructure$ ln -s private-stub modules/private

	27

	28 # Windows

	29 C:\infrastructure\> MKLINK /D modules\private private-stub

	30

	31 When creating a custom version, one may inspect the `modules/private-stub`

	32 directory to determine which resources have to be provided.

	33

	34 ### `hiera/environment`

	35

	36 [Hiera](https://docs.puppetlabs.com/hiera/1/) configuration files specific

	37 to the current environment are expected to be found in `hiera/environment`.

	38 Default resources for development (and testing) purpose are provided within

	39 `hiera/development`:

	40

	41 # UNIX-oid

	42 user@host:~/infrastructure$ ln -s development hiera/environment

	43

	44 # Windows

	45 C:\infrastructure\> MKLINK /D hiera\environment development

	46

	47 Note that custom versions are recommended to be tracked together with the

	48 custom `private` module, if any.

20	49

21 Development environment	50 Development environment

22 -----------------------	51 -----------------------

23	52

24 As with our other projects, all changes to our infrastructure should	53 As with our other projects, all changes to our infrastructure should

25 be made in a local development environment, and reviewed before	54 be made in a local development environment, and reviewed before

26 deployment. Thanks to Puppet, we can easily set up local VMs that	55 deployment. Thanks to Puppet, we can easily set up local VMs that

27 mirror our production environment.	56 mirror our production environment.

28	57

29 The most convenient way to do this is to use Vagrant, as described	58 The most convenient way to do this is to use Vagrant, as described

(...skipping 138 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
168 Monitoring is fully functional in any environment, including development.	197 Monitoring is fully functional in any environment, including development.

169 Here, after bootstrapping the `server4` box, one can access the Nagios GUI	198 Here, after bootstrapping the `server4` box, one can access the Nagios GUI

170 from the host machine via <https://nagiosadmin:nagiosadmin@10.8.0.99/>.	199 from the host machine via <https://nagiosadmin:nagiosadmin@10.8.0.99/>.

171	200

172 The monitoring service of our production environment, however, is accessible	201 The monitoring service of our production environment, however, is accessible

173 via <https://monitoring.adblockplus.org/>.	202 via <https://monitoring.adblockplus.org/>.

174 Add yourself to _files/nagios-htpasswd_ in the _private_ module used on the	203 Add yourself to _files/nagios-htpasswd_ in the _private_ module used on the

175 server, or have someone add you if you don't have access.	204 server, or have someone add you if you don't have access.

176	205

177	206

OLD	NEW

« no previous file with comments | « .hgignore ('k') | Vagrantfile » ('j') | hiera/install-precise.py » ('J')