On Sunday, 7 April 2013 00:53:29 UTC+5:30, Owen Smith wrote:
We are using Puppet to deploy application packages, so it can indeed be
done. However, you need to do some work around Puppet to enable the use
cases you've mentioned:
* Something builds the package
* Something publishes the package to the yum repo
* Something kicks Puppet on the node(s) you want to install on (either
starting it up in daemon mode or executing it)
* Someone (or something) ensures that package declarations are properly
assigned to your node.
* At this point, Puppet takes over, figures out what packages need to be
installed/upgraded, and handles that for you, in addition to whatever
configuration and service control you've specified.
In short: you need a build/deployment system that uses Puppet
configuration management at its core. In our case, we glued this together
Some things to be aware of:
* To use the YUM package provider, Puppet must run as root. Therefore,
whatever kicks Puppet has to run as root as well. We use MCollective for
this, which involves a root agent running as a daemon on the endpoint.
* Puppet's RPM/YUM providers install packages as root into the standard
system RPMDB. So, you can see, by going this route your application
packages are going to be handled just like any other system package.
In other words, the key to making this easy is this: though the *user* doesn't
have root access on the node, the *deployment system *does. You control
who can do what to the node through authentication and authorization in the
deployment system itself, and by constraining the set of operations that
the deployment system supports.
Let's say this solution isn't a possibility: for example, you use a custom
user/RPMDBs/prefix/RPMRC when installing via RPM. You *can* theoretically
make this work with Puppet, but you've got a lot of work on your hands,
because the existing package type/providers don't support it. You have my
sympathy, because that's where we've been, and over the years we've banged
our head against that wall so many times, for many reasons besides Puppet.
One of our tenets in moving to Puppet, however, was to stop doing things
that made our life needlessly difficult. :-)
If you go this way, you also need to give some thought as to how you want
to upgrade an existing application on the endpoint. One way is to use
'ensure => latest' and configure the YUM repo on the node to point to a new
repo with your updated packages when the time comes. Another possibility is
to use 'ensure => present' and do an explicit 'yum upgrade' operation
through MCollective to get the packages updated; then run Puppet to fix up
Hope this helps!
On Apr 4, 2013, at 6:39 AM, Dhaval wrote:
i want to know, can we use puppet to install application packages ( not
system packages ) .. if yes how , if someone can through some light ..
my requirement is
1) application team can create package on their own and update in yum repo
( without root )
2) application team can install package on their own ( without root ) to
the directories mention in rpm ..
let me know if anyone is aware of similar things available ?
Thanks in advance ...
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firstname.lastname@example.org.
To post to this group, send email to email@example.com.