How VSHN manages Hiera data files

Transcript

1. How we manage Hiera data files Or: How not to

   Git submodule!

2. 09/07/15 VSHN AG | http://vshn.ch 2 Agenda • VSHN? Or:

   How do I spell that? • Our Hiera structure • Phase 1: Hieradata in Puppet environment • Phase 2: One monolithic repository • Phase 3: Git submodules • Phase 4: GWS (Git Workspace)

3. 09/07/15 VSHN AG | http://vshn.ch 3 /me • Tobias Brunner

   aka tobru • VSHNeer • Puppetizer since 2011. Modules: – Smokeping – Knot DNS – Gitlab – Identity • Blog: https://tobrunet.ch • Twitter: @tobruzh

4. 09/07/15 VSHN AG | http://vshn.ch 4 Company Profile | v

   ʒ | ˈ ɪ nn • Owner-operated Swiss company • 12 employees at the head office in Zurich • Service provider for DevOps, software delivery automation and configuration management • Partner for operations/hosting of web applications • Further specialty fields: Consulting, System Engineering, Continuous Delivery, Monitoring, Backup, 24/7 Support

5. 09/07/2015 VSHN AG | http://vshn.ch 5 Software Delivery Automation

6. 09/07/2015 VSHN AG | http://vshn.ch 6 Our Hiera structure •

   Multi tenancy • Flexible • Future proof nodes/%{::clientcert} customers/%{::customer}/%{::project}/%{::stage}/%{::role} customers/%{::customer}/%{::project}/%{::stage} customers/%{::customer}/%{::project}/%{::role} customers/%{::customer}/%{::project} customers/%{::customer}/common locations/%{::location} common/common

7. 09/07/2015 VSHN AG | http://vshn.ch 7 Phase 1: Hieradata in

   Puppet env • + Hiera data together with Puppet environment • - Pain to manage common data • - Does not scale • - No access restrictions • - View into all data

8. 09/07/2015 VSHN AG | http://vshn.ch 8 Phase 2: One monolithic

   repository • + Simple • - Does not scale • - No access restrictions • - View into all data

9. 09/07/2015 VSHN AG | http://vshn.ch 9 Phase 3: Git submodules

   Idea: split out the subirectories into their own repository. Use Git submodules in a „meta“ repository. • - Complex • - Git submodule 1 Repo: nodes/%{::clientcert} X Repos: customers/%{::customer} 1 Repo: locations/%{::location} 1 Repo: common/common

10. 09/07/2015 VSHN AG | http://vshn.ch 10 Phase 4: GWS Idea:

    split out the subirectories into their own repository. Use GWS „meta“ repository. • + Easy to use • + Simple bash script • + No Git submodules • - New tool https://streakycobra.github.io/gws/: A helper to manage workspaces composed of git repositories.

11. 09/07/2015 VSHN AG | http://vshn.ch 11 Phase 3: GWS •

    1 main file: .projects.gws # global hieradata common/ | [email protected]:project/common_hieradata.git locations/ | [email protected]:project/locations_hieradata.git nodes/ | [email protected]:project/nodes_hieradata.git # customer hieradata customers/a | [email protected]:a/a_hieradata.git customers/b | [email protected]:b/b_hieradata.git • Few easy commands: – gws update – gws f – gws status

12. 09/07/2015 VSHN AG | http://vshn.ch 12 Phase 4: GWS •

    Manage .projects.gws in a Git repository • Pupet gws bash script in the same repository • Can be used with a Webhook to automatically deploy changes

13. 09/07/2015 VSHN AG | http://vshn.ch 13 Questions?

14. 09/07/2015 VSHN AG | http://vshn.ch 14 We're hiring Speak to:

    @tobruzh and @aarnoaukia