Read more

Replacing exported resources with puppetdb queries

Claus-Theodor Riegg
June 20, 2022Software engineer at makandra GmbH
Say thanks3

Instead of using Puppet exported resources Show archive.org snapshot you can use the puppetdb_query Show archive.org snapshot feature.

Illustration web development

Do you need DevOps-experts?

Your development team has a full backlog? No time for infrastructure architecture? Our DevOps team is ready to support you!

  • We build reliable cloud solutions with Infrastructure as code
  • We are experts in security, Linux and databases
  • We support your dev team to perform
Read more Show archive.org snapshot

This can result in more complex code but has several benefits:

  • you can use more complex puppetdb queries to get the resources you want than with the limited filtering options of exported resources
  • because you receive a data object of the resources you can only use a part of the information contained
  • you can use information received from a resource type to create a different resource without creating wrapper defined types
  • you can omit duplicate resource issues without creating wrapper defined types
    • explanation: If you export the same resource from multiple nodes you will hit a duplicate declaration issue. Usually you will create a wrapper defined type which contains for example the node name in the title. The wrapper resource contains an ensure_resource with the resource you really want to manage

Example

One example is used by us in environments::railscomplete::dbcollector:

  $vhost_types = ['\'Environments::Elixir::Vhost\'',
                  '\'Environments::Rails::Vhost\'',
                  '\'Environments::Php::Vhost\'',
                  '\'Environments::Python::Vhost\'',
                  ]

  $vhosts = puppetdb_query("resources {type in ${vhost_types} and parameters.dbbackend = '${dbbackend}'}")

  $vhosts.each |$vhost| {
    ensure_resource('environments::railscomplete::db', $vhost['parameters']['dbuser'], {
      'password'   => $vhost['parameters']['dbpassword'],
      'type'       => $type,
      'extensions' => $vhost['parameters']['dbextensions'],
      'schemas'    => $vhost['parameters']['dbschemas'],
      'charset'    => $vhost['parameters']['dbencoding'],
      'collate'    => $vhost['parameters']['dbcollate'],
      'host'       => $host,
    })
  }

Instead of exporting a environments::railscomplete::db resource on the application servers we just collectd all the vhosts with a specific dbbackend. A vhost can be configured on multiple servers. If we've used exported resources the environments::railscomplete::db resource type would not contain the resources it contains now but would be a wrapper using an additional resource type utilizing ensure_resources. This is more complex than just fetching the information straight out of the PuppetDB and applying it with .each.

Prefer exported resources or puppetdb query?

This highly depends on the scenario. Usually you should use exported resources because it's the more simple solution. But building wrapper resources and understanding them can be more complex than just using a puppetdb_query.

License for source code
Posted by Claus-Theodor Riegg to makandra Operations (2022-06-20 14:06)
This website uses short-lived cookies to improve usability.
or learn more