[GTALUG] Users in an automated environment

David Thornton northdot9 at gmail.com
Mon Apr 4 18:39:04 UTC 2016


Just a friendly reminder , my question was "how do you do it?"


 Not how could it be done.

I have a couple of years of ansible under my belt and a year of puppet. I
know what text books say.

What is you reality? There are many operational consideration so and
tradeoffs.

What implementation decisions did you make ? What tradeoffs did you make?

If you haven't done it yourself ....

David


On Mon, Apr 4, 2016, 6:03 PM Marcelo Cavalcante <kalibslack at gmail.com>
wrote:

> On Apr 4, 2016 5:30 PM, "David Thornton" <northdot9 at gmail.com> wrote:
> >
> > At one company I worked at, they ensured that all required users were
> present with an rpm that created them if they weren't already created. And
> when missing from the rpm definition, removed.
> >
> > Rpm has password hashes and keys. #eggsinonebasket
> >
>
> It would depende on the solution, but since you talked about Puppet, it
> uses manifest files to define states, not the tasks that need to be done.
>
> For example, when dealing with users, the manifest in the puppet
> master/server doesn't need to say how will that user be created, neither
> will say to create it. The manifest will say how is the desirable state for
> that machine (or goupe of machines). It may say that user john might exist
> in that machine, so at the next time that machine/client communicates with
> the master to check the manifests, it will read that information and it
> will asks itself: Do I have a john user?
> If yes, cool. If not, the machine, through puppet client, will create that
> user without you say how to do it. Puppet client knows how to.
>
> The same way, you can provide more information through your manifest, like
> home directory, ownership on files, etc.
>
> > David Thornton @northdot9 https://www.quadratic.net
> >
> > On Apr 2, 2016 10:20 PM, "Marcelo Cavalcante" <kalibslack at gmail.com>
> wrote:
> >>
> >>
> >> On Apr 2, 2016 6:42 PM, "David Thornton" <northdot9 at gmail.com> wrote:
> >> >
> >> >
> >> >
> >> > In "managing infrastructure with puppet" they defines users in
> manifests.
> >> >
> >> > I've seen user rpms.
> >> >
> >> > How do you do it.
> >> >
> >>
> >> I didn't understand your question. Could you provide more details?
> >>
> >> As far as I know, yes you can define users and groups, as well as many
> other things, through manifests. What do you mean with user rpms?
> >>
> >> Cheers,
> >>
> >> >
> >> >
> >> >
> >> > ---
> >> > Talk Mailing List
> >> > talk at gtalug.org
> >> > https://gtalug.org/mailman/listinfo/talk
> >> >
> >>
> >>
> >> ---
> >> Talk Mailing List
> >> talk at gtalug.org
> >> https://gtalug.org/mailman/listinfo/talk
> >>
> >
> > ---
> > Talk Mailing List
> > talk at gtalug.org
> > https://gtalug.org/mailman/listinfo/talk
> >
> ---
> Talk Mailing List
> talk at gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20160404/886b3ea3/attachment.html>


More information about the talk mailing list