Implementing the Roles and Profiles pattern
Hiera is a great tool to take control of the behavior of modules for your different agents. Most Puppet setups rely on many Forge modules to implement all the required management solutions. It is a common challenge to find efficient ways of structuring the local code.
A very successful and widespread design pattern to this end was conceived by Craig Dunn and is called the Roles and Profiles pattern. It defines two layers of abstraction. The outer layer is made of roles, which are defined in a way that allows for each server (or workstation) to choose exactly one role. There is no mixing—if a node has aspects of two different roles, then this merger forms a new role itself. Examples for roles can be internal_webserver
, key_distribution_center
, or accounting_desktop
.
Technically, a role is just a class. It is sensible to organize your roles in a role
module:
node 'falstaff.example.net' { include role::key_distribution_center }
Do limit each node
block...