[Viper-users] Getting started with viper

Timm Essigke Timm.Essigke at uni-bayreuth.de
Sat Oct 3 14:53:58 EDT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear Viper developers and users, dear Davor,

seems that I have the honor to make the first real post to the mailing
list... ;-)

I just started using viper and it seems to be the tool I am looking
for since I am going to set up a large number of physical and virtual
hosts using Debian + Puppet. I like vipers concepts very much!

Installation using the script was straight forward and I succeeded to
install some demo hosts (as KVM VMs). In the last days I dived a bit
deeper into viper to tweak preseeding for my needs. Well, the
documentation is a bit short for me, i.e. I would appreciate a number
of practical examples.

I can change the partitioning scheme with

dn:
cn=partman-auto/expert_recipe,ou=templates,ou=defaults,o=bisb.uni-bayreuth.de,ou=clients
objectClass: top
objectClass: debConfDbEntry
cn: partman-auto/expert_recipe
description: for internal use; can be preseeded
extendedDescription: Expert recipe content
type: string

dn:
cn=partman-auto/expert_recipe,ou=hosts,ou=defaults,o=bisb.uni-bayreuth.de,ou=clients
objectClass: top
objectClass: debConfDbEntry
cn: partman-auto/expert_recipe
flags: preseed
owners: partman-auto
template: partman-auto/expert_recipe
value: exp $ cn=lvm_vm,ou=partitioning,ou=Defaults data

but not on a per-host basis with

dn:
cn=partman-auto/expert_recipe,cn=viper1,ou=templates,o=bisb.uni-bayreuth.de,ou=clients
objectClass: top
objectClass: debConfDbEntry
cn: partman-auto/expert_recipe
description: for internal use; can be preseeded
extendedDescription: Expert recipe content
type: string

dn:
cn=partman-auto/expert_recipe,cn=viper1,ou=hosts,o=bisb.uni-bayreuth.de,ou=clients
objectClass: top
objectClass: debConfDbEntry
cn: partman-auto/expert_recipe
flags: preseed
owners: partman-auto
template: partman-auto/expert_recipe
value: exp $ cn=lvm_vm,ou=partitioning,ou=Defaults data

Is this a bug or do I misunderstand the data  structure?

Maybe I missed something, but I do not see a way to group
configuration options for preseeding, i.e. all my VMs have a disk
/dev/vda and should have a common partitioning pattern, some of my
workstations have a disk /dev/sda and should use another partitioning
pattern than the VMs, there are workstations with PATA disks /dev/hda
which should use the same partitoning pattern as the SATA disk
workstations, compute nodes should again have a different partitioning
pattern etc. I think about something like the concept of puppet
classes/modules of a node.
Certainly, if the above problem is solved, I could make some template
ldif file, search&replace the hostname and adjust IP and MAC (or do
this within the puppet configuration of the viper server or with some
other script). Anyway, I think direct grouping of hosts apart from at
client level (i.e. within the same domain) would be useful.

Another obvious extension would be to PXE-boot the Debian ISO. Do you
plan to do this? Probably only DHCP options have to be adjusted to
respond to netboot requests and a TFTP server has to be enabled.

Since viper installations mostly make sense in larger environments, I
think the default WEBrick server should be replaced by mongrel or
passenger already in the default installation. I am going to do this
in the next days in my installation.

What is the reason for automatically signing puppet certificates? I am
worried because of the security implications. So far I haven't tried
what happens when I turn it off again.

BTW, ldapadd in /etc/ldap/viper/ldifs/add includes whitespace into
LDAP which might lead to failures. Here is a simple fix with sed:

for p in ${1:-*.ldif}; do
       echo $p
        sed 's/\s\+$//' $p | ldapadd  -x -D cn=admin,ou=clients \
                -w nevairbe   || exit 1
done

Because you see I still have the default passwords - it would be nice
if the installation script could set the passwords according to some
arguments or the scripts could be changed to parse a central config
file with passwords.

Another bug seems to be that hostnames with underscore (e.g.
viper_test) do not work. Might be a d-i problem, I don't know.
However, e.g. viper-test works.

What is the right way to switch between different Debian/Ubuntu
versions? I found "choose-mirror-bin" in my d-i preseed file, but
there is no template for it yet. Is there an alternative way?


Sorry for niggling on so many things. I have to emphasize again, that
I like viper a lot. It just seems to me very young and haven't had
much testing by users yet. :-)

Thanks a lot for the great tool!

Timm


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkrHncYACgkQ9cEzJ2deIqLm6gCfayNUK8iNFtmUtTuFLuyptdp4
wfYAnR751f/ykv4bJnAZBstulOXaGED1
=spdQ
-----END PGP SIGNATURE-----

More information about the Viper-users mailing list