Marshall Hamrick

Adopting Hiera means that a user can control the specific data that a module uses

Adopting Hiera means that a user can control the specific data that a module uses from a seperate config file. The puppet-common module takes this one step further: you can control which modules a node uses from Hiera.

The module is available on GitHub at the link below:

https://github.com/ghoneycutt/puppet-module-common

By default all of the included modules are turned off since you may not have them. If you do the common include at the site level, you then can use Hiera to turn toggle the modules you need.

The base hiere.yaml file that I am using in this example is below. This file is generally located in /var/lib/hiera

---
:backends:
  - yaml
:hierarchy:
  - fqdn/%{fqdn}
  - %{clientcert}
  - %{environment}
  - common

:yaml:
# datadir is empty here, so hiera uses its defaults:
# - /var/lib/hiera on *nix
# - %CommonAppData%\PuppetLabs\hiera\var on Windows
# When specifying a datadir, make sure the directory exists.
:datadir:

The line containing fqdn means Hiera will look for a subdirectory in the Hiera configuration directory that contains files in the format of (fully qualified domain name).yaml. The last entry common points to the common.yaml file.

The common.yaml file is listed below.

common::enable_ntp: true
common::enable_hosts: false
common::enable_dnsclient: false

ntp::servers:
        - timeserver0.noedu.edu
        - timeserver1.noedu.edu

As you can see in it, NTP has been enabled and the NTP servers have been set to timeserver0 and 1.

The machine specialmachine1.noedu.edu needs to use a different set of servers. The file fqdn/specialmachine1.noedu.edu looks like the following:

common::enable_ntp: true
ntp::servers:
        - timeserver2.noedu.edu
        - timeserver3.noded.edu

Since the fqdn is listed before the common, specialmachine1 will use these settings for NTP instead of the common ones.

For the past several years, a locally written Puppet module has been used to setup NTP. The local NTP module was created to support Ubuntu 10.04. The RHEL/CENTOS 5/6 machines were configured to setup NTP during kickstart. Recently some RHEL 6 and Ubuntu 12.04 machines were brought under puppet server without having NTP setup.

Fortunately I bumped into Garret Honeycutt at SELF, and decided to use the NTP module he has on GitHub since it support both RHEL and Ubuntu. Hiera support is also included. The module is available at the link below.

https://github.com/ghoneycutt/puppet-module-ntp

The module is now in production using Hiera and the puppet common module.

Using Hiera, we can now set a common set of NTP servers, then override via FQDN if necessary.

For example, in the common.yaml file the following servers are set:

ntp::servers:
    - notarealtimeserverA.someu.edu
    - notarealtimeserverb.someu.edu

In the file for notaserver.someu.edu.yaml in the FQDN directory we can then do the following:

ntp::servers:
    - notarealtimeserver1.someu.edu
    - notarealtimeserver2.someu.edu

This overrides the standard server settings in the common.yaml for notaserver.someu.edu.yaml

Many people I know go to conferences for specific training sessions, then promptly leave. One of the biggest advantages I get out of conferences is the conversations that occur inbetween sessions and during meals. At work I tend to focus on getting the job done, and I am the lone Linux/DevOps guy in my area. Finding out how the rest of the world is doing is often crucial.

When it comes to a compiler on Linux, the lingua franca is GCC, the GNU Compiler Collection. gcc, g++, and gFortran are part of this compiler collection. You use GCC to make your C/C++ code work on the largest number of systems possible.

The Intel Development Suite is a highly optimized compiler for Intel hardware. Performance increases of 10% and higher over GNU Compilers are standard with it. Several projects I have worked on have seen nearly 50% performance increases. However, end users may find it cost prohibitive.

Recently I tested the application Boxen (http://boxen.github.com/). Boxen is a tool that can deploy applications and settings to a Mountain Lion based Mac easily. If you are supporting developers and high end users, this tool is for you. It assumes the end user is capable of running the scripts to make Boxen work.

Fortunately for me, Boxen does use Puppet under the hood. I was able to use the code from the puppet modules in Boxen and incorporate them into my own repositories. Unfortunatly, you cannot pull most of the modules directly into your puppet repo, as they are dependent on things within Boxen.

An old UNIX mantra is if you don’t need it, don’t run it. I discovered today that avahi-daemon was running on some of my boxes due to a kickstart misconfiguration. I just added the code to puppet node configuration, and the issue was resolved.

service{ "avahi-daemon":
    ensure     => "stopped",
    enable => false;
}

Users running a puppet server can quickly find that module management is a significant issue.  Modules can come from a variety of sources, including puppet forge, local git repos and if someone gets it working Boxen.

The answer to this problem is librarian-puppet.   Using a file called PuppetFile that defines all or your modules, and it takes over your modules directory.  Link to the project is below.

https://github.com/rodjek/librarian-puppet

It is the small stuff that can problematic.  I have a system with four AMD Opteron 6272s.  This gives us a total of 64 cores.  During testing using an OpenMP based program doing integer operations all 64 cores came up to speed.

However, during another program which required floating point calculation, things suddenly ground to a halt.   A quick look at the diagram in the article below shows the issue.

http://www.anandtech.com/show/4955/the-bulldozer-review-amd-fx8150-tested/2

The Bulldozer architecture pairs two cores together.  The issue is that those two cores share a floating point scheduler.  So when doing floating point calculations, the two cores act as one.  Therefore you end up with 32 Cores instead of 64.