[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#673515: ITP: puppetdb -- Puppet data warehouse

Hi,

Stig Sandbeck Mathisen wrote (29 May 2016 12:39:53 GMT) :
> intrigeri <intrigeri@debian.org> writes:
>> Are there currently any plans to package PuppetDB for Debian?

> I'm not aware of any.

> I spent a few days on it in 2012, but the necessary free time investment
> to learn all the required tools and package all the requirements was too
> big for me then, and still is.

OK, thanks for making this clear :)

>> Any expected specific difficulty that would be worth sharing here?

> A packaging effort will require a familiarity with Leiningen, Maven and
> Clojure in particular, and Java application packaging in general.  I'm
> not familiar with either of these.

> Leiningen is no longer packaged in Debian, it is only present in
> "oldstable".

> Puppet's Cloujure projects depend on "trapperkeeper"[0], also referred
> to as "tk", and are built with a buildsystem called "ezbake"[1] which is
> a Leiningen plugin.

> PuppetDB also has a lot of other dependencies[2] which need to be mapped
> to existing Debian packages, or packaged.

Ouch. This sounds like a really big amount of work, just to get used
to the needed tools. It would be great if someone did that, but I'm
not holding my breathe.

>> Rationale for my question: the infrastructure behind Tails [0] relies
>> on exported resources, and we can't allow ourselves to rely on
>> third-party packages.

> When you really need exported resources, there's nothing like it.

Exactly, that's why it would be very sad to lose support for this
feature when upgrading to Stretch.

> One can in _some_ cases use Hiera to provide the necessary data to
> puppet for creating resources across many hosts.  This does, however,
> require you to generate that data beforehand.

I'm afraid Hiera can't solve our problem: we use exported resources
e.g. to set up monitoring from the classes that manage services.

So, here's another idea.

Let's assume one needs exported resources, and thus PuppetDB, but they
want to confine PuppetDB as much as possible, in order to avoid the
need to trust 3rd-party (upstream) APT repositories on the
puppetmaster. So, say PuppetDB is installed from upstream on
a dedicated system. Then, if I got it right, the only bit missing in
Debian, for the puppetmaster to be able to connect to PuppetDB without
using any 3rd-party packages, is puppetdb-termini. Correct so far?

puppetdb-termini has no dependencies except puppet-agent. It just
ships 16 .rb files, that live in the upstream Puppet Git repository,
and are distributed in PuppetDB upstream tarballs.

So it seems that the only realistic way to go, in order for Debian
Stretch to support the use case I've described, without having to
tackle the packaging of PuppetDB itself, would be to package
puppetdb-termini. Would you, or anyone else, be up to it?

Cheers,
-- 
intrigeri
Reply to: