Hello guys,
Where I work, we have a huge usage of hostgroups and specially nested
hostgroups.
For now, our Foreman in production can be simplified like that :
Base (common classes
for all hosts)
/ | \
/ | \
/ | \
Production Preproduction Development (This
hostgroups represent obviously our different environment and corresponds to
the puppet environments)
/ \ / \ /
/ \ / \ /
AppX AppY AppX AppY AppX AppY
From Nested Hostgoup we manage mostly :
- Puppet classes
- Parameters
The use of this type of tree management allow us :
-
To make puppet development in completely isolated environment : we are
sure that even if puppet manifest is merged from dev to production,
if new classes haven't been associated to corresponding hostgroup, this
won't affect preproduction or production. -
To provides ACL for non Foreman's admin : * Developers have full access
to all development environment (alls hosts that inherit development
hostgroup)
* Devops
can manage preproduction and production dedicated to their application
* ACL in
use of compute resources and creation of new vms that belongs to hostgroups.
However if we need to change one thing (add an class or change a
parameter for instance) in a particular application, we need to change it
for all environments.
From operators point of view : not being able to manage application from a
single point across all environment is quite annoying.
What would be very helpfull would to be able to manage multiple hosts not
belonging to a same hostgroup from a single point in Foreman.
I'm however not sure about how is could be handled.
Any thoughts about multiple hostgroup inheritance support or host /
hostgroup tagging to be able to get a cross hostgroup management ?
How do you guys manage this type of problem ?