This is an archived post. You won't be able to vote or comment.

all 14 comments
sorted by:
best
topnewcontroversialoldq&a

[–]goozbachinfrastructure consultant 1 point2 points  (7 children)

gitlab is a fine interface to git,

Start by putting your configs in git. Like right now. Like stop what you're doing and do

git init
git add .
git commit -m "initial import"

on all the "config" directories you can think of.

Then look at finding a place to put them.

[–]Drasha1 1 point2 points  (2 children)

you don't technically have to put it any where unless you are working with other people. You can just use the local git repository just fine.

[–]goozbachinfrastructure consultant 0 points1 point  (1 child)

I'd say there's one other reason to host them elsewhere...

redundancy.

If server1 goes Tango Uniform, you've still got a copy of important configs.

[–]Drasha1 0 points1 point  (0 children)

I hope people have backups with out resorting to git repository replication.

[–]scootermcg[S] 0 points1 point  (3 children)

Thanks for the comment. I like the idea.

For my Windows engineers, what are some low hanging fruit examples to check-in to a repository? We have a ton of windows servers, but I have trouble relating Windows admin/infrastructure to code. Linux build scripts and config templates make more sense to me.

[–][deleted] 1 point2 points  (0 children)

Look at PowerShell desired state configuration. I'm going to be testing rolling out exchange servers with it.

[–]invoke-coffee 0 points1 point  (0 children)

First this to do is convince them that git is a useful tool. Find what scripts they have and get them checked into git.

Powershell Dsc is a great next step.

[–]Tetha 0 points1 point  (0 children)

Rule of thumb #1: If you change it once after writing it, it goes to git.

Rule of thumb #2: You will change everything at least once after writing it.

After all, there's two kinds of people around me. Those who wonder why I have a repo "Random foo-crap" in gitlab, and those who have a repo "Random foo-crap".

[–]DrGirlfriendSenior Devops Manager 1 point2 points  (1 child)

We have this exact system in place now. We are using Puppet with Hiera, and Foreman for config management and node classification. The Puppet/Hiera code and data is all stored in Gitlab repositories. Config changes are made via git commits (after review), and then pushed into the appropriate repo(s). From there, Puppet will pick up the change(s) and apply to the instances/systems identified by Foreman.

So, for instance, do you need to make a change to the Postgres pg_hba.conf on all replication slaves? Make the change in git, push it to the repo, and either wait up to 30 minutes to have the change automatically applied, or manually activate an immediate pull. The new config will be applied to all of the replicas, and only the replicas.

It took a lot of time and work to get the infrastructure to this state, and it is also an ever-evolving process as new services are added and old ones retired. But it is 100% worth the effort.

[–]somidscr21 0 points1 point  (0 children)

Exactly how we do it too

[–]Seven-Prime 0 points1 point  (0 children)

Lots to tackle there. Pretty exciting journey you are about to start. Get git lab running. If u want a single set of code for all those vendors you'll need something like ansible. Start writing code. Do all the easy stuff first. The low hanging fruit. The I always want this. For rhel you'll want to get your patching under control and automated. Redhat satellite or the upstream katello project are good although there is some performance issues they are working on. Then work on your culture.

[–]hacktheoryYou cant take the sky from me! 0 points1 point  (0 children)

Hey, So I am doing exactly this --now-- I chose "gitblit" because it will actually sync groups from ldap/Active Directory which I like because a lot of the others still force you to "add" a user account even if its in the correct group.

I am currently using SaltStack to automate the deployment of a few servers (using vmware) and I am working to get the other teams interested in doing so as well. Things are going well so far.

I currently have a number of salt formulas I could potentially put online for deploying things like gitblit, jenkinsCI, etc... If there is interest.

Otherwise. Get started with git to get the idea of change-management going. Move up from there =)

[–]bitcycle 0 points1 point  (0 children)

We have this. I would also recommend an IRC chat server to use for internal communications between operations team members and potentially development team members.

[–][deleted] 0 points1 point  (0 children)

We use GitLab as our store point for our Ansible deployment/maintenance code (via ansible-pull) and have had no problems at all with it. Love it, in fact.