Organize webserver configurations with roles and profiles
The roles and profiles method is a reliable way to build reusable, configurable, and refactorable system configurations.
Roles and profiles allow you to select relevant pieces of code from modules and bundle them together to create your own custom set of code for managing things. Profiles are the individual bundles of code. Roles gather profiles together so you can assign them to nodes. This allows you to efficiently organize your Puppet code.
To illustrate roles and profiles, these steps demonstrate how to:
- Define a profile that configures the
example.comwebsite and includes a firewall rule.Adding a firewall rule isn’t necessary for an IIS website because the port is already open, but the purpose of this example is to show that you can write a role that manages more than one piece of software (both IIS and the firewall) to accomplish a task. - Create a role to contain the profile.
- Assign the role to the
iisnode group.
This creates a base structure where, if you had additional websites to serve, you would create additional profiles for those sites. When you have multiple profiles, you can combine profiles within roles or create unique roles for each profile.
Because this example adds a firewall rule, make sure you add the puppet/windows_firewall module to your Puppetfile, following the same process you used to Install the iis module . Remember to add the firewall modules
dependencies (puppetlabs/stdlib and puppetlabs/registry), such
as:
mod 'puppet/windows_firewall', '2.0.2' mod 'puppetlabs/stdlib' , '4.6.0' mod 'puppetlabs/registry' , '1.1.1'
