|
|
[LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) is a directory service we use to inventory the users,
|
|
|
groups, passwords, (some) email forwards and machines.
|
|
|
groups, passwords, (some) email forwards and machines. It distributes
|
|
|
some configuration and password files to all machines and can reload
|
|
|
services.
|
|
|
|
|
|
[[_TOC_]]
|
|
|
|
... | ... | @@ -435,6 +437,7 @@ In general, `ud-ldap`: |
|
|
* distributes all SSH host public keys to all hosts
|
|
|
* configures and reload arbitrary services, but particularly handles
|
|
|
email, DNS, and git servers
|
|
|
* provides host metadata to Puppet
|
|
|
|
|
|
This diagram covers those interdependencies at the time of writing.
|
|
|
|
... | ... | @@ -861,12 +864,12 @@ it gathers information about servers. |
|
|
|
|
|
It specifically uses those fields:
|
|
|
|
|
|
| LDAP field | Puppet use |
|
|
|
|----------------|--------------------------------------------------------------------------------------|
|
|
|
| `hostname` | matches with the Puppet node host name, used to load records |
|
|
|
| `ipHostNumber` | Ferm firewall, Bind, Bacula, Jenkins, static sync access control, backends discovery |
|
|
|
| `purpose` | motd |
|
|
|
| `physicalHost` | motd: shows parent in VM, VM children in host |
|
|
|
| LDAP field | Puppet use |
|
|
|
|----------------|----------------------------------------------------------------------------------------------------------|
|
|
|
| `hostname` | matches with the Puppet node host name, used to load records |
|
|
|
| `ipHostNumber` | Ferm firewall, Bind, Bacula, Jenkins, PostgreSQL backups, static sync access control, backends discovery |
|
|
|
| `purpose` | motd |
|
|
|
| `physicalHost` | motd: shows parent in VM, VM children in host |
|
|
|
|
|
|
The `ipHostnumber` field is also used to lookup the host in the
|
|
|
`hoster.yaml` database in order to figure out which hosting provider
|
... | ... | |