Book Image

Learning Puppet Security

Book Image

Learning Puppet Security

Overview of this book

Table of Contents (17 chapters)
Learning Puppet Security
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Adding firewall rules to other modules


So far, we concentrated on using a single firewall utility class. While this is useful for site or organization wide rules, it quickly becomes unwieldy to manage if there are specific exceptions for given hosts or applications. As such, there must be a better way to manage firewall rules close to the applications we're installing via Puppet.

This section will also serve to introduce another common pattern that is being applied in the Puppet world. This is the roles and profiles pattern.

The concept of the roles and profiles pattern is that we have utility modules. These modules are responsible for being generic enough to configure an underlying system. Consider modules to configure Apache or Samba. These modules will likely not contain any site-specific implementation. They are also the modules that will be reused.

From these modules, we build profiles. These profiles use the underlying utility modules to build more complete services. For instance, this...