Policies
Policies tell Razor what bits to install, where to get the bits, how to configure them, and how the installed node can communicate with Puppet Enterprise.
Policies can contain tags, which match characteristics of nodes to specific policies. For example, you might create a policy that installs a certain operating system on nodes greater than 5GB in memory.
- You have a single policy that installs the same operating system on all nodes.
- You want to install a specific number of various operating
systems on a number of undifferentiated nodes. In this case, you can use the
max-countattribute to specify how many of each operating system to provision.
small
tag:razor create-policy --name centos-for-small
--repo centos-6.7 --broker pe --tag small
--hostname 'host${id}.example.com'
--root-password secret --max-count 20How policies bind to nodes
When a node boots into the Razor microkernel, it sends its facts to the Razor server. The node then binds to the first policy in the policy table that applies to the node. When a node binds to a policy, the node is provisioned with the operating system specified by the policy.
If the node doesn't match any policies, it continues to send facts periodically to the Razor server and remains unprovisioned until it does match a policy.
- The policy is disabled.
- The policy has already reached the maximum number of nodes that can bind to it.
- The policy requires tags that don't apply to the node.
The policy table
Policies are stored in a policy table. The order of the policy table is important because Razor applies the first policy that matches to a node.
- Using the
create-policycommand withbeforeorafterparameters to indicate where the new policy appears in the policy table. - Using the
move-policycommand withbeforeandafterparameters to reorder existing policies.