KNEL/KNELConfigMgmt-FetchApply
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity
Files
1e506fed1d5e559c113c52f2544c413687d78402
KNELConfigMgmt-FetchApply/MENTALMODEL.md
Charles N Wyble c5a504f9c8 docs: Update mental model and documentation for tool responsibilities 
- Add MENTALMODEL.md documenting architecture and tool responsibilities
- Clarify Salt is for ongoing configuration management and automation
- Clarify Ansible is for ComplianceAsCode deployment from github.com/ComplianceAsCode/content
- Update README.md to reflect correct understanding of tool purposes
- Update decision matrix for when to use each tool
- Document migration path and future service plans (Beszel, Netbird via Salt)

Establishes clear separation of concerns across the configuration management ecosystem.

💘 Generated with Crush

Assisted-by: GLM-4.6 via Crush <crush@charm.land>
2026-01-21 11:51:56 -05:00

2.2 KiB
Raw Blame History

KNEL Configuration Management Mental Model

Architecture Overview

FetchApply - One-Time Provisioning

  • Purpose: Initial server setup and basic configuration
  • When: Runs once at first boot of newly provisioned system
  • What: System detection, package installation, security hardening, basic monitoring setup

Salt - Ongoing Configuration Management & Automation

  • Purpose: Day-to-day system configuration, automation, and orchestration
  • When: Continuously via Salt master/minion relationship
  • What:
    • Configuration management (file distribution, service management)
    • Ad-hoc automation tasks
    • System orchestration
    • Application deployment
    • Beszel client configuration and management
    • Netbird client configuration and management (future)

Ansible - ComplianceAsCode Deployment

  • Purpose: Deploy and manage compliance as code content
  • When: Periodically or on-demand compliance deployment
  • What:

Network Services

  • Tailscale: Currently active VPN overlay network
  • Netbird: Future replacement (to be deployed via Salt)
  • Beszel: Future monitoring replacement (to be deployed via Salt)

Migration Path

  1. Current State: FetchApply + Manual Management
  2. Transition State: FetchApply + Salt + Ansible
  3. Future State: Salt + Ansible (FetchApply deprecated)

Tool Responsibilities

Tool Primary Responsibility Secondary Responsibilities
FetchApply Initial provisioning Foundation setup
Salt Ongoing configuration Automation, orchestration, client deployment
Ansible Compliance deployment Documentation, validation

Decision Matrix

  • Use Salt for: System configuration, automation, deployment, ongoing management
  • Use Ansible for: Compliance as code, security frameworks, documentation
  • Use FetchApply for: Initial server setup (temporary, to be replaced)

This model ensures clear separation of concerns while providing comprehensive coverage of system lifecycle management.

View Git Blame Copy Permalink