> What does puppet do in the lab that is role aware?

 A) It determines what role each host plays,
 B) It determines the content of certain configuration files
    based on the role.
 C) It configures/starts certain services based on the role.

> Could we simplify things by having it do the same thing to
> every server, and not have to know about roles at all?

We'd have to design a new scheme for how servers determine
their role.  I doubt that whatever scheme we developed would
make that part of the system much simpler.  If there were to
be meaningful savings, it would have to come from the services
we install.

> This implies that we run the exact same services on every
> machine, but ignore them on machines that aren't supposed
> to do X. This might be a horrible idea, but it would
> simplify provisioning and updates, since we'd be uniform
> across all servers.

Historically, we do a little bit of this sort of thing, and
it's been a source of accidents.  In particular, for some
roles, there is a "primary" and a "backup".  We have to have
special code that distinguishes these cases, in order to
prevent trouble.  The code to make that distinction isn't in
just one place, so it's hard to get the behavior right and
keep it right.

I note that at a basic level, our services are currently
activated (or not) based primarily on the presence of some
file, such as an upstart job, or a cron file in /etc/cron.d.
So, if we simply installed all the files everywhere, we'd
get what you're suggesting.  Avoiding chaos and accidents
would be the principal challenge.

One other issue would be that some files, notably the
shadow_config.ini file, changes its content based on the
role of the server it's installed on.  We'd have to make
an alternative scheme to create role-based configuration
files.

I think to be done safely, we'd have to create a centralized
service-starter that provided a facility along the lines of
"start (or run) service S based on my currently assigned role."

>I think to be done safely, we'd have to create a centralized
service-starter that provided a facility along the lines of
"start (or run) service S based on my currently assigned role."

That's what the Puppet master would be doing in a master-slave setup.  We use a master-less Puppet setup, so that knowledge must be distributed to each machine.

Provisioning each machine identically is not feasible at the moment because each role is different in orthogonal ways.  Some check out Autotest to /usr/local/autotest, some check out Autotest to ~chromeos-test/autotest then bind mount it to /usr/local/autotest, some have different shadow_config.ini, etc.

Okay, this is a bad idea. It would have been nice, but only if it worked.