I'm using puppet to deploy standardized ubuntu installs as well as configuration files.
I'm facing a problem where installing a certain package (through a dependency), will overwrite a critical config file. Is there a way to monitor whether this file changes (get's overwritten by some package) and restore it's original content?
what would be the best way of achieving this?
This is the class which takes care of configuring /etc/nsswitch.conf:
class nsswitchconfig {
# roll out nsswitch
class { 'nsswitch':
passwd => ['compat'],
group => ['compat'],
hosts => ['files'],
automount => ['files'],
}
notify { "hate #8040": message => "work around bug #8040" }
}
this is the class which overwrites /etc/nsswitch.conf
class desktop {
include nsswitchconfig
$package_name = ["ubuntu-desktop" ]
package { $package_name:
ensure => latest,
}
}
If the nsswitch class configures the file, all you need is to make sure it runs after the class that overrides it.
So in your case:
class { 'nsswitch':
passwd => ['compat'],
group => ['compat'],
hosts => ['files'],
automount => ['files'],
require => Class['desktop'],
}
should do the trick. (note the require part)
Related
That is my manifest code which download, install and remove installer on a host.
class googlechrome_2 {
package { 'GoogleChrome':
ensure => installed,
source => 'C:\Soft\ChromeSetup.msi',
install_options => ['/qn'],
require => File['GoogleChromeMsi'],
}
file { 'GoogleChromeMsi':
ensure => file,
path => 'C:\Soft\ChromeSetup.msi',
source => 'puppet:///files/production/ChromeSetup.msi',
}
exec { 'msi_removing':
command => 'C:\Windows\System32\cmd.exe /c del C:\Soft\ChromeSetup.msi',
}
}
In this case my windows host always download chromesetup.msi regardless if google chrome already installed or not. How can I realize kind of "if condition" here to avoid downloading msi package each time in case if this package already installed?
In this case my windows host always download chromesetup.msi regardless if google chrome already installed or not.
Yes. Having the File resource in the node's catalog specifies that the file should be managed. Therefore, if it is not initially in the target state then Puppet will attempt to fix that.
By managing the file present but also including an Exec that removes the file, you ensure that the target node cannot achieve a stable state.
How can I realize kind of "if condition" here to avoid downloading msi package each time in case if this package already installed?
Simplest option: don't remove the installer.
Variation: Put the installer in an accessible network folder, so that you not only don't remove it, but you also don't install it.
If you really want a conditional: then it should be based on a custom fact that reports on the installation status of the package in question. You then use a Puppet if statement to control the contents of the node's catalog appropriately. Something along these lines, for example:
package { 'GoogleChrome':
ensure => 'installed',
source => 'C:\Soft\ChromeSetup.msi',
install_options => ['/qn'],
# relationhip with File['GoogleChromeMsi'] now declared on the other end
}
if $facts['chrome_is_installed'] {
file { 'GoogleChromeMsi':
ensure => 'absent',
path => 'C:\Soft\ChromeSetup.msi',
}
} else {
file { 'GoogleChromeMsi':
ensure => 'file',
path => 'C:\Soft\ChromeSetup.msi',
source => 'puppet:///files/production/ChromeSetup.msi',
before => Package['GoogleChrome'],
}
exec { 'msi_removing':
command => 'C:\Windows\System32\cmd.exe /c del C:\Soft\ChromeSetup.msi',
require => Package['GoogleChrome'],
}
}
I've solved this by using network shared folder in the package source:
class googlechrome_smb {
package { 'Google Chrome':
ensure => installed,
source => '\\\xxx.xxx.xxx.xxx\winfiles\ChromeSetup.msi',
install_options => ['/qn'],
}
}
My puppet structure is as follows
/puppet
/manifests
/nodes
redis.pp
site.pp
/modules
The site.pp resembles
class base {
include ml-basefw
include ml-users
include ml-filelimits
include repoforge
include epel
class { 'ml-yumrepo':
base_url => "http://${puppet_server}/yumrepo"
}
}
import 'nodes/*.pp'
node default {
include base
}
When I run
puppet apply --modulepath=/puppet/modules:/puppet/manifests --noop --debug /puppet/manifests/nodes/redis.pp
I receive
Error: Could not find class base for redis-1.test.ml.com on node redis-1.test.ml.com
Is there something non-standard about my file layout that precludes me from using apply?
I am not the maintainer of the puppet module so I am not able to alter the file structure or layout.
There are numerous related questions but I wasn't able to relate them to the problem that I am having.
Edit1 : Adding redis.pp
node /^redis-\d+(.stage)?(.test)?(.aws)?.ml.com$/ {
include base
include epel
class { 'redis':
package_ensure => '2.8.15-1.el6.remi',
service_ensure => 'running',
conf_bind => '0.0.0.0',
conf_port => '6379',
}
firewall { '176 allow port 6379 for redis traffic':
chain => 'INPUT',
state => ['NEW'],
dport => '6379',
proto => 'tcp',
action => 'accept'
}
}
What happens when you run puppet apply against your site.pp file instead? You probably don't have a node definition in your redis.pp file (nor should you).
This does in fact look a little messy and convoluted.
What you want is
an actual base module
defining class base in /puppet/modules/base/manifests/init.pp
You should also loose the import statement by arranging your manifests better. If your version of Puppet is recent enough (I think 3.6+), just see the docs.
fist of all, puppet have the entry manifest file.
in master mode, the entry is site.pp and puppet deprated deprecated it from version 3.5, it started auto imported all manifest files in specified directory.
in apply mode, the entry is specified file in your command.
so it works fine in your production environment, puppet master read site.pp(contains class base) and import nodes/*.pp(redis.pp, contains node definition). but when you use "puppet apply /puppet/manifests/nodes/redis.pp", puppet just read redis.pp, no anyone tell puppet where the base class is.
I'm working on putting together some puppet scripts - I've got a list of services (probably about 20 or so) that need to be deployed in very similar fashions.
Stop existing service
Get package out of nexus
Unzip it into directory
Set configuration variables
Start service
The problem is #4. Each service has a slightly different configuration. I'd like to use augeas to set the configurations for each service, and it seemed to make sense to make a definition for each service's config, and then that definition loaded in the main service definition.
So, I've got something like the following:
definition service ($serviceName) {
//stopping, wget, unzip
config[downcase($serviceName)] { "${servicename}_config":
serviceName => $serviceName
}
//start
}
Then, I've got (for example) in the config module's manifest folder "foo.pp"
definition config::foo {
//set some stuff
}
This isn't working due to various rules that I'm sure I've broken but are unaware of. Is there a 'standard' way of doing what I'm trying to do?
You could try the code below. You can put all these in a define type with variables for service name myserv. I would suggest of using templates to set the configuration rather than augeas... easier to control.
exec { "stop_myserv" :
command => "service stop myserv",
path => "/path/to/command/service",
refreshonly => true,
}
exec { "get_pkg_from_nexus" :
command => "/command/to/do/the/above && unzip to/dirctory",
path => "/path/to/command",
require => Exec["stop_myserv"],
}
file { "set_configuration" :
path => "/etc/somewhere/file",
content => template("modulename/file.erb"),
mode => "999",
group => "jiut",
owner => "muit",
require => Exec["get_pkg_from_nexus"],
}
service { "myserv" :
ensure => running,
subscribe => File["set_configuration"],
}
I have a class function that downloads packages using the package method in puppet.
class package {
define install( $dependence=File[$dummy_dependence_file])
{
package { $name:
ensure => "installed",
require => $dependence,
}
}
}
I currently use it in my init.pp like so
# install dependencies
$dependence_list = ['glibc.i686','wget','gcc']
#
# ==Actions
# Install glibc, gcc, wget dependency for running sybase
#
# ==Requires
# * http proxy to be setup to get around jpm proxy
package::install { $dependence_list:
dependence => File[ $http_setup_name ],
}
I would like this method to be more generic. Is it possible instead of using a array of dependencies, which I need to edit the init.pp each time. To use a template and read each dependency from a file? Or any other generic method would do...
An example would be great.
you should be able to simply set the requirement within the package and pass an array to the package too:
$my_packages = ['apache2', 'curl', 'wget']
$my_dependencies = [File['a'], File['b'], User['tester']]
package { $my_packages:
ensure => installed,
require => $my_dependencies,
}
Using this type of package should be sufficient for your needs.
However if you want to read the dependency list from a file you can use the 'template' function. ie.
$my_dependencies = template('modulepath/templates/dependency_list.erb')
Finally you're dependency_list.erb would look like this:
[File['a'], File['b'], User['tester']]
and that's all there really is to it!
For more information you can see http://docs.puppetlabs.com/guides/templating.html
I have a rails app and I'd like to change the ./config/environment/production.rb file to have a different config based on what I want that server to do.
So, I'm going into the .rb file from the .pp file and changing some strings then restarting the service. This just seems really poor form to me. Is there a better way to do this? I've been asked to deliver 1 RPM and change the config via puppet, so...
class Cloud-widget($MServer, $GoogleEarthServer, $CSever) {
package { "Cloud-widget":
ensure => installed
}
service { "Cloud-widget":
ensure => running,
}
<%
file_names = ['./config/environment/production.rb']
file_names.each do |file_name|
puts text.gsub(/.*config.mserver(.*)/, "config.mserver_root = \"#{$Merver}\"")
puts text.gsub(/.*config.google_earth_url(.*)/, "config.google_earth_url( = \"#{$GoogleEarthServer}\"")
puts text.gsub(/.*config.cserver_base_url(.*)/, "config.cserver_base_url = \"#{$CServer}\"")
end
File.open(file_name, "w") {|file| file.puts output_of_gsub}
%>
service { Cloud-widget:
ensure => running,
subscribe => File["./config/environment/production.rb"],
}
}
No, that is not a good way to achieve what you need.
You could look at templates and generate the config files that way. That way, you can use variables in the config file.
If you need create conf from pattern you should use INI-file module from Puppetlabs
ini_setting { "sample setting":
path => '/tmp/foo.ini',
section => 'foo',
setting => 'foosetting',
value => 'FOO!',
ensure => present,
}
install this module from puppet:
puppet module install cprice404-inifile