Dear Puppeteers,
After many hours of reading manuals, books and google, I'm starting to thing
there is no right way to edit files in puppet, and I must be wrong. A massive
work is ahead (puppetizing our whole cluster) and I would like to start with
the right foot.
My idea is to make puppet a tool that describes the system as it should be,
and files are no different. I don't want to have old entries in the
/root/.ssh/authorized_keys, or in the /etc/sysctl.conf. I want that, when I
remove a configuration item in Puppet, the file comes back to the situation it
was before (as much as possible).
Because of this, using Augeas, or Ssh_authorized_key, or custom shell-scripts
"add_line_if_not_present" do not help by themselves (removing the item - or
unimporting the containing class - does not remove the line). So, what I
thought, is that I should use "default files" for those cases, and then edit
afterwards. I do this, for example:
class parent:
file { "/root/.ssh/authorized_keys": content => "" }
class child inherits parent:
ssh_authorized_key { "Pablo": blabla }
File ["/root/.ssh/authorized_keys"] -> Ssh_authorized_key ["Pablo"]
The problem I have is that, every time I run puppetd -t, I see how puppet is
emptying the file, and populating it again, on the same run. And no matter how
many times I run it (no changes in the manifests) it tells me the diffs of
what the changes would be, that leave the file exactly like it was. And I
noticed this happens with Augeas all the same, and if a file has a
notification on a service, it will trigger a restart.
Do you know a way to avoid this? Having a file changing all the time (even if
it's wrong just for a second) is not what I want, and the same goes for
restarting the service every 30 minutes for no reason.
Or is there any other method to ensure a file is what you want it to be,
without having all the possible options in different files?
Thanks a lot!
Pablo
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
