[Puppet Users] Re: dealing with numbered items in Augeas
I think that the heart of the problem is the convention of using 1 as an Augeas key to mean add this to the end of the list. As Rob points out, you don't know how many items are already on the list. If there are less than 10,000 entries already, you wind up with funky numbering (1, 2, 3, 4, 5, 1) for the duration of the Augeas run. If there are more than 10,000 entries in the list already, you wind up inadvertently overwriting one of those entries. If your goal is to append something to an Augeas list, then I think it's much better to use the [last()+1] notation. The http://reductivelabs.com/trac/puppet/wiki/PuppetAugeas wiki page shows the following example for adding a new entry to the /etc/exports file: augtool set /files/etc/exports/dir[1] /foo augtool set /files/etc/exports/dir[last()]/client weeble augtool set /files/etc/exports/dir[last()]/client/option[1] ro augtool set /files/etc/exports/dir[last()]/client/option[2] all_squash augtool save Saved 1 file(s) I think that the following (which appears to work) would be much more reliable (note that I'm simply replacing the 1 in the first line with last()+1: augtool set /files/etc/exports/dir[last()+1] /foo augtool set /files/etc/exports/dir[last()]/client weeble augtool set /files/etc/exports/dir[last()]/client/option[1] ro augtool set /files/etc/exports/dir[last()]/client/option[2] all_squash augtool save Saved 1 file(s) This essentially says create a new entry numbered one greater than the current last entry, and then set a bunch of options on that entry (which is now the last one). As for the second problem which Rob raises, that of making sure you're editing the section of an Augeas tree that you think you are, I'd again suggest that the problem is in using the Augeas index numbers directly. Rob gives the following example, to add a new 3rd line to /etc/inittab, which assumes that line 2 is the /etc/rc.d/rc.sysinit line: # adds rh:06:wait:/etc/rc.shutdown augeas { shutdown: require = File[shutdown], context = /files/etc/inittab, changes = [ ins 3 after 2, set 3[1]/id rh, set 3[1]/runlevels 06, set 3[1]/action wait, set 3[1]/process /etc/rc.shutdown, ], onlyif = get 3/id != rh, } What I'd suggest here is, instead of referring to the relevant entries by Augeas index number (which happens to correspond to line number, in this case), refer to them using the Augeas path expressions mechanism ( http://augeas.net/page/Path_expressions). In other words, don't say add this after line 2, but rather add this after the line whose 'process' field is '/etc/rc.d/rc.sysinit'. Try this instead; I think it will do what you want: # adds rh:06:wait:/etc/rc.shutdown augeas { shutdown: require = File[shutdown], context = /files/etc/inittab, changes = [ ins 0 after *[process=\/etc/rc.d/rc.sysinit\], set 0/id rh, set 0/runlevels 06, set 0/action wait, set 0/process /etc/rc.shutdown, ], } Note that I've changed the label for the new entry from 3 to 0. It doesn't much matter what the label is, as long as its a non-negative integer, because that's what the Augeas inittab lens wants the labels for entries in /files/etc/inittab to be (it won't properly generate the new file otherwise, for instance if the label you create is X; the lens generates the entries in the order they appear in the tree, however, _not_ in numeric order). As a general practice, I'd say that you want to avoid explicitly using the line number indexes that Augeas generates when it loads a file. To append a record to the end of a list, instead of 1 (which makes assumptions about how many records there might be), use last()+1 to create a new record and then simply last() to reference that new record. To add something after a particular line in a file, use the Augeas path expression search methods to find the relevant line, rather than assuming that the line number will never change. Treat the numeric indexes produced by Augeas as if they were pointers in C. You never want to hardcode the value of a pointer into your code, because the value might be different the next time the program is run. You might do some simple relative arithmetic against a pointer (last()+1 is an example of that), but that's about all. Good luck! -Brent -- Brent Chapman br...@netomata.com Founder and CEO // Netomata, Inc. // www.netomata.com Making networks more cost-effective, reliable, and flexible by automating network configuration --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en
[Puppet Users] purging and recurse
hi, I have a problem with purging. I tried to create directory that are: file { $basedir: ensure = directory, owner = 'root', purge = true, recurse = true, mode= 640; } but i can create whatever file in the directory puppet never delete them. Do i need to do something else to make this work ? the fun thing is that it changes the file's mode but do not purge it :) puppetversion = 0.24.5 facterversion = 1.5.1 regards, Jean. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: purging and recurse
On Sat, May 16, 2009 at 09:45:10PM +0200, jean wrote: hi, I have a problem with purging. I tried to create directory that are: file { $basedir: ensure = directory, owner = 'root', purge = true, I think purge and ensure conflict? -Robin --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: purging and recurse
Robin Lee Powell a écrit : On Sat, May 16, 2009 at 09:45:10PM +0200, jean wrote: hi, I have a problem with purging. I tried to create directory that are: file { $basedir: ensure = directory, owner = 'root', purge = true, I think purge and ensure conflict? -Robin hummm, not far, it seems this is the owner and mode .. ? So it seems we cannot create a directory owned by root without loosing the purging capability :( regards, JEan --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Puppet double-applying file
Recently, through no obvious change that I can find, I started getting these messages on each puppet run on two hosts: Sat May 16 16:52:17 -0400 2009 //Node[fedora.wpi.edu]/ntp_client/File[/etc/ntp.conf]/checksum (notice): checksum changed '{md5}cf294ce81a023d1cda9bbaa7ac359c2c' to '{md5}8bca22fcbc96b285185621d23d82b1f4' Sat May 16 16:52:17 -0400 2009 //Node[fedora.wpi.edu]/ntp_client/File[/etc/ntp.conf] (notice): Filebucketed to backups with sum 8bca22fcbc96b285185621d23d82b1f4 Sat May 16 16:52:17 -0400 2009 //Node[fedora.wpi.edu]/ntp_client/File[/etc/ntp.conf]/content (notice): content changed '{md5}8bca22fcbc96b285185621d23d82b1f4' to '{md5}cf294ce81a023d1cda9bbaa7ac359c2c' Sat May 16 16:52:18 -0400 2009 //Node[fedora.wpi.edu]/ntp_base/Service[ntpd] (notice): Triggering 'refresh' from 2 dependencies So first the checksum changes from A to B, then the file contents change from B to A. Each of these changes then triggers a refresh on the service that subscribes to the file. The systems are both running CentOS 5.3, with puppet 0.24.8, though I have other systems with same OS and puppet version that are including the same class, but not showing the same oddity. I've included the relevant puppet classes below; the nodes in question include the ntp_client class. Does anyone have any idea about what the heck might be going on? class ntp_base { package { ntp: ensure = installed } service { ntpd: enable = true, ensure = running, require = [Package[ntp], File[/etc/ntp.conf], File[/etc/ntp/step-tickers]] } } class ntp_client inherits ntp_base { file { /etc/ntp.conf: ensure = file, owner = root, group = root, mode = 644, content = restrict default ignore restrict 127.0.0.1 driftfile /var/lib/ntp/drift broadcastdelay 0.008 authenticate yes keys /etc/ntp/keys restrict 130.215.144.33 nomodify notrap noquery restrict 130.215.32.18 nomodify notrap noquery restrict 130.215.39.18 nomodify notrap noquery server 130.215.144.33 server 130.215.32.18 server 130.215.39.18 , require = Package[ntp], notify = Service[ntpd] } file { /etc/ntp/step-tickers: ensure = file, owner = root, group = root, mode = 644, content = 130.215.144.33 130.215.32.18 130.215.39.18 , require = Package[ntp] } } -- Frank Sweetser fs at wpi.edu | For every problem, there is a solution that WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---