[Puppet Users] Re: dealing with numbered items in Augeas
I think that the heart of the problem is the convention of using 1 as
an Augeas key to mean add this to the end of the list. As Rob points out,
you don't know how many items are already on the list. If there are less
than 10,000 entries already, you wind up with funky numbering (1, 2, 3, 4,
5, 1) for the duration of the Augeas run. If there are more than 10,000
entries in the list already, you wind up inadvertently overwriting one of
those entries.
If your goal is to append something to an Augeas list, then I think it's
much better to use the [last()+1] notation. The
http://reductivelabs.com/trac/puppet/wiki/PuppetAugeas wiki page shows the
following example for adding a new entry to the /etc/exports file:
augtool set /files/etc/exports/dir[1] /foo
augtool set /files/etc/exports/dir[last()]/client weeble
augtool set /files/etc/exports/dir[last()]/client/option[1] ro
augtool set /files/etc/exports/dir[last()]/client/option[2] all_squash
augtool save
Saved 1 file(s)
I think that the following (which appears to work) would be much more
reliable (note that I'm simply replacing the 1 in the first line with
last()+1:
augtool set /files/etc/exports/dir[last()+1] /foo
augtool set /files/etc/exports/dir[last()]/client weeble
augtool set /files/etc/exports/dir[last()]/client/option[1] ro
augtool set /files/etc/exports/dir[last()]/client/option[2] all_squash
augtool save
Saved 1 file(s)
This essentially says create a new entry numbered one greater than the
current last entry, and then set a bunch of options on that entry (which is
now the last one).
As for the second problem which Rob raises, that of making sure you're
editing the section of an Augeas tree that you think you are, I'd again
suggest that the problem is in using the Augeas index numbers directly. Rob
gives the following example, to add a new 3rd line to /etc/inittab, which
assumes that line 2 is the /etc/rc.d/rc.sysinit line:
# adds rh:06:wait:/etc/rc.shutdown
augeas { shutdown:
require = File[shutdown],
context = /files/etc/inittab,
changes = [
ins 3 after 2,
set 3[1]/id rh,
set 3[1]/runlevels 06,
set 3[1]/action wait,
set 3[1]/process /etc/rc.shutdown,
],
onlyif = get 3/id != rh,
}
What I'd suggest here is, instead of referring to the relevant entries by
Augeas index number (which happens to correspond to line number, in this
case), refer to them using the Augeas path expressions mechanism (
http://augeas.net/page/Path_expressions). In other words, don't say add
this after line 2, but rather add this after the line whose 'process'
field is '/etc/rc.d/rc.sysinit'.
Try this instead; I think it will do what you want:
# adds rh:06:wait:/etc/rc.shutdown
augeas { shutdown:
require = File[shutdown],
context = /files/etc/inittab,
changes = [
ins 0 after *[process=\/etc/rc.d/rc.sysinit\],
set 0/id rh,
set 0/runlevels 06,
set 0/action wait,
set 0/process /etc/rc.shutdown,
],
}
Note that I've changed the label for the new entry from 3 to 0. It
doesn't much matter what the label is, as long as its a non-negative
integer, because that's what the Augeas inittab lens wants the labels for
entries in /files/etc/inittab to be (it won't properly generate the new file
otherwise, for instance if the label you create is X; the lens generates
the entries in the order they appear in the tree, however, _not_ in numeric
order).
As a general practice, I'd say that you want to avoid explicitly using the
line number indexes that Augeas generates when it loads a file. To append
a record to the end of a list, instead of 1 (which makes assumptions
about how many records there might be), use last()+1 to create a new
record and then simply last() to reference that new record. To add
something after a particular line in a file, use the Augeas path expression
search methods to find the relevant line, rather than assuming that the line
number will never change.
Treat the numeric indexes produced by Augeas as if they were pointers in C.
You never want to hardcode the value of a pointer into your code, because
the value might be different the next time the program is run. You might do
some simple relative arithmetic against a pointer (last()+1 is an example
of that), but that's about all.
Good luck!
-Brent
--
Brent Chapman br...@netomata.com
Founder and CEO // Netomata, Inc. // www.netomata.com
Making networks more cost-effective, reliable, and flexible by automating
network configuration
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
[Puppet Users] purging and recurse
hi,
I have a problem with purging. I tried to create directory that are:
file {
$basedir:
ensure = directory,
owner = 'root',
purge = true,
recurse = true,
mode= 640;
}
but i can create whatever file in the directory puppet never delete
them. Do i need to do something else to make this work ? the fun thing
is that it changes the file's mode but do not purge it :)
puppetversion = 0.24.5
facterversion = 1.5.1
regards,
Jean.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: purging and recurse
On Sat, May 16, 2009 at 09:45:10PM +0200, jean wrote:
hi,
I have a problem with purging. I tried to create directory that are:
file {
$basedir:
ensure = directory,
owner = 'root',
purge = true,
I think purge and ensure conflict?
-Robin
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: purging and recurse
Robin Lee Powell a écrit :
On Sat, May 16, 2009 at 09:45:10PM +0200, jean wrote:
hi,
I have a problem with purging. I tried to create directory that are:
file {
$basedir:
ensure = directory,
owner = 'root',
purge = true,
I think purge and ensure conflict?
-Robin
hummm, not far,
it seems this is the owner and mode .. ? So it seems we cannot create a
directory owned by root without loosing the purging capability :(
regards,
JEan
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Puppet double-applying file
Recently, through no obvious change that I can find, I started getting these
messages on each puppet run on two hosts:
Sat May 16 16:52:17 -0400 2009
//Node[fedora.wpi.edu]/ntp_client/File[/etc/ntp.conf]/checksum (notice):
checksum changed '{md5}cf294ce81a023d1cda9bbaa7ac359c2c' to
'{md5}8bca22fcbc96b285185621d23d82b1f4'
Sat May 16 16:52:17 -0400 2009
//Node[fedora.wpi.edu]/ntp_client/File[/etc/ntp.conf] (notice): Filebucketed
to backups with sum 8bca22fcbc96b285185621d23d82b1f4
Sat May 16 16:52:17 -0400 2009
//Node[fedora.wpi.edu]/ntp_client/File[/etc/ntp.conf]/content (notice):
content changed '{md5}8bca22fcbc96b285185621d23d82b1f4' to
'{md5}cf294ce81a023d1cda9bbaa7ac359c2c'
Sat May 16 16:52:18 -0400 2009 //Node[fedora.wpi.edu]/ntp_base/Service[ntpd]
(notice): Triggering 'refresh' from 2 dependencies
So first the checksum changes from A to B, then the file contents change from
B to A. Each of these changes then triggers a refresh on the service that
subscribes to the file.
The systems are both running CentOS 5.3, with puppet 0.24.8, though I have
other systems with same OS and puppet version that are including the same
class, but not showing the same oddity.
I've included the relevant puppet classes below; the nodes in question include
the ntp_client class. Does anyone have any idea about what the heck might be
going on?
class ntp_base {
package { ntp:
ensure = installed
}
service { ntpd:
enable = true,
ensure = running,
require = [Package[ntp],
File[/etc/ntp.conf],
File[/etc/ntp/step-tickers]]
}
}
class ntp_client inherits ntp_base {
file { /etc/ntp.conf:
ensure = file,
owner = root,
group = root,
mode = 644,
content = restrict default ignore
restrict 127.0.0.1
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
authenticate yes
keys /etc/ntp/keys
restrict 130.215.144.33 nomodify notrap noquery
restrict 130.215.32.18 nomodify notrap noquery
restrict 130.215.39.18 nomodify notrap noquery
server 130.215.144.33
server 130.215.32.18
server 130.215.39.18
,
require = Package[ntp],
notify = Service[ntpd]
}
file { /etc/ntp/step-tickers:
ensure = file,
owner = root,
group = root, mode = 644,
content = 130.215.144.33
130.215.32.18
130.215.39.18
,
require = Package[ntp]
}
}
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
