windowsrefund
2009-Jan-16 16:08 UTC
[Puppet Users] Work in progress: Using augeas to manage /etc/exports
I''ll list current limitations but first, the code define nfs::export ( $client, $share_owner = "root", $share_group "root", $share_mode = 755 ) { # Install package, ensure /etc/exports, manage nfs service..... include nfs::server file { $name: ensure => directory, owner => $share_owner, group => $share_group, mode => $share_mode, } augeas { "$name": context => "/files", require => File["/etc/exports"], changes => [ "set /etc/exports/dir[10000] $name", "set /etc/exports/dir[last()]/client $client", "set /etc/exports/dir[last()]/client/option rw", ], # onlyif => "match /files/etc/exports/dir $name", } } Example use: node dumbo { nfs::export { "/foo": client => "bar.example.com", } nfs::export { "/bar": client => "foo.example.com", } } Current limitations and problems 1. Client options are hard-coded. Not sure I can devise an approach that would allow something cool like nfs::export ( "/foo": client=> "bar.example.com", options => [ "rw", "sync" ], } 2. Only configures 1 client per share. This sucks. 3. The "onlyif" should prevent duplicates. It is commented out while I try to figure out how to do this correctly. Needless to say, feel free to contribute ideas and/or improvements :) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
David Lutterkort
2009-Jan-16 18:18 UTC
[Puppet Users] Re: Work in progress: Using augeas to manage /etc/exports
On Fri, 2009-01-16 at 08:08 -0800, windowsrefund wrote:> I''ll list current limitations but first, the code > > define nfs::export ( $client, $share_owner = "root", $share_group > "root", $share_mode = 755 ) { > > # Install package, ensure /etc/exports, manage nfs > service..... > include nfs::server > > file { $name: > ensure => directory, > owner => $share_owner, > group => $share_group, > mode => $share_mode, > } > > augeas { "$name": > context => "/files", > require => File["/etc/exports"], > changes => [ > "set /etc/exports/dir[10000] $name", > "set /etc/exports/dir[last()]/client $client", > "set /etc/exports/dir[last()]/client/option > rw", > ], > # onlyif => "match /files/etc/exports/dir $name",The logic you really want is (in pseudocode that I hope is clear enough): if (! match /files/etc/exports/dir $name) { insert dir after /files/etc/exports/dir[last()] set /files/etc/exports/dir[last()] $name } set /files/etc/exports/dir[ value() = "$name" ]/client $client set /files/etc/exports/dir[ value() = "$name" ]/client/option rw The two last sets at the end aren''t possible in Augeas just yet; I have functionality like that implemented, but need to clean it up a little before sending it out for review and committing it. The if statement above will be a fairly common pattern, and needs to be supported by the Augeas type in some fashion.> } > > } > > Example use: > > node dumbo { > nfs::export { "/foo": client => "bar.example.com", } > nfs::export { "/bar": client => "foo.example.com", } > } > > > Current limitations and problemsAs things stand right now, you might have to resort to writing a native Puppet type in Ruby (you can and should still use Augeas in that type) - the logic you need is a tiny bit more involved than what you can do with the Augeas type at the moment:> 1. Client options are hard-coded. Not sure I can devise an approach > that would allow something cool like > > nfs::export ( "/foo": client=> "bar.example.com", options => [ "rw", > "sync" ], }Turning the array of options into several set commands can''t be done in Puppet''s language AFAIK; it would require that the commands for the ''changes'' attribute in the Augeas type knows something about arrays.> 2. Only configures 1 client per share. This sucks.You could use the exact same logic you use to determine if a new ''dir'' node needs to be created to determine if a new ''client'' node is created - provided I get my act together with improved path expressions: for the ''dir'' node you checked if there is a node /files/etc/exports/dir[ . = "$name" ] and create one if it doesn''t exist, for a client for a share you''d check for a node /files/etc/exports/dir[ . = "$name" ]/client[ . = "$client"]> 3. The "onlyif" should prevent duplicates. It is commented out while I > try to figure out how to do this correctly.You really need to break that logic into several steps: (1) if there is no dir entry for $name, create one (2) if there is no client entry for $client, create one (3) set the options for that client and that dir. Right now, that requires a tiny bit of Ruby code, but once we have (a) support for more powerful path expressions in Augeas and (b) a shorthand for ''if this node doesn''t exist, create it'' in the Augeas type, this would be fairly simple. David --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
windowsrefund
2009-Jan-16 18:20 UTC
[Puppet Users] Re: Work in progress: Using augeas to manage /etc/exports
Just a quick update to report that none of the following approaches result in avoiding duplicate lines from being inserted into /etc/ exports onlyif => "get /files/etc/exports/dir != $name", onlyif => "get /files/etc/exports/dir[10000] != $name", onlyif => "get /files/etc/exports/dir[last()] != $name", --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
windowsrefund
2009-Jan-16 18:26 UTC
[Puppet Users] Re: Work in progress: Using augeas to manage /etc/exports
David, Thanks for explanations and insight. I''ll sit tight and keep an eye out for updates to the Augeas type. All the best, Adam On Jan 16, 1:18 pm, David Lutterkort <lut...@redhat.com> wrote:> On Fri, 2009-01-16 at 08:08 -0800, windowsrefund wrote: > > I''ll list current limitations but first, the code > > > define nfs::export ( $client, $share_owner = "root", $share_group > > "root", $share_mode = 755 ) { > > > # Install package, ensure /etc/exports, manage nfs > > service..... > > include nfs::server > > > file { $name: > > ensure => directory, > > owner => $share_owner, > > group => $share_group, > > mode => $share_mode, > > } > > > augeas { "$name": > > context => "/files", > > require => File["/etc/exports"], > > changes => [ > > "set /etc/exports/dir[10000] $name", > > "set /etc/exports/dir[last()]/client $client", > > "set /etc/exports/dir[last()]/client/option > > rw", > > ], > > # onlyif => "match /files/etc/exports/dir $name", > > The logic you really want is (in pseudocode that I hope is clear > enough): > > if (! match /files/etc/exports/dir $name) { > insert dir after /files/etc/exports/dir[last()] > set /files/etc/exports/dir[last()] $name > } > set /files/etc/exports/dir[ value() = "$name" ]/client $client > set /files/etc/exports/dir[ value() = "$name" ]/client/option rw > > The two last sets at the end aren''t possible in Augeas just yet; I have > functionality like that implemented, but need to clean it up a little > before sending it out for review and committing it. > > The if statement above will be a fairly common pattern, and needs to be > supported by the Augeas type in some fashion. > > > } > > > } > > > Example use: > > > node dumbo { > > nfs::export { "/foo": client => "bar.example.com", } > > nfs::export { "/bar": client => "foo.example.com", } > > } > > > Current limitations and problems > > As things stand right now, you might have to resort to writing a native > Puppet type in Ruby (you can and should still use Augeas in that type) - > the logic you need is a tiny bit more involved than what you can do with > the Augeas type at the moment: > > > 1. Client options are hard-coded. Not sure I can devise an approach > > that would allow something cool like > > > nfs::export ( "/foo": client=> "bar.example.com", options => [ "rw", > > "sync" ], } > > Turning the array of options into several set commands can''t be done in > Puppet''s language AFAIK; it would require that the commands for the > ''changes'' attribute in the Augeas type knows something about arrays. > > > 2. Only configures 1 client per share. This sucks. > > You could use the exact same logic you use to determine if a new ''dir'' > node needs to be created to determine if a new ''client'' node is created > - provided I get my act together with improved path expressions: for the > ''dir'' node you checked if there is a node > > /files/etc/exports/dir[ . = "$name" ] > > and create one if it doesn''t exist, for a client for a share you''d check > for a node /files/etc/exports/dir[ . = "$name" ]/client[ . = "$client"] > > > 3. The "onlyif" should prevent duplicates. It is commented out while I > > try to figure out how to do this correctly. > > You really need to break that logic into several steps: (1) if there is > no dir entry for $name, create one (2) if there is no client entry for > $client, create one (3) set the options for that client and that dir. > > Right now, that requires a tiny bit of Ruby code, but once we have (a) > support for more powerful path expressions in Augeas and (b) a shorthand > for ''if this node doesn''t exist, create it'' in the Augeas type, this > would be fairly simple. > > David--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Bryan Kearney
2009-Jan-16 19:41 UTC
[Puppet Users] Re: Work in progress: Using augeas to manage /etc/exports
windowsrefund wrote:> Just a quick update to report that none of the following approaches > result in avoiding duplicate lines from being inserted into /etc/ > exports > > onlyif => "get /files/etc/exports/dir != $name", > > onlyif => "get /files/etc/exports/dir[10000] != $name", > > onlyif => "get /files/etc/exports/dir[last()] != $name", >Do you have a context set as well? Both the commands and hte onlyif are releative to the context. -- bk --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
David Lutterkort
2009-Jan-16 19:44 UTC
[Puppet Users] Re: Work in progress: Using augeas to manage /etc/exports
On Fri, 2009-01-16 at 10:26 -0800, windowsrefund wrote:> Thanks for explanations and insight. I''ll sit tight and keep an eye > out for updates to the Augeas type.As I said: if you''re willing to write your exports type in Ruby, you can do what you need to do today ... waiting is required though if you want to do it all from the puppet manifest ;) David --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Adam Kosmin
2009-Jan-16 19:50 UTC
[Puppet Users] Re: Work in progress: Using augeas to manage /etc/exports
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bryan, Yes, I was just attempting to be clear in my message. Best, Adam Bryan Kearney wrote:> windowsrefund wrote: >> Just a quick update to report that none of the following approaches >> result in avoiding duplicate lines from being inserted into /etc/ >> exports >> >> onlyif => "get /files/etc/exports/dir != $name", >> >> onlyif => "get /files/etc/exports/dir[10000] != $name", >> >> onlyif => "get /files/etc/exports/dir[last()] != $name", >> > > Do you have a context set as well? Both the commands and hte onlyif are > releative to the context. > > -- bk > > > > >- -- "Don''t take the name of root in vain" - /usr/src/linux/README GPG: 5B21 ED44 02A8 E9A7 82EB 0C5B 2E53 14EB 1BBA 67C2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJcOTwLlMU6xu6Z8IRAjj9AKCD18WkZOAFA0HPeQCQVbBtjPGzvACdHjGd q09B9R82aGfsynRxQ1VcKzk=CiSV -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---