Hello
Does anybody share how to roll-back configuration if puppet definition on
host is change. For example Let''s assume we have host on which initial
was
web server and bunch of users. All this resources we configured throw
puppet.
node <some node>
{
<webserver difinition>
<user1 definition>
<user2 definition>
<user3 definition>
}
At some point we decide to remove user2 so node config now looks like:
node <some node>
{
<webserver difinition>
<user1 definition>
<user3 definition>
}
but how to remove all user2 stuff that was on host? Undoubtedly we can
rewrite node definition like this:
node <some node>
{
<webserver difinition>
<user1 definition>
<remove user2 definition>
<user3 definition>
}
But imho this doesn''t look very good, becouse user removed only one
time,
but node definition will be apply periodical.
Also this concerns webserver and other resources configured throw puppet.
How cleanup if resource definition will be removed from node?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Brian Troutwine
2012-Feb-19 22:53 UTC
Re: [Puppet Users] roolback to previouse configuration
On Sun, Feb 19, 2012 at 5:07 PM, ruslan usifov <ruslan.usifov@gmail.com> wrote:> Hello > > Does anybody share how to roll-back configuration if puppet definition on > host is change. For example Let''s assume we have host on which initial was > web server and bunch of users. All this resources we configured throw > puppet. > > > node <some node> > { > > <webserver difinition> > <user1 definition> > <user2 definition> > <user3 definition> > } > > At some point we decide to remove user2 so node config now looks like: > > node <some node> > { > > <webserver difinition> > <user1 definition> > <user3 definition> > } > > > but how to remove all user2 stuff that was on host? Undoubtedly we can > rewrite node definition like this: > > node <some node> > { > > <webserver difinition> > <user1 definition> > <remove user2 definition> > <user3 definition> > } > > But imho this doesn''t look very good, becouse user removed only one time, > but node definition will be apply periodical.I''d prefer this form, if only because it''s explicit and, after your puppet update has rolled out, you can remove the, er, removal. By simply deleting the user definition from your configuration you are denying puppet that ability to manage that user anymore: puppet probably shouldn''t be destroying things its not defined to manage. That said, if you absolutely _hate_ the last form there are things you might do to destroy a user, but the methods will be system dependent and contingent on your precise problem and needs.> Also this concerns webserver and other resources configured throw puppet. > How cleanup if resource definition will be removed from node?Mark the resources as absent in your puppet configuration. If you want puppet to manage the resource''s creation having it manage the destruction is one of the more effective options.> > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- Brian L. Troutwine -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Feb 19, 4:07 pm, ruslan usifov <ruslan.usi...@gmail.com> wrote:> Does anybody share how to roll-back configuration if puppet definition on > host is change. For example Let''s assume we have host on which initial was > web server and bunch of users. All this resources we configured throw > puppet. > > node <some node> > { > > <webserver difinition> > <user1 definition> > <user2 definition> > <user3 definition> > > } > > At some point we decide to remove user2 so node config now looks like: > > node <some node> > { > > <webserver difinition> > <user1 definition> > <user3 definition> > > } > > but how to remove all user2 stuff that was on host? Undoubtedly we can > rewrite node definition like this: > > node <some node> > { > > <webserver difinition> > <user1 definition> > <remove user2 definition> > <user3 definition> > > } > > But imho this doesn''t look very good, becouse user removed only one time, > but node definition will be apply periodical.You are committing a common conceptual mistake. Puppet is a state management service, not a script script engine, therefore it is inappropriate to characterize a declaration as "<remove user2 definition>". Much better would be "<without user2 definition>". That matters, because it reflects that fact that Puppet not only will remove user2, but it will also ensure that user2 *stays* removed (because Puppet is a state management service). If you do not want Puppet to perform such a work for you, then just remove the user in question from management (delete its declaration from you manifest), and perform the actual user removal by some other means. If you need to do that across multiple systems then something like Puppetlab''s MCollective might be worth your attention.> Also this concerns webserver and other resources configured throw puppet. > How cleanup if resource definition will be removed from node?For many resource types, another alternative to to purge unmanaged resources via the ''Resources'' meta-resource type. There is even special support for excluding unmanaged system users from purging. Beware: purging unmanaged resources can be very dangerous because it can be difficult to be certain that you have all wanted resources under management. There is a significant risk of removing wanted, but unmanaged, resources. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
ruslan usifov
2012-Feb-25 20:19 UTC
Re: [Puppet Users] Re: roolback to previouse configuration
Thanks jcbollinger for detailed answer>>>For many resource types, another alternative to to purge unmanaged >>>resources via the ''Resources'' meta-resource type.I misunderstand what you talking about? Could you share some links? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Feb 25, 2:19 pm, ruslan usifov <ruslan.usi...@gmail.com> wrote:> Thanks jcbollinger for detailed answer > > >>>For many resource types, another alternative to to purge unmanaged > >>>resources via the ''Resources'' meta-resource type. > > I misunderstand what you talking about? Could you share some links?http://docs.puppetlabs.com/references/stable/type.html#resources John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.