I''d like to keep some pretty granular class definitions in ldap; but I''m not sure what is the best way to turn that into a puppet manifest. Is anybody else doing something like this? For instance, a samba server might have the following classes defined (in ldap): samba, samba-bdc, samba-file-shares, samba-build-shares, etc... And I would like to do something like this: -- class samba { $shares = template(default-shares) case $class { samba-pdc: { $domainmaster = yes } samba-bdc: { $domainmaster = no } samba-file-shares: { $shares += template(file-shares) } samba-build-shares: { $shares += template(build-shares) } } file { smb.conf: content => template(smb.conf.template) # and somehow append the contents of file-shares and build-shares } -- The problems seem to be at least three deep, so I figured I must be doing something incorrectly. Probelms with the above: += is unrecognized (Is it possible to push that data onto an array instead?) err: Could not find class "samba-bdc" And if I pull the samba-?db out into a "class samba-bdc { $domainmaster=no}" the variable seems to be out of scope for the file template. -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers--
On Jun 26, 2007, at 12:56 PM, Atom Powers wrote:> I''d like to keep some pretty granular class definitions in ldap; but > I''m not sure what is the best way to turn that into a puppet manifest. > Is anybody else doing something like this? > > For instance, a samba server might have the following classes > defined (in ldap): > samba, samba-bdc, samba-file-shares, samba-build-shares, etc...Ok.> And I would like to do something like this: > -- > class samba { > $shares = template(default-shares) > case $class { > samba-pdc: { $domainmaster = yes } > samba-bdc: { $domainmaster = no } > samba-file-shares: { $shares += template(file-shares) } > samba-build-shares: { $shares += template(build-shares) } > } > > file { smb.conf: content => template(smb.conf.template) > # and somehow append the contents of file-shares and build-shares > } > --You should model the samba shares as resources, using definitions or whatever; then this would be pretty straightforward. Just write each share to a separate file, in /etc/smb.conf.d or something, then use an exec to concatenate them. This is a common pattern (although apparently unpublished, as yet).> The problems seem to be at least three deep, so I figured I must be > doing something incorrectly. > Probelms with the above: > += is unrecognized (Is it possible to push that data onto an array > instead?)Arrays are not currently modifiable.> err: Could not find class "samba-bdc"Hmm, this is a bug. It should be allowed to return classes that are not found. Can you file this as a bug?> And if I pull the samba-?db out into a "class samba-bdc { > $domainmaster=no}" the variable seems to be out of scope for the file > template.Yep. You can set that as an attribute in your ldap entry (or you can use an existing attribute, like description, and just treat it as that attribute). -- Opportunity is missed by most people because it is dressed in overalls and looks like work. -- Thomas A. Edison --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
On 6/26/07, Luke Kanies <luke@madstop.com> wrote:> On Jun 26, 2007, at 12:56 PM, Atom Powers wrote: > > For instance, a samba server might have the following classes > > defined (in ldap): > > samba, samba-bdc, samba-file-shares, samba-build-shares, etc... > > You should model the samba shares as resources, using definitions or > whatever; then this would be pretty straightforward. Just write each > share to a separate file, in /etc/smb.conf.d or something, then use > an exec to concatenate them. This is a common pattern (although > apparently unpublished, as yet).Can you give me an example, or a link to an example. I''m still unsure on how to write "good" resources. I would rather not use any exec, if possible. I found a way to append several share definitions to the end of a smb.conf using an array of templates, but if I can''t modify an array then it could be ... difficult to create the array with a dynamic list of shares.> > += is unrecognized (Is it possible to push that data onto an array > > instead?) > > Arrays are not currently modifiable.Are variables modifiable in any way, other than using some kind of ancient Japaneses template-fu?> > err: Could not find class "samba-bdc" > > Hmm, this is a bug. It should be allowed to return classes that are > not found. Can you file this as a bug?I''ll see what I can do.> > And if I pull the samba-?db out into a "class samba-bdc { > > $domainmaster=no}" the variable seems to be out of scope for the file > > template. > > Yep. You can set that as an attribute in your ldap entry (or you can > use an existing attribute, like description, and just treat it as > that attribute).Can you tell me more about, or give me a link to, information about using ldap attributes. -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers--
On Jun 26, 2007, at 4:10 PM, Atom Powers wrote:> > Can you give me an example, or a link to an example. I''m still unsure > on how to write "good" resources.No, I can''t. It should be written up as a design pattern, and I don''t have time to do it. The canonical example is for managing iptables. If I can get through some of my other workload, I''ll see about creating a design patterns page and writing this one up, but it''d be great if someone could beat me to those.> I would rather not use any exec, if possible. I found a way to append > several share definitions to the end of a smb.conf using an array of > templates, but if I can''t modify an array then it could be ... > difficult to create the array with a dynamic list of shares.The only way to avoid using an Exec is to write a native type for SMB shares, or to create some intermediate type that knows how to parse and generate files, such that you could teach it how to do this for SMB shares. In general, your life will always be easier if you model these things as resources, rather than strings. Puppet does well when managing resources, since that''s what it''s developed for, but not so well at managing strings.> Are variables modifiable in any way, other than using some kind of > ancient Japaneses template-fu?Variables can only be assigned to, not modified, and once a variable is set it cannot be changed, only overridden in a child scope. This is done to attempt to keep the language as declarative as possible.> Can you tell me more about, or give me a link to, information about > using ldap attributes.Yeah: http://reductivelabs.com/trac/puppet/wiki/LdapNodes I just updated it with the info about attributes, and I''m in the process of updating the configuration reference to include links to this. -- The only really good place to buy lumber is at a store where the lumber has already been cut and attached together in the form of furniture, finished, and put inside boxes. --Dave Barry --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 26 June 2007, Atom Powers wrote:> On 6/26/07, Luke Kanies <luke@madstop.com> wrote: > > On Jun 26, 2007, at 12:56 PM, Atom Powers wrote: > > > For instance, a samba server might have the following classes > > > defined (in ldap): > > > samba, samba-bdc, samba-file-shares, samba-build-shares, etc... > > > > You should model the samba shares as resources, using definitions or > > whatever; then this would be pretty straightforward. Just write each > > share to a separate file, in /etc/smb.conf.d or something, then use > > an exec to concatenate them. This is a common pattern (although > > apparently unpublished, as yet). > > Can you give me an example, or a link to an example. I''m still unsure > on how to write "good" resources.Actually I wanted to wait a bit longer until my SVN has settled down a bit, but since this is the second request for a concatenated file builder within days, here''s the link: http://club.black.co.at:82/svn/manifests/trunk/modules/common/manifests/defines/concatenated_file.pp Usage: concatenated_file { "/etc/some.conf": dir => "/etc/some.conf.d", } concatenated_file_part { "muh": dir => "/etc/some.conf.d", content => "some content\n", } Regards, David - -- - - hallo... wie gehts heute? - - *hust* gut *rotz* *keuch* - - gott sei dank kommunizieren wir über ein septisches medium ;) -- Matthias Leeb, Uni f. angewandte Kunst, 2005-02-15 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGggiE/Pp1N6Uzh0URAqFCAKCXwq1XoQTvu63idFpuMerv6+qvHACfVnIr pRerujU/GJVEt1nY+GBUKus=uYLi -----END PGP SIGNATURE-----