Is it possible to extend ''package'' without actually hacking
the puppet
code. I''d like to do this:
package { "httpd":
name => "httpd",
ensure => "present",
check => "newer",
}
My goal is this. For every package I have in puppet, I''d like to check
to see if I have a newer version in the repository than I have on the
server. If that''s the case I''d like to record that. (Probably
in a log
file). This will allow me to produce a report of packages that need
upgraded. I can''t just "ensure => latest" because it
violates our
change procedure.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Martijn Grendelman
2011-May-09 13:03 UTC
Re: [Puppet Users] extending puppet without hacking puppet
On 09-05-11 14:29, Jeff wrote:> Is it possible to extend ''package'' without actually hacking the puppet > code. I''d like to do this: > > package { "httpd": > name => "httpd", > ensure => "present", > check => "newer", > } > > My goal is this. For every package I have in puppet, I''d like to check > to see if I have a newer version in the repository than I have on the > server. If that''s the case I''d like to record that. (Probably in a log > file). This will allow me to produce a report of packages that need > upgraded. I can''t just "ensure => latest" because it violates our > change procedure. >You could define a type, that wraps Package and uses an Exec to do whatever you want. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
saurabh verma
2011-May-09 13:28 UTC
Re: [Puppet Users] extending puppet without hacking puppet
On 09-May-2011, at 6:33 PM, Martijn Grendelman wrote:> On 09-05-11 14:29, Jeff wrote: >> Is it possible to extend ''package'' without actually hacking the puppet >> code. I''d like to do this: >> >> package { "httpd": >> name => "httpd", >> ensure => "present", >> check => "newer", >> } >> >> My goal is this. For every package I have in puppet, I''d like to check >> to see if I have a newer version in the repository than I have on the >> server. If that''s the case I''d like to record that. (Probably in a log >> file). This will allow me to produce a report of packages that need >> upgraded. I can''t just "ensure => latest" because it violates our >> change procedure. >> > > You could define a type, that wraps Package and uses an Exec to do > whatever you want. >I guess if you ever want to do this kinda stuff , Either implement this core logic in package provider or separate out this kinda controlled change management out of config management . For my case i had a requirement of installing a package from a particular yum repo , so i wrapped up “Yum install stuff” in a definition and some hacky stuff . -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
John Lyman
2011-May-10 23:50 UTC
[Puppet Users] Re: extending puppet without hacking puppet
You can set "noop => true" in the package resource and puppet
won''t
actually change it, just log that it wants to change it.
package { "httpd":
name => "httpd",
ensure => "latest",
noop => true,
}
This is especially convenient with tagmail or other reporting.
If possible, making "noop" the default for all packages will save a
lot of typing.
Package { noop => true }
It sounds like that''s what you want anyway, and you can always
override individual packages with "noop => false" if needed.
Standard disclaimers apply, be sure to test first.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Felix Frank
2011-May-12 08:06 UTC
Re: [Puppet Users] Re: extending puppet without hacking puppet
On 05/11/2011 01:50 AM, John Lyman wrote:> You can set "noop => true" in the package resource and puppet won''t > actually change it, just log that it wants to change it. > > package { "httpd": > name => "httpd", > ensure => "latest", > noop => true, > }Yes, but this will still not install the package when its missing altogether. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Nan Liu
2011-May-12 13:10 UTC
Re: [Puppet Users] Re: extending puppet without hacking puppet
On Thu, May 12, 2011 at 3:06 AM, Felix Frank <felix.frank@alumni.tu-berlin.de> wrote:> On 05/11/2011 01:50 AM, John Lyman wrote: >> You can set "noop => true" in the package resource and puppet won''t >> actually change it, just log that it wants to change it. >> >> package { "httpd": >> name => "httpd", >> ensure => "latest", >> noop => true, >> } > > Yes, but this will still not install the package when its missing > altogether.I''ve had previous discussion about how to do this, and originally we wanted to abuse facter to upload the package into inventory, but it''s not ideal for many reasons. You can use puppet inspect (2.6.5) to audit the package version separately from your puppet run, or use puppet resource package to get all package version on the system. However you need upload the audit results and parse the results. This is another crack at this issue, create a separate puppet environment (I''m calling it checkpackage) with one difference in site.pp, keep the rest of your manifests/modules the same: Package <||> { ensure => latest, noop => true, tag => check } On the client run against this new environment with tags check: puppet agent -t --environment checkpackage --tags check Here''s a test manifests and you''ll see the difference if you comment/uncomment the first line: Package <||> { ensure => latest, noop => true, tag => check } class packages { package { "yum": ensure => present, } exec { "/bin/echo foo": } } include packages $ puppet apply --tags check test.pp notice: /Stage[main]/Packages/Package[yum]/ensure: is 3.2.22-26.el5.centos, should be 3.2.22-33.el5.centos (noop) Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.