Puppet users - Jun 2011 - line replace triggers file reload

Hi guys,

I''ve got /etc/resolve.conf managed by Puppet:

         file { "/etc/resolv.conf":
                 ensure => present,
                 source => 
"puppet:///modules/system/etc/resolv.conf.${dns_zone}.${dc_use}",
                 group   => "root",
                 owner => "root",
                 mode  => "0644"
         }

         if $dns_search_path {
                 line_replace { "/etc/resolv.conf":
                         replacement => "search
${dns_search_path}",
                         pattern => "search .*",
                         require => File["/etc/resolv.conf"],
                 }
         }

The trouble is that the file is fetched from the server on every puppet 
agent run and line_replace() is then executed.

info: Caching catalog for ssutt1ldv.example.com
info: Applying configuration version ''1306990268''
--- /etc/resolv.conf    2011-06-02 16:46:22.000000000 +1200
+++ /tmp/puppet-file.18828.0    2011-06-02 16:51:10.000000000 +1200
@@ -1,3 +1,3 @@
-search something.else.example.com
+search example.com
  nameserver 172.26.203.23
  nameserver 172.27.203.23
info: FileBucket got a duplicate file {md5}8a9e992c28b98fbc544d99512f54e657
info: /Stage[main]/System::Files/File[/etc/resolv.conf]: Filebucketed 
/etc/resolv.conf to puppet with sum 8a9e992c28b98fbc544d99512f54e657
notice: /Stage[main]/System::Files/File[/etc/resolv.conf]/content: 
content changed ''{md5}8a9e992c28b98fbc544d99512f54e657'' to 
''{md5}10e974d9fac3b24d638478ac1852d896''
notice: 
/Stage[main]/System::Files/Line_replace[/etc/resolv.conf]/Exec[/usr/bin/perl 
-pi -e ''s/search .*/search something.else.example.com/'' 
''/etc/resolv.conf'']/returns: executed successfully
notice: Finished catalog run in 5.93 seconds

Can I do something about it? For instance record the search path 
somewhere and only trigger the whole thing if it changes?

For most servers the default path is good but some require a different 
one that I specify in their ''node { $dns_search_path = ... }''.

Thanks!

GiBo

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

perhaps you should add a check :onlyif cannot find pattern(dns_search_path)
in resolv.conf,then puppet actions.


can you paste your full code . I didnot see the define or param class or
(custom type?)line_replace?
thank you~~~

From China mainland[?]



On Thu, Jun 2, 2011 at 1:01 PM, Giovanni Bordello
<gibo@gentlemail.com>wrote:
> Hi guys,
>
> I''ve got /etc/resolve.conf managed by Puppet:
>
>        file { "/etc/resolv.conf":
>                ensure => present,
>                source =>
> "puppet:///modules/system/etc/resolv.conf.${dns_zone}.${dc_use}",
>                group   => "root",
>                owner => "root",
>                mode  => "0644"
>        }
>
>        if $dns_search_path {
>                line_replace { "/etc/resolv.conf":
>                        replacement => "search
${dns_search_path}",
>                        pattern => "search .*",
>                        require => File["/etc/resolv.conf"],
>                }
>        }
>
> The trouble is that the file is fetched from the server on every puppet
> agent run and line_replace() is then executed.
>
> info: Caching catalog for ssutt1ldv.example.com
> info: Applying configuration version ''1306990268''
> --- /etc/resolv.conf    2011-06-02 16:46:22.000000000 +1200
> +++ /tmp/puppet-file.18828.0    2011-06-02 16:51:10.000000000 +1200
> @@ -1,3 +1,3 @@
> -search something.else.example.com
> +search example.com
>  nameserver 172.26.203.23
>  nameserver 172.27.203.23
> info: FileBucket got a duplicate file {md5}8a9e992c28b98fbc544d99512f54e657
> info: /Stage[main]/System::Files/File[/etc/resolv.conf]: Filebucketed
> /etc/resolv.conf to puppet with sum 8a9e992c28b98fbc544d99512f54e657
> notice: /Stage[main]/System::Files/File[/etc/resolv.conf]/content: content
> changed ''{md5}8a9e992c28b98fbc544d99512f54e657'' to
> ''{md5}10e974d9fac3b24d638478ac1852d896''
> notice:
>
/Stage[main]/System::Files/Line_replace[/etc/resolv.conf]/Exec[/usr/bin/perl
> -pi -e ''s/search .*/search something.else.example.com/''
> ''/etc/resolv.conf'']/returns: executed successfully
> notice: Finished catalog run in 5.93 seconds
>
> Can I do something about it? For instance record the search path somewhere
> and only trigger the whole thing if it changes?
>
> For most servers the default path is good but some require a different one
> that I specify in their ''node { $dns_search_path = ...
}''.
>
> Thanks!
>
> GiBo
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Hi,

it''s a modified replace() function taken from here: 
http://projects.puppetlabs.com/projects/1/wiki/Simple_Text_Patterns

define line_replace($pattern, $replacement) {
     $file = $name
     err ("line_replace... $name")
     exec { "/usr/bin/perl -pi -e
''s/$pattern/$replacement/'' ''$file''":
         onlyif => "/usr/bin/perl -ne ''BEGIN { \$ret = 1; }
\$ret = 0 if
/$pattern/ && ! /$replacement/ ; END { exit \$ret; }''
''$file''",
     }
}

The problem is not that line_replace() kicks in every time (it doesn''t,
it only does when $dns_search_path is defined, that''s ok). The problem
is:

- Puppet Agent loads a pristine resolv.conf from the server and records 
the {md5}
- Then it runs line_replace() and changes the search path.
- All good, file looks as expected.

On the next run the Agent checks resolv.conf''s {md5} and realises
it''s
different from what was recorded (of course, one line was changed). So 
it reloads it from the server in the pristine form again and recods the 
pristine {md5}.

Then line_replace() kicks in again, does its "onlyif=>" test but
that''s
false, because the file has just been loaded from the server. So it 
replaces the line, leading to a changed {md5}.

And that goes on and on every time puppet agent is run.

Can I do something about that?

GiBo

On 02/06/11 17:40, yzhkpli@gmail.com wrote:
> perhaps you should add a check :onlyif cannot find 
> pattern(dns_search_path) in resolv.conf,then puppet actions.
>
>
> can you paste your full code . I didnot see the define or param class 
> or (custom type?)line_replace?
> thank you~~~
>
> From China mainland
>
>
>
> On Thu, Jun 2, 2011 at 1:01 PM, Giovanni Bordello <gibo@gentlemail.com 
> <mailto:gibo@gentlemail.com>> wrote:
>
>     Hi guys,
>
>     I''ve got /etc/resolve.conf managed by Puppet:
>
>            file { "/etc/resolv.conf":
>                    ensure => present,
>                    source =>
>    
"puppet:///modules/system/etc/resolv.conf.${dns_zone}.${dc_use}",
>                    group   => "root",
>                    owner => "root",
>                    mode  => "0644"
>            }
>
>            if $dns_search_path {
>                    line_replace { "/etc/resolv.conf":
>                            replacement => "search
${dns_search_path}",
>                            pattern => "search .*",
>                            require =>
File["/etc/resolv.conf"],
>                    }
>            }
>
>     The trouble is that the file is fetched from the server on every
>     puppet agent run and line_replace() is then executed.
>
>     info: Caching catalog for ssutt1ldv.example.com
>     <http://ssutt1ldv.example.com>
>     info: Applying configuration version ''1306990268''
>     --- /etc/resolv.conf    2011-06-02 16:46:22.000000000 +1200
>     +++ /tmp/puppet-file.18828.0    2011-06-02 16:51:10.000000000 +1200
>     @@ -1,3 +1,3 @@
>     -search something.else.example.com
<http://something.else.example.com>
>     +search example.com <http://example.com>
>      nameserver 172.26.203.23
>      nameserver 172.27.203.23
>     info: FileBucket got a duplicate file
>     {md5}8a9e992c28b98fbc544d99512f54e657
>     info: /Stage[main]/System::Files/File[/etc/resolv.conf]:
>     Filebucketed /etc/resolv.conf to puppet with sum
>     8a9e992c28b98fbc544d99512f54e657
>     notice: /Stage[main]/System::Files/File[/etc/resolv.conf]/content:
>     content changed
''{md5}8a9e992c28b98fbc544d99512f54e657'' to
>     ''{md5}10e974d9fac3b24d638478ac1852d896''
>     notice:
>    
/Stage[main]/System::Files/Line_replace[/etc/resolv.conf]/Exec[/usr/bin/perl
>     -pi -e ''s/search .*/search something.else.example.com/
>     <http://something.else.example.com/>''
''/etc/resolv.conf'']/returns:
>     executed successfully
>     notice: Finished catalog run in 5.93 seconds
>
>     Can I do something about it? For instance record the search path
>     somewhere and only trigger the whole thing if it changes?
>
>     For most servers the default path is good but some require a
>     different one that I specify in their ''node { $dns_search_path
>     ... }''.
>
>     Thanks!
>
>     GiBo
>
>     -- 
>     You received this message because you are subscribed to the Google
>     Groups "Puppet Users" group.
>     To post to this group, send email to puppet-users@googlegroups.com
>     <mailto:puppet-users@googlegroups.com>.
>     To unsubscribe from this group, send email to
>     puppet-users+unsubscribe@googlegroups.com
>     <mailto:puppet-users%2Bunsubscribe@googlegroups.com>.
>     For more options, visit this group at
>     http://groups.google.com/group/puppet-users?hl=en.
>
>
> -- 
> You received this message because you are subscribed to the Google 
> Groups "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Sorted, I''ve done it using a template:

search <%= dns_search_path %>
nameserver ...
nameserver ...

That way the file is (presumably?) created on the master and looks 
constant to the client.

GiBo

On 02/06/11 17:59, Giovanni Bordello wrote:
> Hi,
>
> it''s a modified replace() function taken from here: 
> http://projects.puppetlabs.com/projects/1/wiki/Simple_Text_Patterns
>
> define line_replace($pattern, $replacement) {
>     $file = $name
>     err ("line_replace... $name")
>     exec { "/usr/bin/perl -pi -e
''s/$pattern/$replacement/'' ''$file''":
>         onlyif => "/usr/bin/perl -ne ''BEGIN { \$ret = 1; }
\$ret = 0
> if /$pattern/ && ! /$replacement/ ; END { exit \$ret; }''
''$file''",
>     }
> }
>
> The problem is not that line_replace() kicks in every time (it 
> doesn''t, it only does when $dns_search_path is defined,
that''s ok).
> The problem is:
>
> - Puppet Agent loads a pristine resolv.conf from the server and 
> records the {md5}
> - Then it runs line_replace() and changes the search path.
> - All good, file looks as expected.
>
> On the next run the Agent checks resolv.conf''s {md5} and realises
it''s
> different from what was recorded (of course, one line was changed). So 
> it reloads it from the server in the pristine form again and recods 
> the pristine {md5}.
>
> Then line_replace() kicks in again, does its "onlyif=>" test
but
> that''s false, because the file has just been loaded from the
server.
> So it replaces the line, leading to a changed {md5}.
>
> And that goes on and on every time puppet agent is run.
>
> Can I do something about that?
>
> GiBo
>
> On 02/06/11 17:40, yzhkpli@gmail.com wrote:
>> perhaps you should add a check :onlyif cannot find 
>> pattern(dns_search_path) in resolv.conf,then puppet actions.
>>
>>
>> can you paste your full code . I didnot see the define or param class 
>> or (custom type?)line_replace?
>> thank you~~~
>>
>> From China mainland
>>
>>
>>
>> On Thu, Jun 2, 2011 at 1:01 PM, Giovanni Bordello 
>> <gibo@gentlemail.com <mailto:gibo@gentlemail.com>> wrote:
>>
>>     Hi guys,
>>
>>     I''ve got /etc/resolve.conf managed by Puppet:
>>
>>            file { "/etc/resolv.conf":
>>                    ensure => present,
>>                    source =>
>>    
"puppet:///modules/system/etc/resolv.conf.${dns_zone}.${dc_use}",
>>                    group   => "root",
>>                    owner => "root",
>>                    mode  => "0644"
>>            }
>>
>>            if $dns_search_path {
>>                    line_replace { "/etc/resolv.conf":
>>                            replacement => "search
${dns_search_path}",
>>                            pattern => "search .*",
>>                            require =>
File["/etc/resolv.conf"],
>>                    }
>>            }
>>
>>     The trouble is that the file is fetched from the server on every
>>     puppet agent run and line_replace() is then executed.
>>
>>     info: Caching catalog for ssutt1ldv.example.com
>>     <http://ssutt1ldv.example.com>
>>     info: Applying configuration version ''1306990268''
>>     --- /etc/resolv.conf    2011-06-02 16:46:22.000000000 +1200
>>     +++ /tmp/puppet-file.18828.0    2011-06-02 16:51:10.000000000 +1200
>>     @@ -1,3 +1,3 @@
>>     -search something.else.example.com
>>     <http://something.else.example.com>
>>     +search example.com <http://example.com>
>>      nameserver 172.26.203.23
>>      nameserver 172.27.203.23
>>     info: FileBucket got a duplicate file
>>     {md5}8a9e992c28b98fbc544d99512f54e657
>>     info: /Stage[main]/System::Files/File[/etc/resolv.conf]:
>>     Filebucketed /etc/resolv.conf to puppet with sum
>>     8a9e992c28b98fbc544d99512f54e657
>>     notice:
>>     /Stage[main]/System::Files/File[/etc/resolv.conf]/content:
>>     content changed
''{md5}8a9e992c28b98fbc544d99512f54e657'' to
>>     ''{md5}10e974d9fac3b24d638478ac1852d896''
>>     notice:
>>    
/Stage[main]/System::Files/Line_replace[/etc/resolv.conf]/Exec[/usr/bin/perl
>>     -pi -e ''s/search .*/search something.else.example.com/
>>     <http://something.else.example.com/>''
>>     ''/etc/resolv.conf'']/returns: executed
successfully
>>     notice: Finished catalog run in 5.93 seconds
>>
>>     Can I do something about it? For instance record the search path
>>     somewhere and only trigger the whole thing if it changes?
>>
>>     For most servers the default path is good but some require a
>>     different one that I specify in their ''node {
$dns_search_path >>     ... }''.
>>
>>     Thanks!
>>
>>     GiBo
>>
>>     -- 
>>     You received this message because you are subscribed to the
>>     Google Groups "Puppet Users" group.
>>     To post to this group, send email to
>>     puppet-users@googlegroups.com
<mailto:puppet-users@googlegroups.com>.
>>     To unsubscribe from this group, send email to
>>     puppet-users+unsubscribe@googlegroups.com
>>     <mailto:puppet-users%2Bunsubscribe@googlegroups.com>.
>>     For more options, visit this group at
>>     http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>> -- 
>> You received this message because you are subscribed to the Google 
>> Groups "Puppet Users" group.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> To unsubscribe from this group, send email to 
>> puppet-users+unsubscribe@googlegroups.com.
>> For more options, visit this group at 
>> http://groups.google.com/group/puppet-users?hl=en.
> -- 
> You received this message because you are subscribed to the Google 
> Groups "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

On Wed, Jun 1, 2011 at 11:22 PM, Giovanni Bordello
<gibo@gentlemail.com>wrote:
>  Sorted, I''ve done it using a template:
>
> search <%= dns_search_path %>
> nameserver ...
> nameserver ...
>
> That way the file is (presumably?) created on the master and looks constant
> to the client.
>
>
To answer your implicit question.  The file is generated on the master and
embedded in the catalog.  Then the catalog is send to the client.

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.