I''m currently looking for a more efficient method of creating domain
zone
files. At the moment I have a shell script that I run to create the domain
zone, then add the domain to puppet define list so it''ll know to add
the
domain to the dns servers.
The new method I''m working on, I add the domain to a puppet define,
then
let puppet run the shell script for me to create the zone file. Only
problem once its done validating that the domain exists are not (using the
shell script) its about 55 minutes when complete!
Below is what I''ve written and I''ll add comment along the way.
If any has
any suggestions of how I can make it complete faster, I''m all ears!
class s_domain {
# This is where I add the domain to define the new domain, I will
paste the code below...
include s_domain::all_zone
# The shell script that runs to create the zone file
file {
"domain.sh":
mode => 700, owner => root, group => root,
ensure => present,
path => "/root/domain.sh",
source =>
"puppet://$servername/s_domain/domain.sh",
}
# The text that puppet looks at before running the domain.sh script
file {
"zones":
mode => 600, owner => root, group => root,
ensure => present,
replace => true,
path => "/root/zones",
}
# It creates the file for domain.sh
exec { "domain_check":
command => "/bin/ls /var/shared/bind/zones >
/root/zones",
logoutput => true,
}
}
# Taking the information from the include to define
define s_domain::zones($domains) {
s_domain::zonefile { $domains: }
file { "/var/named/chroot/etc/zones.conf":
owner => "named",
group => "named",
mode => "0644",
}
}
# File it creates with the domain.sh script
define s_domain::zonefile() {
file { $name:
path => "/var/shared/bind/zones/$name.zone",
owner => "root",
group => "root",
mode => "0644",
}
# The domain.sh script runs only if the domain isn''t in the
zones
file it create above
exec { "domain $name":
command => "/root/domain.sh $name",
logoutput => true,
unless => "/bin/grep -o $name /root/zones 2>/dev/null",
}
}
INCLUDE code:
class s_domain::all_zone {
s_domain::zones { "company.com":
domains => [ "thedomain.com", }
}
}
The above code is short, the whole list of domains we have is about 2,000,
reason it takes so long. I''m new to puppet coding, what I would like
to do
is not have file created or puppet using the "unless" variable.
I''ve been
trying to figure how to get puppet to just look at the all_zone.pp file
only, but haven''t been able to figure a method to implement. Thanks in
advance!
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Allow me to offer a couple of alternatives:
1) If Puppet is not otherwise doing stuff with the domains, then stop
trying to manage the bind configs purely with Puppet. Instead, have your
configs in revision control (best practice) and have the puppet run do an
update/reload (e.g. have the exec something like onlyif =>"bzr
status",
command => "bzr update", notify => Service["bind9"]
2) Use augeas to ensure the appropriate include stanza appreas in your
zones.conf file, and have the included fragment be generated via template
on Puppet.
3) Use R.I.P.''s snippets extension to construct your zone file from
whole
cloth.
4) if you are using storedconfigs AND your zones are tied into your
infrastructure appropriately, it might be nice to collect exported
resources (files) on the DNS servers.
To give you something of an example of #4, I want to see that NetBackup is
installed on all my servers. However, doing so requires the execution of a
script from the Netbackup server. So each host checks the installed
Netbackup version against the configured version. If they differ, and
*only* then, they will export an exec{} that will be collected (and run) on
the Netbackup server. What this means is that the only time my Netbackup
server runs any execs is when I either upgrade Netbackup or add a new host.
You could do something similar. If you DNS zones are, for instance, tied
to, say, web services, when the web service configures, it could do a DNS
lookup. If the results of that lookup are not satisfactory, it could then
export the appropriate updates for use on the DNS servers.
On Tue, Feb 28, 2012 at 2:43 PM, Mailing Lists
<mailinglist@theflux.net>wrote:
> I''m currently looking for a more efficient method of creating
domain zone
> files. At the moment I have a shell script that I run to create the domain
> zone, then add the domain to puppet define list so it''ll know to
add the
> domain to the dns servers.
>
> The new method I''m working on, I add the domain to a puppet
define, then
> let puppet run the shell script for me to create the zone file. Only
> problem once its done validating that the domain exists are not (using the
> shell script) its about 55 minutes when complete!
>
> Below is what I''ve written and I''ll add comment along the
way. If any has
> any suggestions of how I can make it complete faster, I''m all
ears!
>
> class s_domain {
> # This is where I add the domain to define the new domain, I will
> paste the code below...
> include s_domain::all_zone
>
> # The shell script that runs to create the zone file
> file {
> "domain.sh":
> mode => 700, owner => root, group => root,
> ensure => present,
> path => "/root/domain.sh",
> source =>
"puppet://$servername/s_domain/domain.sh",
> }
> # The text that puppet looks at before running the domain.sh script
> file {
> "zones":
> mode => 600, owner => root, group => root,
> ensure => present,
> replace => true,
> path => "/root/zones",
> }
> # It creates the file for domain.sh
> exec { "domain_check":
> command => "/bin/ls /var/shared/bind/zones >
/root/zones",
> logoutput => true,
> }
>
> }
>
> # Taking the information from the include to define
> define s_domain::zones($domains) {
>
> s_domain::zonefile { $domains: }
>
> file { "/var/named/chroot/etc/zones.conf":
> owner => "named",
> group => "named",
> mode => "0644",
> }
> }
> # File it creates with the domain.sh script
> define s_domain::zonefile() {
> file { $name:
> path => "/var/shared/bind/zones/$name.zone",
> owner => "root",
> group => "root",
> mode => "0644",
> }
> # The domain.sh script runs only if the domain isn''t in
the zones
> file it create above
> exec { "domain $name":
> command => "/root/domain.sh $name",
> logoutput => true,
> unless => "/bin/grep -o $name /root/zones
2>/dev/null",
> }
> }
>
> INCLUDE code:
>
> class s_domain::all_zone {
> s_domain::zones { "company.com":
> domains => [ "thedomain.com", }
> }
> }
>
> The above code is short, the whole list of domains we have is about 2,000,
> reason it takes so long. I''m new to puppet coding, what I would
like to do
> is not have file created or puppet using the "unless" variable.
I''ve been
> trying to figure how to get puppet to just look at the all_zone.pp file
> only, but haven''t been able to figure a method to implement.
Thanks in
> advance!
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Thanks for the suggested method, I will put up a pilot environment and see if this solution works for me! On Feb 28, 2012, at 9:41 PM, Brian Gallew wrote:> Allow me to offer a couple of alternatives: > 1) If Puppet is not otherwise doing stuff with the domains, then > stop trying to manage the bind configs purely with Puppet. Instead, > have your configs in revision control (best practice) and have the > puppet run do an update/reload (e.g. have the exec something like > onlyif =>"bzr status", command => "bzr update", notify => > Service["bind9"] > 2) Use augeas to ensure the appropriate include stanza appreas in > your zones.conf file, and have the included fragment be generated > via template on Puppet. > 3) Use R.I.P.''s snippets extension to construct your zone file from > whole cloth. > 4) if you are using storedconfigs AND your zones are tied into your > infrastructure appropriately, it might be nice to collect exported > resources (files) on the DNS servers. > > To give you something of an example of #4, I want to see that > NetBackup is installed on all my servers. However, doing so > requires the execution of a script from the Netbackup server. So > each host checks the installed Netbackup version against the > configured version. If they differ, and *only* then, they will > export an exec{} that will be collected (and run) on the Netbackup > server. What this means is that the only time my Netbackup server > runs any execs is when I either upgrade Netbackup or add a new host. > > You could do something similar. If you DNS zones are, for instance, > tied to, say, web services, when the web service configures, it > could do a DNS lookup. If the results of that lookup are not > satisfactory, it could then export the appropriate updates for use > on the DNS servers. > > On Tue, Feb 28, 2012 at 2:43 PM, Mailing Lists <mailinglist@theflux.net > > wrote: > I''m currently looking for a more efficient method of creating domain > zone files. At the moment I have a shell script that I run to > create the domain zone, then add the domain to puppet define list so > it''ll know to add the domain to the dns servers. > > The new method I''m working on, I add the domain to a puppet define, > then let puppet run the shell script for me to create the zone > file. Only problem once its done validating that the domain exists > are not (using the shell script) its about 55 minutes when complete! > > Below is what I''ve written and I''ll add comment along the way. If > any has any suggestions of how I can make it complete faster, I''m > all ears! > > class s_domain { > # This is where I add the domain to define the new domain, I > will paste the code below... > include s_domain::all_zone > > # The shell script that runs to create the zone file > file { > "domain.sh": > mode => 700, owner => root, group => root, > ensure => present, > path => "/root/domain.sh", > source => "puppet://$servername/s_domain/domain.sh", > } > # The text that puppet looks at before running the domain.sh > script > file { > "zones": > mode => 600, owner => root, group => root, > ensure => present, > replace => true, > path => "/root/zones", > } > # It creates the file for domain.sh > exec { "domain_check": > command => "/bin/ls /var/shared/bind/zones > /root/zones", > logoutput => true, > } > > } > > # Taking the information from the include to define > define s_domain::zones($domains) { > > s_domain::zonefile { $domains: } > > file { "/var/named/chroot/etc/zones.conf": > owner => "named", > group => "named", > mode => "0644", > } > } > # File it creates with the domain.sh script > define s_domain::zonefile() { > file { $name: > path => "/var/shared/bind/zones/$name.zone", > owner => "root", > group => "root", > mode => "0644", > } > # The domain.sh script runs only if the domain isn''t in the > zones file it create above > exec { "domain $name": > command => "/root/domain.sh $name", > logoutput => true, > unless => "/bin/grep -o $name /root/zones 2>/dev/null", > } > } > > INCLUDE code: > > class s_domain::all_zone { > s_domain::zones { "company.com": > domains => [ "thedomain.com", } > } > } > > The above code is short, the whole list of domains we have is about > 2,000, reason it takes so long. I''m new to puppet coding, what I > would like to do is not have file created or puppet using the > "unless" variable. I''ve been trying to figure how to get puppet to > just look at the all_zone.pp file only, but haven''t been able to > figure a method to implement. Thanks in advance! > > > > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com > . > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en > . > > > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com > . > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en > .-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.