How to subscribe to an exported resource?
117 views
Skip to first unread message
Marc Haber
Aug 14, 2012, 7:27:36 AM8/14/12
to puppet...@googlegroups.com
Hi,
I am trying to build (on node A) an authorized_keys file that contains
all host keys from all nodes that have class C imported. Here is my
code:
class C {
@@file { "/var/lib/foo/authorized_keys/$fqdn":
ensure => present,
content => "from=\"$ipaddress_eth0\" ssh-rsa $sshrsakey\n",
tag => "foo",
}
}
node A {
class { 'bar': }
}
class bar {
File <<| tag == 'foo' |>> {
notify => Exec["/home/bar/.ssh/authorized_keys"],
}
exec { "/home/bar/.ssh/authorized_keys":
command => "cat /var/lib/foo/authorized_keys/* > /home/bar/.ssh/authorized_keys"
path => "/bin:/usr/bin",
provider => shell,
}
}
This works.
I would, however, prefer to have the exec subscribed to the File
instead of notifying the exec from the File. I would like to write
class bar {
File <<| tag == 'foo' |>>
exec { "/home/bar/.ssh/authorized_keys":
command => "cat /var/lib/foo/authorized_keys/* > /home/bar/.ssh/authorized_keys"
path => "/bin:/usr/bin",
provider => shell,
subscribe => File <<| tag == 'foo' |>>,
}
}
which doesn't compile.
How can I refer to the File in my exec?
That being said, is there a way to do things more elegantly? I
understand that I need to create one file by node of class C, or is
there a way to have the exported resources all concatenated into the
same file?
Any hints will be appreciated.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062
I am trying to build (on node A) an authorized_keys file that contains
all host keys from all nodes that have class C imported. Here is my
code:
class C {
@@file { "/var/lib/foo/authorized_keys/$fqdn":
ensure => present,
content => "from=\"$ipaddress_eth0\" ssh-rsa $sshrsakey\n",
tag => "foo",
}
}
node A {
class { 'bar': }
}
class bar {
File <<| tag == 'foo' |>> {
notify => Exec["/home/bar/.ssh/authorized_keys"],
}
exec { "/home/bar/.ssh/authorized_keys":
command => "cat /var/lib/foo/authorized_keys/* > /home/bar/.ssh/authorized_keys"
path => "/bin:/usr/bin",
provider => shell,
}
}
This works.
I would, however, prefer to have the exec subscribed to the File
instead of notifying the exec from the File. I would like to write
class bar {
File <<| tag == 'foo' |>>
exec { "/home/bar/.ssh/authorized_keys":
command => "cat /var/lib/foo/authorized_keys/* > /home/bar/.ssh/authorized_keys"
path => "/bin:/usr/bin",
provider => shell,
subscribe => File <<| tag == 'foo' |>>,
}
}
which doesn't compile.
How can I refer to the File in my exec?
That being said, is there a way to do things more elegantly? I
understand that I need to create one file by node of class C, or is
there a way to have the exported resources all concatenated into the
same file?
Any hints will be appreciated.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062
Stephen Gran
Aug 14, 2012, 2:58:21 PM8/14/12
to puppet...@googlegroups.com
Hi,
On Tue, 2012-08-14 at 13:27 +0200, Marc Haber wrote:
> Hi,
>
> I am trying to build (on node A) an authorized_keys file that contains
> all host keys from all nodes that have class C imported. Here is my
> code:
...
> That being said, is there a way to do things more elegantly? I
> understand that I need to create one file by node of class C, or is
> there a way to have the exported resources all concatenated into the
> same file?
The classic is:
https://github.com/ripienaar/puppet-concat
Cheers,
--
Stephen Gran
Senior Systems Integrator - guardian.co.uk
Please consider the environment before printing this email.
------------------------------------------------------------------
Visit guardian.co.uk - newspaper of the year
www.guardian.co.uk www.observer.co.uk www.guardiannews.com
On your mobile, visit m.guardian.co.uk or download the Guardian
iPhone app www.guardian.co.uk/iphone and iPad edition www.guardian.co.uk/iPad
Save up to 37% by subscribing to the Guardian and Observer - choose the papers you want and get full digital access.
Visit guardian.co.uk/subscribe
---------------------------------------------------------------------
This e-mail and all attachments are confidential and may also
be privileged. If you are not the named recipient, please notify
the sender and delete the e-mail and all attachments immediately.
Do not disclose the contents to another person. You may not use
the information for any purpose, or store, or copy, it in any way.
Guardian News & Media Limited is not liable for any computer
viruses or other material transmitted with or as part of this
e-mail. You should employ virus checking software.
Guardian News & Media Limited
A member of Guardian Media Group plc
Registered Office
PO Box 68164
Kings Place
90 York Way
London
N1P 2AP
Registered in England Number 908396
On Tue, 2012-08-14 at 13:27 +0200, Marc Haber wrote:
> Hi,
>
> I am trying to build (on node A) an authorized_keys file that contains
> all host keys from all nodes that have class C imported. Here is my
> code:
> That being said, is there a way to do things more elegantly? I
> understand that I need to create one file by node of class C, or is
> there a way to have the exported resources all concatenated into the
> same file?
https://github.com/ripienaar/puppet-concat
Cheers,
--
Stephen Gran
Senior Systems Integrator - guardian.co.uk
Please consider the environment before printing this email.
------------------------------------------------------------------
Visit guardian.co.uk - newspaper of the year
www.guardian.co.uk www.observer.co.uk www.guardiannews.com
On your mobile, visit m.guardian.co.uk or download the Guardian
iPhone app www.guardian.co.uk/iphone and iPad edition www.guardian.co.uk/iPad
Save up to 37% by subscribing to the Guardian and Observer - choose the papers you want and get full digital access.
Visit guardian.co.uk/subscribe
---------------------------------------------------------------------
This e-mail and all attachments are confidential and may also
be privileged. If you are not the named recipient, please notify
the sender and delete the e-mail and all attachments immediately.
Do not disclose the contents to another person. You may not use
the information for any purpose, or store, or copy, it in any way.
Guardian News & Media Limited is not liable for any computer
viruses or other material transmitted with or as part of this
e-mail. You should employ virus checking software.
Guardian News & Media Limited
A member of Guardian Media Group plc
Registered Office
PO Box 68164
Kings Place
90 York Way
London
N1P 2AP
Registered in England Number 908396
jcbollinger
Aug 15, 2012, 9:43:18 AM8/15/12
to puppet...@googlegroups.com, mh+pupp...@zugschlus.de
On Tuesday, August 14, 2012 6:27:36 AM UTC-5, Marc Haber wrote:
Hi,
I am trying to build (on node A) an authorized_keys file that contains
all host keys from all nodes that have class C imported. Here is my
code:
class C {
@@file { "/var/lib/foo/authorized_keys/$fqdn":
ensure => present,
content => "from=\"$ipaddress_eth0\" ssh-rsa $sshrsakey\n",
tag => "foo",
}
}
node A {
class { 'bar': }
}
class bar {
File <<| tag == 'foo' |>> {
notify => Exec["/home/bar/.ssh/authorized_keys"],
}
exec { "/home/bar/.ssh/authorized_keys":
command => "cat /var/lib/foo/authorized_keys/* > /home/bar/.ssh/authorized_keys"
path => "/bin:/usr/bin",
provider => shell,
}
}
This works.
I would, however, prefer to have the exec subscribed to the File
instead of notifying the exec from the File.
Why?
I would like to write
class bar {
File <<| tag == 'foo' |>>
exec { "/home/bar/.ssh/authorized_keys":
command => "cat /var/lib/foo/authorized_keys/* > /home/bar/.ssh/authorized_keys"
path => "/bin:/usr/bin",
provider => shell,
subscribe => File <<| tag == 'foo' |>>,
}
}
which doesn't compile.
How can I refer to the File in my exec?
What you are looking for may work in Puppet 3; see http://projects.puppetlabs.com/issues/3178, which is targeted there.
With that said, Stephen is right that you are reinventing the wheel (though he didn't put it in those terms). The Concat module is all about constructing files from pieces, and those pieces can easily be imported resources declared by other nodes.
John
Marc Haber
Aug 15, 2012, 2:34:03 PM8/15/12
to puppet...@googlegroups.com
On Tue, Aug 14, 2012 at 07:58:21PM +0100, Stephen Gran wrote:
> The classic is:
> https://github.com/ripienaar/puppet-concat
So that is a module that would need to be compiled and installed (on
> The classic is:
> https://github.com/ripienaar/puppet-concat
the puppetmaster, run by a different department)?
Marc Haber
Aug 15, 2012, 2:41:58 PM8/15/12
to puppet...@googlegroups.com
On Wed, Aug 15, 2012 at 06:43:18AM -0700, jcbollinger wrote:
> On Tuesday, August 14, 2012 6:27:36 AM UTC-5, Marc Haber wrote:
> > I would, however, prefer to have the exec subscribed to the File
> > instead of notifying the exec from the File.
>
> Why?
Personal style, fits better into the rest of the core, more linear.
> On Tuesday, August 14, 2012 6:27:36 AM UTC-5, Marc Haber wrote:
> > I would, however, prefer to have the exec subscribed to the File
> > instead of notifying the exec from the File.
>
> Why?
> With that said, Stephen is right that you are reinventing the wheel (though
> he didn't put it in those terms). The Concat module is all about
> constructing files from pieces, and those pieces can easily be imported
> resources declared by other nodes.
install the concat module.
Marc Haber
Aug 16, 2012, 7:27:04 AM8/16/12
to puppet...@googlegroups.com
On Wed, Aug 15, 2012 at 08:34:03PM +0200, Marc Haber wrote:
> On Tue, Aug 14, 2012 at 07:58:21PM +0100, Stephen Gran wrote:
> > The classic is:
> > https://github.com/ripienaar/puppet-concat
>
> So that is a module that would need to be compiled and installed (on
> the puppetmaster, run by a different department)?
Sorry, I got confused by the rakefile and didn't scroll down all the
> On Tue, Aug 14, 2012 at 07:58:21PM +0100, Stephen Gran wrote:
> > The classic is:
> > https://github.com/ripienaar/puppet-concat
>
> So that is a module that would need to be compiled and installed (on
> the puppetmaster, run by a different department)?
way where the docs are. I have now understood ;-)
Marc Haber
Sep 4, 2012, 6:15:14 AM9/4/12
to puppet...@googlegroups.com
On Thu, Aug 16, 2012 at 01:27:04PM +0200, Marc Haber wrote:
> On Wed, Aug 15, 2012 at 08:34:03PM +0200, Marc Haber wrote:
> > On Tue, Aug 14, 2012 at 07:58:21PM +0100, Stephen Gran wrote:
> > > The classic is:
> > > https://github.com/ripienaar/puppet-concat
> >
> > So that is a module that would need to be compiled and installed (on
> > the puppetmaster, run by a different department)?
>
> Sorry, I got confused by the rakefile and didn't scroll down all the
> way where the docs are. I have now understood ;-)
This works fine, and I have already used it in multiple places. Very
> On Wed, Aug 15, 2012 at 08:34:03PM +0200, Marc Haber wrote:
> > On Tue, Aug 14, 2012 at 07:58:21PM +0100, Stephen Gran wrote:
> > > The classic is:
> > > https://github.com/ripienaar/puppet-concat
> >
> > So that is a module that would need to be compiled and installed (on
> > the puppetmaster, run by a different department)?
>
> Sorry, I got confused by the rakefile and didn't scroll down all the
> way where the docs are. I have now understood ;-)
helpful, thanks.
Reply all
Reply to author
Forward
0 new messages