subscribe vs notify
2,649 views
Skip to first unread message
Andrew
Oct 9, 2016, 10:57:42 PM10/9/16
to Puppet Users
A long time ago in a puppet version far far away, I used to use subscribe all the time, until I discovered notify.
Now the type docs no longer list subscibe, I'm a assuming it has been or is slated for deprecation.
but ... I have a problem that I think I can only solve using subscribe.
Certficates.
ssl certificates for each computer are put in one place, and all ssl serivces are expected to use the same certificate.
so, all computers are using the certs for ldaps://, some are using them for https://, some for other ssl based services.
file -> /etc/pki/tls/certs/localhost.crt
file -> /etc/pki/tls/private/localhost.key
group -> certifcates, members = ldap, apache, [whoever etc]
Now I need to renew all the certificates and restart the services that are using them ...
Q. howto map all this? Is there a better way than subscribing the relevant services to the cert and key files ??
Any ideas ?
Andrew.
Peter Faller
Oct 10, 2016, 3:55:05 AM10/10/16
to Puppet Users
Hi Andrew
On Monday, 10 October 2016 04:57:42 UTC+2, Andrew wrote:
'subscribe' is not a type - it's a metaparameter, and it still exists. See:
On Monday, 10 October 2016 04:57:42 UTC+2, Andrew wrote:
Craig Dunn
Oct 12, 2016, 8:15:34 AM10/12/16
to puppet...@googlegroups.com
subscribe and notify are metaparameters, as Peter Faller has already pointed out. They do exactly the same thing in reverse of eachother, resource A notifying resource B has the same effect as resource B subscribing to resource A. It's generally better to use subscribe in most cases for readability (although opinions may vary on this matter). Some times there are cases when only notify will do, consider this example
if $condition {
file { '/tmp/foo':
ensure => file,
}
}
service { 'foo':
subscribe => File['/tmp/foo']
}
In the above example, if I want the service to refresh then putting subscribe => File['/tmp/foo'] in the service declaration is a bad idea, because if $condition doesn't give true then the file resource it's notifying will never exist and therefore the catalog will fail to compile, in this example, the correct way would be to add notify => Service['foo'] in the file declaration so the resource relationship only exists when $condition is true
Regards
Craig
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/7ecc18cf-040c-49fe-8b27-dbb627c4ff55%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Enviatics | Automation and Configuration Management
Puppet Labs Service Delivery Partner & Certified Consultant
http://www.enviatics.com | @Enviatics | cr...@enviatics.com
Reply all
Reply to author
Forward
0 new messages