reporting, rollback

[Dan Bode]

Hi all,

I need to fulfill a requirement for change rollbacks with puppet. (where the original version of files is not necessarily managed with puppet)

Is there something in place that I can use as a starting point here?

I wanted see what the future plan is for this, so that I can gauge how much effort I should put into doing something custom. (if there is a report DB coming out soon, maybe I will wait)

1. Requirement - be able to rollback any configuration changes made by puppet

I can use a mix of procedure and scripting, but I would rather have scripts do everything (and let puppet rollback the changes like they were regular config)

1. Approach:

- store reports with

report = true

-create a comand line app with the following functionality

*list         = for a host, show a list of all of the reports, along with date, and an index (most recent = 1).
*id          = for a given report index, show a list of all file changes.
*rollback = for a given report index(default is most recent), rollback all changes to the host.

-rollback

 *Initially, this will just dump the files in a defined dir location, where an admin must push them out manually
 *create the same files that puppet created for config changes, push these files out using puppet, create a report of the changes that are being reverted.

Is there a good starting place with existing code for this?

Also, does the approach make sense? If so, I have some follow up questions about how to use some of the puppet classes.

Is this something that would be useful for the community(maybe my boss would let me contribute it)? Maybe I could find some time to integrate it with PuppetShow later this year.

[Evan Hisey]

Not sure how the best to do this would be, but the file bucket gives
you a solid stating place. With the file bucket turned on, and I
believe it is by default, you automatically get a copy of the
pre-puppet modified files. That should help greatly with setting up a
rollback procedure, especially for pre-puppettized files. I am not
sure how many changes stay in the bucket though. The reports feature
provides most of the information you need already. I would also look
at puppetview as it is a much simpler report viewer than puppetshow.

Evan

[Andrew Shafer]

Dan,

This was something that Luke talked about from the beginning, but there a few hitches.

Rolling back files is not hard, but once you get to something like packages, you are depending on the packages themselves to do the right thing, and that is not always prudent.

FYI, in my personal opinion, implementing rollback is probably more effort than it is worth. Difficult to get right and I don't see the ROI versus a reasonable dev, test, staging, production approach that lets you deploy with confidence.  Call it a 'roll forward' strategy.

Not trying to discourage you, that's just my opinion...

0.02
Andrew

[Dan Bode]

thanks for the response, the only feature that I have to support with rollback is files, its just something that I have to do for the first production deployment (while everyone gets used to this new system touching production servers). I really wasnt that difficult, I am parsing YAML reports and returning files to a known location on the server, where the user can then copy them themselves.

I had already decided that anything more complicated would be out of the question.

[Peter Meier]

Hi

> thanks for the response, the only feature that I have to support with
> rollback is files, its just something that I have to do for the first
> production deployment (while everyone gets used to this new system touching
> production servers). I really wasnt that difficult, I am parsing YAML
> reports and returning files to a known location on the server, where the
> user can then copy them themselves.

would you mind sharing such a script? would be nice!

cheers pete