Re: Multiple Complex Tasks

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multiple Complex Tasks

From:	Chris Edillon
Subject:	Re: Multiple Complex Tasks
Date:	Wed, 19 Sep 2001 22:07:46 -0400 (GMT+4)

On Wed, 19 Sep 2001, Alex Gottschalk wrote:

> Hi All,
> 
> I've got a few faily complex cfengine recipes written, and I'm going nuts
> trying to figure out the best way to bring it all together.
> 
> Right now, I have two separate files, cf.copy and cf.update.  The first
> copies a new passwd and shadow file out of a master server and into the
> client(s).  It also has a shellcommands and editfiles action sequence that
> preserves the original root password on the client.
> 
> On the other hand, cf.update is a file to update the configuration of a
> standard network service.  It copies $(host).service.conf from a standard
> location on the network into /etc, then links service.conf to that file.
> It the runs /etc/init.d/service reload.
> 
> My question is, is there a standard way of running these recipes from a
> central location, "pushing" them out only to the machines where they're
> needed?  Is it best to keep them in separate executable scripts, or is
> there some way to merge it all into cfengine.conf?  The latter would
> involve cfengine.conf having multiple action sequences, since, for
> example, cf.copy runs shellcommands first, but cf.update runs
> shellcommands last.
> 
  by "pushing", do you mean keeping your cfengine configuration
files in a central location and distributing them to all of your
clients?  you can always use cfengine's copy directive to copy
new versions of the configuration files from a central source,
so that the next time cfengine runs it will have the new config
files in place.  the clients then become somewhat self-maintaining.

> I guess what I'd like is to know what others have done for situations like
> this.
> 
  getting the timing of the actionsequence can be a pain, but
it's doable in a few different ways.  from what you've described,
one way would be to set up cfengine.conf something like this:

# cfengine.conf
control:
    actionsequence = ( shellcommands.firstpass
                       editfiles
                       shellcommands.secondpass
                     )

import:
    any::  cf.copy
           cf.update

# end cfengine.conf

  the import allows you to split up your cfengine configuration
into multiple files, and to import them based on class.  you could,
for example, import the cf.copy file only at midnight, and cf.update
every four hours.  that should take care of merging the two scripts,
except for that pesky timing problem with the shellcommands.
  however, in the actionsequence you can set arbitrary classes to
be true only during that particular action, and false the rest of
the time.  in my example above, shellcommands are run twice, but in
the first case the class "firstpass" is defined to be true.  in the
second case, "secondpass" is defined to be true, but "firstpass" is
no longer set.  with these classes being defined and undefined on
the fly, you can then set up the shellcommands to be run in a
particular order:

shellcommands:
    any.firstpass::   "/usr/local/foo"
    any.secondpass::  "/usr/local/bar"

in this example, foo is only run during the first shellcommands
run, and bar is only run during the second shellcommands action.
there is a short blurb about this in the cfengine-Reference document
under the actionsequence reference section.  you'd have to edit
cf.copy and cf.update to use these actionsequence classes.

  a second way of doing this is, if you only need to run your
two scripts at two different times, is to set up cfengine.conf
something like the following:

# begin cfengine.conf
control:
    Hr01.Min00::
        actionsequence = ( shellcommands  editfiles )

    Hr04.Min00::
        actionsequence = ( editfiles  shellcommands )

import:
    Hr01.Min00::  cf.copy
    Hr04.Min00::  cf.update

assuming that cfengine runs out of cron at the top of every
hour, this will run cf.copy with the proper actionsequence
at 1:00am, and cf.update with the proper actionsequence at
4:00am.  this will obviously only work if you only need to
run the different scripts at certain times of the day, and
if you aren't importing lots of other files which require
other actionsequences.

  given all that, your best bet is probably to try and re-work
your solution so that you don't require special timing for the
edits and shellcommands.  if you're using cfengine's native
copy directive, you can do the copy of all files first, then
any edits you need to do, and then finally run shellcommands
to do your /etc/init.d/service reload.  of course, it always
seems easy from the other end of an email...  :-)

chris

[Prev in Thread]

Current Thread

[Next in Thread]

Multiple Complex Tasks, Alex Gottschalk, 2001/09/19
- Re: Multiple Complex Tasks, Mark . Burgess, 2001/09/19
- Re: Multiple Complex Tasks, Chris Edillon <=

Prev by Date: Re: How to run cfengine?
Next by Date: Re: syntax reference
Previous by thread: Re: Multiple Complex Tasks
Next by thread: Re: Bugs and features
Index(es):
- Date
- Thread