[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Undo a cfengine action?
|
From: |
Daniel Nilsson |
|
Subject: |
Re: Undo a cfengine action? |
|
Date: |
Sun, 22 Dec 2002 12:03:49 +0100 (CET) |
To make sure every host has the correct configuration your cfagent-rules
has to take care of both "foo_server" and "!foo_server".
I see it like this, every host has a "normal configuration" that applies
to class "any", and maby with OS exceptions.
Then there are special classes like "ftp_server" that is defined for
certain hosts.
Fx. On every hosts "ftp" is commented in inetd.conf, except if host is
"ftp_server", then its uncommented.
This way, if you remove a host from "ftp_server", the configs gets
"undone".
This also means that I never rely on default config files coming with the
OS, thats what cfengine is all about... Dont rely on anyhing, always
check and correct everything.
See what I mean?
/// D
On Sat, 21 Dec 2002, Kai Großjohann wrote:
> We do lots of things with cfengine, but it occurred to me that it is
> kind of difficult to undo the effect. What do folks do to deal with
> this?
>
> Why do I have to undo operations? Suppose I have a machine which is
> the foo server. Various config files are edited such that they are
> good for foo servers. Now the role of foo server moves to another
> machine. It's easy to change the class in cfagent.conf such that the
> necessary actions will be done on the new machine, but how do I make
> it so that they are *undone* on the old machine?
>
> What kinds of operations are we talking about? Well, config files
> might be copied to /etc, or certain lines added to config files.
>
> The background of my question is that I think that you guys must have
> the same problem in principle. And obviously, you have some way of
> dealing with it. But how? What has fared well in practice?
>
> One idea would be to completely scratch and reinstall a machine when
> something like this happens. After all, all the configuration will
> be handled by cfengine anyway.
>
> Another idea would be to never rely on default files coming with the
> OS. (Mine is Debian GNU/Linux, fwiw.) So whenever you have a config
> file for foo servers, you also have the same one for non-foo servers.
>
> A third idea would be to construct was_foo_server classes in cfengine
> and to have actions to undo the effect in the config.
>
> A fourth idea would be to look through the cfengine config to see
> which files are affected. Then, run the Debian command that
> reinstalls the corresponding packages, with an option to overwrite
> the config files.
>
> I'm happy about any input.
>
- Re: Undo a cfengine action?,
Daniel Nilsson <=