[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What not to do... dumb question for those who might try to do things
|
From: |
SiliconSlick |
|
Subject: |
Re: What not to do... dumb question for those who might try to do things the smart way... |
|
Date: |
13 Jan 2006 11:54:13 -0800 |
|
User-agent: |
G2/0.2 |
I did use cf1 to roll out cf2 rpms... I also used cf1 to run cfkey(2)
and start cfenvd and cfexecd. That all worked beautifully... it was
just starting cfservd that I had the problem.
As for replacing cf1... we aren't there yet... we wanted to learn cf2
first.
The transition has been mostly easy (and is mostly complete). But we
need cf1 until we have everything from cfengine.conf (about 90K)
transferred and tested (we're also trying to use what we learned and
make it cleaner this time[*]).
SiliconSlick
[*] The "packages:" actionsequence rocks!!!! The Linux distribution
classes (e.g. fedora_3) are going to allow us to toss some netgroups
that were serving the same purpose (except they had to be updated when
the OS was updated which didn't always happen). I'm loving it...
combined with yum we'll probably trim some 60% out of our old
config... here's what I came up with:
# cf.yumboxes - for those systems with the YellowDog Update Manager
(newer RedHat-based systems)
# first off, install yum
control:
yum_conf = ( /etc/yum.conf )
yum_rpmdir = ( "$(rpm_redhatmisc)" )
redhat_7_2|redhat_7_3:: yum_ver = ( yum-1.0.3-6.0.7.x.legacy )
yum_conf_OStag = ( rh7x )
redhat_9:: yum_ver = ( yum-2.0.5-0.9.2.legacy )
yum_conf_OStag = ( rh9 )
fedora_1:: yum_ver = ( yum-2.0.4-2 )
yum_conf_OStag = ( fc1 )
fedora_2:: yum_ver = ( yum-2.0.7-1.1 )
yum_conf_OStag = ( fc2 )
fedora_3:: yum_ver = ( yum-2.1.11-3 )
yum_conf_OStag = ( fc3 )
fedora_4:: yum_ver = ( yum-2.3.2-7 )
yum_conf_OStag = ( fc4 )
centos_4_2:: yum_ver = ( yum-2.4.0-1.centos4 )
yum_conf_OStag = ( rhel4 )
groups:
need_yum = ( "/usr/bin/test ! -e /usr/bin/yum" )
copy:
$(cfdir)$(yum_conf).$(yum_conf_OStag) dest=$(yum_conf) owner=root
group=sys mode=0644 backup=false type=checksum server=cfenginesrv
shellcommands:
need_yum:: "/bin/rpm -U $(yum_rpmdir)/$(yum_ver).noarch.rpm"
"/etc/rc.d/init.d/yum start" # start it now...
updates at 4am
yumboxes:: "/sbin/chkconfig yum on" # always make sure it
starts on next reboot
# now we can use it to install packages
control:
RPMInstallCommand = ( "/usr/bin/yum -e 0 -d 0 -y install %s" )
MyRPMEraseCommand = ( "/usr/bin/yum -e 0 -d 0 -y -C erase " ) #
not an official cfengine var... yet
# our core networking/sysadm stuff
packages:
autofs pkgmgr=rpm action=install
expireafter=30 elsedefine=start_autofs
nfs-utils pkgmgr=rpm action=install
expireafter=30 elsedefine=start_nfs
ntp pkgmgr=rpm action=install
expireafter=30 elsedefine=start_ntp
openssl pkgmgr=rpm action=install
expireafter=30
#openssh pkgmgr=rpm action=install
expireafter=30
#openssh-askpass pkgmgr=rpm action=install
expireafter=30
#openssh-askpass-gnome pkgmgr=rpm action=install
expireafter=30
#openssh-clients pkgmgr=rpm action=install
expireafter=30
#openssh-server pkgmgr=rpm action=install
expireafter=30 elsedefine=start_openssh
sudo pkgmgr=rpm action=install
expireafter=30
!nismaster: ypbind pkgmgr=rpm action=install
expireafter=30 elsedefine=start_ypbind
shellcommands:
start_autofs:: "/etc/rc.d/init.d/autofs start"
start_nfs:: "/etc/rc.d/init.d/nfs start"
start_ntp:: "/etc/rc.d/init.d/ntpd start"
start_openssh:: "/etc/rc.d/init.d/sshd start"
start_ypbind.!nismaster:: "/etc/rc.d/init.d/ypbind start"
# install a core set of applications for all users on all systems
packages:
aspell pkgmgr=rpm action=install
expireafter=30
arts pkgmgr=rpm action=install
expireafter=30
autoconf pkgmgr=rpm action=install
expireafter=30
automake pkgmgr=rpm action=install
expireafter=30
bash pkgmgr=rpm action=install
expireafter=30
bison pkgmgr=rpm action=install
expireafter=30
blas pkgmgr=rpm action=install
expireafter=30
bzip2 pkgmgr=rpm action=install
expireafter=30
bzip2-devel pkgmgr=rpm action=install
expireafter=30
bzip2-libs pkgmgr=rpm action=install
expireafter=30
cdrecord pkgmgr=rpm action=install
expireafter=30
curl pkgmgr=rpm action=install
expireafter=30
dialog pkgmgr=rpm action=install
expireafter=30
dos2unix pkgmgr=rpm action=install
expireafter=30
doxygen pkgmgr=rpm action=install
expireafter=30
ElectricFence pkgmgr=rpm action=install
expireafter=30
emacs pkgmgr=rpm action=install
expireafter=30
enscript pkgmgr=rpm action=install
expireafter=30
expect pkgmgr=rpm action=install
expireafter=30
gcc pkgmgr=rpm action=install
expireafter=30
gcc-c++ pkgmgr=rpm action=install
expireafter=30
gcc-g77 pkgmgr=rpm action=install
expireafter=30
gcc-java pkgmgr=rpm action=install
expireafter=30
gdb pkgmgr=rpm action=install
expireafter=30
ghostscript pkgmgr=rpm action=install
expireafter=30
ghostscript-fonts pkgmgr=rpm action=install
expireafter=30
gv pkgmgr=rpm action=install
expireafter=30
gzip pkgmgr=rpm action=install
expireafter=30
krb5-devel pkgmgr=rpm action=install
expireafter=30
krb5-libs pkgmgr=rpm action=install
expireafter=30
libstdc++ pkgmgr=rpm action=install
expireafter=30
libstdc++-devel pkgmgr=rpm action=install
expireafter=30
libxml2 pkgmgr=rpm action=install
expireafter=30
libxml2-devel pkgmgr=rpm action=install
expireafter=30
lm_sensors pkgmgr=rpm action=install
expireafter=30
logrotate pkgmgr=rpm action=install
expireafter=30
logwatch pkgmgr=rpm action=install
expireafter=30
ltrace pkgmgr=rpm action=install
expireafter=30
lynx pkgmgr=rpm action=install
expireafter=30
make pkgmgr=rpm action=install
expireafter=30
minicom pkgmgr=rpm action=install
expireafter=30
mkisofs pkgmgr=rpm action=install
expireafter=30
mktemp pkgmgr=rpm action=install
expireafter=30
mozilla pkgmgr=rpm action=install
expireafter=30
mysql pkgmgr=rpm action=install
expireafter=30
mysql-devel pkgmgr=rpm action=install
expireafter=30
octave pkgmgr=rpm action=install
expireafter=30
openssl-perl pkgmgr=rpm action=install
expireafter=30
pdksh pkgmgr=rpm action=install
expireafter=30
perl pkgmgr=rpm action=install
expireafter=30
perl-DBD-MySQL pkgmgr=rpm action=install
expireafter=30
perl-suidperl pkgmgr=rpm action=install
expireafter=30
qt pkgmgr=rpm action=install
expireafter=30
#rwall pkgmgr=rpm action=install
expireafter=30 # once Enrico has repositories correct
#rwall-server pkgmgr=rpm action=install
expireafter=30
samba pkgmgr=rpm action=install
expireafter=30
samba-client pkgmgr=rpm action=install
expireafter=30
samba-common pkgmgr=rpm action=install
expireafter=30
screen pkgmgr=rpm action=install
expireafter=30
sendmail pkgmgr=rpm action=install
expireafter=30
sharutils pkgmgr=rpm action=install
expireafter=30
strace pkgmgr=rpm action=install
expireafter=30
stunnel pkgmgr=rpm action=install
expireafter=30
tcl pkgmgr=rpm action=install
expireafter=30
tcsh pkgmgr=rpm action=install
expireafter=30
tetex pkgmgr=rpm action=install
expireafter=30
tk pkgmgr=rpm action=install
expireafter=30
tmpwatch pkgmgr=rpm action=install
expireafter=30
transfig pkgmgr=rpm action=install
expireafter=30
unix2dos pkgmgr=rpm action=install
expireafter=30
unzip pkgmgr=rpm action=install
expireafter=30
vim-minimal pkgmgr=rpm action=install
expireafter=30
vim-X11 pkgmgr=rpm action=install
expireafter=30
vnc pkgmgr=rpm action=install
expireafter=30
vnc-server pkgmgr=rpm action=install
expireafter=30
words pkgmgr=rpm action=install
expireafter=30
xfig pkgmgr=rpm action=install
expireafter=30
xemacs pkgmgr=rpm action=install
expireafter=30
zip pkgmgr=rpm action=install
expireafter=30
# remove packages that no system should have
# 13jan2006/jkp2866 - action=remove isn't implemented yet but we can
use it to define a class and delete below
anacron pkgmgr=rpm action=remove expireafter=30
define=has_anacron
anonftp pkgmgr=rpm action=remove expireafter=30
define=has_anonftp
fah pkgmgr=rpm action=remove expireafter=30
define=has_fah
ntop pkgmgr=rpm action=remove expireafter=30
define=has_ntop
openldap-servers pkgmgr=rpm action=remove expireafter=30
define=has_openldap_servers
updateme pkgmgr=rpm action=remove expireafter=30
define=has_updateme
wu-ftpd pkgmgr=rpm action=remove expireafter=30
define=has_wu_ftpd
# depending upon the distro, there are some differences in package
names that every system should have
redhat_7_2::
redhat_9::
apel-xemacs pkgmgr=rpm action=install
expireafter=30
compat-libstdc++ pkgmgr=rpm action=install
expireafter=30
cups pkgmgr=rpm action=install
expireafter=30
libxml2-python pkgmgr=rpm action=install
expireafter=30
openssl096b pkgmgr=rpm action=install
expireafter=30
openoffice pkgmgr=rpm action=install
expireafter=30
perl-CGI pkgmgr=rpm action=install
expireafter=30
perl-CPAN pkgmgr=rpm action=install
expireafter=30
perl-DB_File pkgmgr=rpm action=install
expireafter=30
qt-designer pkgmgr=rpm action=install
expireafter=30
qt-ODBC pkgmgr=rpm action=install
expireafter=30
fedora_4::
centos_4_2::
apel-xemacs pkgmgr=rpm action=install
expireafter=30
compat-libstdc++-296 pkgmgr=rpm action=install
expireafter=30
compat-libstdc++-33 pkgmgr=rpm action=install
expireafter=30
cups pkgmgr=rpm action=install
expireafter=30
gcc4 pkgmgr=rpm action=install
expireafter=30
gcc4-c++ pkgmgr=rpm action=install
expireafter=30
libxml2-python pkgmgr=rpm action=install
expireafter=30
openoffice.org pkgmgr=rpm action=install
expireafter=30
qt-designer pkgmgr=rpm action=install
expireafter=30
qt-ODBC pkgmgr=rpm action=install
expireafter=30
# remove packages that no system should have
yumboxes::
# 13jan2006/jkp2866 - action=remove isn't implemented yet but we
can use it to define a class and delete below
anacron pkgmgr=rpm action=remove expireafter=30
define=has_anacron
anonftp pkgmgr=rpm action=remove expireafter=30
define=has_anonftp
fah pkgmgr=rpm action=remove expireafter=30
define=has_fah
ntop pkgmgr=rpm action=remove expireafter=30
define=has_ntop
openldap-servers pkgmgr=rpm action=remove expireafter=30
define=has_openldap_servers
updateme pkgmgr=rpm action=remove expireafter=30
define=has_updateme
wu-ftpd pkgmgr=rpm action=remove expireafter=30
define=has_wu_ftpd
shellcommands:
has_anacron:: "$(MyRPMEraseCommand) anacron"
has_anonftp:: "$(MyRPMEraseCommand) anonftp"
has_fah:: "$(MyRPMEraseCommand) fah"
has_ntop:: "$(MyRPMEraseCommand) ntop"
has_openldap_servers:: "$(MyRPMEraseCommand) openldap-servers"
has_updateme:: "$(MyRPMEraseCommand) updateme"
has_wu_ftpd:: "$(MyRPMEraseCommand) wu-ftpd"
# EOF cf.yumboxes
</pre>