外行人覆盖和木偶

我们开始使用Puppet作为在各种服务器上pipe理configuration的一种方式。 我们有一个Portage存储库,里面有几个我们自己的软件包,每台机器都使用Laymanpipe理覆盖。

在puppet中安装包很容易 ,但我们应该如何确保Layman被configuration? 那里有一个模块吗?

我不知道gentoo,portage或门外汉的具体情况,我没有看到傀儡模块伪造的任何现有模块,但从快速浏览一些gentoo外行人文档,它看起来像它会是相当简单的自己写木偶:

stage { "first": before => Stage[main] } # Set up first stage, before main class layman { # "overlays"? package { "layman": ensure => present } # Then everything else (file, execs, whatever) to configure layman, # overlays, etc # Looks to me like you need to change /etc/make.conf, /etc/layman/layman.cfg # and write some execs that run "layman -a <overlay-name>" # depending on output of "layman -i <overlay-name>" # or possibly grepping /var/lib/layman/overlays.xmls } class{"layman": stage => "first"} # Set layman class to run in the first stage 

而不是使用阶段,而是可以在所有需要它的package语句上使用require => Class[layman] 。 使用require比较冗长; 如果我只需要一些东西,或者如果我需要一个特定的覆盖,我会使用它。 我相信你通常应该避免使用要求的跨越界限,但是,因为它是多余的,可能会痒痒的怪异的错误 。

另外,取决于你需要什么,避免阶段,只做明确的要求sorting。 我用RHEL和yum回购做这样的事情:

 # In a "layman" module. class layman { [...] } define layman::overlay() { exec { "layman -a $name": require => Class[layman], creates => "/var/lib/layman/${name}", } } class layman::overlay::php { layman::overlay { "php": } } class layman::overlay::apache2 { layman::overlay { "apache2": } } class apache { include layman::overlay::apache2 package { "apache2": ensure => present, require => Class[layman::overlay::apache2]; } file { "/etc/apache2/conf.d/whatever.conf": source => "...", require => Package[apache2], notify => Service[apache2]; } service { "apache2": ensure => running, enable => true, require => [ Package[apache2], File["/etc/apache2/conf.d/whatever.conf"] ]; } } # "yoursite" module or "somephpapp" module class yoursite::somephpapp { include apache include layman::overlay::php package { "somephpapp": ensure => present, require => [ Class[apache], Class[layman::overlay::php] ]; } file { "/path/to/somephpapp.conf": source => "...", require => Package[somephpapp], notify => Service[apache2]; # probably not actually required, example } } 

除了freiheit的回答,这是我最终的结果。

 class packages-layman { Exec { path => '/usr/bin:/bin:/usr/sbin:/sbin', loglevel => 'debug' } package { 'app-portage/layman': ensure => 'installed' } file { '/etc/eix-sync.conf': ensure => present, content => '*', } line { 'layman-make.conf-overlay': file => '/etc/make.conf', line => 'source /var/lib/layman/make.conf', } exec { 'layman-list': command => 'layman -o "http://dev.mycompany.com" -L', require => [ Package['app-portage/layman'], Service['openvpn'] ], } exec { 'layman-my-overlay': command => 'layman -o "http://dev.mycompany.com" -a myoverlay', returns => [0,1], require => Exec['layman-list'], } exec { 'layman-eix-sync': command => 'eix-sync', require => [ File['/etc/eix-sync.conf'], Line['layman-make.conf-overlay'], Exec['layman-my-overlay'], ], } } 

请注意,“layman-list”exec是为了克服Gentoo外行版本中出现的一个错误,它可以防止覆盖层在列出之前运行。

木偶可以select以任意顺序运行命令,因此各个任务的顺序都是强制执行的。 为了确保在此之后发生任务,请使用如下require

 package { 'app-misc/my-custom-package': ensure => 'installed', require => Exec['layman-eix-sync'] } 

它需要Puppet wiki的这一 line 定义来让你编辑一个更大文件的单行:

 define line($file, $line, $ensure = 'present') { case $ensure { default : { err ( "unknown ensure value ${ensure}" ) } present: { exec { "/bin/echo '${line}' >> '${file}'": unless => "/bin/grep -qFx '${line}' '${file}'" } } absent: { exec { "/usr/bin/perl -ni -e 'print unless /^\\Q${line}\\E\$/' '${file}'": onlyif => "/bin/grep -qFx '${line}' '${file}'" } } } }