Puppet Augeas
Version 1 (Anonymous, 03/13/2010 08:01 pm)
| 1 | 1 | # Using Puppet with Augeas |
|
|---|---|---|---|
| 2 | 1 | ||
| 3 | 1 | [Augeas](http://augeas.net/index.html) is a lovely tool that treats |
|
| 4 | 1 | config files (well, anything really, but it's mostly about config |
|
| 5 | 1 | files) as trees of values. You then modify the tree as you like, |
|
| 6 | 1 | and write the file back. |
|
| 7 | 1 | ||
| 8 | 1 | This is basically the solution to the problem of dealing with |
|
| 9 | 1 | upstream configuration changes combined with local modifications: |
|
| 10 | 1 | you can allow the upstream changes through and then apply changes |
|
| 11 | 1 | with Augeas to the new version. |
|
| 12 | 1 | ||
| 13 | 1 | Assuming you want to work with Augeas, this is a description of how |
|
| 14 | 1 | to perform Augeas changes using Puppet. You'll need Puppet >= |
|
| 15 | 1 | 0.24.7 for this. The basic usage is [[Type\_Reference#augeas|Type |
|
| 16 | 1 | Reference]] . |
|
| 17 | 1 | ||
| 18 | 1 | The somewhat more important, and unfortunately complicated, part is |
|
| 19 | 1 | figuring out what the tree for a file looks like so you can |
|
| 20 | 1 | manipulate it properly. The definition that Augeas uses to turn a |
|
| 21 | 1 | file into a tree is called a lens, and understanding the trees is |
|
| 22 | 1 | more difficult than it should be, because many lenses are not |
|
| 23 | 1 | documented sufficiently, or at all. The documentation for those |
|
| 24 | 1 | that are |
|
| 25 | 1 | [has its own surprisingly hard to find page](http://augeas.net/docs/references/lenses/index.html) |
|
| 26 | 1 | on the Augeas site. You can see what lenses are available by |
|
| 27 | 1 | looking in /usr/share/augeas/lenses/ (or |
|
| 28 | 1 | /usr/local/share/augeas/lenses/ , or possibly somewhere else, |
|
| 29 | 1 | depending on your setup). |
|
| 30 | 1 | ||
| 31 | 1 | You can also see which files Augeas has successfully parsed by |
|
| 32 | 1 | entering "ls /files/" in augtool and drilling down from there. If a |
|
| 33 | 1 | file hasn't been properly parsed by Augeas, it simply won't show |
|
| 34 | 1 | up. This could mean that the file has a syntax error, or it could |
|
| 35 | 1 | imply a failure in the lense itself. |
|
| 36 | 1 | ||
| 37 | 1 | Here's an example of how to determine the tree structure of a file, |
|
| 38 | 1 | in this case /etc/exports. |
|
| 39 | 1 | ||
| 40 | 1 | The easiest thing to do is to set up the file with some examples (I |
|
| 41 | 1 | pulled examples from the bottom of "man 5 exports") and see what |
|
| 42 | 1 | they look like: |
|
| 43 | 1 | ||
| 44 | 1 | $ augtool |
|
| 45 | 1 | augtool> ls /files/etc/exports/ |
|
| 46 | 1 | comment[1] = /etc/exports: the access control list for filesystems which may be exported |
|
| 47 | 1 | comment[2] = to NFS clients. See exports(5). |
|
| 48 | 1 | comment[3] = sample /etc/exports file |
|
| 49 | 1 | dir[1]/ = / |
|
| 50 | 1 | dir[2]/ = /projects |
|
| 51 | 1 | dir[3]/ = /usr |
|
| 52 | 1 | dir[4]/ = /home/joe |
|
| 53 | 1 | ||
| 54 | 1 | From here you can investigate the structure, like so: |
|
| 55 | 1 | ||
| 56 | 1 | augtool> ls /files/etc/exports/dir[1] |
|
| 57 | 1 | client[1]/ = master |
|
| 58 | 1 | client[2]/ = trusty |
|
| 59 | 1 | ||
| 60 | 1 | The corresponding line in the file is: |
|
| 61 | 1 | ||
| 62 | 1 | / master(rw) trusty(rw,no_root_squash) |
|
| 63 | 1 | ||
| 64 | 1 | Digging further: |
|
| 65 | 1 | ||
| 66 | 1 | augtool> ls /files/etc/exports/dir[1]/client[1] |
|
| 67 | 1 | option = rw |
|
| 68 | 1 | ||
| 69 | 1 | So, if you want to add a new entry, you'd do something like this: |
|
| 70 | 1 | ||
| 71 | 1 | augtool> set /files/etc/exports/dir[last()+1] /foo |
|
| 72 | 1 | augtool> set /files/etc/exports/dir[last()]/client weeble |
|
| 73 | 1 | augtool> set /files/etc/exports/dir[last()]/client/option[1] ro |
|
| 74 | 1 | augtool> set /files/etc/exports/dir[last()]/client/option[2] all_squash |
|
| 75 | 1 | augtool> save |
|
| 76 | 1 | Saved 1 file(s) |
|
| 77 | 1 | ||
| 78 | 1 | Which creates the line: |
|
| 79 | 1 | ||
| 80 | 1 | /foo weeble(ro,all_squash) |
|
| 81 | 1 | ||
| 82 | 1 | Now that you've played around in augtool, you can make changes |
|
| 83 | 1 | using Puppet: |
|
| 84 | 1 | ||
| 85 | 1 | augeas{ "export foo" : |
|
| 86 | 1 | context => "/files/etc/exports", |
|
| 87 | 1 | changes => [ |
|
| 88 | 1 | "set dir[last()+1] /foo", |
|
| 89 | 1 | "set dir[last()]/client weeble", |
|
| 90 | 1 | "set dir[last()]/client/option[1] ro", |
|
| 91 | 1 | "set dir[last()]/client/option[2] all_squash", |
|
| 92 | 1 | ], |
|
| 93 | 1 | } |
|
| 94 | 1 | ||
| 95 | 1 | This adds the line described above. |