> I'm interested in hearing feedback from the development team and community > about using Cfengine with network file systems. Here's the specific problem > that prompts the request: > > I'm writing policy that creates directories and files on an NFS share if and > only if they do not already exist. While our storage is stable, I want to > mitigate the risk of unintended behavior - if the NFS share should become > unavailable and cf-agent should run, these files and dirs would be recreated > on local disk. I would like to prevent that from happening. No two environments are the same but in my experience when something goes wrong with an NFS exporter, the clients that already have the filesystem mounted and in use do not gracefully detach it right away such that the local storage is the likely target.
Some thoughts... if you're using automount then the mount path should only exist if the storage has been mounted. You can confirm this easily enough with a "filesexist" promise. This still leaves you with the aforementioned scenario where the exporter has choked and the client is left with a wedged mount. In that case you might consider the "sensiblesize" option to make sure that you can successfully stat the filesystem. mountpointexists.goodsize:: should be the right classification for confirming a healthy NFS mount if you're using automount. Just be sure to include time limits on all these operations lest cfengine processes build up (as each invocation gets stuck in the black hole of stat'ing a wedged NFS mount). I would also advise simulating failures using iptables or the like to confirm cf3's behaviour. Cheers, Frans _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
