On Aug 10, 2011, at 11:14 AM, Daniel Pittman wrote:
> On Wed, Aug 10, 2011 at 17:56, Craig White <craig.wh...@ttiltd.com> wrote:
>> On Aug 10, 2011, at 9:52 AM, Daniel Pittman wrote:
>>> On Wed, Aug 10, 2011 at 16:40, Craig White <craig.wh...@ttiltd.com> wrote:
>>>
>>>> Seems I don't quite understand how it's supposed to work
>>>> At the moment, I have it inside a 'file' resource
>>>>
>>>> content => generate("/etc/puppet/scripts/ldap-add-host.sh $fqdn
>>>> admins_all"),
>>>
>>> generate("/etc/puppet/scripts/ldap-add-hosh.sh", $fqdn, "admins_all")
>> ----
>> that worked great but brings me to a place I can't figure out.
>>
>> A file resource doesn't have 'unless' or 'onlyif' and thus it seems to
>> execute every time.
>>
>> An exec resource doesn't have 'content' but does have command and 'unless'
>> so it would seem exec would be a better way to go but...
>>
>> # Puppet maintained file /etc/puppet/deployment_files/ldap_admins_all
>> exec{"/etc/puppet/deployment_files/ldap_admins_all":
>> command => ['/bin/touch /etc/puppet/deployment_files/admins_all',
>> generate("/etc/puppet/scripts/ldap-add-host.sh", $fqdn, "admins_all")],
>> unless => "/bin/ls -l /etc/puppet/deployment_files/ldap_admins_all",
>> require => Class["mod_puppet::deployment_files"],
>> }
>>
>> gives me the error...
>>
>> err: Failed to apply catalog: private method `split' called for
>> #<Array:0x4873be8>
>
> Yeah. So, that is a totally awful error message. The `command` needs
> to be a string, not an array, but the exec type isn't checking that,
> it just fails trying to call the Ruby `split` method on it. Which
> doesn't work. :)
>
> That said, it isn't entirely clear to me what you are trying to do.
>
> The `generate` function runs a command on the Puppet master while the
> catalog is being compiled, but an `exec` resource is run on the
> client. Generally, you use `generate` to allow you to query an
> external data source.
>
> Is your `ldap-add-host.sh` script doing that query, or does it
> actually create things?
>
> If the later, is it idempotent - will it do the same thing if you run it
> twice?
>
> Finally, you need multiple `exec` resources (or a shell script) if you
> want to run multiple commands. Generally, best to be explicit about
> that, so you would separate the touch and the running of your script.
>
>
> Anyway, at a guess, `generate` is not at all what you want to do, and
> you should try and forget about it. Instead, make the
> `ldap-add-host.sh` script create the lock on disk, and then just run
> that internally.
----
what I am trying to do is execute a shell script on the puppetmaster...
essentially add 'host' attribute to specific ldap users. That's why the command
has parameters...
shellscript HOSTNAME GROUP
the script is more than capable of getting the users from GROUP, adding host
attribute HOSTNAME to each of the users but it must run on the puppetmaster,
not on puppet clients which is why I am using the generate function. So in
answer to your question, my ldap-add-host.sh script is actually creating things.
yes, it is idempotent - I can run it and run it and it will always do the same
thing but and if uid=craig already has 'host' ubuntu.ttinet, it will simply
move on if I try to add it again. I could almost live with that except that if
I manually remove 'host' ubuntu.ttinet from uid=craig, the next pass it will
add it again so I need some method of tracking it so therefore I was trying to
use 'unless' which is only available in an exec resource, not a file resource.
I suppose if I had no alternative, I could maintain a list on the puppetmaster
of which hosts have already been added to which groups and abort if it has
already been done.
Craig
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
