On Feb 19, 4:07 pm, ruslan usifov <ruslan.usi...@gmail.com> wrote:
> Does anybody share how to roll-back configuration if puppet definition on
> host is change. For example Let's assume we have host on which initial was
> web server and bunch of users. All this resources we configured throw
> puppet.
>
> node <some node>
> {
>
> <webserver difinition>
> <user1 definition>
> <user2 definition>
> <user3 definition>
>
> }
>
> At some point we decide to remove user2 so node config now looks like:
>
> node <some node>
> {
>
> <webserver difinition>
> <user1 definition>
> <user3 definition>
>
> }
>
> but how to remove all user2 stuff that was on host? Undoubtedly we can
> rewrite node definition like this:
>
> node <some node>
> {
>
> <webserver difinition>
> <user1 definition>
> <remove user2 definition>
> <user3 definition>
>
> }
>
> But imho this doesn't look very good, becouse user removed only one time,
> but node definition will be apply periodical.
You are committing a common conceptual mistake. Puppet is a state
management service, not a script script engine, therefore it is
inappropriate to characterize a declaration as "<remove user2
definition>". Much better would be "<without user2 definition>".
That matters, because it reflects that fact that Puppet not only will
remove user2, but it will also ensure that user2 *stays* removed
(because Puppet is a state management service). If you do not want
Puppet to perform such a work for you, then just remove the user in
question from management (delete its declaration from you manifest),
and perform the actual user removal by some other means. If you need
to do that across multiple systems then something like Puppetlab's
MCollective might be worth your attention.
> Also this concerns webserver and other resources configured throw puppet.
> How cleanup if resource definition will be removed from node?
For many resource types, another alternative to to purge unmanaged
resources via the 'Resources' meta-resource type. There is even
special support for excluding unmanaged system users from purging.
Beware: purging unmanaged resources can be very dangerous because it
can be difficult to be certain that you have all wanted resources
under management. There is a significant risk of removing wanted, but
unmanaged, resources.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
