Thanks for the suggested method, I will put up a pilot environment and
see if this solution works for me!
On Feb 28, 2012, at 9:41 PM, Brian Gallew wrote:
Allow me to offer a couple of alternatives:
1) If Puppet is not otherwise doing stuff with the domains, then
stop trying to manage the bind configs purely with Puppet. Instead,
have your configs in revision control (best practice) and have the
puppet run do an update/reload (e.g. have the exec something like
onlyif =>"bzr status", command => "bzr update", notify =>
Service["bind9"]
2) Use augeas to ensure the appropriate include stanza appreas in
your zones.conf file, and have the included fragment be generated
via template on Puppet.
3) Use R.I.P.'s snippets extension to construct your zone file from
whole cloth.
4) if you are using storedconfigs AND your zones are tied into your
infrastructure appropriately, it might be nice to collect exported
resources (files) on the DNS servers.
To give you something of an example of #4, I want to see that
NetBackup is installed on all my servers. However, doing so
requires the execution of a script from the Netbackup server. So
each host checks the installed Netbackup version against the
configured version. If they differ, and *only* then, they will
export an exec{} that will be collected (and run) on the Netbackup
server. What this means is that the only time my Netbackup server
runs any execs is when I either upgrade Netbackup or add a new host.
You could do something similar. If you DNS zones are, for instance,
tied to, say, web services, when the web service configures, it
could do a DNS lookup. If the results of that lookup are not
satisfactory, it could then export the appropriate updates for use
on the DNS servers.
On Tue, Feb 28, 2012 at 2:43 PM, Mailing Lists <mailingl...@theflux.net
> wrote:
I'm currently looking for a more efficient method of creating domain
zone files. At the moment I have a shell script that I run to
create the domain zone, then add the domain to puppet define list so
it'll know to add the domain to the dns servers.
The new method I'm working on, I add the domain to a puppet define,
then let puppet run the shell script for me to create the zone
file. Only problem once its done validating that the domain exists
are not (using the shell script) its about 55 minutes when complete!
Below is what I've written and I'll add comment along the way. If
any has any suggestions of how I can make it complete faster, I'm
all ears!
class s_domain {
# This is where I add the domain to define the new domain, I
will paste the code below...
include s_domain::all_zone
# The shell script that runs to create the zone file
file {
"domain.sh":
mode => 700, owner => root, group => root,
ensure => present,
path => "/root/domain.sh",
source => "puppet://$servername/s_domain/domain.sh",
}
# The text that puppet looks at before running the domain.sh
script
file {
"zones":
mode => 600, owner => root, group => root,
ensure => present,
replace => true,
path => "/root/zones",
}
# It creates the file for domain.sh
exec { "domain_check":
command => "/bin/ls /var/shared/bind/zones > /root/zones",
logoutput => true,
}
}
# Taking the information from the include to define
define s_domain::zones($domains) {
s_domain::zonefile { $domains: }
file { "/var/named/chroot/etc/zones.conf":
owner => "named",
group => "named",
mode => "0644",
}
}
# File it creates with the domain.sh script
define s_domain::zonefile() {
file { $name:
path => "/var/shared/bind/zones/$name.zone",
owner => "root",
group => "root",
mode => "0644",
}
# The domain.sh script runs only if the domain isn't in the
zones file it create above
exec { "domain $name":
command => "/root/domain.sh $name",
logoutput => true,
unless => "/bin/grep -o $name /root/zones 2>/dev/null",
}
}
INCLUDE code:
class s_domain::all_zone {
s_domain::zones { "company.com":
domains => [ "thedomain.com", }
}
}
The above code is short, the whole list of domains we have is about
2,000, reason it takes so long. I'm new to puppet coding, what I
would like to do is not have file created or puppet using the
"unless" variable. I've been trying to figure how to get puppet to
just look at the all_zone.pp file only, but haven't been able to
figure a method to implement. Thanks in advance!
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en
.
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en
.
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
