Hi David, No problem, although there are few things to consider. For instance, I would avoid unneeded fork(), therefore no need to use netcat if you can achieve the same thing with pure Ruby (you can literally copy and paste code from the function I have created for you). Remember, that in terms of having a fact there, you have to maintain details about the remote port in the fact code, whereas in case of the functions you simply store this information inside a manifest. But, to be quite honest, if you have to resort to such active checks in order to determine state of your systems and therefore make an elaborated decision in the code about what to do, then I would say that you are doing something not necessary right. Well, in the end "whatever works" as Woody Allen would say :)
KW On Wednesday, 28 March 2012 01:00:45 UTC+1, David Garvey wrote: > > Thanks Jeff and Krzysztof, > > I think I will write a facter using netcat or something then and catch it > in the manifests. > > nc -z domain_name port > > Cheers, > DGarvey > > On Tue, Mar 27, 2012 at 2:36 PM, Jeff McCune <j...@puppetlabs.com> wrote: > >> On Tue, Mar 27, 2012 at 2:24 PM, Krzysztof Wilczynski < >> krzysztof.wilczyn...@linux.com> wrote: >> >>> Ho David, >>> >>> >>> On Tuesday, 27 March 2012 19:05:09 UTC+1, David Garvey wrote: >>>> >>>> Can I check if a port is open for DSL? I need to check if the box has >>>> an acl allowing the nagios server to connect via nrpe before writing >>>> nagios >>>> config. >>> >>> [...] >>> >>> Managing firewall using Puppet as well, as per what Jeff suggested, is >>> of course the preferred way to solve this sort of problem, but if you need >>> to check whether a port is open, then have a look: >>> https://github.com/kwilczynski/puppet-functions/blob/master/lib/puppet/parser/functions/is_port_open.rb >>> >>> Jeff will probably not approve of that :-) >>> >> >> Eh, I may surprise you... I don't think my approval matters much at all >> and I'm a fan of whatever works for the problem at hand given the tools we >> have today. >> >> I can totally see the value of a function that automatically figures out >> if a remote port is _actually_ open and listening, rather than _should_ be >> open and listening, from the perspective of the Puppet master. >> >> With that said, I'm more interested in the problem David is facing than I >> am in a specific solution solution because I'm pretty sure Puppet doesn't >> have the capability to solve this in a elegant, simple and easy way. We >> can solve it with a custom function or custom fact today, but I'd like to >> make this easier for everyone in the future. >> >> -Jeff >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > David Garvey > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/pzCRtD_gMD4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
