On Wednesday, January 22, 2014 8:31:42 AM UTC-6, Muhammad Yousuf Khan wrote:
>
> Hello All,
>
> i have seen so many apt modules on puppet forge website. they are more
> like changing source list path defining. HTTP proxy blah blah but what i
> want is a bit more.
> is there any apt module which can help me to update only selective
> updates (like in Microsoft Wsus does, it list down all the updates and
> people can select and apply those patches on selective nodes and if they
> find it problematic then can remotely uninstall it too.i want this to be
> done on my Debian server farm and and i also want to roll back as needed
> (for example if any securety or OS update creating problem of some kind i
> can roll it back with puppet live management/manual run).
> i dont know how practical it is. however as i have already got the concept
> of Wsus therefore my mind is trying to think of wsus like puppet module.
>
>
I wonder whether what you want is actually a bit *less*. If you want to
ensure specific packages installed on your target nodes, then you express
that in Puppet DSL by declaring appropriate Package resources. Good
package managers (such as apt and yum) will install/update the target
package's dependencies, too, if needed.
# Ensure package woot is installed:
package { 'woot': ensure => 'present' }
# Ensure version 0.42 of package woot is installed:
package { 'woot': ensure => '0.42' }
# Ensure the latest available version of package woot is installed:
package { 'woot': ensure => 'latest' }
# Ensure package woot is *not* installed:
package { 'woot': ensure => 'absent' }
If you want to control what packages are *available* for installation, then
details depend on which package management system you are using. That's
where managing Apt sources comes into play for Apt-based systems. Also, it
is usually to your advantage in this area to maintain your own package
repositories within your organization, instead of relying on external ones.
As for rollback, there really isn't such a thing in the context of a whole
computer system. Not on any OS. Some filesystems do allow you to capture
and later revert to snapshots of the filesystem state, but that's not quite
the same thing. The closest you can get is reverting a virtual machine to
a previously-captured full-system snapshot, but even that cannot reliably
revert all of the actions that the target system performed between when the
snapshot is captured and when the VM is reverted to it.
Limiting rollback to specific package versions, however, the closest Puppet
provides is to 'ensure' a desired (earlier) package version in your Package
declaration.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/2eaa431d-c8b4-4a54-a4d8-efdb2ff93352%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
