On Wednesday, January 22, 2014 8:31:42 AM UTC-6, Muhammad Yousuf Khan wrote: > > Hello All, > > i have seen so many apt modules on puppet forge website. they are more > like changing source list path defining. HTTP proxy blah blah but what i > want is a bit more. > is there any apt module which can help me to update only selective > updates (like in Microsoft Wsus does, it list down all the updates and > people can select and apply those patches on selective nodes and if they > find it problematic then can remotely uninstall it too.i want this to be > done on my Debian server farm and and i also want to roll back as needed > (for example if any securety or OS update creating problem of some kind i > can roll it back with puppet live management/manual run). > i dont know how practical it is. however as i have already got the concept > of Wsus therefore my mind is trying to think of wsus like puppet module. > >
I wonder whether what you want is actually a bit *less*. If you want to ensure specific packages installed on your target nodes, then you express that in Puppet DSL by declaring appropriate Package resources. Good package managers (such as apt and yum) will install/update the target package's dependencies, too, if needed. # Ensure package woot is installed: package { 'woot': ensure => 'present' } # Ensure version 0.42 of package woot is installed: package { 'woot': ensure => '0.42' } # Ensure the latest available version of package woot is installed: package { 'woot': ensure => 'latest' } # Ensure package woot is *not* installed: package { 'woot': ensure => 'absent' } If you want to control what packages are *available* for installation, then details depend on which package management system you are using. That's where managing Apt sources comes into play for Apt-based systems. Also, it is usually to your advantage in this area to maintain your own package repositories within your organization, instead of relying on external ones. As for rollback, there really isn't such a thing in the context of a whole computer system. Not on any OS. Some filesystems do allow you to capture and later revert to snapshots of the filesystem state, but that's not quite the same thing. The closest you can get is reverting a virtual machine to a previously-captured full-system snapshot, but even that cannot reliably revert all of the actions that the target system performed between when the snapshot is captured and when the VM is reverted to it. Limiting rollback to specific package versions, however, the closest Puppet provides is to 'ensure' a desired (earlier) package version in your Package declaration. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2eaa431d-c8b4-4a54-a4d8-efdb2ff93352%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.