直到最近,我还一直认为,只要声明具有各种属性的资源,就能确保 Puppet 管理该资源,并在资源发生变化时将其恢复到配置状态。
今天,我发现我配置的 yumrepo 资源并非如此,直到我audit => all向该资源添加了一个元参数。我删除/etc/yum.repos.d/foo.repo并运行puppetd --test。Puppet 没有重新创建该资源。这是否表明 Puppet 存在缺陷?
如果这是预期的行为,那么就引出了一个问题,audit => all如果资源在管理系统上发生变化,需要哪些其他资源来告诉 Puppet 管理资源的状态?
这是存储库类:
class yum::therepo {
# Temporarily remove the Yum repo configuration if we don't have
# httpd yet.
exec { 'disable-the-repo-to-get-its-dependencies':
provider => shell,
command => 'rm -f /etc/yum.repos.d/the.repo',
unless => 'rpm -q httpd',
onlyif => 'test -f /etc/yum.repos.d/the.repo',
before => [Package['httpd'], Exec['httpd-for-yum'],],
path => '/bin:/usr/bin',
}
# Ensures httpd is running as a Yum server before anything else
# tries to install packages from it.
exec { 'httpd-for-yum':
provider => shell,
command => '/sbin/service nginx stop || true ; /sbin/service httpd restart',
require => Class['yum::server'],
}
yumrepo {
"the":
require => [Exec['httpd-for-yum'],],
descr => "The YUM Repo",
baseurl => "http://yum/repos/redhat/5/x86_64/",
gpgcheck => "0",
enabled => "1",
# One puppet run failed to recreate the.repo. I added audit
# => all, and the next puppet run did recreate the.repo.
# Possibly a red herring. I'd like to understand why it
# worked in one case and not in the other.
#audit => all,
}
}
Yum 服务器类:
class yum::server {
include httpd
include iptables
package { ['createrepo']:
ensure => present;
}
exec { 'update-repo-metadata':
require => [ Package['createrepo']],
cwd => '/var/www/html/yum',
command => '/usr/bin/createrepo --update -d repos/redhat/5/x86_64/',
creates => '/var/www/html/yum/repos/redhat/5/x86_64/repodata/repomd.xml',
}
file {'/etc/httpd/conf.d/yum.conf':
ensure => file,
mode => 0644,
source => "puppet:///modules/yum/yum_httpd.conf",
require => Package['httpd'],
notify => Service['httpd'],
}
}
答案1
我认为您误解了审核标志,但您可以发布您的 yum 资源部分吗,因为这会很有帮助。通常,您不需要审核 yumrepo 资源即可使其创建 .repo 文件。
答案2
创建大多数没有属性的 Puppet 资源类型ensure都是未定义的行为。当然,Puppet 知道该资源,但如果不知道最终状态应该是什么,Puppet 就无法用它做任何有用的事情。
作为示例,尝试puppet apply以下代码片段:
file { '/testfile': }