I am having a problem with puppet mounting a device and am hoping someone
can help. Here is the short version, if you have questions or need more
detail, please feel free to ask.

I have a Panasas storage device on my network on which my home directory
resides. The Panasas device mounts the filesystem via a kernel module
(which they call DirectFlow). Thus, when I run as root ` mount /home` a
kernel module is loaded and then the filesystem is loaded. I have certain
restrictions in place on my servers which I have to keep in line (Puppet is
AMAZING for this!) and the mounting of /home is one of those restrictions.

I have in my puppet manifest this:
mount { "/home" :
ensure => mounted,
atboot => true,
device => "panfs://",
fstype => "panfs",
options => "defaults,nodev",
remounts => true,
pass => 2,
dump => 1,

If I run, as root, `puppet agent --test` then the /home filesystem is
mounted and everything is wonderful. However, if I let the puppet agent
daemon try to mount /home I get errors in the log files without the mount
ever happening.

Apr 2 13:01:08 testnode puppet-agent[29955]:
(/Stage[main]/mount::Homefilesystem/Mount[/home]/ensure) ensure changed
'unmounted' to 'mounted'
Apr 2 13:01:08 testnode puppet-agent[29955]:
(/Stage[main]/mount::Homefilesystem/Mount[/home]) Could not evaluate:
Execution of '/bin/mount -o defaults,nodev /home' returned 1: mount.panfs
error: cannot init pan_sock_ping 0x239d (pan_sock: protected socket,
permission denied)

Neither Panasas representatives I talked to seemed to have any idea what
Puppet was before I spoke to them. My coworkers, the Panasas reps, and I
brainstormed a few ideas but only three seemed to "work":
* Have the puppet daemon run as root instead of the puppet user (which is
an obvious issue)
* Use auto-mount (which "works" but is causing some oddities in a few of my
jobs which I am fairly sure is due to the latency of the mount)
* Have Puppet call a script with the setuid bit configured which can mount
/home (which doesn't 100% address my needs of puppet being able to remount
if one of those parameters is wrong/missing/changed/whatever without that
script getting complicated).

Before I commit towards one option, I thought I would ask the other Puppet
masters out there for ideas. Given the popularity of Puppet in datacenters
as well as the popularity of SAN devices in datacenters I figure someone
out there has probably solved this problem. I am hoping that their solution
is better then the ones we have come up with. :-D

Can anyone help me out with this?

Thank you in advance!!


