Grokbase Groups Puppet puppet-users June 2012
FAQ
Hey guys,

I'm a noob. I learn best by doing, but I've been throwing myself at
this problem a while & have come up with a solution that's too ugly for
words. I'm seeking some direction or idea on best practice and
direction specific to my problem.

A perfect example of my use case is opendkim:

1x global config file opendkim.conf # << out of scope for my question,
simplistic to configure

2x config files: KeyTable, SigningTable # << each line in each file
consists of a config based on subdomain and domain
1x exec: creates subdomain.private and subdomain.txt # << private key &
dns txt record respectively per subdomain

domans {
domain1: subdomain1, subdomain2 ... subdomain n.... subdomain k
domain2: subdomain1, subdomain2 ... subdomain n.... subdomain k
....
}

The opendkim daemon should only be restarted if the KeyTable or the
SigningTable change, or if a new key is generated.

I think I an interate through the arrays using an inline_template in a
define to run an exec using creates (to look for the .private file and
generate it only if it doesn't exist). I can notify if I create the
private key or on KeyTable or on SigningTable, but I don't want to
notify 3 times so the choice would seem to be to pick one.

Am I close?

Any stray thoughts appreciated.

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to [email protected].
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Search Discussions

  • Felix Frank at Jun 18, 2012 at 10:29 am
    Hi,

    Am I close?
    Yes, but some details are far out ;-)
    On 06/16/2012 09:58 AM, Marc Lucke wrote:
    I think I an interate through the arrays using an inline_template in a
    define to run an exec using creates (to look for the .private file and
    generate it only if it doesn't exist).
    I don't see how the template fits in here.

    Structure:

    opendkim_domain {
    "foo.org": subdomains => [ "foo", "bar", "baz" ];
    }

    define opendkim_domain($subdomains) {
    $domain = $name
    opendkim_subdomain { $subdomains: domain => $domain }
    }

    define opendkim_subdomain($domain) {
    $subdomain = $name
    # resources for creating stuff using values of $domain and $subdomain
    }

    You *can* unroll arrays to larger strings using inline templates, but
    usually you only need defined types to process your data.
    I can notify if I create the
    private key or on KeyTable or on SigningTable, but I don't want to
    notify 3 times so the choice would seem to be to pick one.
    This is a non-issue. 3 notifications are perfectly fine and will not
    result in three restarts. Puppet will refresh your service resource at
    most once per run.
    The notify => metaparameter implies a "before" relationship, so puppet
    also makes sure to evaluate all config pieces before the service
    resource. So if any number of your configurations steps needs
    performing, puppet guarantees (barring intermittent agent crashes) that
    the service will be restarted as needed, but not more so.

    HTH,
    Felix

    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To post to this group, send email to [email protected].
    To unsubscribe from this group, send email to [email protected].
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedJun 16, '12 at 7:58a
activeJun 18, '12 at 10:29a
posts2
users2
websitepuppetlabs.com

2 users in discussion

Marc Lucke: 1 post Felix Frank: 1 post

Content

People

Support

Translate

site design / logo © 2023 Grokbase