We've probably all gone looking for the resolv.conf module, or managed a template just so we could disable PermitRootLogin, or grumbled a little at how the host provider works. What if rather than managing modules for these things, there was an idempotent type available? That is the goal of augeasproviders by the Hercules Team. By writing custom types and providers using augeas you can go back to defining your environment with a DSL, rather than managing templates and additional modules.
Greg Swift
Linux Engineer, Rackspace
Greg is a Linux Engineer for Rackspace. An open source enthusiast by day and a fire performer by night, he has been working extensively with Augeas inside Puppet for the past two years, including contributions to the Augeasproviders module.
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Replacing Simple Puppet Modules with Providers
1. Replacing simple modules with custom
Types and Providers
Or Stop managing templates, and start managing your configs
2. 2
Greg Swift
Linux Admin/Engineer ~ 12 yrs
Red Hat Certified Engineer ~ 6 yrs
Augeas user ~6 yrs
Puppet user ~ 3 yrs
greg.swift@{rackspace.com,nytefyre.net}
gplus.to/gregswift
linkedin.com/gregoryswift
github.com/{gregswift,rackergs}
xaeth on Fedora, FreeNode, Twitter, and Ingress
3. 3
Bit of time travel...
•Past
–An unpleasant reminder of configs past
•Present
–Tools available today that help
•Future
–What's next?
8. 8
But the next run?
# Controls the default maximum size of a message queue
## Changing for db configuration. Was:
## ## Changing for db configuration. Was:
## kernel.msgmnb = 65536
kernel.msgmnb = 99999
## Changing for db configuration. Was:
## kernel.msgmnb = 99999
kernel.msgmnb = 99999
15. 15
What is it?
•An API provided by a C library
•A domain-specific language to describe configuration file
formats, presented as lenses
•Canonical tree representations of configuration files
•A command line tool to manipulate configuration from
the shell and shell scripts
•Language bindings to do the same from your favorite
scripting language
24. 24
Introducing AugeasProviders
•Collection of custom types and providers
•Written in native Ruby rather than Puppet's DSL
•Utilizes bindings directly for flexibility
•Heavily tested
25. 25
Introducing AugeasProviders
•Collection of custom types and providers
•Written in native Ruby rather than Puppet's DSL
•Utilizes bindings directly for flexibility
•Heavily tested
26. 26
And that example on AugeasProviders
sysctl { 'kernel.msgmnb':
value => '99999',
comment => 'recommended by db vendor'
}
27. 27
And the more complex example
$sshd_default_groups = ['engineers', 'admins']
$sshd_allowed_groups = $::env ? {
/prod/ => $sshd_default_groups,
default => concat($sshd_default_groups, ['devs']),
}
sshd_config { 'AllowGroups':
value => $sshd_allowed_groups,
notify => Service['sshd'],
}
37. 37
Augeas training
•Provided by camptocamp
•http://camptocamp.com
– Solutions->Infrastructure->Training
•Fundamentals
–Using augtool, XPath Augeas language, Augeas type
in Puppet
•Advanced
– Develop using augeas libraries and advanced tree
manipulation
•Extending Augeas
–Writing lenses and providers