Ask Your Question
0

Error in limit.conf file with augeas

asked 2015-01-19 11:29:10 -0500

Chutki gravatar image

Hi,

Below is my manifests for limit.conf file

class limitfile::limit_testfile {
  $tempa = hiera_hash('limits::limit')
  create_resources('limit_value',$tempa)
  define limit_value($item,$value) {
    augeas { "limits_test1":
      lens  => 'limits.lns',
      incl  => '/etc/security/limits.conf',
      changes  => ["set domain[last()+1] @domaintest",
                   "set domain[last()]/type  soft",
                   "set domain[last()]/item  $item",
                   "set domain[last()]/value $value",
                   "set domain[last()+1] @domaintest",
                   "set domain[last()]/type  hard",
                   "set domain[last()]/item  $item",
                   "set domain[last()]/value $value",]
    }
  }
}

Below is yaml file limit.conf file

limits::limit:
  fsize:
      item: fsize
      value: unlimited
  cpu:
    item: cpu
    value: unlimited

When I run the manifests I am facing two issues

1) fsize values are getting created whenever we run the manifests

@domaintest soft fsize unlimited
  @domaintest hard fsize  unlimited
  @domaintest soft fsize  unlimited
  @domaintest hard fsize  unlimited
  @domaintest soft fsize  unlimited
  @domaintest hard fsize  unlimited

2) when I add new item in yaml file I am getting below error(cpu item and its value in limit.yaml file)

Error: Could not retrieve catalog from remote server:
Error 400 on SERVER: Duplicate declaration:
Augeas[limits_test1] is already declared in
file /etc/puppetlabs/puppet/modules/offshore/limitfile/manifests/limit_testfile.pp:19;
cannot redeclare at /etc/puppetlabs/puppet/modules/offshore/limitfile/manifests/limit_testfile.pp:19
on node twist.homedepot.com

so the "cpu" item is not creating.

I want limit.conf like below

@domaintest soft fsize  unlimited
  @domaintest hard fsize  unlimited
  @domaintest soft cpu  unlimited
  @domaintest hard cpu  unlimited

please help me how I can achieve my requirement or am I completely going in a wron way.

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-01-19 15:33:29 -0500

GregLarkin gravatar image

updated 2015-01-19 15:33:54 -0500

I can answer #2 for you immediately, but I'll have to research the answer to #1.

Your augeas resource has a fixed string as a name, and when you try to declare multiple limit_value resources, the augeas resource is placed into the catalog with a duplicate name. Puppet requires that you have unique combinations of resource types/resource titles.

Generally, you want your defined type to be in its own .pp file, not embedded in a class. If you reimplement that way, place it in limit_value.pp. Also adjust the defined type like so or similar:

  define limit_value($item,$value) {
    augeas { $title:
      lens  => 'limits.lns',
      incl  => '/etc/security/limits.conf',
      changes  => ["set domain[last()+1] @domaintest",
                   "set domain[last()]/type  soft",
                   "set domain[last()]/item  $item",
                   "set domain[last()]/value $value",
                   "set domain[last()+1] @domaintest",
                   "set domain[last()]/type  hard",
                   "set domain[last()]/item  $item",
                   "set domain[last()]/value $value",]
    }
  }

You may have to use the $item and $value variables in the title of your augeas resource as well as $title. Make sure to read https://docs.puppetlabs.com/learning/definedtypes.html#special-little-flowers for more information.

edit flag offensive delete link more

Comments

Thanks for all your response. It worked. But I have few concern what my understanding is, puppet is idempotent so if its already exists, it will not create the same when we run next time. so augeas resource is not idempotent in puppet.

Chutki gravatar imageChutki ( 2015-01-21 11:19:32 -0500 )edit

I didn't have an answer for the 1st part of your question, so please see Dom's answer just below for information on that issue: http://ask.puppetlabs.com/question/15375/error-in-limitconf-file-with-augeas/?answer=15390#post-id-15390

GregLarkin gravatar imageGregLarkin ( 2015-01-21 12:11:45 -0500 )edit

Please upvote and/or mark one of our answers correct if you determine that they helped you solve your problems.

GregLarkin gravatar imageGregLarkin ( 2015-01-21 12:12:40 -0500 )edit
0

answered 2015-01-20 03:00:10 -0500

domcleal gravatar image

To add to Greg's answer, for #1 you need to either make the resource idempotent or to add an "onlyif" clause. The former's rather complex, so to do the latter, add this to the Augeas resource:

onlyif => "match domain[item = '${item}'] size == 0",

This checks for any entry for that item and skips the resource if it's there.

edit flag offensive delete link more

Comments

Thanks for all your response. It worked. But I have few concern what my understanding is, puppet is idempotent so if its already exists, it will not create the same when we run next time. so augeas resource is not idempotent in puppet.

Chutki gravatar imageChutki ( 2015-01-27 11:11:17 -0500 )edit

It depends how you write the resource. It's unusual because it isn't a list of properties with fixed values (e.g. a file mode/owner/group) but a list of commands. Using last() in a command will mean it always changes, but setting fixed paths is usually idempotent.

domcleal gravatar imagedomcleal ( 2015-01-28 02:09:06 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2015-01-19 11:29:10 -0500

Seen: 317 times

Last updated: Jan 20 '15