Ask Your Question
0

looking for a better way - hiera / augeas sysctl

asked 2015-02-20 11:21:46 -0500

EricL gravatar image

I have a 'sysctl' module, using a parameterized class and hiera, and using augeas pretty much as this example shows. The module works fine but there has to be a better way. In this configuration I have to change the yaml file and the code in all 3 classes when I want to add or remove a kernel parameter. One solution I think would be able to pass an array of kernel parameter names and their values as key/value pairs to my module and process everything in the array. I am not sure if that's possible and am looking at doing that. Aside from that thought, I am wondering if there is just a better way to do this. I'm sure there is. I've been teaching myself Puppet for the last 3 months as time allows and I feel like I may be over-complicating things and may have missed a few fundamentals along the way.

yaml:

---
classes:
 - sysctl
sysctl::kernel_core_uses_pid: 0
sysctl::kernel_sysrq: 1
sysctl::fs_suid_dumpable: 2

init.pp:

class sysctl (
  $kernel_core_uses_pid = $sysctl::params::kernel_core_uses_pid,
  $kernel_sysrq         = $sysctl::params::kernel_sysrq,
  $fs_suid_dumpable     = $sysctl::params::fs_suid_dumpable,
) inherits sysctl::params {

# nested class/define
  define conf ( $value ) {

    # $name is provided by define invocation

    # guid of this entry
    $key = $name

    $context = "/files/etc/sysctl.conf"

     augeas { "sysctl_conf/$key":
       context => "$context",
       onlyif  => "get $key != '$value'",
       changes => "set $key '$value'",
       notify  => Exec["sysctl"],
     }

  }

   file { "sysctl_conf":
      name => $operatingsystem ? {
        default => "/etc/sysctl.conf",
      },
   }

   exec { "/sbin/sysctl -p":
      alias => "sysctl",
      refreshonly => true,
      subscribe => File["sysctl_conf"],
   }
  class { 'sysctl::config': }
}

config.pp:

class sysctl::config inherits sysctl{

sysctl::conf {
  "kernel.core_uses_pid": value =>  $kernel_core_uses_pid;
  "kernel.sysrq":         value =>  $kernel_sysrq;
  "fs.suid_dumpable":     value =>  $fs_suid_dumpable;
  }
}

params.pp:

class sysctl::params {
  $fs_suid_dumpable             = 0
  $kernel_core_uses_pid         = 0
  $kernel_sysrq                 = 0
}
edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2015-02-20 13:17:06 -0500

GregLarkin gravatar image

updated 2015-02-20 15:08:28 -0500

This is how I would do it, as you suggested above. This example is dynamic enough that you only have to edit the class code if/when you need another attribute passed to the sysctl resource.

I implemented the test code directly with Puppet, but there's no reason I couldn't have listed my sysctls in Hiera and pulled them into my wrapper class using automatic parameter binding.

https://gist.github.com/greglarkin/8507e415f15f0a26ef29

Also, please note that you will have to enable the future parser for the each() function to work. Add the following line to the [main] stanza in your puppet.conf and you should be all set:

parser = future
edit flag offensive delete link more

Comments

Thanks! This is just what I was looking for.

EricL gravatar imageEricL ( 2015-02-20 14:31:12 -0500 )edit

I forgot to mention that you will also need to set "parser = future" in your puppet.conf file. When you have a moment, would you mind marking my answer as correct? I appreciate it!

GregLarkin gravatar imageGregLarkin ( 2015-02-20 15:07:23 -0500 )edit

Done, thanks again Greg

EricL gravatar imageEricL ( 2015-02-20 16:39:57 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-02-20 11:21:46 -0500

Seen: 781 times

Last updated: Feb 20 '15