Ask Your Question
0

How validate the mount points and ensure that it is an expected state

asked 2017-09-26 09:00:00 -0600

shajics gravatar image

I am trying to puppetize a post install script for database and the requirement is to puppetize a section for mount points

What it does ? 1. Check if storage volumes are actually mounted 2. Check directory permissions { For each directory being checked specify directory:permissions:user:group to audit} 3. Check NFS mount options {RAC and non-RAC hosts may have different requirements}

After sometime of research, i found the mount resource type, but it mandates device name, But I am not worried about the device and just need to ensure that the the mounts exists, Do we have any other option of doing it,. ?

Below is the bash code --

#

Check if storage volumes are actually mounted

#

MOUNTPOINT_LIST="/n01/oraadmin1 /s01/oraadmin1 /n01/oraarch1 /n01/oraarch2 /n01/oracluster1 /n01/oradata1 /n01/oraggsbin /n01/oraggsdata /s01/oradata1"

Original list included oraflash1, but this is an optional mount on some systems.

MOUNTPOINT_LIST="/n01/oraadmin1 /s01/oraadmin1 /n01/oraarch1 /n01/oraarch2 /n01/oracluster1 /n01/oradata1 /n01/oraflash1 /n01/oraggsbin /n01/oraggsdata

/s01/oradata1"

for THISMOUNT in $MOUNTPOINTLIST; do if [[ ! -L $THISMOUNT ]]; then if [ cat /etc/fstab | grep -i $THIS_MOUNT | wc -l -gt 0 ] then #Test if storage is mounted MOUNTEDFSCHECK=df -k $THIS_MOUNT | grep $THIS_MOUNT if [[ -z $MOUNTEDFSCHECK ]]; then puterror "$THIS_MOUNT storage is not mounted. " fi fi fi done

#

Check directory permissions

For each directory being checked specify directory:permissions:user:group to audit

#

if [[ $PLATFORM == 'SLES' ]] then DIRPERMSTUPLELIST="/dba:755:oracle:dba /home/oracle:755:oracle:oinstall /n01/oraadmin1:755:oracle:dba /s01/oraadmin1:755:oracle:dba /n01/oraarch1:755:oracle:dba

/n01/oraarch2:755:oracle:dba /n01/oracluster1:755:oracle:dba /n01/oradata1:755:oracle:dba /n01/oraflash1:755:oracle:dba /n01/oraggsbin:755:ggs:ggs

/n01/oraggsdata:755:ggs:ggs /s01/oradata1:755:oracle:dba /tmp:1777:root:root /u01:755:oracle:oinstall /u01/app:755:oracle:oinstall /u01/app/oracle:755:oracle:oinstall" else DIRPERMSTUPLELIST="/dba:755:oracle:dba /home/oracle:700:oracle:oinstall /n01/oraadmin1:755:oracle:dba /s01/oraadmin1:755:oracle:dba /n01/oraarch1:755:oracle:dba

/n01/oraarch2:755:oracle:dba /n01/oracluster1:755:oracle:dba /n01/oradata1:755:oracle:dba /n01/oraflash1:755:oracle:dba /n01/oraggsbin:755:ggs:ggs

/n01/oraggsdata:755:ggs:ggs /s01/oradata1:755:oracle:dba /tmp:1777:root:root /u01:755:oracle:oinstall /u01/app:755:oracle:oinstall /u01/app/oracle:755:oracle:oinstall" fi

for THISTUPLE in $DIRPERMSTUPLELIST; do unset THISDIRECTORY THISPERMISSIONS THISUSER THISGROUP PERMISSIONSCHECK USERCHECK GROUPCHECK THISDIRECTORY=echo $THIS_TUPLE | $AWK 'BEGIN {FS=":"} {print $1}' THISPERMISSIONS=echo $THIS_TUPLE | $AWK 'BEGIN {FS=":"} {print $2}' THISUSER=echo $THIS_TUPLE | $AWK 'BEGIN {FS=":"} {print $3}' THISGROUP=echo $THIS_TUPLE | $AWK 'BEGIN {FS=":"} {print $4}' if [[ ! -L $THISDIRECTORY ]]; then PERMISSIONSCHECK=find $THIS_DIRECTORY -maxdepth 0 -perm $THIS_PERMISSIONS -type d if [[ -z $PERMISSIONSCHECK ]]; then puterror "$THISDIRECTORY Permissions" "$THISPERMISSIONS" fi USERCHECK=find $THIS_DIRECTORY -maxdepth 0 -user ... (more)

edit retag flag offensive close merge delete

Comments

Is your system powerd by the systemd operating system? Then you could use the appropriate directives. With puppet's `mount` resource type, to ensure a line exists in `/etc/fstab`, you specify along its attributes `ensure => defined` (thus not enforcing any mount status). I refer to reesek's answer.

Kai Burghardt gravatar imageKai Burghardt ( 2017-09-27 18:15:34 -0600 )edit

2 Answers

Sort by » oldest newest most voted
2

answered 2017-09-26 09:58:51 -0600

reesek gravatar image

From what I read, you shouldn't need any scripts to do what you're seeking. Instead, use the native file and mount resource types to achieve the desired state:

For example:

if [[ $PLATFORM == 'SLES' ]] then DIRPERMSTUPLELIST="/dba:755:oracle:dba /home/oracle:755:oracle:oinstall /n01/oraadmin1:755:oracle:dba /s01/oraadmin1:755:oracle:dba /n01/oraarch1:755:oracle:dba blah blah blah

Would translate into the native file type like (I just picked one from the list to illustrate):

file { [ '/n01', '/n01/oraadmin1']:
  ensure => directory,
   owner => 'oracle',
   group => 'dba',
    mode => '0755',
}

mount { 'oraadmin1':
   name => '/n01/oraadmin1',
 ensure => mounted',
 device => 'netapp1:/vol/oraadmin1',
options => 'rw,bg,hard,nointr,rsize=32768,wsize=32768,tcp,nfsvers=3',
 fstype => 'nfs',
require => File['/n01/oraadmin1'],

}

Declare a file resource type for each of your tuples in the above format, and I think that gets you what you're looking for.

In terms of handling the different requirements, lean on hiera or data in modules to separate your data from your code.

edit flag offensive delete link more
0

answered 2017-09-27 08:24:23 -0600

shajics gravatar image

updated 2017-09-27 14:10:02 -0600

reesek gravatar image

I tried your option and while running in noop mode got below output, Does absent means an error as the filesystem exists and is mounted with right options.

orf-ora11204-3:/etc/puppet/modules/phase60/manifests # puppet apply --modulepath=/etc/puppet/modules --noop  /etc/puppet/manifests/site.pp

Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Notice: Compiled catalog for orf-ora11204-3.int.thomsonreuters.com in environment production in 1.25 seconds
Notice: /Stage[main]/Phase60::Nfs_mountpoints/Mount[oraadmin1]/pass: current_value absent, should be 0 (noop)
Notice: /Stage[main]/Phase60::Nfs_mountpoints/Mount[oraadmin1]/dump: current_value absent, should be 0 (noop)
Notice: /Stage[main]/Phase60::Nfs_mountpoints/Mount[oraadmin1]: Would have triggered 'refresh' from 2 events
Notice: Class[Phase60::Nfs_mountpoints]: Would have triggered 'refresh' from 3 events
Notice: Stage[main]: Would have triggered 'refresh' from 1 events
Notice: Finished catalog run in 2.58 seconds
orf-ora11204-3:/etc/puppet/modules/phase60/manifests #




orf-ora11204-3:/etc/puppet/modules/phase60/manifests # cat nfs_mountpoints.pp

class phase60::nfs_mountpoints
(
  $data_vfiler_nosnap     = $::data_vfiler_nosnap,
  $data_vfiler_snap_data  = $::data_vfiler_snap_data,
  $data_vfiler_snap_admin = $::data_vfiler_snap_admin,
  $arch1_filer            = $::arch1_filer,
  $arch2_filer            = $::arch2_filer,
  $nfs_options1           = 'rw,bg,nfsvers=3,tcp,hard,nointr,timeo=600,rsize=32768,wsize=32768,actimeo=0,noac',
  $nfs_options2           = 'rw,bg,nfsvers=3,tcp,hard,nointr,timeo=600,rsize=32768,wsize=32768',
  $nfs_options3           = 'rw,bg,nfsvers=3,tcp,hard,nointr,timeo=600,rsize=32768,wsize=32768,actimeo=0',
){

  file { [ '/n01', '/n01/oraadmin1']:
    ensure => directory,
     owner => 'oracle',
     group => 'dba',
      mode => '0755',
  }

  mount { 'oraadmin1':
    name    => '/n01/oraadmin1',
     ensure => mounted,
     device => "${data_vfiler_nosnap}/n01oraadmin1",
    options => "$nfs_options2",
     fstype => 'nfs',
    require => File['/n01/oraadmin1'],
  }
}

orf-ora11204-3:/etc/puppet/modules/phase60/manifests #
edit flag offensive delete link more

Comments

The output is indicating that it would inject the pass & dump fields for the `/n01/oraadmin1` entry into /etc/fstab as they are missing (absent). Since pass/dump aren't specified attributes within the mount type, the defaults of 0 are assumed. Otherwise, yes, the dir exists and the vol is mounted.

reesek gravatar imagereesek ( 2017-09-27 14:18:48 -0600 )edit

Lastly, since a change would have occurred, Puppet would attempt remount the volume.

reesek gravatar imagereesek ( 2017-09-27 14:21:04 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2017-09-26 09:00:00 -0600

Seen: 46 times

Last updated: Sep 27