475 lines
26 KiB
HTML
475 lines
26 KiB
HTML
|
|
||
|
|
||
|
<!DOCTYPE html>
|
||
|
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
|
||
|
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
|
||
|
<head>
|
||
|
<meta charset="utf-8">
|
||
|
|
||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
|
|
||
|
<title>22. Best practice — cdist 4.10.8 documentation</title>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
|
||
|
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
|
||
|
<link rel="index" title="Index" href="genindex.html" />
|
||
|
<link rel="search" title="Search" href="search.html" />
|
||
|
<link rel="next" title="23. Execution stages" href="cdist-stages.html" />
|
||
|
<link rel="prev" title="21. Reference" href="cdist-reference.html" />
|
||
|
|
||
|
|
||
|
<script src="_static/js/modernizr.min.js"></script>
|
||
|
|
||
|
</head>
|
||
|
|
||
|
<body class="wy-body-for-nav">
|
||
|
|
||
|
|
||
|
<div class="wy-grid-for-nav">
|
||
|
|
||
|
|
||
|
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
|
||
|
<div class="wy-side-scroll">
|
||
|
<div class="wy-side-nav-search">
|
||
|
|
||
|
|
||
|
|
||
|
<a href="index.html" class="icon icon-home"> cdist
|
||
|
|
||
|
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<div class="version">
|
||
|
4.10.8
|
||
|
</div>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<div role="search">
|
||
|
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
|
||
|
<input type="text" name="q" placeholder="Search docs" />
|
||
|
<input type="hidden" name="check_keywords" value="yes" />
|
||
|
<input type="hidden" name="area" value="default" />
|
||
|
</form>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
</div>
|
||
|
|
||
|
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<ul class="current">
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-intro.html">1. cdist - usable configuration management</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-why.html">2. Why should I use cdist?</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-os.html">3. Supported Operating Systems</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-install.html">4. How to install cdist</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-update.html">5. How to update cdist</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-support.html">6. Support</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-features.html">7. Features</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-quickstart.html">8. Quickstart</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-real-world.html">9. Dive into real world cdist</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="man1/cdist.html">10. cdist(1)</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-bootstrap.html">11. Bootstrap</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-configuration.html">12. Configuration</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-manifest.html">13. Manifest</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-type.html">14. cdist type</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-types.html">15. cdist types</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-explorer.html">16. Explorer</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-messaging.html">17. Messaging</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-parallelization.html">18. Parallelization</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-inventory.html">19. Inventory</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-integration.html">20. cdist integration / using cdist as library</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-reference.html">21. Reference</a></li>
|
||
|
<li class="toctree-l1 current"><a class="current reference internal" href="#">22. Best practice</a><ul>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#passwordless-connections">22.1. Passwordless connections</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#speeding-up-ssh-connections">22.2. Speeding up ssh connections</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#speeding-up-shell-execution">22.3. Speeding up shell execution</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#multi-master-or-environment-setups">22.4. Multi master or environment setups</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#separating-work-by-groups">22.5. Separating work by groups</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#maintaining-multiple-configurations">22.6. Maintaining multiple configurations</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#multiple-developers-with-different-trust">22.7. Multiple developers with different trust</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#templating">22.8. Templating</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#testing-a-new-type">22.9. Testing a new type</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#other-content-in-cdist-repository">22.10. Other content in cdist repository</a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-stages.html">23. Execution stages</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-cache.html">24. Local cache overview</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-saving-output-streams.html">25. Saving output streams</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-remote-exec-copy.html">26. Remote exec and copy commands</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-hacker.html">27. Hacking</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-troubleshooting.html">28. Troubleshooting</a></li>
|
||
|
</ul>
|
||
|
|
||
|
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
</nav>
|
||
|
|
||
|
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
|
||
|
|
||
|
|
||
|
<nav class="wy-nav-top" aria-label="top navigation">
|
||
|
|
||
|
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
|
||
|
<a href="index.html">cdist</a>
|
||
|
|
||
|
</nav>
|
||
|
|
||
|
|
||
|
<div class="wy-nav-content">
|
||
|
|
||
|
<div class="rst-content">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<div role="navigation" aria-label="breadcrumbs navigation">
|
||
|
|
||
|
<ul class="wy-breadcrumbs">
|
||
|
|
||
|
<li><a href="index.html">Docs</a> »</li>
|
||
|
|
||
|
<li>22. Best practice</li>
|
||
|
|
||
|
|
||
|
<li class="wy-breadcrumbs-aside">
|
||
|
|
||
|
|
||
|
<a href="_sources/cdist-best-practice.rst.txt" rel="nofollow"> View page source</a>
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
|
||
|
|
||
|
<hr/>
|
||
|
</div>
|
||
|
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
|
||
|
<div itemprop="articleBody">
|
||
|
|
||
|
<div class="section" id="best-practice">
|
||
|
<h1>22. Best practice<a class="headerlink" href="#best-practice" title="Permalink to this headline">¶</a></h1>
|
||
|
<p>Practices used in real environments</p>
|
||
|
<div class="section" id="passwordless-connections">
|
||
|
<h2>22.1. Passwordless connections<a class="headerlink" href="#passwordless-connections" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>It is recommended to run cdist with public key authentication.
|
||
|
This requires a private/public key pair and the entry
|
||
|
"PermitRootLogin without-password" in the sshd server.
|
||
|
See sshd_config(5) and ssh-keygen(1).</p>
|
||
|
</div>
|
||
|
<div class="section" id="speeding-up-ssh-connections">
|
||
|
<h2>22.2. Speeding up ssh connections<a class="headerlink" href="#speeding-up-ssh-connections" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>When connecting to a new host, the initial delay with ssh connections
|
||
|
is pretty big. As cdist makes many connections to each host successive
|
||
|
connections can be sped up by "sharing of multiple sessions over a single
|
||
|
network connection" (quote from ssh_config(5)). This is also called "connection
|
||
|
multiplexing".</p>
|
||
|
<p>Cdist implements this since v4.0.0 by executing ssh with the appropriate
|
||
|
options (<cite>-o ControlMaster=auto -o ControlPath=/tmp/<tmpdir>/s -o
|
||
|
ControlPersist=2h</cite>).</p>
|
||
|
<p>Note that the sshd_config on the server can configure the maximum number of
|
||
|
parallel multiplexed connections this with <cite>MaxSessions N</cite> (N defaults to 10
|
||
|
for OpenSSH v7.4).</p>
|
||
|
</div>
|
||
|
<div class="section" id="speeding-up-shell-execution">
|
||
|
<h2>22.3. Speeding up shell execution<a class="headerlink" href="#speeding-up-shell-execution" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>On the source host, ensure that /bin/sh is <em>not</em> bash: bash is quite slow for
|
||
|
script execution. Instead, you could use dash after installing it:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">ln</span> <span class="o">-</span><span class="n">sf</span> <span class="o">/</span><span class="nb">bin</span><span class="o">/</span><span class="n">dash</span> <span class="o">/</span><span class="nb">bin</span><span class="o">/</span><span class="n">sh</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="multi-master-or-environment-setups">
|
||
|
<h2>22.4. Multi master or environment setups<a class="headerlink" href="#multi-master-or-environment-setups" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you plan to distribute cdist among servers or use different
|
||
|
environments, you can do so easily with the included version
|
||
|
control git. For instance if you plan to use the typical three
|
||
|
environments production, integration and development, you can
|
||
|
realise this with git branches:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># Go to cdist checkout</span>
|
||
|
<span class="n">cd</span> <span class="o">/</span><span class="n">path</span><span class="o">/</span><span class="n">to</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
|
||
|
<span class="c1"># Create branches</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">development</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">integration</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">production</span>
|
||
|
|
||
|
<span class="c1"># Make use of a branch, for instance production</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">production</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<p>Similar if you want to have cdist checked out at multiple machines,
|
||
|
you can clone it multiple times:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">machine</span><span class="o">-</span><span class="n">a</span> <span class="o">%</span> <span class="n">git</span> <span class="n">clone</span> <span class="n">git</span><span class="p">:</span><span class="o">//</span><span class="n">your</span><span class="o">-</span><span class="n">git</span><span class="o">-</span><span class="n">server</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
<span class="n">machine</span><span class="o">-</span><span class="n">b</span> <span class="o">%</span> <span class="n">git</span> <span class="n">clone</span> <span class="n">git</span><span class="p">:</span><span class="o">//</span><span class="n">your</span><span class="o">-</span><span class="n">git</span><span class="o">-</span><span class="n">server</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="separating-work-by-groups">
|
||
|
<h2>22.5. Separating work by groups<a class="headerlink" href="#separating-work-by-groups" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you are working with different groups on one cdist-configuration,
|
||
|
you can delegate to other manifests and have the groups edit only
|
||
|
their manifests. You can use the following snippet in
|
||
|
<strong>conf/manifests/init</strong>:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># Include other groups</span>
|
||
|
<span class="n">sh</span> <span class="o">-</span><span class="n">e</span> <span class="s2">"$__manifest/systems"</span>
|
||
|
|
||
|
<span class="n">sh</span> <span class="o">-</span><span class="n">e</span> <span class="s2">"$__manifest/cbrg"</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="maintaining-multiple-configurations">
|
||
|
<h2>22.6. Maintaining multiple configurations<a class="headerlink" href="#maintaining-multiple-configurations" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>When you need to manage multiple sites with cdist, like company_a, company_b
|
||
|
and private for instance, you can easily use git for this purpose.
|
||
|
Including a possible common base that is reused across the different sites:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># create branches</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">company_a</span> <span class="n">company_b</span> <span class="n">common</span> <span class="n">private</span>
|
||
|
|
||
|
<span class="c1"># make stuff for company a</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">company_a</span>
|
||
|
<span class="c1"># work, commit, etc.</span>
|
||
|
|
||
|
<span class="c1"># make stuff for company b</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">company_b</span>
|
||
|
<span class="c1"># work, commit, etc.</span>
|
||
|
|
||
|
<span class="c1"># make stuff relevant for all sites</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">common</span>
|
||
|
<span class="c1"># work, commit, etc.</span>
|
||
|
|
||
|
<span class="c1"># change to private and include latest common stuff</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">private</span>
|
||
|
<span class="n">git</span> <span class="n">merge</span> <span class="n">common</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<p>The following <strong>.git/config</strong> is taken from a real world scenario:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># Track upstream, merge from time to time</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"upstream"</span><span class="p">]</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="n">git</span><span class="p">:</span><span class="o">//</span><span class="n">git</span><span class="o">.</span><span class="n">schottelius</span><span class="o">.</span><span class="n">org</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">upstream</span><span class="o">/*</span>
|
||
|
|
||
|
<span class="c1"># Same as upstream, but works when being offline</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"local"</span><span class="p">]</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">local</span><span class="o">/*</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">users</span><span class="o">/</span><span class="n">nico</span><span class="o">/</span><span class="n">p</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
|
||
|
<span class="c1"># Remote containing various ETH internal branches</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"eth"</span><span class="p">]</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="n">sans</span><span class="o">.</span><span class="n">ethz</span><span class="o">.</span><span class="n">ch</span><span class="p">:</span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">services</span><span class="o">/</span><span class="n">sans</span><span class="o">/</span><span class="n">git</span><span class="o">/</span><span class="n">cdist</span><span class="o">-</span><span class="n">eth</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">eth</span><span class="o">/*</span>
|
||
|
|
||
|
<span class="c1"># Public remote that contains my private changes to cdist upstream</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"nico"</span><span class="p">]</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="n">git</span><span class="o">.</span><span class="n">schottelius</span><span class="o">.</span><span class="n">org</span><span class="p">:</span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">services</span><span class="o">/</span><span class="n">git</span><span class="o">/</span><span class="n">cdist</span><span class="o">-</span><span class="n">nico</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">nico</span><span class="o">/*</span>
|
||
|
|
||
|
<span class="c1"># The "nico" branch will be synced with the remote nico, branch master</span>
|
||
|
<span class="p">[</span><span class="n">branch</span> <span class="s2">"nico"</span><span class="p">]</span>
|
||
|
<span class="n">remote</span> <span class="o">=</span> <span class="n">nico</span>
|
||
|
<span class="n">merge</span> <span class="o">=</span> <span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/</span><span class="n">master</span>
|
||
|
|
||
|
<span class="c1"># ETH stable contains rock solid configurations used in various places</span>
|
||
|
<span class="p">[</span><span class="n">branch</span> <span class="s2">"eth-stable"</span><span class="p">]</span>
|
||
|
<span class="n">remote</span> <span class="o">=</span> <span class="n">eth</span>
|
||
|
<span class="n">merge</span> <span class="o">=</span> <span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/</span><span class="n">stable</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<p>Have a look at git-remote(1) to adjust the remote configuration, which allows</p>
|
||
|
</div>
|
||
|
<div class="section" id="multiple-developers-with-different-trust">
|
||
|
<h2>22.7. Multiple developers with different trust<a class="headerlink" href="#multiple-developers-with-different-trust" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you are working in an environment that requires different people to
|
||
|
work on the same configuration, but having different privileges, you can
|
||
|
implement this scenario with a gateway host and sudo:</p>
|
||
|
<ul>
|
||
|
<li><p class="first">Create a dedicated user (for instance <strong>cdist</strong>)</p>
|
||
|
</li>
|
||
|
<li><p class="first">Setup the ssh-pubkey for this user that has the right to configure all hosts</p>
|
||
|
</li>
|
||
|
<li><p class="first">Create a wrapper to update the cdist configuration in ~cdist/cdist</p>
|
||
|
</li>
|
||
|
<li><p class="first">Allow every developer to execute this script via sudo as the user cdist</p>
|
||
|
</li>
|
||
|
<li><p class="first">Allow run of cdist as user cdist on specific hosts on a per user/group basis.</p>
|
||
|
<blockquote>
|
||
|
<div><ul class="simple">
|
||
|
<li>f.i. nico ALL=(ALL) NOPASSWD: /home/cdist/bin/cdist config hostabc</li>
|
||
|
</ul>
|
||
|
</div></blockquote>
|
||
|
</li>
|
||
|
</ul>
|
||
|
<p>For more details consult sudoers(5)</p>
|
||
|
</div>
|
||
|
<div class="section" id="templating">
|
||
|
<h2>22.8. Templating<a class="headerlink" href="#templating" title="Permalink to this headline">¶</a></h2>
|
||
|
<ul class="simple">
|
||
|
<li>create directory files/ in your type (convention)</li>
|
||
|
<li>create the template as an executable file like files/basic.conf.sh, it will output text using shell variables for the values</li>
|
||
|
</ul>
|
||
|
<div class="highlight-sh notranslate"><div class="highlight"><pre><span></span><span class="ch">#!/bin/sh</span>
|
||
|
<span class="c1"># in the template, use cat << eof (here document) to output the text</span>
|
||
|
<span class="c1"># and use standard shell variables in the template</span>
|
||
|
<span class="c1"># output everything in the template script to stdout</span>
|
||
|
cat <span class="s"><< EOF</span>
|
||
|
<span class="s">server {</span>
|
||
|
<span class="s"> listen 80;</span>
|
||
|
<span class="s"> server_name $SERVERNAME;</span>
|
||
|
<span class="s"> root $ROOT;</span>
|
||
|
|
||
|
<span class="s"> access_log /var/log/nginx/$SERVERNAME_access.log</span>
|
||
|
<span class="s"> error_log /var/log/nginx/$SERVERNAME_error.log</span>
|
||
|
<span class="s">}</span>
|
||
|
<span class="s">EOF</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<ul class="simple">
|
||
|
<li>in the manifest, export the relevant variables and add the following lines to your manifest:</li>
|
||
|
</ul>
|
||
|
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">#</span> <span class="nb">export</span> variables needed <span class="k">for</span> the template
|
||
|
<span class="go"> export SERVERNAME='test"</span>
|
||
|
<span class="go"> export ROOT='/var/www/test'</span>
|
||
|
<span class="gp">#</span> render the template
|
||
|
<span class="go"> mkdir -p "$__object/files"</span>
|
||
|
<span class="go"> "$__type/files/basic.conf.sh" > "$__object/files/basic.conf"</span>
|
||
|
<span class="gp">#</span> send the rendered template
|
||
|
<span class="go"> __file /etc/nginx/sites-available/test.conf \</span>
|
||
|
<span class="go"> --state present</span>
|
||
|
<span class="go"> --source "$__object/files/basic.conf"</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="testing-a-new-type">
|
||
|
<h2>22.9. Testing a new type<a class="headerlink" href="#testing-a-new-type" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you want to test a new type on a node, you can tell cdist to only use an
|
||
|
object of this type: Use the '--initial-manifest' parameter
|
||
|
with - (stdin) as argument and feed object into stdin
|
||
|
of cdist:</p>
|
||
|
<div class="highlight-sh notranslate"><div class="highlight"><pre><span></span><span class="c1"># Singleton type without parameter</span>
|
||
|
<span class="nb">echo</span> __ungleich_munin_server <span class="p">|</span> cdist --initial-manifest - munin.panter.ch
|
||
|
|
||
|
<span class="c1"># Singleton type with parameter</span>
|
||
|
<span class="nb">echo</span> __ungleich_munin_node --allow <span class="m">1</span>.2.3.4 <span class="p">|</span> <span class="se">\</span>
|
||
|
cdist --initial-manifest - rails-19.panter.ch
|
||
|
|
||
|
<span class="c1"># Normal type</span>
|
||
|
<span class="nb">echo</span> __file /tmp/stdintest --mode <span class="m">0644</span> <span class="p">|</span> <span class="se">\</span>
|
||
|
cdist --initial-manifest - cdist-dev-01.ungleich.ch
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="other-content-in-cdist-repository">
|
||
|
<h2>22.10. Other content in cdist repository<a class="headerlink" href="#other-content-in-cdist-repository" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>Usually the cdist repository contains all configuration
|
||
|
items. Sometimes you may have additional resources that
|
||
|
you would like to store in your central configuration
|
||
|
repository (like password files from KeepassX,
|
||
|
Libreoffice diagrams, etc.).</p>
|
||
|
<p>It is recommended to use a subfolder named "non-cdist"
|
||
|
in the repository for such content: It allows you to
|
||
|
easily distinguish what is used by cdist and what is not
|
||
|
and also to store all important files in one
|
||
|
repository.</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
</div>
|
||
|
|
||
|
</div>
|
||
|
<footer>
|
||
|
|
||
|
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
|
||
|
|
||
|
<a href="cdist-stages.html" class="btn btn-neutral float-right" title="23. Execution stages" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right"></span></a>
|
||
|
|
||
|
|
||
|
<a href="cdist-reference.html" class="btn btn-neutral" title="21. Reference" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left"></span> Previous</a>
|
||
|
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<hr/>
|
||
|
|
||
|
<div role="contentinfo">
|
||
|
<p>
|
||
|
© Copyright
|
||
|
|
||
|
</p>
|
||
|
</div>
|
||
|
Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/rtfd/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
|
||
|
|
||
|
</footer>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
</section>
|
||
|
|
||
|
</div>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
|
||
|
<script type="text/javascript" src="_static/jquery.js"></script>
|
||
|
<script type="text/javascript" src="_static/underscore.js"></script>
|
||
|
<script type="text/javascript" src="_static/doctools.js"></script>
|
||
|
<script async="async" type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS-MML_HTMLorMML"></script>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<script type="text/javascript" src="_static/js/theme.js"></script>
|
||
|
|
||
|
<script type="text/javascript">
|
||
|
jQuery(function () {
|
||
|
SphinxRtdTheme.Navigation.enable(true);
|
||
|
});
|
||
|
</script>
|
||
|
|
||
|
</body>
|
||
|
</html>
|