494 lines
26 KiB
HTML
494 lines
26 KiB
HTML
|
|
||
|
|
||
|
<!DOCTYPE html>
|
||
|
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
|
||
|
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
|
||
|
<head>
|
||
|
<meta charset="utf-8">
|
||
|
|
||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
|
|
||
|
<title>21. Best practice — cdist 4.10.1 documentation</title>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<link rel="index" title="Index"
|
||
|
href="genindex.html"/>
|
||
|
<link rel="search" title="Search" href="search.html"/>
|
||
|
<link rel="top" title="cdist 4.10.1 documentation" href="index.html"/>
|
||
|
<link rel="next" title="22. Execution stages" href="cdist-stages.html"/>
|
||
|
<link rel="prev" title="20. Reference" href="cdist-reference.html"/>
|
||
|
|
||
|
|
||
|
<script src="_static/js/modernizr.min.js"></script>
|
||
|
|
||
|
</head>
|
||
|
|
||
|
<body class="wy-body-for-nav" role="document">
|
||
|
|
||
|
|
||
|
<div class="wy-grid-for-nav">
|
||
|
|
||
|
|
||
|
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
|
||
|
<div class="wy-side-scroll">
|
||
|
<div class="wy-side-nav-search">
|
||
|
|
||
|
|
||
|
|
||
|
<a href="index.html" class="icon icon-home"> cdist
|
||
|
|
||
|
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<div class="version">
|
||
|
4.10.1
|
||
|
</div>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<div role="search">
|
||
|
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
|
||
|
<input type="text" name="q" placeholder="Search docs" />
|
||
|
<input type="hidden" name="check_keywords" value="yes" />
|
||
|
<input type="hidden" name="area" value="default" />
|
||
|
</form>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
</div>
|
||
|
|
||
|
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<ul class="current">
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-intro.html">1. cdist - usable configuration management</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-why.html">2. Why should I use cdist?</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-os.html">3. Supported Operating Systems</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-install.html">4. How to install cdist</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-update.html">5. How to update cdist</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-support.html">6. Support</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-features.html">7. Features</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-quickstart.html">8. Quickstart</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="man1/cdist.html">9. cdist(1)</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-bootstrap.html">10. Bootstrap</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-configuration.html">11. Configuration</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-manifest.html">12. Manifest</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-type.html">13. cdist type</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-types.html">14. cdist types</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-explorer.html">15. Explorer</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-messaging.html">16. Messaging</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-parallelization.html">17. Parallelization</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-inventory.html">18. Inventory</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-integration.html">19. cdist integration / using cdist as library</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-reference.html">20. Reference</a></li>
|
||
|
<li class="toctree-l1 current"><a class="current reference internal" href="#">21. Best practice</a><ul>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#passwordless-connections">21.1. Passwordless connections</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#speeding-up-ssh-connections">21.2. Speeding up ssh connections</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#speeding-up-shell-execution">21.3. Speeding up shell execution</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#multi-master-or-environment-setups">21.4. Multi master or environment setups</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#separating-work-by-groups">21.5. Separating work by groups</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#maintaining-multiple-configurations">21.6. Maintaining multiple configurations</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#multiple-developers-with-different-trust">21.7. Multiple developers with different trust</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#templating">21.8. Templating</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#testing-a-new-type">21.9. Testing a new type</a></li>
|
||
|
<li class="toctree-l2"><a class="reference internal" href="#other-content-in-cdist-repository">21.10. Other content in cdist repository</a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-stages.html">22. Execution stages</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-cache.html">23. Local cache overview</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-saving-output-streams.html">24. Saving output streams</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-remote-exec-copy.html">25. Remote exec and copy commands</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-hacker.html">26. Hacking</a></li>
|
||
|
<li class="toctree-l1"><a class="reference internal" href="cdist-troubleshooting.html">27. Troubleshooting</a></li>
|
||
|
</ul>
|
||
|
|
||
|
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
</nav>
|
||
|
|
||
|
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
|
||
|
|
||
|
|
||
|
<nav class="wy-nav-top" role="navigation" aria-label="top navigation">
|
||
|
|
||
|
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
|
||
|
<a href="index.html">cdist</a>
|
||
|
|
||
|
</nav>
|
||
|
|
||
|
|
||
|
|
||
|
<div class="wy-nav-content">
|
||
|
<div class="rst-content">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<div role="navigation" aria-label="breadcrumbs navigation">
|
||
|
|
||
|
<ul class="wy-breadcrumbs">
|
||
|
|
||
|
<li><a href="index.html">Docs</a> »</li>
|
||
|
|
||
|
<li>21. Best practice</li>
|
||
|
|
||
|
|
||
|
<li class="wy-breadcrumbs-aside">
|
||
|
|
||
|
|
||
|
<a href="_sources/cdist-best-practice.rst.txt" rel="nofollow"> View page source</a>
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
|
||
|
|
||
|
<hr/>
|
||
|
</div>
|
||
|
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
|
||
|
<div itemprop="articleBody">
|
||
|
|
||
|
<div class="section" id="best-practice">
|
||
|
<h1>21. Best practice<a class="headerlink" href="#best-practice" title="Permalink to this headline">¶</a></h1>
|
||
|
<p>Practices used in real environments</p>
|
||
|
<div class="section" id="passwordless-connections">
|
||
|
<h2>21.1. Passwordless connections<a class="headerlink" href="#passwordless-connections" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>It is recommended to run cdist with public key authentication.
|
||
|
This requires a private/public key pair and the entry
|
||
|
"PermitRootLogin without-password" in the sshd server.
|
||
|
See sshd_config(5) and ssh-keygen(1).</p>
|
||
|
</div>
|
||
|
<div class="section" id="speeding-up-ssh-connections">
|
||
|
<h2>21.2. Speeding up ssh connections<a class="headerlink" href="#speeding-up-ssh-connections" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>When connecting to a new host, the initial delay with ssh connections
|
||
|
is pretty big. You can work around this by
|
||
|
"sharing of multiple sessions over a single network connection"
|
||
|
(quote from ssh_config(5)). The following code is suitable for
|
||
|
inclusion into your ~/.ssh/config:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">Host</span> <span class="o">*</span>
|
||
|
<span class="n">ControlPath</span> <span class="o">~/.</span><span class="n">ssh</span><span class="o">/</span><span class="n">master</span><span class="o">-%</span><span class="n">l</span><span class="o">-%</span><span class="n">r</span><span class="o">@%</span><span class="n">h</span><span class="p">:</span><span class="o">%</span><span class="n">p</span>
|
||
|
<span class="n">ControlMaster</span> <span class="n">auto</span>
|
||
|
<span class="n">ControlPersist</span> <span class="mi">10</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="speeding-up-shell-execution">
|
||
|
<h2>21.3. Speeding up shell execution<a class="headerlink" href="#speeding-up-shell-execution" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>On the source host, ensure that /bin/sh is <em>not</em> bash: bash is quite slow for
|
||
|
script execution. Instead, you could use dash after installing it:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">ln</span> <span class="o">-</span><span class="n">sf</span> <span class="o">/</span><span class="nb">bin</span><span class="o">/</span><span class="n">dash</span> <span class="o">/</span><span class="nb">bin</span><span class="o">/</span><span class="n">sh</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="multi-master-or-environment-setups">
|
||
|
<h2>21.4. Multi master or environment setups<a class="headerlink" href="#multi-master-or-environment-setups" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you plan to distribute cdist among servers or use different
|
||
|
environments, you can do so easily with the included version
|
||
|
control git. For instance if you plan to use the typical three
|
||
|
environments production, integration and development, you can
|
||
|
realise this with git branches:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># Go to cdist checkout</span>
|
||
|
<span class="n">cd</span> <span class="o">/</span><span class="n">path</span><span class="o">/</span><span class="n">to</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
|
||
|
<span class="c1"># Create branches</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">development</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">integration</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">production</span>
|
||
|
|
||
|
<span class="c1"># Make use of a branch, for instance production</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">production</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<p>Similar if you want to have cdist checked out at multiple machines,
|
||
|
you can clone it multiple times:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">machine</span><span class="o">-</span><span class="n">a</span> <span class="o">%</span> <span class="n">git</span> <span class="n">clone</span> <span class="n">git</span><span class="p">:</span><span class="o">//</span><span class="n">your</span><span class="o">-</span><span class="n">git</span><span class="o">-</span><span class="n">server</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
<span class="n">machine</span><span class="o">-</span><span class="n">b</span> <span class="o">%</span> <span class="n">git</span> <span class="n">clone</span> <span class="n">git</span><span class="p">:</span><span class="o">//</span><span class="n">your</span><span class="o">-</span><span class="n">git</span><span class="o">-</span><span class="n">server</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="separating-work-by-groups">
|
||
|
<h2>21.5. Separating work by groups<a class="headerlink" href="#separating-work-by-groups" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you are working with different groups on one cdist-configuration,
|
||
|
you can delegate to other manifests and have the groups edit only
|
||
|
their manifests. You can use the following snippet in
|
||
|
<strong>conf/manifests/init</strong>:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># Include other groups</span>
|
||
|
<span class="n">sh</span> <span class="o">-</span><span class="n">e</span> <span class="s2">"$__manifest/systems"</span>
|
||
|
|
||
|
<span class="n">sh</span> <span class="o">-</span><span class="n">e</span> <span class="s2">"$__manifest/cbrg"</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="maintaining-multiple-configurations">
|
||
|
<h2>21.6. Maintaining multiple configurations<a class="headerlink" href="#maintaining-multiple-configurations" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>When you need to manage multiple sites with cdist, like company_a, company_b
|
||
|
and private for instance, you can easily use git for this purpose.
|
||
|
Including a possible common base that is reused across the different sites:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># create branches</span>
|
||
|
<span class="n">git</span> <span class="n">branch</span> <span class="n">company_a</span> <span class="n">company_b</span> <span class="n">common</span> <span class="n">private</span>
|
||
|
|
||
|
<span class="c1"># make stuff for company a</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">company_a</span>
|
||
|
<span class="c1"># work, commit, etc.</span>
|
||
|
|
||
|
<span class="c1"># make stuff for company b</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">company_b</span>
|
||
|
<span class="c1"># work, commit, etc.</span>
|
||
|
|
||
|
<span class="c1"># make stuff relevant for all sites</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">common</span>
|
||
|
<span class="c1"># work, commit, etc.</span>
|
||
|
|
||
|
<span class="c1"># change to private and include latest common stuff</span>
|
||
|
<span class="n">git</span> <span class="n">checkout</span> <span class="n">private</span>
|
||
|
<span class="n">git</span> <span class="n">merge</span> <span class="n">common</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<p>The following <strong>.git/config</strong> is taken from a real world scenario:</p>
|
||
|
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="c1"># Track upstream, merge from time to time</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"upstream"</span><span class="p">]</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="n">git</span><span class="p">:</span><span class="o">//</span><span class="n">git</span><span class="o">.</span><span class="n">schottelius</span><span class="o">.</span><span class="n">org</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">upstream</span><span class="o">/*</span>
|
||
|
|
||
|
<span class="c1"># Same as upstream, but works when being offline</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"local"</span><span class="p">]</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">local</span><span class="o">/*</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">users</span><span class="o">/</span><span class="n">nico</span><span class="o">/</span><span class="n">p</span><span class="o">/</span><span class="n">cdist</span>
|
||
|
|
||
|
<span class="c1"># Remote containing various ETH internal branches</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"eth"</span><span class="p">]</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="n">sans</span><span class="o">.</span><span class="n">ethz</span><span class="o">.</span><span class="n">ch</span><span class="p">:</span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">services</span><span class="o">/</span><span class="n">sans</span><span class="o">/</span><span class="n">git</span><span class="o">/</span><span class="n">cdist</span><span class="o">-</span><span class="n">eth</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">eth</span><span class="o">/*</span>
|
||
|
|
||
|
<span class="c1"># Public remote that contains my private changes to cdist upstream</span>
|
||
|
<span class="p">[</span><span class="n">remote</span> <span class="s2">"nico"</span><span class="p">]</span>
|
||
|
<span class="n">url</span> <span class="o">=</span> <span class="n">git</span><span class="o">.</span><span class="n">schottelius</span><span class="o">.</span><span class="n">org</span><span class="p">:</span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">services</span><span class="o">/</span><span class="n">git</span><span class="o">/</span><span class="n">cdist</span><span class="o">-</span><span class="n">nico</span>
|
||
|
<span class="n">fetch</span> <span class="o">=</span> <span class="o">+</span><span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/*</span><span class="p">:</span><span class="n">refs</span><span class="o">/</span><span class="n">remotes</span><span class="o">/</span><span class="n">nico</span><span class="o">/*</span>
|
||
|
|
||
|
<span class="c1"># The "nico" branch will be synced with the remote nico, branch master</span>
|
||
|
<span class="p">[</span><span class="n">branch</span> <span class="s2">"nico"</span><span class="p">]</span>
|
||
|
<span class="n">remote</span> <span class="o">=</span> <span class="n">nico</span>
|
||
|
<span class="n">merge</span> <span class="o">=</span> <span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/</span><span class="n">master</span>
|
||
|
|
||
|
<span class="c1"># ETH stable contains rock solid configurations used in various places</span>
|
||
|
<span class="p">[</span><span class="n">branch</span> <span class="s2">"eth-stable"</span><span class="p">]</span>
|
||
|
<span class="n">remote</span> <span class="o">=</span> <span class="n">eth</span>
|
||
|
<span class="n">merge</span> <span class="o">=</span> <span class="n">refs</span><span class="o">/</span><span class="n">heads</span><span class="o">/</span><span class="n">stable</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<p>Have a look at git-remote(1) to adjust the remote configuration, which allows</p>
|
||
|
</div>
|
||
|
<div class="section" id="multiple-developers-with-different-trust">
|
||
|
<h2>21.7. Multiple developers with different trust<a class="headerlink" href="#multiple-developers-with-different-trust" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you are working in an environment that requires different people to
|
||
|
work on the same configuration, but having different privileges, you can
|
||
|
implement this scenario with a gateway host and sudo:</p>
|
||
|
<ul>
|
||
|
<li><p class="first">Create a dedicated user (for instance <strong>cdist</strong>)</p>
|
||
|
</li>
|
||
|
<li><p class="first">Setup the ssh-pubkey for this user that has the right to configure all hosts</p>
|
||
|
</li>
|
||
|
<li><p class="first">Create a wrapper to update the cdist configuration in ~cdist/cdist</p>
|
||
|
</li>
|
||
|
<li><p class="first">Allow every developer to execute this script via sudo as the user cdist</p>
|
||
|
</li>
|
||
|
<li><p class="first">Allow run of cdist as user cdist on specific hosts on a per user/group basis.</p>
|
||
|
<blockquote>
|
||
|
<div><ul class="simple">
|
||
|
<li>f.i. nico ALL=(ALL) NOPASSWD: /home/cdist/bin/cdist config hostabc</li>
|
||
|
</ul>
|
||
|
</div></blockquote>
|
||
|
</li>
|
||
|
</ul>
|
||
|
<p>For more details consult sudoers(5)</p>
|
||
|
</div>
|
||
|
<div class="section" id="templating">
|
||
|
<h2>21.8. Templating<a class="headerlink" href="#templating" title="Permalink to this headline">¶</a></h2>
|
||
|
<ul class="simple">
|
||
|
<li>create directory files/ in your type (convention)</li>
|
||
|
<li>create the template as an executable file like files/basic.conf.sh, it will output text using shell variables for the values</li>
|
||
|
</ul>
|
||
|
<div class="highlight-sh notranslate"><div class="highlight"><pre><span></span><span class="ch">#!/bin/sh</span>
|
||
|
<span class="c1"># in the template, use cat << eof (here document) to output the text</span>
|
||
|
<span class="c1"># and use standard shell variables in the template</span>
|
||
|
<span class="c1"># output everything in the template script to stdout</span>
|
||
|
cat <span class="s"><< EOF</span>
|
||
|
<span class="s">server {</span>
|
||
|
<span class="s"> listen 80;</span>
|
||
|
<span class="s"> server_name $SERVERNAME;</span>
|
||
|
<span class="s"> root $ROOT;</span>
|
||
|
|
||
|
<span class="s"> access_log /var/log/nginx/$SERVERNAME_access.log</span>
|
||
|
<span class="s"> error_log /var/log/nginx/$SERVERNAME_error.log</span>
|
||
|
<span class="s">}</span>
|
||
|
<span class="s">EOF</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
<ul class="simple">
|
||
|
<li>in the manifest, export the relevant variables and add the following lines to your manifest:</li>
|
||
|
</ul>
|
||
|
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">#</span> <span class="nb">export</span> variables needed <span class="k">for</span> the template
|
||
|
<span class="go"> export SERVERNAME='test"</span>
|
||
|
<span class="go"> export ROOT='/var/www/test'</span>
|
||
|
<span class="gp">#</span> render the template
|
||
|
<span class="go"> mkdir -p "$__object/files"</span>
|
||
|
<span class="go"> "$__type/files/basic.conf.sh" > "$__object/files/basic.conf"</span>
|
||
|
<span class="gp">#</span> send the rendered template
|
||
|
<span class="go"> __file /etc/nginx/sites-available/test.conf \</span>
|
||
|
<span class="go"> --state present</span>
|
||
|
<span class="go"> --source "$__object/files/basic.conf"</span>
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="testing-a-new-type">
|
||
|
<h2>21.9. Testing a new type<a class="headerlink" href="#testing-a-new-type" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>If you want to test a new type on a node, you can tell cdist to only use an
|
||
|
object of this type: Use the '--initial-manifest' parameter
|
||
|
with - (stdin) as argument and feed object into stdin
|
||
|
of cdist:</p>
|
||
|
<div class="highlight-sh notranslate"><div class="highlight"><pre><span></span><span class="c1"># Singleton type without parameter</span>
|
||
|
<span class="nb">echo</span> __ungleich_munin_server <span class="p">|</span> cdist --initial-manifest - munin.panter.ch
|
||
|
|
||
|
<span class="c1"># Singleton type with parameter</span>
|
||
|
<span class="nb">echo</span> __ungleich_munin_node --allow <span class="m">1</span>.2.3.4 <span class="p">|</span> <span class="se">\</span>
|
||
|
cdist --initial-manifest - rails-19.panter.ch
|
||
|
|
||
|
<span class="c1"># Normal type</span>
|
||
|
<span class="nb">echo</span> __file /tmp/stdintest --mode <span class="m">0644</span> <span class="p">|</span> <span class="se">\</span>
|
||
|
cdist --initial-manifest - cdist-dev-01.ungleich.ch
|
||
|
</pre></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="section" id="other-content-in-cdist-repository">
|
||
|
<h2>21.10. Other content in cdist repository<a class="headerlink" href="#other-content-in-cdist-repository" title="Permalink to this headline">¶</a></h2>
|
||
|
<p>Usually the cdist repository contains all configuration
|
||
|
items. Sometimes you may have additional resources that
|
||
|
you would like to store in your central configuration
|
||
|
repository (like password files from KeepassX,
|
||
|
Libreoffice diagrams, etc.).</p>
|
||
|
<p>It is recommended to use a subfolder named "non-cdist"
|
||
|
in the repository for such content: It allows you to
|
||
|
easily distinguish what is used by cdist and what is not
|
||
|
and also to store all important files in one
|
||
|
repository.</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
</div>
|
||
|
<div class="articleComments">
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
<footer>
|
||
|
|
||
|
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
|
||
|
|
||
|
<a href="cdist-stages.html" class="btn btn-neutral float-right" title="22. Execution stages" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right"></span></a>
|
||
|
|
||
|
|
||
|
<a href="cdist-reference.html" class="btn btn-neutral" title="20. Reference" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left"></span> Previous</a>
|
||
|
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<hr/>
|
||
|
|
||
|
<div role="contentinfo">
|
||
|
<p>
|
||
|
© Copyright .
|
||
|
|
||
|
</p>
|
||
|
</div>
|
||
|
Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
|
||
|
|
||
|
</footer>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
</section>
|
||
|
|
||
|
</div>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<script type="text/javascript">
|
||
|
var DOCUMENTATION_OPTIONS = {
|
||
|
URL_ROOT:'./',
|
||
|
VERSION:'4.10.1',
|
||
|
COLLAPSE_INDEX:false,
|
||
|
FILE_SUFFIX:'.html',
|
||
|
HAS_SOURCE: true,
|
||
|
SOURCELINK_SUFFIX: '.txt'
|
||
|
};
|
||
|
</script>
|
||
|
<script type="text/javascript" src="_static/jquery.js"></script>
|
||
|
<script type="text/javascript" src="_static/underscore.js"></script>
|
||
|
<script type="text/javascript" src="_static/doctools.js"></script>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<script type="text/javascript" src="_static/js/theme.js"></script>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<script type="text/javascript">
|
||
|
jQuery(function () {
|
||
|
SphinxRtdTheme.StickyNav.enable();
|
||
|
});
|
||
|
</script>
|
||
|
|
||
|
|
||
|
</body>
|
||
|
</html>
|