ungleich-public/cdist
ungleich-public/cdist
7
4
Fork 10
Code Issues 58 Pull requests 15 Projects Releases Wiki Activity

support for 'exported resources' #247

New issue
Closed
opened 2021-11-20 15:22:26 +00:00 by ungleich-gitea · 3 comments
ungleich-gitea commented 2021-11-20 15:22:26 +00:00
Owner
Copy link

Created by: asteven

RFC

use case

  • need a way to get X from host A when configuring host B
  • something like exported resources in puppet

example

# run on host A to setup an opennebula controller
type/__opennebula_controller/
   export/
      oneadmin-password
      ssh-key
      oneadmin-userid
      oneadmin-groupid

# then cdist does something like this
# where the script is executed on the target_host
# but the output saved on the server
# just like explorers work - but executed as last thing instead of as first
$__type/export/oneadmin-password > $__object/export/oneadmin-password


--------------------------------------------------------------------------------

# run on host B to config for use with opennebula controller on host A
__opennebula_node --controller one-1.example.lan
# and in the manifest:
# type/__opennebula_node/manifest
...
controller="$(cat "$__object/parameter/controller")"
oneadmin_password="$(cat "$__export/$controller/oneadmin-password")"
ssh_key="$(cat "$__export/$controller/ssh-key")"
oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")"
oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")"
...

thoughts

  • no 'api' to talk to the cache from types
  • cdist types have no way to get data after the object has finished,
    this is also not available in the cache
  • could create another type that runs after and get's the data via explorers,
    e.g. __opennebula_controller_exports, and get that from the cache later on,
    but feels quite hacky
*Created by: asteven* RFC ### use case - need a way to get X from host A when configuring host B - something like exported resources in puppet ### example ``` # run on host A to setup an opennebula controller type/__opennebula_controller/ export/ oneadmin-password ssh-key oneadmin-userid oneadmin-groupid # then cdist does something like this # where the script is executed on the target_host # but the output saved on the server # just like explorers work - but executed as last thing instead of as first $__type/export/oneadmin-password > $__object/export/oneadmin-password -------------------------------------------------------------------------------- # run on host B to config for use with opennebula controller on host A __opennebula_node --controller one-1.example.lan # and in the manifest: # type/__opennebula_node/manifest ... controller="$(cat "$__object/parameter/controller")" oneadmin_password="$(cat "$__export/$controller/oneadmin-password")" ssh_key="$(cat "$__export/$controller/ssh-key")" oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")" oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")" ... ``` ### thoughts - no 'api' to talk to the cache from types - cdist types have no way to get data _after_ the object has finished, this is also not available in the cache - could create another type that runs after and get's the data via explorers, e.g. __opennebula_controller_exports, and get that from the cache later on, but feels quite hacky
ungleich-gitea added this to the future milestone 2021-11-20 15:22:26 +00:00
ungleich-gitea added the
Stale
 label 2021-11-20 15:22:26 +00:00
ungleich-gitea commented 2021-11-20 15:49:58 +00:00
Author
Owner
Copy link

closed

closed
ungleich-gitea commented 2021-11-20 15:49:59 +00:00
Author
Owner
Copy link

Created by: asteven

Thinking some more about this, the 'exports' if we want to stick with that name for the moment should be collected and stored in a global 'database', independent of __target_host or cache or whatever.

The structure should not be dictated by cdist, the types should create their own namespaces.
$__export/$namespace/$key

e.g.

$__export/
   ssh_host_keys/
      some-host.domain.tld/
         ssh_host_dsa_key.pub
         ssh_host_ecdsa_key.pub
         ssh_host_key.pub
         ssh_host_rsa_key.pub
      other-host.domain.tld/
         ssh_host_dsa_key.pub
         ssh_host_ecdsa_key.pub
         ssh_host_key.pub
         ssh_host_rsa_key.pub

$__export/
   opennebula/
      my-fancy-cluster-name/
         exports
         oneadmin-password
         ssh-key
         oneadmin-userid
         oneadmin-groupid
      even-fancier-cluster/
         exports
         oneadmin-password
         ssh-key
         oneadmin-userid
         oneadmin-groupid

$__export/
   whatever/you/want/
      foo
      nested/to/
         wherever
*Created by: asteven* Thinking some more about this, the 'exports' if we want to stick with that name for the moment should be collected and stored in a global 'database', independent of __target_host or cache or whatever. The structure should not be dictated by cdist, the types should create their own namespaces. $__export/$namespace/$key e.g. ``` $__export/ ssh_host_keys/ some-host.domain.tld/ ssh_host_dsa_key.pub ssh_host_ecdsa_key.pub ssh_host_key.pub ssh_host_rsa_key.pub other-host.domain.tld/ ssh_host_dsa_key.pub ssh_host_ecdsa_key.pub ssh_host_key.pub ssh_host_rsa_key.pub $__export/ opennebula/ my-fancy-cluster-name/ exports oneadmin-password ssh-key oneadmin-userid oneadmin-groupid even-fancier-cluster/ exports oneadmin-password ssh-key oneadmin-userid oneadmin-groupid $__export/ whatever/you/want/ foo nested/to/ wherever ```
ungleich-gitea commented 2021-11-20 15:50:01 +00:00
Author
Owner
Copy link

Created by: telmich

Moin Moin,

I think this is a great approach - I would probably call it something
like "final" or "post", because the job of these scripts is not limited
to exporting information.

Additionally, it's worth thinking about a global "final" / "export"
script - the example you showed is more type specific (great!), but
maybe one wants to export other stuff as well; the resulting structure
could be something like this:

$__export/
    $hostname/
        global/
            <names of export scripts>
        object/
            __opennebula_node/
                <names of export scripts>
            __another_type_with/
                object_id/
                    <names of export scripts>

I think it is a very good approach - even if this was not the final
solution, I think it is going into the right way!

Cheers,

Nico

Steven Armstrong [Thu, Dec 19, 2013 at 01:02:19AM -0800]:

RFC

use case

  • need a way to get X from host A when configuring host B
  • something like exported resources in puppet

example

# run on host A to setup an opennebula controller
type/__opennebula_controller/
   export/
      oneadmin-password
      ssh-key
      oneadmin-userid
      oneadmin-groupid

# then cdist does something like this
# where the script is executed on the target_host
# but the output saved on the server
# just like explorers work - but executed as last thing instead of as first
$__type/export/oneadmin-password > $__object/export/oneadmin-password


--------------------------------------------------------------------------------

# run on host B to config for use with opennebula controller on host A
__opennebula_node --controller one-1.example.lan
# and in the manifest:
# type/__opennebula_node/manifest
...
controller="$(cat "$__object/parameter/controller")"
oneadmin_password="$(cat "$__export/$controller/oneadmin-password")"
ssh_key="$(cat "$__export/$controller/ssh-key")"
oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")"
oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")"
...

thoughts

  • no 'api' to talk to the cache from types
  • cdist types have no way to get data after the object has finished,
    this is also not available in the cache
  • could create another type that runs after and get's the data via explorers,
    e.g. __opennebula_controller_exports, and get that from the cache later on,
    but feels quite hacky

Reply to this email directly or view it on GitHub:
https://github.com/telmich/cdist/issues/235

PGP key: 7ED9 F7D3 6B10 81D7 0EC5 5C09 D7DC C8E4 3187 7DF0

*Created by: telmich* Moin Moin, I think this is a great approach - I would probably call it something like "final" or "post", because the job of these scripts is not limited to exporting information. Additionally, it's worth thinking about a global "final" / "export" script - the example you showed is more type specific (great!), but maybe one wants to export other stuff as well; the resulting structure could be something like this: ``` $__export/ $hostname/ global/ <names of export scripts> object/ __opennebula_node/ <names of export scripts> __another_type_with/ object_id/ <names of export scripts> ``` I think it is a very good approach - even if this was not the final solution, I think it is going into the right way! Cheers, Nico Steven Armstrong [Thu, Dec 19, 2013 at 01:02:19AM -0800]: > RFC > > ### use case > - need a way to get X from host A when configuring host B > - something like exported resources in puppet > > ### example > > ``` > # run on host A to setup an opennebula controller > type/__opennebula_controller/ > export/ > oneadmin-password > ssh-key > oneadmin-userid > oneadmin-groupid > > # then cdist does something like this > # where the script is executed on the target_host > # but the output saved on the server > # just like explorers work - but executed as last thing instead of as first > $__type/export/oneadmin-password > $__object/export/oneadmin-password > > > -------------------------------------------------------------------------------- > > # run on host B to config for use with opennebula controller on host A > __opennebula_node --controller one-1.example.lan > # and in the manifest: > # type/__opennebula_node/manifest > ... > controller="$(cat "$__object/parameter/controller")" > oneadmin_password="$(cat "$__export/$controller/oneadmin-password")" > ssh_key="$(cat "$__export/$controller/ssh-key")" > oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")" > oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")" > ... > ``` > > ### thoughts > - no 'api' to talk to the cache from types > - cdist types have no way to get data _after_ the object has finished, > this is also not available in the cache > - could create another type that runs after and get's the data via explorers, > e.g. __opennebula_controller_exports, and get that from the cache later on, > but feels quite hacky > > --- > > Reply to this email directly or view it on GitHub: > https://github.com/telmich/cdist/issues/235 ## PGP key: 7ED9 F7D3 6B10 81D7 0EC5 5C09 D7DC C8E4 3187 7DF0
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
7.0
6.9
py3.10
ander/__package_apt_update_index
haproxy-dualstack
ander/__sed
beta
ander/os_version_debian_sid
evilham-compatibility-fixes
ander/__rsync
__snakeoil_cert
ander/update_readme
__download_improvements
feature/onchange
cleanup/string-formatting
feature/type-relationship-graph
cleanup/ssh-auth-keys-types
__letsencrypt_cert-fix-hooks
bugfix/preos-debug
bugfix/in-script-import
6.8
bugfix/sphinx-docs-build
6.7
cherry-pick-2f433a14
bugfix/make-code-consistent
6.6
regain-py3.2-support
6.5
bugfix/multiple-log-lines
matterbridge
coturn
alpinefix
matrix
new-type/network-interface
feature/process
6.4
feature/info-command
feature/libexec
6.3
preos-plugins-dir-opt
gitlab-ci
6.2
order-dep-fix
6.1
6.0
build/support-pip-from-git
feature/shell-lib
5.1
feature/support-type-deprecation
5.0
feature/python-types
4.11
4.10
shellcheck
4.9
4.8
freebsd-improvements
new-prometheus
key_value-onchange
feature/output_streams
AnotherKamila-patch-1
__letsencrypt_cert-fixes
letsencrypt-cron-fix
4.7
newtype-__letsencrypt_cert
os_explorer_devuan_fix
prometheus-exporter-fixes
daemontools-for-fbsd
type-prometheus-exporter-from-master
prometheus-more-fixes
4.6
4.5
fix-j
steven-backport
4.4
prometheus-fixes
grafana_dashboard
prometheus
daemontools
consul_improvements
feature/trigger
4.3
4.0-pre-not-stable
4.2
4.1
4.0
feature_install_and_preos
3.1
no-dot-cdist
random_dot_cdist
feature_yum_url
feature_files_export
3.0
2.3
2.2
2.1
ssh_callback
2.0
archive_shell_function_approach
1.7
1.6
1.5
1.4
1.3
1.2
1.1
1.0
7.0.0
6.9.8
6.9.7
6.9.6
6.9.5
6.9.4
6.9.3
6.9.2
6.9.1
6.9.0
6.8.0
6.7.0
6.6.0
6.5.6
6.5.5
6.5.4
6.5.3
6.5.2
6.5.1
6.5.0
6.4.0
6.3.0
6.2.0
6.1.1
6.1.0
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.1.3
5.1.2
5.1.1
5.1.0
5.0.2
5.0.1
5.0.0
4.11.1
4.11.0
4.10.11
4.10.10
4.10.9
4.10.8
4.10.7
4.10.6
4.10.5
4.10.4
4.10.3
4.10.2
4.10.1
4.10.0
4.9.1
4.9.0
4.8.4
4.8.3
4.8.2
4.8.1
4.8.0
4.7.3
4.7.2
4.7.1
4.7.0
4.6.1
4.6.0
4.5.0
4.4.4
4.4.3
4.4.2
4.4.1
4.4.0
4.3.2
4.3.1
4.3.0
4.2.2
4.2.1
4.2.0
4.1.0
4.0.0
3.1.13
tn1
3.1.12
3.1.11
3.1.10
3.1.9
3.1.8
3.1.7
3.1.6
4.0.0pre3
3.1.5
3.1.4
3.1.3
3.1.2
3.1.1
3.1.0
4.0.0pre2
3.0.9
3.0.8
3.0.7
3.0.6
3.0.5
3.0.4
3.0.3
4.0.0pre1
3.0.2
3.0.1
3.0.0
2.3.7
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.2.0
2.1.2
2.1.1
2.1.0
2.1.0pre8
2.1.0pre7
2.1.0pre6
2.0.15
2.1.0pre5
2.1.0pre4
2.1.0pre3
2.1.0pre2
2.1.0pre1
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.7.1
1.7.0
1.6.2
1.6.1
1.6.0
1.5.0
1.4.1
1.4.0
1.3.2
1.3.1
1.3.0
1.2.0
1.1.0
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0
0.9.9
0.9.8
0.9.7
0.9.6
0.9.5
0.9.4
0.9.3
0.9.2
0.9.1
0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
Labels
Clear labels   
bugfix

   
cleanup

   
discussion

   
documentation

   
doing

   
done

   
feature

   
improvement

   
packaging

   
Stale

   
testing

   
TODO
No labels
bugfix
cleanup
discussion
documentation
doing
done
feature
improvement
packaging
Stale
testing
TODO
Milestone
Clear milestone
No items
No milestone
future
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: ungleich-public/cdist#247
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?