support for 'exported resources' #247

New Issue

Closed

opened 2021-11-20 15:22:26 +00:00 by ungleich-gitea · 3 comments

ungleich-gitea commented 2021-11-20 15:22:26 +00:00

Owner

Copy Link

Created by: asteven

RFC

use case

• need a way to get X from host A when configuring host B
• something like exported resources in puppet

example

# run on host A to setup an opennebula controller
type/__opennebula_controller/
   export/
      oneadmin-password
      ssh-key
      oneadmin-userid
      oneadmin-groupid

# then cdist does something like this
# where the script is executed on the target_host
# but the output saved on the server
# just like explorers work - but executed as last thing instead of as first
$__type/export/oneadmin-password > $__object/export/oneadmin-password


--------------------------------------------------------------------------------

# run on host B to config for use with opennebula controller on host A
__opennebula_node --controller one-1.example.lan
# and in the manifest:
# type/__opennebula_node/manifest
...
controller="$(cat "$__object/parameter/controller")"
oneadmin_password="$(cat "$__export/$controller/oneadmin-password")"
ssh_key="$(cat "$__export/$controller/ssh-key")"
oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")"
oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")"
...

thoughts

• no 'api' to talk to the cache from types
• cdist types have no way to get data after the object has finished,
  this is also not available in the cache
• could create another type that runs after and get's the data via explorers,
  e.g. __opennebula_controller_exports, and get that from the cache later on,
  but feels quite hacky

*Created by: asteven* RFC ### use case - need a way to get X from host A when configuring host B - something like exported resources in puppet ### example ``` # run on host A to setup an opennebula controller type/__opennebula_controller/ export/ oneadmin-password ssh-key oneadmin-userid oneadmin-groupid # then cdist does something like this # where the script is executed on the target_host # but the output saved on the server # just like explorers work - but executed as last thing instead of as first $__type/export/oneadmin-password > $__object/export/oneadmin-password -------------------------------------------------------------------------------- # run on host B to config for use with opennebula controller on host A __opennebula_node --controller one-1.example.lan # and in the manifest: # type/__opennebula_node/manifest ... controller="$(cat "$__object/parameter/controller")" oneadmin_password="$(cat "$__export/$controller/oneadmin-password")" ssh_key="$(cat "$__export/$controller/ssh-key")" oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")" oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")" ... ``` ### thoughts - no 'api' to talk to the cache from types - cdist types have no way to get data _after_ the object has finished, this is also not available in the cache - could create another type that runs after and get's the data via explorers, e.g. __opennebula_controller_exports, and get that from the cache later on, but feels quite hacky

ungleich-gitea added this to the future milestone 2021-11-20 15:22:26 +00:00

ungleich-gitea added the

Stale

label 2021-11-20 15:22:26 +00:00

ungleich-gitea closed this issue 2021-11-20 15:22:26 +00:00

ungleich-gitea commented 2021-11-20 15:49:58 +00:00

Author

Owner

Copy Link

closed

closed

ungleich-gitea commented 2021-11-20 15:49:59 +00:00

Author

Owner

Copy Link

Created by: asteven

Thinking some more about this, the 'exports' if we want to stick with that name for the moment should be collected and stored in a global 'database', independent of __target_host or cache or whatever.

The structure should not be dictated by cdist, the types should create their own namespaces.
$__export/$namespace/$key

e.g.

$__export/
   ssh_host_keys/
      some-host.domain.tld/
         ssh_host_dsa_key.pub
         ssh_host_ecdsa_key.pub
         ssh_host_key.pub
         ssh_host_rsa_key.pub
      other-host.domain.tld/
         ssh_host_dsa_key.pub
         ssh_host_ecdsa_key.pub
         ssh_host_key.pub
         ssh_host_rsa_key.pub

$__export/
   opennebula/
      my-fancy-cluster-name/
         exports
         oneadmin-password
         ssh-key
         oneadmin-userid
         oneadmin-groupid
      even-fancier-cluster/
         exports
         oneadmin-password
         ssh-key
         oneadmin-userid
         oneadmin-groupid

$__export/
   whatever/you/want/
      foo
      nested/to/
         wherever

*Created by: asteven* Thinking some more about this, the 'exports' if we want to stick with that name for the moment should be collected and stored in a global 'database', independent of __target_host or cache or whatever. The structure should not be dictated by cdist, the types should create their own namespaces. $__export/$namespace/$key e.g. ``` $__export/ ssh_host_keys/ some-host.domain.tld/ ssh_host_dsa_key.pub ssh_host_ecdsa_key.pub ssh_host_key.pub ssh_host_rsa_key.pub other-host.domain.tld/ ssh_host_dsa_key.pub ssh_host_ecdsa_key.pub ssh_host_key.pub ssh_host_rsa_key.pub $__export/ opennebula/ my-fancy-cluster-name/ exports oneadmin-password ssh-key oneadmin-userid oneadmin-groupid even-fancier-cluster/ exports oneadmin-password ssh-key oneadmin-userid oneadmin-groupid $__export/ whatever/you/want/ foo nested/to/ wherever ```

ungleich-gitea commented 2021-11-20 15:50:01 +00:00

Author

Owner

Copy Link

Created by: telmich

Moin Moin,

I think this is a great approach - I would probably call it something
like "final" or "post", because the job of these scripts is not limited
to exporting information.

Additionally, it's worth thinking about a global "final" / "export"
script - the example you showed is more type specific (great!), but
maybe one wants to export other stuff as well; the resulting structure
could be something like this:

$__export/
    $hostname/
        global/
            <names of export scripts>
        object/
            __opennebula_node/
                <names of export scripts>
            __another_type_with/
                object_id/
                    <names of export scripts>

I think it is a very good approach - even if this was not the final
solution, I think it is going into the right way!

Cheers,

Nico

Steven Armstrong [Thu, Dec 19, 2013 at 01:02:19AM -0800]:

RFC

use case

• need a way to get X from host A when configuring host B
• something like exported resources in puppet

example

# run on host A to setup an opennebula controller
type/__opennebula_controller/
   export/
      oneadmin-password
      ssh-key
      oneadmin-userid
      oneadmin-groupid

# then cdist does something like this
# where the script is executed on the target_host
# but the output saved on the server
# just like explorers work - but executed as last thing instead of as first
$__type/export/oneadmin-password > $__object/export/oneadmin-password


--------------------------------------------------------------------------------

# run on host B to config for use with opennebula controller on host A
__opennebula_node --controller one-1.example.lan
# and in the manifest:
# type/__opennebula_node/manifest
...
controller="$(cat "$__object/parameter/controller")"
oneadmin_password="$(cat "$__export/$controller/oneadmin-password")"
ssh_key="$(cat "$__export/$controller/ssh-key")"
oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")"
oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")"
...

thoughts

• no 'api' to talk to the cache from types
• cdist types have no way to get data after the object has finished,
  this is also not available in the cache
• could create another type that runs after and get's the data via explorers,
  e.g. __opennebula_controller_exports, and get that from the cache later on,
  but feels quite hacky

---

Reply to this email directly or view it on GitHub:
https://github.com/telmich/cdist/issues/235

PGP key: 7ED9 F7D3 6B10 81D7 0EC5 5C09 D7DC C8E4 3187 7DF0

*Created by: telmich* Moin Moin, I think this is a great approach - I would probably call it something like "final" or "post", because the job of these scripts is not limited to exporting information. Additionally, it's worth thinking about a global "final" / "export" script - the example you showed is more type specific (great!), but maybe one wants to export other stuff as well; the resulting structure could be something like this: ``` $__export/ $hostname/ global/ <names of export scripts> object/ __opennebula_node/ <names of export scripts> __another_type_with/ object_id/ <names of export scripts> ``` I think it is a very good approach - even if this was not the final solution, I think it is going into the right way! Cheers, Nico Steven Armstrong [Thu, Dec 19, 2013 at 01:02:19AM -0800]: > RFC > > ### use case > - need a way to get X from host A when configuring host B > - something like exported resources in puppet > > ### example > > ``` > # run on host A to setup an opennebula controller > type/__opennebula_controller/ > export/ > oneadmin-password > ssh-key > oneadmin-userid > oneadmin-groupid > > # then cdist does something like this > # where the script is executed on the target_host > # but the output saved on the server > # just like explorers work - but executed as last thing instead of as first > $__type/export/oneadmin-password > $__object/export/oneadmin-password > > > -------------------------------------------------------------------------------- > > # run on host B to config for use with opennebula controller on host A > __opennebula_node --controller one-1.example.lan > # and in the manifest: > # type/__opennebula_node/manifest > ... > controller="$(cat "$__object/parameter/controller")" > oneadmin_password="$(cat "$__export/$controller/oneadmin-password")" > ssh_key="$(cat "$__export/$controller/ssh-key")" > oneadmin_userid="$(cat "$__export/$controller/oneadmin-userid")" > oneadmin_groupid="$(cat "$__export/$controller/oneadmin-groupid")" > ... > ``` > > ### thoughts > - no 'api' to talk to the cache from types > - cdist types have no way to get data _after_ the object has finished, > this is also not available in the cache > - could create another type that runs after and get's the data via explorers, > e.g. __opennebula_controller_exports, and get that from the cache later on, > but feels quite hacky > > --- > > Reply to this email directly or view it on GitHub: > https://github.com/telmich/cdist/issues/235 ## PGP key: 7ED9 F7D3 6B10 81D7 0EC5 5C09 D7DC C8E4 3187 7DF0

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

7.0

6.9

py3.10

ander/__package_apt_update_index

haproxy-dualstack

ander/__sed

beta

ander/os_version_debian_sid

evilham-compatibility-fixes

ander/__rsync

__snakeoil_cert

ander/update_readme

__download_improvements

feature/onchange

cleanup/string-formatting

feature/type-relationship-graph

cleanup/ssh-auth-keys-types

__letsencrypt_cert-fix-hooks

bugfix/preos-debug

bugfix/in-script-import

6.8

bugfix/sphinx-docs-build

6.7

cherry-pick-2f433a14

bugfix/make-code-consistent

6.6

regain-py3.2-support

6.5

bugfix/multiple-log-lines

matterbridge

coturn

alpinefix

matrix

new-type/network-interface

feature/process

6.4

feature/info-command

feature/libexec

6.3

preos-plugins-dir-opt

gitlab-ci

6.2

order-dep-fix

6.1

6.0

build/support-pip-from-git

feature/shell-lib

5.1

feature/support-type-deprecation

5.0

feature/python-types

4.11

4.10

shellcheck

4.9

4.8

freebsd-improvements

new-prometheus

key_value-onchange

feature/output_streams

AnotherKamila-patch-1

__letsencrypt_cert-fixes

letsencrypt-cron-fix

4.7

newtype-__letsencrypt_cert

os_explorer_devuan_fix

prometheus-exporter-fixes

daemontools-for-fbsd

type-prometheus-exporter-from-master

prometheus-more-fixes

4.6

4.5

fix-j

steven-backport

4.4

prometheus-fixes

grafana_dashboard

prometheus

daemontools

consul_improvements

feature/trigger

4.3

4.0-pre-not-stable

4.2

4.1

4.0

feature_install_and_preos

3.1

no-dot-cdist

random_dot_cdist

feature_yum_url

feature_files_export

3.0

2.3

2.2

2.1

ssh_callback

2.0

archive_shell_function_approach

1.7

1.6

1.5

1.4

1.3

1.2

1.1

1.0

7.0.0

6.9.8

6.9.7

6.9.6

6.9.5

6.9.4

6.9.3

6.9.2

6.9.1

6.9.0

6.8.0

6.7.0

6.6.0

6.5.6

6.5.5

6.5.4

6.5.3

6.5.2

6.5.1

6.5.0

6.4.0

6.3.0

6.2.0

6.1.1

6.1.0

6.0.4

6.0.3

6.0.2

6.0.1

6.0.0

5.1.3

5.1.2

5.1.1

5.1.0

5.0.2

5.0.1

5.0.0

4.11.1

4.11.0

4.10.11

4.10.10

4.10.9

4.10.8

4.10.7

4.10.6

4.10.5

4.10.4

4.10.3

4.10.2

4.10.1

4.10.0

4.9.1

4.9.0

4.8.4

4.8.3

4.8.2

4.8.1

4.8.0

4.7.3

4.7.2

4.7.1

4.7.0

4.6.1

4.6.0

4.5.0

4.4.4

4.4.3

4.4.2

4.4.1

4.4.0

4.3.2

4.3.1

4.3.0

4.2.2

4.2.1

4.2.0

4.1.0

4.0.0

3.1.13

tn1

3.1.12

3.1.11

3.1.10

3.1.9

3.1.8

3.1.7

3.1.6

4.0.0pre3

3.1.5

3.1.4

3.1.3

3.1.2

3.1.1

3.1.0

4.0.0pre2

3.0.9

3.0.8

3.0.7

3.0.6

3.0.5

3.0.4

3.0.3

4.0.0pre1

3.0.2

3.0.1

3.0.0

2.3.7

2.3.6

2.3.5

2.3.4

2.3.3

2.3.2

2.3.1

2.3.0

2.2.0

2.1.2

2.1.1

2.1.0

2.1.0pre8

2.1.0pre7

2.1.0pre6

2.0.15

2.1.0pre5

2.1.0pre4

2.1.0pre3

2.1.0pre2

2.1.0pre1

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.0

1.4.1

1.4.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

0.9.9

0.9.8

0.9.7

0.9.6

0.9.5

0.9.4

0.9.3

0.9.2

0.9.1

0.9

0.8

0.7

0.6

0.5

0.4

0.3

0.2

0.1

Labels

Clear labels   

bugfix

  

cleanup

  

discussion

  

documentation

  

doing

  

done

  

feature

  

improvement

  

packaging

  

Stale

  

testing

  

TODO

No Label

bugfix

cleanup

discussion

documentation

doing

done

feature

improvement

packaging

Stale

testing

TODO

Milestone

Clear milestone

No items

No Milestone

future

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ungleich-public/cdist#247

No description provided.