noob-puppeteer <[email protected]> writes: > I am trying to figure out a good "puppet" way to do this.
Use LDAP, or maybe NIS, to distribute the data. No, seriously, that usually fits in about point three or four of the usual infrastructure building checklist, right after getting puppet installed and the manifests in version control. Anyway, to answer your question: > In our old configuration, we were using cfengine and distributing passwd, > group and shadow files by first running a command on the server that would > filter these files to have just the team users (since we are using hosting > services) into a master file that would get distributed to all the clients > and the clients would apply the master file to its local passwd, group and > shadow files. > > In puppet, as far as I can see, there is no way to run a command to > prep the files on the master, before a puppet client asks for the > catalog or is there? Sure: you can use the functions that grab stuff externally, like 'generate', to do this. That will run a command and process it externally. Alternately, a template is erb code run on the *puppetmaster* system, not on the client. So, that can do anything Ruby can do, including filtering stuff out rather than adding it in, during the run. > We are doing things in this complicated way, because this allows us to > continue use the useradd, usermod commands on the master servers, and > the client servers automatically get the configuration. Plus we dont > have to store the files in version control. Is there a better way to > do this in puppet? Personally, I would first prefer to use LDAP. Then I would pick up the sync-accounts tool from chiark-scripts[1] and use that to do the hard work for me, since I don't have to write it myself. Failing that, I would code my user stanzas into the puppet language to provision them that way. Then I would use a tool to generate the user stanzas into puppet from the content of the files in /etc and include that in the system with generate. Anyway, 'generate': the answer to your question is the generate function. http://docs.puppetlabs.com/references/latest/function.html#generate Regards, Daniel Footnotes: [1] http://the-doors.enix.org/pipermail/daily-debian-package/2008-April/001311.html -- ✣ Daniel Pittman ✉ [email protected] ☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
