On Friday, March 4, 2016 at 3:53:30 PM UTC-6, Reinhard Vicinus wrote:
>
> We use a wrapper resource to ensure that only one resource is created.
> It's not perfect, because you need an additional resource, but it works.
> Here is an example:
>
> Multiple nodes want to ensure that the following resource is created on a
> node:
>
> file { '/tmp/at_least_one_node_exists.txt':
> }
>
> so we create a wrapper resource:
>
> define export_file (
> filename,
> ) {
> ensure_resource('file', $filename, {})
> }
>
> and export the wrapper resource (here you need different names for all
> nodes, so we use fqdn in the name):
>
> @@export_file { "${fqdn}_one_node":
> filename => '/tmp/at_least_one_node_exists.txt',
> }
>
> and also collect the wrapper resource on the destination node:
>
> Export_file <<| |>>
>
Almost any use of the ensure_resource() function is a kludge. It's entire
purpose is to circumvent Puppet's checks for duplicate resources, which
themselves serve an important purpose. Even in that respect, usage of that
function is typically reliable in only for resources that are declared only
by that means, for an ordinary declaration of the same resource that is
evaluated later will still fail as a duplicate declaration.
Where it really falls down, however, is the case where the various
ensure_resource() declarations of a given resource are not all identical.
In that case, no catalog can be built that is consistent with all the
declarations, but ensure_resource() prevents the catalog builder from
recognizing that. A catalog is therefore built, based on some random one
of the conflicting declarations, and the system state consequently applied
by the agent is then likely to be inconsistent.
The fact is that if you have a means to be confident that you have no
inconsistent ensure_resource() declarations, then usually that is also a
means to avoid ensure_resource() declarations altogether. Generally, you
would do that by factoring out the duplicate declarations to a single
(ordinary) declaration somewhere else.
Your particular example, however, happens to find a crevice in which to
lodge because, as presented, the exported resources involved encode only
the titles of the wrapped resources (no resource properties), yet they
afford the possibility of resources of multiple different titles being
wrapped that way. If they also encoded properties for the wrapped
resources then they would be potentially unsafe, and if they wrapped a
resource or resources of consistent title then there would be good
alternatives that do not require ensure_resource().
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/65a06b23-256f-47da-bcd9-21e2212c28a9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
