[kwlug-disc] Puppet partial config templates

[Ralph Janke]

Most configurations in /etc have now the possibility to load local files 
in addition to the maintainer provided configuration file in order to 
prevent the editing of files and the issues when updates are deployed 
(i.e. x.conf would load x.local.conf, x.conf should not be touched, 
x.local.conf will never be provided or overridden by the package).

The local files can then easily be deployed by the configuration 
management system since there is no need to worry about existing 
contents of those files.

Ralph (txwikinger)

On 08/22/2010 08:25 AM, John Van Ostrand wrote:
> I don't use puppet (yet) but it seems to me that the purpose of using puppet
> to configure systems is to maintain both consistency and a centralized
> configuration.
>
> The best way to maintain consistency is to replace the entire config.
> Editing commands like AppendIfNoSuchLine are not guaranteed to produce
> consistency.
>
> The issue of upgrades is probably moot. Do upgrades in Debian replace
> existing config files? In RPM based distros they don't, a .rpmnew file is
> created and the admin has to manually integrate their changes into the new
> config if desired. So upgrades require me to scan for changes anyway or risk
> missing a new config or, in rare cases, have an upgraded package fail to
> work.
>
> As for tracking changes isn't that what comments and RCS' are for?
>
>
> ----- Original Message -----
> From: kwlug-disc-bounces at kwlug.org<kwlug-disc-bounces at kwlug.org>
> To: kwlug-disc at kwlug.org<kwlug-disc at kwlug.org>
> Sent: Sun Aug 22 03:03:45 2010
> Subject: [kwlug-disc] Puppet partial config templates
>
> So I still don't understand Puppet -- I am very much in the reading
> stages. I am sure this is a newbie complaint, but here goes: the
> configuration files (in /etc) for many packages are pretty verbose.
> They are well-commented and often specify options that I intentionally
> don't touch. Instead, I change the one or two lines I care about and
> move on with my life.
>
> As far as I can tell, Puppet .erb templates want me to reproduce
> config files as templates, rather than edit the files directly.
>
> Bad old cfengine2 had directives like "AppendIfNoSuchLine" that would allow
> you to concisely list the changes you want to make to config files.
> I do not see how you do that in shiny beautiful Puppet.
>
> This matters to me because for the most part I trust the Debian
> package maintainer's choices over my own judgement when it comes to
> config files. If a Debian maintainer sets an option, I usually want to
> agree with that option. I also appreciate the good comments in many
> config files, and I want to keep them. But Puppet wants me to take
> control of the config files entirely, which means that when there are
> important new versions of the config files released, I have to
> *manually* inspect files for differences. I don't like that -- I want
> the Debian config file tools to handle as much of this as possible.
> (Yes, I know that on upgrades sysadmins have to look at config files
> manually sometimes, but I think the tools for handling this are
> getting better, and Puppet undoes this.)
>
> I also want to highlight the important options that are being changed
> in each file, and including only the changes in my Puppet
> configuration seems like a good way to do this.
>
> What am I misunderstanding?
>
> - Paul
>
>