[et-mgmt-tools] "Snippet Groups"

Sandor W. Sklar ssklar at stanford.edu
Wed Apr 9 15:27:34 UTC 2008 

On Apr 9, 2008, at 12:05 AM, Aaron Lippold wrote:
>
<... snip ...>

> Snipts and Groups
>
> An organization as sets of requirements - usually security or  
> enterprise wide setting, files, etc. - that it uses to standardize  
> the configuration management of its systems. These sets are usually  
> organized by whatever organizational system they come up with but  
> for the most part they are standard actions from the good old  
> community best practices. ( set bootloader passwords, use sudo,  
> install logging and setup, fixes known configuration issues with  
> sendmail, copy over the standard MOTD, Company Banner etc. )

These things really sound like you would want a configuration  
management tool (puppet, cfengine, etc.) to set those things after the  
kickstart is complete.

What happens if you change the wording in your standard MOTD?  Do your  
re-kickstart and install all of your systems so they get the new MOTD?

<... snip ...>

>
> Although it looks like from the other thread that this is going the  
> directory way, again, is this a mistake given that I don't really  
> want do some things until the end and some right at the beginning or  
> I really do want x to follow y to follow z. If we do it all by  
> directory I would have to name all my snipits 1_... 2_... which  
> would really make things not so elegant.
>
>
> snipit_groups/group1
>
> set_bootloader_password
> set_password_retries
> set_passwd_min_uppper
> set_passwd_min_lower
> set_motd
> setup_aide
> setup_logrotate
>
> This way I can call either a set of actions or a single one in the  
> cobbler kickstart template.
>
> ==== Kickstart Template ====
>
> SNIPIT::_GROUP_
> SNIPIT::small_thing
> SNIPIT::smaller_thing

I'm confused as to why you are assuming that files in a directory  
would have to be in alphabetical order.

With the changes that have been proposed, using this example below,  
lets say "group1" is the name of a Cobbler profile that you are  
using.  In your common /etc/cobbler/common.ks, you'd have something  
like:

%post
SNIPPET::post

If you have the file: /var/lib/cobbler/snippets/group1/post, it could  
contain:

SNIPPET::set_bootloader_password
SNIPPET::set_password_retries
SNIPPET::set_passwd_min_uppper
SNIPPET::set_passwd_min_lower
SNIPPET::set_motd
SNIPPET::setup_aide
SNIPPET::setup_logrotate

... and each of those separate snippet files would be included in the  
rendered kickstart.

<... snip ...>

>
> I know I threw a lot out there but I think there are a few pages we  
> could take from the Bastille and SST books that would really take  
> cobbler to the next level. Most of the changes would be business,  
> organization and execution process which I think could really expand  
> the flexibility of the system.
>
> Let me know what you all think or just slap me around a bit ...

No desire to "slap you around" :-)  but I think your arguments against  
the proposed hierarchy are orthogonal to your proposals; neither  
really impacts the other. And I'm not sure (again, just my opinion)  
that a build system is the best place to do the configuration  
management.  After all, configurations do change, and I prefer not to  
rebuild my systems every time I need to add a user account or update  
the MOTD.

	-s-

More information about the et-mgmt-tools mailing list