如何确保每次事件触发时 puppet exec 运行?
how to ensure puppet exec run on every event triggered?
我希望 puppet exec 运行 在文件的首次部署和文件的每次进一步更改时执行。为此,我在 puppet 中创建了以下代码。
Exec 不会在第一个文件部署时 运行。我假设这是因为只刷新。有谁知道代码中需要更改什么?
define dev_tools::javacert(
$keystore="/etc/alternatives/java_sdk/jre/lib/security/cacerts",
$storepass='xxx',
$alias = $name,
$filecertpath = "/var/lib/certs/${name}.crt",
){
file{
$filecertpath:
source => "puppet:///modules/${module_name}/sonarqube/${::env}/${::server_location}/${filecertpath}",
mode => '0644',
notify => Exec["deploy_javacert_${name}"];
}
exec {
"deploy_javacert_${name}":
path => "/usr/bin",
command => "keytool -importcert -keystore ${keystore} -alias $alias -file $filecertpath -storepass ${storepass} -noprompt 2>/dev/null",
provider => shell,
refreshonly => true;
}
}
refreshonly 的使用看起来是正确的。我无法重现这一点。使用这个简化版本的代码:
尝试创建 MCVE:
# test.pp
file { 'foo':
path => '/tmp/foo',
source => '/tmp/source',
notify => Exec['bar'],
}
exec { 'bar':
path => '/bin',
command => 'echo "baz qux"',
refreshonly => true,
logoutput => true,
}
设置:
▶ touch /tmp/source
初始运行:
▶ puppet apply test.pp
...
Notice: /Stage[main]/Main/File[foo]/content: content changed '{md5}0a227d644d5435d49addae1da06e909c' to '{md5}d41d8cd98f00b204e9800998ecf8427e'
Notice: /Stage[main]/Main/Exec[bar]/returns: baz qux
Notice: /Stage[main]/Main/Exec[bar]: Triggered 'refresh' from 1 event
后续运行:
▶ puppet apply test.pp
...
Notice: Compiled catalog for 192-168-1-2.tpgi.com.au in environment production in 0.08 seconds
Notice: Applied catalog in 0.03 seconds
新内容:
▶ echo foobar > /tmp/source
▶ puppet apply test.pp
...
Notice: /Stage[main]/Main/File[foo]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}14758f1afd44c09b7992073ccf00b43d'
Notice: /Stage[main]/Main/Exec[bar]/returns: baz qux
我希望 puppet exec 运行 在文件的首次部署和文件的每次进一步更改时执行。为此,我在 puppet 中创建了以下代码。
Exec 不会在第一个文件部署时 运行。我假设这是因为只刷新。有谁知道代码中需要更改什么?
define dev_tools::javacert(
$keystore="/etc/alternatives/java_sdk/jre/lib/security/cacerts",
$storepass='xxx',
$alias = $name,
$filecertpath = "/var/lib/certs/${name}.crt",
){
file{
$filecertpath:
source => "puppet:///modules/${module_name}/sonarqube/${::env}/${::server_location}/${filecertpath}",
mode => '0644',
notify => Exec["deploy_javacert_${name}"];
}
exec {
"deploy_javacert_${name}":
path => "/usr/bin",
command => "keytool -importcert -keystore ${keystore} -alias $alias -file $filecertpath -storepass ${storepass} -noprompt 2>/dev/null",
provider => shell,
refreshonly => true;
}
}
refreshonly 的使用看起来是正确的。我无法重现这一点。使用这个简化版本的代码:
尝试创建 MCVE:
# test.pp
file { 'foo':
path => '/tmp/foo',
source => '/tmp/source',
notify => Exec['bar'],
}
exec { 'bar':
path => '/bin',
command => 'echo "baz qux"',
refreshonly => true,
logoutput => true,
}
设置:
▶ touch /tmp/source
初始运行:
▶ puppet apply test.pp
...
Notice: /Stage[main]/Main/File[foo]/content: content changed '{md5}0a227d644d5435d49addae1da06e909c' to '{md5}d41d8cd98f00b204e9800998ecf8427e'
Notice: /Stage[main]/Main/Exec[bar]/returns: baz qux
Notice: /Stage[main]/Main/Exec[bar]: Triggered 'refresh' from 1 event
后续运行:
▶ puppet apply test.pp
...
Notice: Compiled catalog for 192-168-1-2.tpgi.com.au in environment production in 0.08 seconds
Notice: Applied catalog in 0.03 seconds
新内容:
▶ echo foobar > /tmp/source
▶ puppet apply test.pp
...
Notice: /Stage[main]/Main/File[foo]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}14758f1afd44c09b7992073ccf00b43d'
Notice: /Stage[main]/Main/Exec[bar]/returns: baz qux