Looping and puppet

While working on a puppet module I had to iterate over a bunch of values and manage some services based on those values. Because of my background in procedural programming I immediately started looking for a loop construct in the documentation without realizing that puppet is not imperative in nature.

With some help from google, I found out that create_resources can be used to achieve what I wanted. This function takes a hash and converts it into resources.

My hash was stored in hiera, so it was very easy to pass it to the create_resources function. Here is a simplified version of how this was achieved:

$managefiles = {
  '/some/path/to/my/file' => {
    ensure => file,
  },
  '/some/dir/path' => {
    ensure => directory
  },
}

create_resources(file, $managefiles)

Optionally a third parameter can also be passed to create_resources which takes a hash with default values for the resource type you are creating. While the example above uses the build in resource type ‘file’ to demonstrate the usage of create_resources, this function can take any user defined resource type too.

 

Some excellent blog posts I found on this topic:

https://tobrunet.ch/2013/01/iterate-over-datastructures-in-puppet-manifests/

Iteration in Puppet

Documentary : Happy

Recently watched a very interesting documentary : Happy.

The documentary does a very good job explaining happiness and various factors impacting levels of happiness. By involving folks from various wakes of life, the creators deliver the message in a very easy and digestible manner. Of course you also see some academicians talking about happiness, but that doesn’t make the documentary dull or too technical in nature.

Creators succeed in delivering the main message that material wealth or the conventional definition of happiness is incorrect. What really matters for happiness are simple things like friends, family and sense of community.

Strongly recommended.

AWS EC2 security groups and iptables

Ran into an interesting problem while working on EC2. I had haproxy running on a EC2 instance. I configured port 8080 for the status page of haproxy. This is what I had at the end in my haproxy.cfg file:

listen stats :8080
 mode http
 stats uri /

When I try to hit the 8080 port for the EC2 instance, it wasn’t reachable because of AWS security groups. Fair enough, I edited my security group and open port 8080. In spite of opening the port in AWS security group, I wasn’t able to access the haproxy status page.

Quick google search, led me to iptables and specifically to https://help.ubuntu.com/community/UFW. Essentially there are 2 layers of firewalls when we try to access a specific port on a running EC2 instance. AWS security groups provides a firewall layer, while the base OS provides another. In my case  (Ubuntu 12.04) UFW was configured with the default options (which essentially blocks pretty much ALL incoming traffic). I ran the following commands to open port 8080 and restart UFW.

sudo iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
 iptables-save
 sudo stop ufw
 sudo start ufw

With port 8080 now open at both layers, I was able to access the haproxy status page.

Joys of YAML parsing

Yaml parsing is tricky and sometimes puppet will complain about syntactically incorrect YAML file without actually telling which YAML file is causing the problem. In such scenarios the following ruby code can help in locating the problematic YAML file.

 require 'yaml'
 d = Dir["./**/*.yaml"]
 d.each do |file|
 begin
 puts "Loading file : #{file}"
 f =  YAML.load_file(file)
 rescue Exception
 puts "Found the culprit #{file}: #{$!}"
 end
 end

Put the above code in parse.rb file and now you can execute it using ‘ruby parse.rb’ from any top level dir which contains your YAML files.

Git commands auto completion

There is a handy bash script which can be sourced in your .profile to ensure git commands are auto completed. Execute the following code from your home dir:

#Goto your home directory
cd
#download the git completion bash script from github
curl https://raw.github.com/git/git/master/contrib/completion/git-completion.bash > git-completion.bash

Now open your .bashrc/.bash_profile or /etc/profile file and add the following line to the end of the file:

#Add this to the end of your /etc/profile
source ~/git-completion.bash

Restart your console and now you should be able to auto complete the git commands.