Add $ensure parameter for Bacula packages #170
Conversation
|
Interesting… I tried to get the repo information at https://www.bacula.org/bacula-binary-package-download/ but do not receive a anything by mail 😒 Can you share the repo URL? I was not aware of this, but if it works it would make sense to add support for it in the module: indicate which packages should be used, those from the distro or those from bacula. Since we already have different package lists for each OS, we could add a separate package list when using these repos. This could maybe allow us to avoid |
Unfortunately I cannot share the repo URL, this would risk getting our repo access blocked. I'm confident the Bacula.org team will provide an access key following your request. FYI, this is the repo content for Bacula 11.0.5 on EL8:
Could you elaborate more on this? How could this possibly work?
I don't think this would solve the duplicate declaration error. What's the issue with ensure_packages()? It's already used in |
Thanks to the filenames I could get access to a package directory tree (1st result for The package depndencies for Debian are (I have not checked they are the same on RedHat but assumed so): This imply the director and storage daemon are always installed together and install the file daemon too (unless the sqlite package is used for some reason). This is in fact the exact setup I have on the various bacula infrastructures I manage (through 2 profiles in my control repo: Maybe we can consider this as a baseline and always install the components this way with the module. This would allow switching from OS packages to bacula packages more easily. This might however need some work and may have some unexpected side effects so I am not sure it is the best thing to do…
Something like: # module
class bacula (
Enum['bacula', 'system'] $package_origin = 'system',
Array[String[1]] $bacula_packages = [...], # probably a static list
Array[String[1]] $system_packages, # existing packages from hiera
) {
# ...
$packages = $package_origin ? {
bacula => $bacula_packages,
system => $system_packages,
}
package { $packages:
ensure => installed,
}
}
# usage:
class { 'bacula':
package_origin => 'bacula',
}
Without refactoring we will not be able to avoid it I think. The issue with package { 'foo':
ensure => installed,
}
ensure_packages('foo', ensure => installed)
ensure_packages('foo', ensure => installed)
ensure_packages('foo', ensure => installed) # worksensure_packages('foo', ensure => installed)
ensure_packages('foo', ensure => installed)
ensure_packages('foo', ensure => installed) # worksensure_packages('foo', ensure => installed)
ensure_packages('foo', ensure => installed)
ensure_packages('foo', ensure => installed)
package { 'foo': # duplicate declaration error
ensure => installed,
} |
|
@smortex, thanks for the suggestions.
Interesting idea, but I agree, it's likely to break things. It's also way beyond the scope of this tiny PR.
Another good idea. However, I have not seen Bacula 11 or Bacula 13 packages in any Linux distribution, so it's unclear whether or not they will adopt the new Bacula package scheme or stick to the old one. FreeBSD sticked to the old package scheme for Bacula 11 and 13. I would give this more time before adding this complexity to the module. Maybe the idea could be added as a new feature request / issue. So, as far as I can see, there is no real show-stopper here. Or am I missing something? I'd really like to get this merged, so hopefully it would be part of the first voxpupuli-bacula release :) |
There was a problem hiding this comment.
You are right, we can have the minimal changes for running with upstream packages merged quickly and maybe a more heavy refactoring allowing an easier integration later.
Would you mind looking at the few little things I noted bellow? Also, can you please create a wiki page that describes how to use upstream packages (maybe add a note to indicate that it is/will be available in 6.0.0).
fraenki
force-pushed
the
bacula11
branch
2 times, most recently
from
4dd2c3a to
fd1fcd6
Compare
|
Rebased to fix a merge conflict. |
Sure. The only difference in our setup is that we've changed the default merge behaviour globally to "deep". See both lookups below (I've removed the entries without a match). When setting Note that Now the same lookup without adding Hiera options to the bacula module: As you can see, the contents of the Locking the merge behaviour for I think setting this option in the bacula module is the right choice. If set elsewhere it would look pretty out of place. |
Haaaa! Everything make sense 😅 I though you where hitting some kind of bug with the default config.
I would not recommend changing the default merge strategy because it will have similar nasty side effects with various modules (just a few examples). If you really need a custom global merge strategy, maybe you can limit its scope to your lookup_options:
'^profile::.*password':
convert_to: Sensitive
'^profile::.*secret':
convert_to: Sensitive
profile::admin_accounts::administrators:
merge: deep
profile::yubikey::users:
merge: deepIf that is not feasible and you really need a global merge strategy, what about setting the specific behavior for bacula settings before changing the global behavior? That way, all your site-specific customizations are in your control repo. This seems to have the intended effect on my test setup: lookup_options:
# Force a first merge strategy for bacula packages
# We set it explicitly because we change the default bellow.
'^bacula::.*::packages':
merge: first
# For all the rest, use the deep strategy
'^.*':
merge: deepDoes it make sense? |
|
And on a more general note, I would avoid to set this in hiera and would rather pass explicit package parameters in my profiles: overriding modules data form a control-repo seems a smell to me, sometimes it is required, but if avoidable I prefer to avoid it. This makes the site configuration more easily approachable because the only values set in hiera in the control repo are parameters for the classes of the control repo, and you have a global view of all customized settings in one place. The readme still has some examples that use Hiera to adjust the config… I'll open a PR to replace these old way of tuning the conf using Hiera with actual puppet code that can be put in a profile as is now preferred. |
The benefit is that the default value is visible in REFERENCE.
|
@smortex I've simplified this PR, now it's only about the new (Since the bacula.org repo is not public, I think it's best to keep things simple and not add new parameters for it.) |
fraenki
changed the title
Preface
While testing this module with Bacula 11 packages from bacula.org I've run into an issue.
Bugfixes
These packages have a major difference: the director/storage package is renamed to
bacula-postgresqland it already includes the Bacula client, console, etc. So I had to adjust the configuration like this to get both the director/storage and the client running on the same host:Initially this failed, because it lead to a duplicate declaration error due to the way the
bacula::clientclass handled the package installation. After fixing this another issue occured, because the value for$bacula::client::packageswas not replaced but instead it was merged, resulting in a value of[ 'bacula-client', 'bacula-postgresql' ], which of course did not work.This PR fixes these issues and I did not notice any side-effects when using it on Bacula 9.
Disclaimer: I've tested this only with Bacula 11 packages from bacula.org, so I don't know whether or not Linux/BSD distributions have adopted this new package naming scheme.
New Parameter
Furthermore I've noticed that this module does not support updating Bacula. I've added a new
$ensureparameter to all packages which defaults topresent. It makes it possible to upgrade to a new Bacula release.The following example demonstrates the upgrade from Bacula 9 to Bacula 11 on CentOS: