[clug] cfengine2 (debian) and max_file_size for editing

Daniel Pittman daniel at rimspace.net
Sun Oct 17 16:43:30 MDT 2010 

steve jenkin <sjenkin at canb.auug.org.au> writes:
> Daniel Pittman wrote on 17/10/10 7:54 PM:
>
>> ...though generally speaking you are better installing a file that has the
>> right content than trying to edit existing files.  The later has a much
>> higher risk of leading to unintended consequences.
>
> I've done that in other instances, but this is editing the default from the
> package.  Using it as a base, I don't have to regenerate the local version
> if bits are added or deleted.  But not if they adopt non-sensible defaults

For what it is worth, as anecdotal evidence, the most common failure mode I
ran into with the file editing approach was network-wide failures when
something happened that perturbed the editing process and generated an invalid
configuration file.

About a third of the time that was my fault, since I had missed some complex
edge case in the original configuration file (or variants on different
platforms).  Good testing solves that, and I hope y'all have a test network if
you use tools like this.

A third of the time it was an update that made some change to the
configuration file that was context dependent, and resulted in things not
working as expected.  (eg: the include statement moving in an Apache
configuration file, so my statement now came after what it should influence,
not before.)

The final third was things going horribly wrong when someone hand-edited the
same file and it either conflicted with my changes, or it interacted badly, or
it broke my context assumptions in the editing bit.


So, yeah.  Lots of nasty that convinced me it was not really sensible to do
things that way in pretty much every case.[1]

>> I generally recommend puppet, these days, in the role that cfengine2 used
>> to play.  It is a generally better implementation of the same concepts,
>> with less rough or unuseful edges for most commercial sites.
>
> Thanks.  The boon of FOSS - much choice.

*nod*  One of these days I want to see, and perhaps even try, a cfengine3
based site.  The conceptual changes are pretty huge compared to cfengine2, and
I would be curious to see how it all played out...

>> (OTOH, I now work for Puppet Labs, so I might be biased. :)
> Noooooooo..... :-)

:)  I like full disclosure of my potential biases; the job is making me pretty
happy given that it follows ten years of interest in the field and all.

      Daniel

Footnotes: 
[1]  I still occasionally give in to the temptation, although it is harder
     with puppet as it doesn't ship with a native type to do the same, and
     still come to regret it every now and then.

-- 
✣ Daniel Pittman            ✉ daniel at rimspace.net            ☎ +61 401 155 707
               ♽ made with 100 percent post-consumer electrons

More information about the linux mailing list