Reputation: 199
resolving cyclic dependency in puppet when notifying resource in another class
I have written one apache class which install apache2 and configure ssl and then start apache service. I am writing one subclass which will configure one virtual host and then restart apache service. I am getting cyclic dependency error as I am trying to notify apache2 service once virtual host has been added.
I resolved this error by changing require to include but does this mean that resources in apache class will run before apache::no ?
If not then what is the way to resolve this dependency error ?
Is it a good practice to notify resources in another class ?
Error: Failed to apply catalog: Found 1 dependency cycle:
(Exec[no] => Service[apache2] => Class[Apache] => Class[Apache::No] => Exec[no])
Try the '--graph' option and opening the resulting '.dot' file in OmniGraffle or GraphViz
apache.pp
class apache {
$listen_port="8181"
$no_port="4143"
#file { '/etc/apache2/ports.conf' :
#ensure => present ,
#content => template("apache/ports.conf.erb"),
#require => Package['apache2'],
#notify => Service['apache2'],
#}->
case $facts['osfamily'] {
/^(Debian|Ubuntu)$/: {
file { '/etc/apache2/sites-available/000-default.conf' :
ensure => present ,
content => template("apache/000-default.conf.erb"),
require => Package['apache2'],
notify => Service['apache2'],
noop => true,
}
file { '/etc/apache2/sites-available/default-ssl.conf':
ensure => present ,
content => template("apache/default-ssl.conf.erb"),
require => Package['apache2'],
notify => Service['apache2'],
#noop => true,
}
file { ['/etc','/etc/apache2','/etc/apache2/ssl'] :
ensure => directory,
require => Package['apache2'],
}
package { 'apache2' :
ensure => latest,
notify => Exec['ssl']
} ->
augeas { 'no' :
context => "/files/etc/apache2/ports.conf",
changes => [
"set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/directive[2]/arg localhost",
"set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/directive[8]/arg /etc/apache2/ssl/apache.key",
"set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/directive[7]/arg /etc/apache2/ssl/apache.crt",
"set /files/etc/apache2/ports.conf/IfModule[2]/directive/arg $$no_port",
"set /files/etc/apache2/ports.conf/IfModule[1]/directive/arg $no_port",
"set /files/etc/apache2/ports.conf/directive/arg 8181",
"set /files/etc/apache2/sites-available/000-default.conf/VirtualHost/arg *:8181",
"set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/arg *:$no_port",
],
require => Package['apache2'],
} ->
service { 'apache2' :
ensure => running
}
package { 'openssl' :
ensure => latest
} ->
exec { 'ssl' :
path => ["/usr/local/sbin","/usr/local/bin","/usr/sbin","/usr/bin","/sbin","/bin"],
command => 'openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=example.com" ; a2enmod ssl ; a2ensite default-ssl ',
notify => Service['apache2'],
require => Augeas['no'],
refreshonly => true,
}
}
}
no.pp
class apache::no {
require ::apache
$listen_port="8181"
file { 'no' :
ensure => present,
path => '/etc/apache2/sites-available/no.conf',
content => template("apache/no.conf.erb"),
notify => Exec['no'],
}
Exec { 'no' :
path => ["/usr/local/sbin","/usr/local/bin","/sbin","/bin","/usr/sbin","/usr/bin","/root/bin"],
command => 'a2ensite no.conf',
notify => Service['apache2'],
refreshonly => true,
}
#Service { 'apache2' :
#ensure => running,
#}
}
Thanks
Upvotes: 1
Views: 1007
Answers (1)
Reputation: 180093
Your code is indeed inconsistent. By ...
require ::apache
... it insists that everything managed via class ::apache be managed before anything declared in the current class, but ...
Exec { 'no' :
# ...
notify => Service['apache2'],
# ...
}
... requires that Exec['no'] be managed before Service['apache2'], which is managed by class ::apache2. You cannot have it both ways.
The problem arises from mixing levels of abstraction. In one place you are expressing relationships with a whole class, and elsewhere you express a relationship with just one part of that class. There are two basic approaches to fixing this: either establish separate class-size pieces with which to declare your separate relationships, or else establish all needed relationships directly with the relevant resources (a Package and a Service in this case). The latter is acceptable only because you are working within the same module, but even so, the former is probably better. It might look like this:
class apache {
# declare variables ...
include '::apache::software'
include '::apache::config'
include '::apache::service'
Class['::apache::software'] -> Class['::apache::config']
Class['::apache::config'] ~> Class['::apache::service']
}
# ... class apache::software manages ensuring the package is installed
# ... class apache::config manages the configuration file
# ... class apache::service manages the httpd service
class apache::no {
require 'apache::config'
# ...
Exec { 'no' :
# ...
notify => Class['apache::service']
}
}
Upvotes: 2
Related Questions
- Duplicate declaration of same resource defined in separate classes
- Triggering dependent resources in a interation loop
- how to write puppet class dependency on the status of another class
- 2 resources to notify the same service
- Puppet - notify service in defined resource
- How to fix my puppet dependency in the correct way?
- Puppet dependency resolution ordering
- puppet dependency from other class in other file
- How do I make a puppet class dependent on all of the resources it defines?
- Puppet class overloading