Writing Bcfg2 client tools

 Bcfg2, Linux  No Responses »
Aug 252010
 

While most of this is covered in the Bcfg2 docs, people still ask questions from time to time about writing client tools. In this post, I will cover the answer to a specific question that was posted to the mailing list recently.

We would like to change how ConfigFiles are copied on the client. This
means rewriting the InstallConfigFile method in the POSIX client plugin.
I wanted to get feed back how best to go about doing this. Would it make
sense to create a new Plug-in or modify the current one?

This post will implement a simple client tool which subclasses the POSIX client tool driver and replaces the InstallConfigFile method with a custom method.

The first step is to create the new client tool:

[root@bcfg2] ~ # cat bcfg2/src/lib/Client/Tools/myPOSIX.py
import Bcfg2.Client.Tools
import Bcfg2.Options

class myPOSIX(Bcfg2.Client.Tools.POSIX.POSIX):
    name = 'myPOSIX'
    __execs__ = ['/bin/true']
    conflicts = ['POSIX']
    __handles__ = [('Path', 'file')]

    # Redefine InstallConfigFile here
    def InstallConfigFile(self, entry):
        return True

All this simple client tool does is redefine the InstallConfigFile method from POSIX.py. Everything else is the same. This is extremely useful if you find the behavior of a client tool useful, but wish to redefine how a particular method is implemented.

It is also worth noting that if you have a case where you need to augment something, you might check with others either on the bcfg2-dev mailing list or in #bcfg2 on Freenode as they may have run into similar issues. We are more than willing to accept useful code upstream.

So, getting back to the client tool, if we go ahead and run this with the following Path specified:

[root@bcfg2] /var/lib/bcfg2 # cat Bundler/foo.xml
<Bundle name='foo'>
    <Path name='/root/foo'/>
</Bundle>

[root@bcfg2] /var/lib/bcfg2 # cat Cfg/root/foo/foo
bar

then we get the following:

[root@bcfg2] ~ # bcfg2 -qI
---

+++

@@ -1,1 +1,2 @@

+bar

Install Path /root/foo: (y/N): y

[root@bcfg2] ~ # cat /root/foo
cat: /root/foo: No such file or directory

which is exactly what we expect since we replaced the Install method with what amounts to a noop method. This simple client tool was just used for illustrative purposes. If you were actually implementing this, it would obviously normally be something completely different (and more than likely useful).

That concludes this simple post outlining the basics of modifying existing Bcfg2 client tools.

 Posted by at 21:07

bash and POSIX read

 Linux  No Responses »
Aug 212010
 

At work the other day, I found myself needing to install a bunch of gems with differing versions. I had a file created that looked something like this which had all the gems (along with specific versions) that were requested to be installed:

foo --version 1
bar --version 2
foobar --version 3

So, I tried running a bash for loop over the items to get them installed. However, I soon found that this wasn’t going to work:

$ for gem in `cat gems`; do echo $gem; done
foo
--version
1
bar
--version
2
foobar
--version
3

Bash was using any whitespace separator as indication of a new item in the loop. After searching around for a bit, I found that you can use the POSIX read utility to make this work as expected.

$ cat gems | while read line; do echo $line; done
foo --version 1
bar --version 2
foobar --version 3

Exactly what I needed.

 Posted by at 18:41

Comcast “domain helper service”

 Uncategorized  No Responses »
Aug 192010
 

I recently switched to Comcast for my Internet Service Provider. The transition hasn’t been pleasant. I have had a number of issues with them. However, by far the most annoying issue is with their “domain helper service“. This post should help any others who fall victim to this unexpected behavior.

Basically, what they do is assign you one of their special DNS servers from http://dns.comcast.net/dns-ip-addresses.php which return incorrect results:

$ nslookup thisdomaindoesnotexist 68.87.72.134
Server:         68.87.72.134
Address:        68.87.72.134#53

Non-authoritative answer:
Name:   thisdomaindoesnotexist
Address: 208.68.139.38

when the real response should be:

$ nslookup thisdomaindoesnotexist 68.87.85.98
Server:         68.87.85.98
Address:        68.87.85.98#53

** server can't find thisdomaindoesnotexist: NXDOMAIN

In my mind, this amounts to hijacking my NXDOMAIN responses which violates RFC2308 and is even outlawed in the UK! I could have fixed this easily by modifying the nameservers listed in /etc/resolv.conf. The problem with this is that I would have to do it for all of my machines. Another solution is to set the DNS servers in my router’s configuration (since it provides them during DHCP). The problem with this is that I again end up doing some manual configuration on my end for a problem which Comcast caused.

Of course this leads to all sorts of nastiness. I first noticed this nonsense while clicking on a link for a site that used to exist. This lead me to their hideously ugly (and amazingly useless) search page. After looking around, I realized other people had similar feelings. Just look at the blog post linked to previously. Not one enthusiastic comment about how useful this is.

So, I decided to try and disable this thing on my own. After all, they are nice enough to provide you instructions on how to do it yourself. The only problem with that is the necessary options don’t even show up on my account!

The next step was to initiate a chat with their technical support to get them to update the account settings for me. Unfortunately, this did more harm than good. They tried to reset my router remotely (which obviously kicked me out of the chat session). Not only that, but the router reset never completed properly.

Okay, so next step was to call (I no longer had internet access after all). The first person I talked to wasn’t even able to reset my router again! They were convinced that this was a problem that needed to be solved by having a technician come out. I was not able to convince her otherwise. So, I scheduled the technician.

I then called back immediately. I did not mention the mistake made by the previous person in chat. I simply requested that they activate my service (as I needed done when I first got service). This time, the person on the line was able to activate my service. I figured since they were able to do that, maybe they would be able to help me with my problem. So, I tried explaining it and was transferred to someone in their “technical support” department. This person at least listened to what I was saying and looked at the links with the instructions I was trying to follow. She even logged into my account and was able to see that the options were not showing up. However, she was also unable to help and speculated that the technician might know something else (not likely since they’re usually just contractors).

My last resort was emailing Comcast support and explaining all of this in my email. A few days later, I received an email confirming that this had been done. Sure enough, I checked the nameservers listed on my router and they were using the opt out servers listed at http://dns.comcast.net/dns-ip-addresses2.php. Finally, they fixed my problem and all it took was a simple email.

 Newer Entries