1

我已经编写了一个安装 apache2 并配置 ssl 然后启动 apache 服务的 apache 类。我正在编写一个子类,它将配置一个虚拟主机,然后重新启动 apache 服务。一旦添加了虚拟主机,我试图通知 apache2 服务时出现循环依赖错误。

我通过将 require 更改为 include 解决了这个错误,但这是否意味着 apache 类中的资源将在 apache::no 之前运行?

如果不是,那么解决此依赖错误的方法是什么?

通知另一个类中的资源是一个好习惯吗?

Error: Failed to apply catalog: Found 1 dependency cycle:
(Exec[no] => Service[apache2] => Class[Apache] => Class[Apache::No] => Exec[no])
Try the '--graph' option and opening the resulting '.dot' file in OmniGraffle or GraphViz

apache.pp

class apache {

    $listen_port="8181"
    $no_port="4143"
    #file { '/etc/apache2/ports.conf' :
        #ensure => present ,
        #content => template("apache/ports.conf.erb"),
        #require => Package['apache2'],
        #notify => Service['apache2'],
    #}->
    case $facts['osfamily'] {
    /^(Debian|Ubuntu)$/: {
    file { '/etc/apache2/sites-available/000-default.conf' :
        ensure => present ,
        content => template("apache/000-default.conf.erb"),
        require => Package['apache2'],
        notify => Service['apache2'],
        noop => true,
    }
    file { '/etc/apache2/sites-available/default-ssl.conf':
        ensure => present ,
        content => template("apache/default-ssl.conf.erb"),
        require => Package['apache2'],
        notify => Service['apache2'],
        #noop => true,
    }
    file { ['/etc','/etc/apache2','/etc/apache2/ssl'] :
        ensure => directory,
        require => Package['apache2'],
    }
    package { 'apache2' :
        ensure => latest,
        notify => Exec['ssl']
    } ->
    augeas { 'no' :
        context => "/files/etc/apache2/ports.conf",
        changes => [
                       "set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/directive[2]/arg localhost",
                       "set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/directive[8]/arg /etc/apache2/ssl/apache.key",
                       "set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/directive[7]/arg /etc/apache2/ssl/apache.crt",
                       "set /files/etc/apache2/ports.conf/IfModule[2]/directive/arg $$no_port",
                       "set /files/etc/apache2/ports.conf/IfModule[1]/directive/arg $no_port",
                       "set /files/etc/apache2/ports.conf/directive/arg 8181",
                       "set /files/etc/apache2/sites-available/000-default.conf/VirtualHost/arg *:8181",
                       "set /files/etc/apache2/sites-available/default-ssl.conf/IfModule/VirtualHost/arg *:$no_port",
                   ],
        require => Package['apache2'],
    } ->
    service { 'apache2' :
        ensure => running
    }
    package { 'openssl' :
        ensure => latest
    } ->
    exec { 'ssl' :
        path => ["/usr/local/sbin","/usr/local/bin","/usr/sbin","/usr/bin","/sbin","/bin"],
        command => 'openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=example.com" ; a2enmod ssl ; a2ensite default-ssl ',
        notify => Service['apache2'],
        require => Augeas['no'],
        refreshonly => true,
    }
    }
}

没有.pp

class apache::no {

      require ::apache
      $listen_port="8181"
      file { 'no' :
          ensure => present,
          path => '/etc/apache2/sites-available/no.conf',
          content => template("apache/no.conf.erb"),
          notify => Exec['no'],
      }
      Exec { 'no' :
           path => ["/usr/local/sbin","/usr/local/bin","/sbin","/bin","/usr/sbin","/usr/bin","/root/bin"],
           command => 'a2ensite no.conf',
           notify => Service['apache2'],
           refreshonly => true,
      }
      #Service { 'apache2' :
          #ensure => running,
      #}
}

谢谢

4

1 回答 1

2

您的代码确实不一致。经过 ...

require ::apache

...它坚持通过类::apache管理的所有内容都在当前类中声明的任何内容之前进行管理,但是...

Exec { 'no' :
   # ...
   notify => Service['apache2'],
   # ...
}

...要求Exec['no']之前Service['apache2']管理,由类管理::apache2。你不能同时拥有它。

问题源于混合抽象级别。在一个地方,你表达了与整个班级的关系,而在其他地方,你表达了与那个班级的一部分的关系。有两种基本方法可以解决这个问题:要么建立单独的类大小片段来声明你的单独关系,要么直接与相关资源建立所有需要的关系(在本例中为 aPackage和 a Service)。后者是可以接受的,因为您在同一个模块中工作,但即便如此,前者可能更好。它可能看起来像这样:

class apache {
  # declare variables ...
  include '::apache::software'
  include '::apache::config'
  include '::apache::service'

  Class['::apache::software'] -> Class['::apache::config']
  Class['::apache::config']   ~> Class['::apache::service']
}

# ... class apache::software manages ensuring the package is installed
# ... class apache::config manages the configuration file
# ... class apache::service manages the httpd service

class apache::no {
    require 'apache::config'
    # ...
  Exec { 'no' :
    # ...
    notify => Class['apache::service']
  }
}
于 2015-09-18T13:42:28.313 回答