2 November 2015

Puppet accidentally overwrite a config file? Solution: Puppet Filebucket!

If you have accidentally overwritten one or more config files of the servers by puppet, it's scary!

But thankfully there is a solution for it, "Puppet Filebucket"

Puppet Filebucket

is actually a stand-alone filebucket client for backup and restore files to a local or central filebucket.

In the default Red Hat Enterprise Linux 6.5 installation, it keeps the bucket database locally on the agent in the clientbucket directory:

# ll /var/lib/puppet/clientbucket/
total 64
drwxrwx--- 17 root root 4096 Oct 27 15:28 0
drwxrwx--- 18 root root 4096 Oct 27 15:28 1
drwxrwx--- 17 root root 4096 Oct 27 15:28 2
drwxrwx--- 18 root root 4096 Oct 27 15:28 3
drwxrwx--- 17 root root 4096 Oct 27 15:28 4
drwxrwx--- 18 root root 4096 Oct 27 15:28 5
drwxrwx--- 18 root root 4096 Oct 27 15:28 6
drwxrwx--- 18 root root 4096 Oct 27 15:28 7
drwxrwx--- 18 root root 4096 Oct 27 15:28 8
drwxrwx--- 18 root root 4096 Oct 27 15:28 9
drwxrwx--- 18 root root 4096 Oct 27 15:28 a
drwxrwx--- 17 root root 4096 Oct 27 15:28 b
drwxrwx--- 18 root root 4096 Oct 27 15:28 c
drwxrwx--- 18 root root 4096 Oct 27 15:28 d
drwxrwx--- 17 root root 4096 Oct 27 15:28 e
drwxrwx--- 18 root root 4096 Oct 27 15:28 f

How to restore the file that has been overwritten 

You need to check in the /var/log/messages of the agent server to find the logs when agent has checked in with master puppet and rewrite the configuration file:

# vim /var/log/messages

Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content)
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) --- /tmp/test2#0112015-11-02 16:46:37.662801310 +0100
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) +++ /tmp/puppet-file20151102-14842-1fh8n6z-0#0112015-11-02 16:50:28.848800989 +0100
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) @@ -1 +1 @@
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) -1, $(ipaddress_eth0)
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) \ No newline at end of file
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) +1, 10.8.227.53
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) \ No newline at end of file
Nov  2 16:50:28 client-hostname puppet-agent[14842]: Computing checksum on file /tmp/test2
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]) Filebucketed /tmp/test2 to puppet with sum d228f5215b69acc11bcddfeaf055ad8a
Nov  2 16:50:28 client-hostname puppet-agent[14842]: (/Stage[main]/Main/Node[client-hostname]/File[/tmp/test2]/content) content changed '{md5}d228f5215b69acc11bcddfeaf055ad8a' to '{md5}5bb07d4b5c7877b8498ee7eacf6bfbff'


You should be able to notice the resulting md5 sum log entries due to changes in the file:

content changed '{md5}d228f5215b69acc11bcddfeaf055ad8a' to '{md5}5bb07d4b5c7877b8498ee7eacf6bfbff'

which the first md5 sum is the original file and next one is md5 sum of the new file:

Original    : {md5}d228f5215b69acc11bcddfeaf055ad8a
New          : {md5}5bb07d4b5c7877b8498ee7eacf6bfbff


Therefore, in order to retrieve our original version of file, we need to use the first md5 sum with following command:

# puppet filebucket restore --local --bucket /var/lib/puppet/clientbucket/ /tmp/test2 d228f5215b69acc11bcddfeaf055ad8a

 where we want to "restore" from "--local --bucket" database "/var/lib/puppet/clientbucket" for the "/tmp/test2" file.   







1 comment: