[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[augeas-devel] Introduction Config::Augeas::Validator



Hi all,


This mail is to introduce a new Perl module based on Augeas and named Config::Augeas::Validator [0].


Why this module?
==============

Many sysadmins today keep a repository of configuration files from which they deploy to their servers. To prevent configuration breakage, it could be useful to parse and check these configuration files before they get deployed.
The goal of Config::Augeas::Validator is to run unit tests on config files using Augeas as a backend. For example, the module can be plugged to a VCS to be used as a precommit script in order to prevent users from committing broken or bad configurations.


How it works
==========

Config::Augeas::Validator can work in two ways: with a single configuration file or with a directory of configuration files.

Configuration files for Config::Augeas::Validator are INI files. Each of these INI files describes a series of tests to be run on a specific pattern with a specific lens. Config::Augeas::Validator runs each test on the given files and returns errors when tests fail.


A very simple example
==================

Here is a very simple example, using no rules:

[DEFAULT]
rules=
lens=Hosts
pattern=.*/hosts


What will this do? When Config::Augeas::Validator is called on a file named "hosts", it will try to parse it using the "Hosts" lens. If the parsing fails, Config::Augeas::Validator will return an error.


Making it a bit more complex
======================

[DEFAULT]
rules=localhost
lens=Hosts
pattern=.*/hosts

[localhost]
name=Localhost
explanation=IPv4 must be set for localhost
type=count
expr=$file/*[ipaddr = "127.0.0.1"][canonical = "localhost"]
value=1


Here, I've added a very simple rule checking that the given file contains one and only one entry matching both "localhost" and "127.0.0.1". If this condition is not met, the test will fail.


What does the output look like?
========================

Here is an example running the augeas-validator tool.

$ augeas-validator -r validator-rules configurations/default/generic/disk_config/V_ENCOM_SPUP_FILER_REC
W: File configurations/default/generic/disk_config/V_ENCOM_SPUP_FILER_REC
W: Assertion 'noatime for logs' of type count returned 1 for file configurations/default/generic/disk_config/V_ENCOM_SPUP_FILER_REC, expected 0:
   Log partitions should be set to noatime.



To infinity and beyond
================

Augeas already supports a lot of lenses, so the possibilities are endless. The main problem I'm facing is simplifying the expr interface for complex tests. An example of a complex test is the following:

[bootable_flag]
name=Bootable flag
explanation=At least one partition must be bootable
type=count
expr=$file/disk_config[. != "lvm"][. != "raid"][. != "tmpfs"][count(raw-disk) = 0][count(../disk_config/bootable) = 0]
value=0
level=warning


Paths can easily get complex when conditions accumulate, and I'm open to suggestions to simplify this.

If you wish to clone the repository and play with it, you will find the code on github [1]


Cheers,


Raphaël


[0] http://search.cpan.org/~raphink/Config-Augeas-Validator-0.103/
[1] https://github.com/raphink/config-augeas-validator

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]