.. -*- mode: rst -*-
.. _server-plugins-generators-rules:
=====
Rules
=====
The Rules plugin resolves the following Abstract Configuration Entities:
* Service
* Package
* Path
* Action
to literal configuration entries suitable for the client drivers to
consume.
For an entity specification to be included in the Literal configuration
the name attribute from an Abstract Entity Tag (from Base or Bundler)
must match the name attribute of an Entity tag in Rules, along with the
appropriate group associations of course.
Each file in the Rules directory has a priority. This allows the same
Entities to be served by multiple files. The priorities can be used to
break ties in the case that multiple files serve data for the same Entity.
Usage of Groups in Rules
========================
Groups are used by the Rules plugin, along with host metadata, for
selecting the Configuration Entity entries to include in the clients
literal configuration. They can be thought of as::
if client is a member of group1 then
assign to literal config
Nested groups are conjunctive (logical and).::
if client is a member of group1 and group2 then
assign to literal config
Group membership may be negated.
Tag Attributes in Rules
=======================
Rules Tag
---------
The Rules Tag may have the following attributes:
+----------+-------------------------------------+--------+
| Name | Description | Values |
+==========+=====================================+========+
| priority | Sets the priority for Rules in this | String |
| | Rules list.The higher value wins. | |
+----------+-------------------------------------+--------+
Rules Group Tag
---------------
The Rules Group Tag may have the following attributes:
+--------+-------------------------+--------------+
| Name | Description | Values |
+========+=========================+==============+
| name | Group Name | String |
+--------+-------------------------+--------------+
| negate | Negate group membership | (true|false) |
| | (is not a member of) | |
+--------+-------------------------+--------------+
Package Tag
-----------
The Package Tag may have the following attributes:
+------------+----------------------------------------------+----------+
| Name | Description | Values |
+============+==============================================+==========+
| name | Package name or regular expression | String |
| | | or regex |
+------------+----------------------------------------------+----------+
| version | Package Version or version='noverify' to | String |
| | not do version checking in the Yum driver | |
| | only (temporary work a round). | |
+------------+----------------------------------------------+----------+
| file | Package file name. Several other attributes | String |
| | (name, version) can be automatically defined | |
| | based on regular expressions defined in the | |
| | Pkgmgr plugin. | |
+------------+----------------------------------------------+----------+
| simplefile | Package file name. No name parsing is | String |
| | performed, so no extra fields get set | |
+------------+----------------------------------------------+----------+
| verify | verify='false' - do not do package | String |
| | verification | |
+------------+----------------------------------------------+----------+
| multiarch | Comma separated list of the architectures of | String |
| | this package that should be installed. | |
+------------+----------------------------------------------+----------+
| srcs | Filename creation rules for multiarch | String |
| | packages. | |
+------------+----------------------------------------------+----------+
| type | Package type. (rpm, yum, apt,sysv,blast) | String |
+------------+----------------------------------------------+----------+
Action Tag
----------
See :ref:`client-tools-actions`
Service Tag
-----------
+------------+-------------------------------+---------------------------------------------------------+
| Name | Description | Values |
+============+===============================+=========================================================+
| mode | Per Service Mode (New in 1.0) | (manual | default | supervised | interactive_only ) |
+------------+-------------------------------+---------------------------------------------------------+
| name | Service name or regular | String or regex |
| | expression | |
+------------+-------------------------------+---------------------------------------------------------+
| status | Should the service be on or | (on | off | ignore) |
| | off (default: off). | |
+------------+-------------------------------+---------------------------------------------------------+
| target | Service command for restart | String |
| | (default: restart) | |
+------------+-------------------------------+---------------------------------------------------------+
| type | Driver to use on the client | (chkconfig | deb | rc-update | smf | upstart | |
| | to manage this service. | systemd | freebsd | launchd ) |
+------------+-------------------------------+---------------------------------------------------------+
| sequence | Order for service startup | integer |
| | (debian services only) | |
+------------+-------------------------------+---------------------------------------------------------+
| parameters | Pass parameters to service | String |
| | (Upstart services only) | |
+------------+-------------------------------+---------------------------------------------------------+
Service mode descriptions
^^^^^^^^^^^^^^^^^^^^^^^^^
.. versionadded:: 1.0.0
* manual
* do not start/stop/restart this service
* service installation is not performed
* interactive_only
* only attempt to start/stop/restart this service if the client is run interactively
* service installation is performed
* default
* perform appropriate service operations
* supervised
* default and ensure service is running (or stopped) when verification is performed
* deprecates supervised='true'
Service status descriptions
^^^^^^^^^^^^^^^^^^^^^^^^^^^
* on
* start the service at boot time
* off
* don't start the service at boot time
* ignore
* don't check the status, leave it as-is (valid for deb and upstart services only)
Client Tag
----------
The Client Tag is used in Rules for selecting the package entries to
include in the clients literal configuration. Its function is similar
to the Group tag in this context. It can be thought of as::
if client is name then
assign to literal config
The Client Tag may have the following attributes:
+--------+-------------------------+--------------+
| Name | Description | Values |
+========+=========================+==============+
| name | Client Name | String |
+--------+-------------------------+--------------+
| negate | Negate client selection | (true|false) |
| | (if not client name) | |
+--------+-------------------------+--------------+
Path Tag
--------
The Path tag has different values depending on the *type* attribute of
the path specified in your configuration. Below is a set of tables which
describe the attributes available for various Path types.
Attributes common to all Path tags:
+----------+---------------------------------------------------+-----------------+
| Name | Description | Values |
+==========+===================================================+=================+
| name | Full path or regular expression matching the path | String or regex |
+----------+---------------------------------------------------+-----------------+
device
^^^^^^
+----------+---------------------+-------------------+
| Name | Description | Values |
+==========+=====================+===================+
| dev_type | Type of device | (block|char|fifo) |
+----------+---------------------+-------------------+
| owner | Device owner | String |
+----------+---------------------+-------------------+
| group | Device group | String |
+----------+---------------------+-------------------+
| major | Major number (block | integer |
| | or char devices) | |
+----------+---------------------+-------------------+
| minor | Minor number (block | integer |
| | or char devices) | |
+----------+---------------------+-------------------+
directory
^^^^^^^^^
+-------+------------------------------+------------+
| Name | Description | Values |
+=======+==============================+============+
| perms | Permissions of the directory | String |
+-------+------------------------------+------------+
| owner | Owner of the directory | String |
+-------+------------------------------+------------+
| group | Group Owner of the directory | String |
+-------+------------------------------+------------+
| prune | prune unspecified entries | true|false |
| | from the Directory | |
+-------+------------------------------+------------+
hardlink
^^^^^^^^
+------+----------------------+--------+
| Name | Description | Values |
+======+======================+========+
| to | File to link to | String |
+------+----------------------+--------+
nonexistent
^^^^^^^^^^^
+-----------+--------------------+-------------+
| Name | Description | Values |
+===========+====================+=============+
| type | Type of file | nonexistent |
+-----------+--------------------+-------------+
| recursive | Recursively remove | true |
| | directory contents | |
+-----------+--------------------+-------------+
permissions
^^^^^^^^^^^
+-------+--------------------------+--------+
| Name | Description | Values |
+=======+==========================+========+
| perms | Permissions of the file. | String |
+-------+--------------------------+--------+
| owner | Owner of the file. | String |
+-------+--------------------------+--------+
| group | Group of the file. | String |
+-------+--------------------------+--------+
symlink
^^^^^^^
+------+----------------------+--------+
| Name | Description | Values |
+======+======================+========+
| to | File to link to | String |
+------+----------------------+--------+
Rules Directory
===============
The Rules/ directory keeps the XML files that define what rules are
available for a host. All the files in the directory are processed.
The names of the XML files have no special meaning to Bcfg2; they
are simply named so it's easy for the administrator to know what the
contents hold. All Rules could be kept in a single file if so desired.
Bcfg2 simply uses the Groups in the files and priorities to determine
how to assign Rules to a host's literal configuration.
.. code-block:: xml
Using Regular Expressions in Rules
==================================
If you wish, you can configure the Rules plugin to support regular
expressions. This entails a small performance and memory usage
penalty. To do so, create a file, "Rules/rules.conf", and add the
following text::
[rules]
regex = yes
You will have to restart the Bcfg2 server after making that change.
With regular expressions enabled, you can use a regex in the ``name``
attribute to match multiple abstract configuration entries.
Regular expressions are anchored at both ends, so ```` will *not* match a Service named ``bcfg2-server``;
you'd have to explicitly specify ````.
Note that only one Rule can apply to any abstract entry, so you cannot
specify multiple regexs to match the same rule.