search

voxpupuli / puppet-kmod

manage kernel module with puppet
Apache License 2.0
17 stars 63 forks source link

kmod::load should not only check /proc/modules #56

Closed foxxx0 closed 3 years ago

foxxx0 commented 4 years ago

Hi,

we've recently deployed a certain set of generic modules to be always loaded using kmod::load. Due to the very heterogenous infrastructure we have unfortunately stumbled upon some issues.

Example with Ubuntu 16.04:

notice  /Stage[main]/.../Kmod::Load[fuse]/Exec[modprobe fuse]/returns      executed successfully (corrective)
notice  /Stage[main]/.../Kmod::Load[virtio]/Exec[modprobe virtio]/returns  executed successfully (corrective)
notice  /Stage[main]/.../Kmod::Load[tun]/Exec[modprobe tun]/returns        executed successfully (corrective)
notice  /Stage[main]/.../Kmod::Load[loop]/Exec[modprobe loop]/returns      executed successfully (corrective)

These modules are directly built into the kernel, which can be verified by e.g.:

# grep CONFIG_FUSE_FS /boot/config*
/boot/config-4.15.0-43-generic:CONFIG_FUSE_FS=y
/boot/config-4.15.0-65-generic:CONFIG_FUSE_FS=y
/boot/config-4.15.0-72-generic:CONFIG_FUSE_FS=y
/boot/config-4.4.0-170-generic:CONFIG_FUSE_FS=y

and thus will not show up in /proc/modules:

# grep -ic fuse /proc/modules
0

These false-positive notices are messy and should be avoided.

Unfortunately consulting /boot/config-$(uname -r) is not straight forward, as the desired kernel module specified for kmod::load needs to be translated/looked-up to its corresponding kernel CONFIG_??? setting.

It would be great if you could take a look at this and come up with a fix.

raphink commented 4 years ago

Hi,

Short solution would be to check for the OS in your Puppet code and avoid declaring the resources you know will not converge.

Longer option would be to port kmod::load to a proper Ruby type and provider using Augeasproviders and a way to detect dynamic modules as described by you. That's quite a bit of work though, but you can contact me on my email address if you'd be interested in financing such a development.

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.