File: fqdn_rand.rb

package info (click to toggle)
puppet-agent 8.10.0-6
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 27,404 kB
  • sloc: ruby: 286,820; sh: 492; xml: 116; makefile: 88; cs: 68
file content (46 lines) | stat: -rw-r--r-- 2,220 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# frozen_string_literal: true

require 'digest/md5'
require 'digest/sha2'

Puppet::Parser::Functions.newfunction(:fqdn_rand, :arity => -2, :type => :rvalue, :doc =>
  "Usage: `fqdn_rand(MAX, [SEED], [DOWNCASE])`. MAX is required and must be a positive
  integer; SEED is optional and may be any number or string; DOWNCASE is optional
  and should be a boolean true or false.

  Generates a random Integer number greater than or equal to 0 and less than MAX,
  combining the `$fqdn` fact and the value of SEED for repeatable randomness.
  (That is, each node will get a different random number from this function, but
  a given node's result will be the same every time unless its hostname changes.) If
  DOWNCASE is true, then the `fqdn` fact will be downcased when computing the value
  so that the result is not sensitive to the case of the `fqdn` fact.

  This function is usually used for spacing out runs of resource-intensive cron
  tasks that run on many nodes, which could cause a thundering herd or degrade
  other services if they all fire at once. Adding a SEED can be useful when you
  have more than one such task and need several unrelated random numbers per
  node. (For example, `fqdn_rand(30)`, `fqdn_rand(30, 'expensive job 1')`, and
  `fqdn_rand(30, 'expensive job 2')` will produce totally different numbers.)") do |args|
  max = args.shift.to_i
  initial_seed = args.shift
  downcase = !!args.shift

  fqdn = self['facts'].dig('networking', 'fqdn')
  fqdn = fqdn.downcase if downcase

  # Puppet 5.4's fqdn_rand function produces a different value than earlier versions
  # for the same set of inputs.
  # This causes problems because the values are often written into service configuration files.
  # When they change, services get notified and restart.

  # Restoring previous fqdn_rand behavior of calculating its seed value using MD5
  # when running on a non-FIPS enabled platform and only using SHA256 on FIPS enabled
  # platforms.
  if Puppet::Util::Platform.fips_enabled?
    seed = Digest::SHA256.hexdigest([fqdn, max, initial_seed].join(':')).hex
  else
    seed = Digest::MD5.hexdigest([fqdn, max, initial_seed].join(':')).hex
  end

  Puppet::Util.deterministic_rand_int(seed, max)
end