As we venture further down the AWS Cloud path, one thing becomes clear. To indeed Cloud at scale – you have to automate the hell out of everything you do. One critical piece of that automation is efficiently editing OS config files. We all have been there, it’s late, and you need to edit one last config file, so you pull out trusty sed and awk, then realize filtering isn’t working. Pull out your regex book (or Google regex cheat sheet, let’s be honest) because you found some weird edge case that your sed and awk kung-fu isn’t strong enough for. Thirty minutes later you’re still fighting the sixth edge case you’ve run into and just want to curl up and cry in the corner. This scenario happens so often; you could start to wonder if there is a better way to edit config files programmatically, well I’m happy to introduce you to Augeas.
Augeas takes a configuration file and transforms it into a tree that you can navigate, edit, and manipulate with relative ease. Let’s start with an easy example. Say you need to edit sshd_config by changing various variables, this can be done easily by issuing the following commands:
#Change PrintLastLog to no augtool set /files/etc/ssh/sshd_config/PrintLastLog no #Change PermitRootLogin to no augtool set /files/etc/ssh/sshd_config/PermitRootLogin no
How about trying to find the second alias in /etc/hosts and insert a new alias before it. This would be a trickier one to do in sed/awk:
#Find the first host entry, identify second alias and insert a new alias node before it. augtool insert alias before /files/etc/hosts/1/alias[2] #Populate that second alias you just created augtool set /files/etc/hosts/1/alias[2] digitalagexperts
This tells augtool to do the following:
- Got to the first hosts entry in /etc/hosts
- Find the second alias entry
- Insert a new alias branch to the tree, before the second alias
- Then find the new second alias in the branch (note we bumped the previous alias to third place in the tree)
- Set its value
Now say you want to find only the host ipaddr that had a specific alias and change its setting?
Let’s see how Augeas would deal with this scenario:
#Search through /etc/hosts for the ipaddrs associated with a specific alias augtool set /files/etc/hosts/*/ipaddr[../alias = 'test.digitalageexperts.com'] 172.17.0.1
This tells augtool to do the following:
- Search every ipaddr for entry in the /etc/hosts
- Filter ipaddr based on a specific alias
- Note the ../ notation is used to find all siblings of the current node
- Set the value of that ipaddr to 172.17.0.1
Another fun, yet tricky, example for sed/awk, go into /etc/services, find the last service name that is set to port 22 and change its comment text
augtool set /files/etc/services/service-name[./port = '22'][last()]/#comment “SSH is Sweet”
This tells augtool to do the following:
- Search /etc/services/service-name
- Find the port for that node
- Using the builtin function last() filter for the last entry that using port 22
- Find the #comment child for that node
- Set it to a new comment text
These examples show how quickly you can search, filter, and edit specific parts of configuration files you are interested in and then easily change them programmatically. I won’t argue these can’t be done with more classic methods, but the speed and accuracy provided by Augeas are worth being aware of and utilizing to help your automation tasks more efficient. Also, it doesn’t hurt that some of the big automation tools like Chef and Puppet have Augeas tie-ins.
If you want to learn more, I recommend going to: