Restore an old file version with Puppet Bucket

What happens if you deploy a wrong configuration with puppet to your servers? or if you want to try an old configuration in one of your servers?

It's not big deal if you use puppet because by default it does versioning of your modicated files, this could be used as backup if needed

The sintax to restore an old version of your file is

puppet filebucket restore -b /bucketdirectory /path/file MD5

By default on RHEL/CentOS/Fedora systems bucket directory is /var/lib/puppet/clientbucket

MD5 is the md5sum of your old file version, this hash we could find it on puppet logs


puppet filebucket restore -b /var/lib/puppet/clientbucket/ /etc/passwd 379aa0669894ff4150ec2dad28622216

A practical example:
Let's suppose we have a file /root/file-test.txt

[root@nodo ~]# cat /root/file-test.txt.txt
This is a rollback test

After execute puppet agent, it modifies our file:

[root@nodo ~]# puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for
Info: Applying configuration version ‘1416421872’
Notice: /Stage[main]/Basico/File[/root/file-test.txt]/content:
— /root/archivo-test.txt 2014-11-19 15:40:49.248857861 -0300
+++ /tmp/puppet-file20141119-7388-tkwcex-0 2014-11-19 15:41:04.858857840 -0300
@@ -1 +1 @@
-This is a rollback test
+This should not be here
Info: Computing checksum on file /root/file-test.txt.txt
Info: FileBucket got a duplicate file {md5}379aa0669894ff4150ec2dad28622216
Info: /Stage[main]/Basico/File[/root/file-test.txt]: Filebucketed /root/file-test.txt to puppet with sum 379aa0669894ff4150ec2dad28622216
Notice: /Stage[main]/Basico/File[/root/file-test.txt]/content: content changed ‘{md5}379aa0669894ff4150ec2dad28622216’ to ‘{md5}3de659e5dc355b14ec5cd0606b2baef8’
Notice: Finished catalog run in 0.79 seconds

After finished execution agent notified us that it change our file content, and it shows the old md5sum and the new one:
Notice:/Stage[main]/Basico/File[/root/archivo-test.txt]/content: content changed ‘{md5}379aa0669894ff4150ec2dad28622216’ to ‘{md5}3de659e5dc355b14ec5cd0606b2baef8’

Let's check file was modified:

[root@nodo ~]# cat /root/archivo-test.txt
This should not be here

Rollback to old file version:

[root@nodo ~]# puppet filebucket restore -b /var/lib/puppet/clientbucket/ /root/file-test.txt 379aa0669894ff4150ec2dad28622216

Finally we would check if we restore our file

[root@nodo ~]# cat /root/file-test.txt.txt
This is a rollback test

Puppet Bucket is a great tool to rollback your configurations or easy recover old file versions. This could save our heads if we make a mistake in a critical configuration file

