I just tried something which seems to workaround the cyclic dependency issue:
- put the exec definition in the class that runs in the post stage.
- in site.pp put the default:
Firewall {
notify => Exec["persist-firewall"],
}
Thanks,
Mohamed.
On Fri, Mar 9, 2012 at 9:47 AM, Mohamed Lrhazi <lrh...@gmail.com> wrote:
> Hi Christian,
>
> I am running into this same issue... Did you resolve it?
>
> Thanks a lot,
> Mohamed.
>
> On Wed, Feb 15, 2012 at 3:36 PM, Christian McHugh
> <christian.mch...@gmail.com> wrote:
>> I've got slightly more info. In trying to figure this out I ran across
>> http://projects.puppetlabs.com/issues/10665 where it was suggested
>> that the persist-firewall bits (already shown in the previous message)
>> get placed into site.pp. This almost worked perfectly.
>>
>> I've placed the following inside a node definition.
>> class { "localfw::pre": stage => "pre" }
>> class { "localfw::post": stage => "post" }
>> include localfw
>>
>> If I keep localfw::post empty of firewall definitions, everything
>> works fine. However, once I place anything in there (such as an empty
>> test: firewall { "999 testing": ; } I get an error about cyclic
>> dependencies.
>>
>> # puppet agent -v --no-daemonize --onetime
>> info: Retrieving plugin
>> info: Loading facts in iptables
>> info: Loading facts in sshkeys
>> info: Loading facts in etc_facts
>> info: Loading facts in iptables
>> info: Loading facts in sshkeys
>> info: Loading facts in etc_facts
>> info: Caching catalog for testhost
>> err: Could not apply complete catalog: Found dependency cycles in the
>> following relationships: Firewall[999 drop all] => Exec[persist-
>> firewall], Exec[persist-firewall] => Firewall[999 drop all]; try using
>> the '--graph' option and open the '.dot' files in OmniGraffle or
>> GraphViz
>> notice: Finished catalog run in 0.65 seconds
>>
>> Is this a bug, or am I doing something wrong? In trying to figure that
>> out it looks like it may be related to puppet bug #5349? Any thoughts?
>>
>> The puppetlabs firewall module seems so close to being usable. Saving
>> the firewall to enable on boot is the last missing bit in my
>> checklist. Thanks much!
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
