Hi John:
Thanks for your comments and instruction. More inline...
On Fri, Aug 17, 2012 at 02:36:13PM -0700, jcbollinger wrote:
> > # cat common.yaml
> > ---
> > searchdomain : 'example.com'
> > ssh_auth : ldap
> > servers :
> > server-a :
> > sshd_auth: "local"
> > ClientAliveInterval: "nil"
> > ClientAliveCountMax: "nil"
> > server-b :
> > sshd_auth: "local"
> > ClientAliveInterval: "nil"
> > ClientAliveCountMax: "nil"
> > server-c :
> > sshd_auth: "ldap"
> > ClientAliveInterval: "nil"
> > ClientAliveCountMax: "nil"
> > server-d :
> > sshd_auth: "ldap"
> > ClientAliveInterval: "10"
> > ClientAliveCountMax: "3"
> >
> >
> [...]
>
>
> >
> > # cat Inuit.pp
> > class user {
> > $sshd_hash = hiera(servers)
> > create_resources('sshd_lookup', $sshd_hash)
> >
>
> In answer to your first question, about declaring only an sshd_lookup
> resource for server-a, you apparently have a key misunderstanding about
> create_resources(). That function creates one resource of the specified
> type for *each* top-level key in the provided hash. The keys are used as
> the resource titles, and the values are hashes of parameter key/value pairs
> for the corresponding resource instance.
>
> If you only want an sshd_lookup resource for server-a, then either you must
> feed it a hash containing only an entry for server-a, or else you must
> declare the sshd_lookup in the conventional way. For example, instead of
> the create_resources() call above, use:
>
> $server_a_params = $sshd_hash['server-a']
> sshd_lookup { 'server-a':
> sshd_auth => $server_a_params['sshd_auth'],
> ClientAliveInterval => $server_a_params['ClientAliveInterval'],
> ClientAliveCountMax => $server_a_params['ClientAliveCountMax']
> }
I would like to use a hash in conventional way, however, I can't get
that data from a YAML file with puppet DSL, so I understand. Should
I try go down the road of using ruby DSL and a init.rb for my
manifest, so I can lookup $hostname from client node directly from
the YAML? The goal is to get all configuration data from one YAML
file or database, abstracting the modules/manifest code.
>
> Alternatively, you could construct a single-entry hash of hashes of the
> correct form for create_resources(); I leave that as an exercise.
I did get a single YAML hash of hashes to work using hiera and
create_resources, where the common.yaml file took over if a $name.yaml
(or $hostname.yaml) file didn't exist. That is not my requirement,
unfortunately. I want to stuff all my server host information into
the hash of hashes inside the YAML file, with the $hostname being
the key.
>
>
> >
> > }
> >
> > define sshd_lookup ( $sshd_auth, $ClientAliveInterval,
> > $ClientAliveCountMax,
> > $server_role, $location ) {
> >
> > $data = hiera_hash('servers')
> > $sshd_type = $data[$hostname]['sshd_auth']
> >
>
> There, you are looking up an entry in the hash by the $hostname of the
> client for which you are compiling the catalog. For any given node, that
> will result in the same piece of data for every sshd_lookup instance.
>
> If you want the value appropriate for the current resource instance then
> you can either add $sshd_type to the parameter list (since you are
> otherwise just re-reading the same data that you passed to
> create_resources()), or else use $name or $title (they are equivalent in
> this context) to look up the desired entry in the outer hash. ($name and
> $title in a type definition refer to the title of the resource instance).
Can you please illustrate looking up the desired entry in the outer
hash? I have tried many ways and failed in all of them. This is
probably the best way to do it. It's data is derived from hiera
and create_resource?
Though inefficient and maybe not scalable depending on how big the
hash becomes, I tried a conditional based on $name given the results
of all the keys returned from create_resources and it works as I
want it to:
class user {
$sshd_hash = hiera(servers)
create_resources('sshd_lookup', $sshd_hash)
}
define sshd_lookup ( $sshd_auth, $ClientAliveInterval, $ClientAliveCountMax,
$server_role, $location ) {
$data = hiera_hash('servers')
$sshd_type = $data[$name]['sshd_auth']
if $hostname == $name {
notice "my name is $name"
notice ("setting name: $name" )
notice ("setting hostname: $hostname" )
notice ("setting sshd_type: $sshd_type" )
# add machine logic
#if ($sshd_type = ldap) {
# include ldap
#}
#if ${clientaliverinterval} != nil {
#augeas { "clientinterval_modify":
#context => "/files/etc/ssh/sshd_config",
#changes => "set
ClientAliveInterval=${clientaliverinterval}";
#}
}
}
Aug 20 12:19:47 puppet puppet-master[67407]: (Scope(Sshd_lookup[server-a])) my
name is server-a
Aug 20 12:19:47 puppet puppet-master[67407]: (Scope(Sshd_lookup[server-a]))
setting name: server-a
Aug 20 12:19:47 puppet puppet-master[67407]: (Scope(Sshd_lookup[server-a]))
setting hostname: server-a
Aug 20 12:19:47 puppet puppet-master[67407]: (Scope(Sshd_lookup[server-a]))
setting sshd_type: local
Many Thanks,
-dkw
>
>
>
> >
> > notice ("setting sshd_type: $sshd_type" )
> >
> > }
> >
> >
> Does that help?
>
>
> John
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/5Iak2tlXMq8J.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
