Re: [Puppet Users] Using regex to match hostnames in hiera

Fri, 26 Oct 2012 04:26:44 -0700 

On Thu, 2012-10-25 at 20:45 -0700, Edwin Starkey wrote:
> Hi, I'm having a problem with extlookup not respecting the 'certname'
> parameter[1].  When executing a puppet run with either the --certname
> or --fqdn parameters, it ends up using the specified SSL certificate
> and gets the correct node definition applied from the puppetmaster.
> However, it still retrieves extlookup data using the node's actual
> FQDN, not the one manually specified using the parameter.

> As an example, here is my existing extlookup configuration from
> site.pp:
> 
> $hostgroup = regsubst($hostname, '-*\d+$', '')
> $extlookup_datadir = 
> "/etc/puppet/environments/${environment}/manifests/extdata"
> $extlookup_precedence = [ 'hostnames/%{fqdn}', 'hostgroups/%{hostgroup}', 
> 'common' ]

The certname value is exposed in the puppet manifests in the $clientcert
variable. Something like the following might work:

$hostgroup = regsubst($clientcert, '-*\d+$', '')
$extlookup_datadir = "/etc/puppet/environments/${environment}/manifests/extdata"
$extlookup_precedence = [ 'hostnames/%{clientcert}', 'hostgroups/%{hostgroup}', 
'common' ]

> This layout is quite beautiful, as it has three possible matching
> scenarios.
> 
> 1. A CSV file for a specific hostname exists.  Example:
> hostnames/web1.mydomain.com.csv applies to a single host -
> web1.mydomain.com.
> 2. A CSV file for a regular expression based on hostname exists.
> Example: hostgroups/web.csv applies to all hosts whose hostname begins
> with 'web' - web1.mydomain.com or web999.mydomain.com.
> 3. No matches are found, so default values from common.csv are used.
> 
> I'd like to replicate this behavior using hiera.  Is it possible?

Absolutely. Hiera lookups can be done using arbitrary variables defined
in your puppet manifests. Something like the following should be
sufficient:

in site.pp toplevel:
$hostgroup = regsubst($clientcert, '-*\d+$', '')

in hiera.yaml:
:yaml:
  :datadir: /etc/puppet/environments/${environment}/manifests/hiera
:hierarchy:
  - hostnames/%{clientcert}
  - hostgroups/%{hostgroup}
  - common

Then you can use puppet3's automatic class parameter lookup, or call the
hiera() functions anywhere in your manifest.

-- 
Calvin Walton <[email protected]>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to