I use Netgroups (with LDAP as backend) to group my nodes. Netgroups is an old NIS thing, which works beautifully. You can group hosts, and each netgroup, can contain other netgroups, users or hosts.
This way, a host can be a member of several netgroups - and I use netgroup membership to determine something akin to "roles". Currently I have to use "IN" and netgroups.include in my templates. $netgroups - is a paramater my script adds (by way of external_nodes = /path/to/script). One thing I would very much like, is to hiera to support lookup, based on netgroups (which is an array). That is definetely the missing part in my puzzle. I use the same netgroups for many other things (such as access control - I have a central file (used by PAM) which defines which groups can access which netgroups). -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
