Problem statement: I have a Database server, and I have an arbitrary number of clients. I wish to collect the client IP addresses, and build out a set of firewall rules on the DB server to allow the client IPs to connect.
Bonus points if something can be purged out if it hasn't called home to puppet in 48 hours (or something similar) (technically, I need to do it both directions, since the DB is Cassandra, and the number of nodes can grow there too, and the clients need to be able to have firewall rules for each of those, but one problem at a time) Does puppet offer a canonical solution for this problem? In searching around, using Exported Resources with puppetdb seems like a good start, but there are numerous challenges with this approach: mostly in leveraging those IP addresses in an ERB (to drive the firewall rules). Other searching lead to the ConCat module, but that seems to only work within the context of a single client and doesn't seem to be queryable by other clients. Thanks for any insights; Jason -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAChvjRC-t90oYDZJyFztkRX2J9E3riC-Ns2%3DQjJuNucfV%2BDEtg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
