I am using puppet 2.6.11 and want to pass parameter for implementing
sudo for mulitple users. So here is my simple code, which I would like
to pass to hiera to specify user name lookup. Appreciate any help,
thanks in advance.
class sudo( $name) {
#Class:: sudo
#
#
package { "sudo": ensure => present, }
file { "/etc/sudoers":
    owner   => root,
    group   => root,
    mode    => 440,
    source  => "puppet:///modules/sudo/sudoers.$name",
  }
}   # Class:: sudo
Hiera FIle for node :
hostname01.yaml
============
---
config:  - XXXX
server:  - hostname01p
node_classes: - sudo(''webapp'')
I get this error message when trying to apply on node:
puppet agent -tv --noop
err: Could not retrieve catalog from remote server: Error 400 on
SERVER: Invalid tag "sudo(''webapp'')" at
/etc/puppet/manifests/site.pp:
19 on node
cat /etc/puppet/manifests/site.pp ( portion of file )
==================================
node default {
   hiera_include( "node_classes" )       # Maintained in hostgroups/
<hostgroup>/<site>/<hostname>.yaml
}
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
On Mon, Feb 6, 2012 at 2:23 PM, Gmoney <greg.caldwell7@gmail.com> wrote:> I am using puppet 2.6.11 and want to pass parameter for implementing > sudo for mulitple users. So here is my simple code, which I would like > to pass to hiera to specify user name lookup. Appreciate any help, > thanks in advance. > > class sudo( $name) { > #Class:: sudo > # > # > > package { "sudo": ensure => present, } > > file { "/etc/sudoers": > owner => root, > group => root, > mode => 440, > source => "puppet:///modules/sudo/sudoers.$name", > } > > } # Class:: sudo > > Hiera FIle for node : > > hostname01.yaml > ============> > --- > config: - XXXX > server: - hostname01p > node_classes: - sudo(''webapp'') > > I get this error message when trying to apply on node: > > puppet agent -tv --noop > err: Could not retrieve catalog from remote server: Error 400 on > SERVER: Invalid tag "sudo(''webapp'')" at /etc/puppet/manifests/site.pp: > 19 on node > > cat /etc/puppet/manifests/site.pp ( portion of file ) > ==================================> > > node default { > > hiera_include( "node_classes" ) # Maintained in hostgroups/ > <hostgroup>/<site>/<hostname>.yaml > } > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >Hey Greg, The include() function cannot take parameters, so you can''t pass parameters this way. In order to declare a class WITH parameters, you''ll need to pick one of a couple of ways: 1. Default the parameters to hiera lookups: Say you have a class like this: class sudo ( $webapp = $sudo::params::webapp ) { <puppet code> } In your params class you would do something like this: class sudo::params { $webapp = hiera(''webapp'', ''default value here'') } All of the params would be defaulted to a value that came out of Hiera. In this case, there would be a Hiera lookup for a parameter called ''webapp'' and, if it didn''t find it, it would use the default value of ''default value here''. You could just do a hiera_include(''classes'') given that you have something like this in your Hiera YAML lookup: --- classes: - sudo # Note that this is the way to specify an array in YAML. Your array could be all of the class declarations you would want to make. No parameters would need be passed - they would be defaulted to a hiera lookup. You would need to make sure there are values for all your hiera parameter lookups, though. 2. Pass the class declaration, parameters and all, using create_resources() We have a function called create_resources() that''s built into 2.7 but can be added to 2.6 with the following module: https://github.com/puppetlabs/puppetlabs-create_resources You could do something like this in your Hiera yaml files: --- param_classes: sudo: webapp : ''value'' param : ''value'' In your site.pp you would do something like this: $param_classes = hiera_hash(''param_classes'') create_resources(''class'', $param_classes) This would declare ALL class declarations found in the param_classes lookup done by Hiera. Hope this helps! -- Gary Larizza Professional Services Engineer Puppet Labs -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Feb 6, 4:23 pm, Gmoney <greg.caldwe...@gmail.com> wrote:> I am using puppet 2.6.11 and want to pass parameter for implementing > sudo for mulitple users. So here is my simple code, which I would like > to pass to hiera to specify user name lookup. Appreciate any help, > thanks in advance. > > class sudo( $name) { > #Class:: sudo > # > # > > package { "sudo": ensure => present, } > > file { "/etc/sudoers": > owner => root, > group => root, > mode => 440, > source => "puppet:///modules/sudo/sudoers.$name", > } > > } # Class:: sudo > > Hiera FIle for node : > > hostname01.yaml > ============> > --- > config: - XXXX > server: - hostname01p > node_classes: - sudo(''webapp'') > > I get this error message when trying to apply on node: > > puppet agent -tv --noop > err: Could not retrieve catalog from remote server: Error 400 on > SERVER: Invalid tag "sudo(''webapp'')" at /etc/puppet/manifests/site.pp: > 19 on node > > cat /etc/puppet/manifests/site.pp ( portion of file ) > ==================================> > node default { > > hiera_include( "node_classes" ) # Maintained in hostgroups/ > <hostgroup>/<site>/<hostname>.yaml > > }One of the strong points of using external data is the ability to *avoid* using parameterized classes, which is a Good Thing to do. External data solve all the same technical problems that class parameters do, without incurring the costs that attend parameterizing a class (such as the one you encountered). Gary suggested one way to sidestep the particular parameterization pitfall that tripped you up, but it woul be better to instead remove the $name parameter from class sudo altogether. Instead, just have that class look up the appropriate name via hiera. That leaves you with *two* hiera lookups in your case: 1) The node looks up which classes to include 2) Class ''sudo'' looks up the name(s) to use There is then no need to create a new *params class, it works for any sudo name (as does Gary''s), and there is no problem with the sudo class being included again from some other point, whether directly or via hiera_include. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Tue, Feb 7, 2012 at 6:19 AM, jcbollinger <John.Bollinger@stjude.org> wrote:> > > On Feb 6, 4:23 pm, Gmoney <greg.caldwe...@gmail.com> wrote: >> I am using puppet 2.6.11 and want to pass parameter for implementing >> sudo for mulitple users. So here is my simple code, which I would like >> to pass to hiera to specify user name lookup. Appreciate any help, >> thanks in advance. >> >> class sudo( $name) { >> #Class:: sudo >> # >> # >> >> package { "sudo": ensure => present, } >> >> file { "/etc/sudoers": >> owner => root, >> group => root, >> mode => 440, >> source => "puppet:///modules/sudo/sudoers.$name", >> } >> >> } # Class:: sudo >> >> Hiera FIle for node : >> >> hostname01.yaml >> ============>> >> --- >> config: - XXXX >> server: - hostname01p >> node_classes: - sudo(''webapp'') >> >> I get this error message when trying to apply on node: >> >> puppet agent -tv --noop >> err: Could not retrieve catalog from remote server: Error 400 on >> SERVER: Invalid tag "sudo(''webapp'')" at /etc/puppet/manifests/site.pp: >> 19 on node >> >> cat /etc/puppet/manifests/site.pp ( portion of file ) >> ==================================>> >> node default { >> >> hiera_include( "node_classes" ) # Maintained in hostgroups/ >> <hostgroup>/<site>/<hostname>.yaml >> >> } > > > One of the strong points of using external data is the ability to > *avoid* using parameterized classes, which is a Good Thing to do. > External data solve all the same technical problems that class > parameters do, without incurring the costs that attend parameterizing > a class (such as the one you encountered).I agree with some of the limitations of parametrized class that doesn''t support default value. But in this case I''d argue the opposite. Using hiera allows the usage of parametrized class, gives a clean interface to the class, allows the usage of include class, and eliminates hideous variable validation and the necessity of real_param (if you want to provide defaults within the puppet manifests and not completely depend on external data lookup for default value). For example: class mysql { ... if !$password ( fail(''must have password'') } if !$server { real_server = ''localhost'', } else real_server = $server, } ... } class mysql( $password = hiera(''mysql_password''), $server = hiera(''mysql_server'', ''localhost'') ) { ... } Both examples above would work with include mysql, and I think the second one is much cleaner. If you adapt hiera, I recommend the using parametrized class with all parameter values lookup performed via hiera. Rather than shunning parametrized class, I think hiera gives you a great way to leverage it without the downsides. Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Seemingly Similar Threads
- Using regex to match hostnames in hiera
- Really need some help:: Weird Issue with external data look up in puppet 2.6.11
- module can't find other modules
- puppet could'nt find hiera even when hiera gem is installed
- gem packages installed directory on puppetmaster