Do any of you good people have a moment to help me out with my basic Puppet language skills, I''m a little new around here and getting an error I don''t yet understand. I have an RHEL4 Puppetmaster happily controlling the permissions of /etc/sudoers on an RHEL5 and SolarisX86 client. My actual environment consists of several systems in several locations. All systems need the same amount of configuration but much of the configuration information is location specific, (DNS servers, LDAP, etc, etc). I would like to separate the classes that perform the configuration from the config files that contain the data as they will be administered by different groups of people. The client systems know where they are, (/etc/location contains the location code which in this test case is "home"). I have created a custom fact, (code below), to read this file and some very simple manifests, but I am getting the following error on the clients "Could not retrieve configuration: Cannot reassign variable perms at /etc/puppet/manifests/location/work.pp:2" Could someone put me on the right road. # /etc/puppet/manifests/site.pp import "location/*.pp" include $location file { "/etc/sudoers": owner => root, group => root, mode => $perms } # /etc/puppet/manifests/location/home.pp $perms = 666 # /etc/puppet/manifests/location/work.pp $perms = 644 #/var/lib/puppet/facts/location.rb Facter.add("location") do setcode do %x{cat /etc/location}.chomp end end Rgds Scott
On Mar 26, 2007, at 2:09 PM, Scott White wrote:> > Do any of you good people have a moment to help me out with my basic > Puppet language skills, I''m a little new around here and getting an > error > I don''t yet understand. > > I have an RHEL4 Puppetmaster happily controlling the permissions of > /etc/sudoers on an RHEL5 and SolarisX86 client. > > My actual environment consists of several systems in several > locations. > All systems need the same amount of configuration but much of the > configuration information is location specific, (DNS servers, LDAP, > etc, > etc). I would like to separate the classes that perform the > configuration from the config files that contain the data as they > will be > administered by different groups of people.Okay, that should be pretty easy.> The client systems know where they are, (/etc/location contains the > location code which in this test case is "home"). I have created a > custom > fact, (code below), to read this file and some very simple > manifests, but > I am getting the following error on the clientsHow does this file get populated? If you do it manually, it might be a bit easier to create a server-side function to produce this information, rather than creating the file on each client and then having the client send the information back up. I know a client of mine has almost the same problem, and they''ve created a server-side function that returns the correct location keyed off of IP address.> "Could not retrieve configuration: Cannot reassign variable perms at > /etc/puppet/manifests/location/work.pp:2" > > > Could someone put me on the right road. > > # /etc/puppet/manifests/site.pp > import "location/*.pp" > include $location > file { "/etc/sudoers": > owner => root, group => root, mode => $perms > } > > # /etc/puppet/manifests/location/home.pp > $perms = 666 > > # /etc/puppet/manifests/location/work.pp > $perms = 644Yeah, Puppet won''t allow you to reassign a variable in the same scope, because it doesn''t know which one to use. This would work if you only conditionally imported the correct location file based on the location, but that''s not the best way to do it. You should instead do something like this: # site.pp file { "/etc/sudoers": ..., mode => $location ? { home => 666, work => 644 } } This makes it easy to vary the mode by location.> #/var/lib/puppet/facts/location.rb > > Facter.add("location") do > setcode do > %x{cat /etc/location}.chomp > end > endThis looks fine. See https://reductivelabs.com/trac/puppet/wiki/ WritingYourOwnFunctions if you want to look at writing your own function instead of using this file. If other apps use the file, then you could trivially create the file with the right content: file { "/etc/location": content => "$location\n" } Just have the following code (once the function is in place) in your site manifest: $location = location() You''ll probably want to pass in the hostname or IP address or something. -- The one thing more difficult than following a regimen is not imposing it on others. -- Marcel Proust --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
Thanks for the quick reply Luke, I''m sorry if my reply is a little noddy> How does this file get populated?I can query a web service with an IP address and it returns a location, (based on information gathered from the switches).> You should > instead do something like this: > > # site.pp > file { "/etc/sudoers": ..., mode => $location ? { home => 666, > work => 644 } } > > This makes it easy to vary the mode by location.Unless I misunderstand, this doesn''t separate the config from the method or allow a config file per location, (I realize I''m being greedy now), most of the methods will be more complex than file. I could build these manifests dynamically from config files, but I am exploring just using puppet first.> Just have the following code (once the function is in place) in yoursite manifest:> > $location = location() > > You''ll probably want to pass in the hostname or IP address or > something.Good plan, I had sort of forgotten that the Puppetmaster knows the IP address of the client when it compiles the manifest. Scott
On Mar 26, 2007, at 3:26 PM, Scott White wrote:> > I can query a web service with an IP address and it returns a > location, (based on information gathered from the switches).Great; that should be plenty-easy to do with a server-side function.>> You should >> instead do something like this: >> >> # site.pp >> file { "/etc/sudoers": ..., mode => $location ? { home => 666, >> work => 644 } } >> >> This makes it easy to vary the mode by location. > > Unless I misunderstand, this doesn''t separate the config from the > method > or allow a config file per location, (I realize I''m being greedy > now), > most of the methods will be more complex than file. I could build > these > manifests dynamically from config files, but I am exploring just using > puppet first.You''re correct; I was just using your simplistic example. Varying the file isn''t any more complicated, though: file { "/etc/sudoers: source => $location ? { home => "...", work => "..." } -- The Washington Bullets are changing their name. The owners no longer want their team''s name to be associated with crime. So from now on the team will be known as The Bullets. -- Paul Harvey, quoting Argus Hamilton --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
Maybe Matching Threads
- Stuck with puppet
- problem with restart a service when a file changes
- (New To Puppet)Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class sudo for pupclient on node pupclient
- Ruby script to download files without 'puppet agent'
- useradd question