Hi all,
I''m running the following versions of Puppet and Hiera:
[root@centosa manifests]# puppet agent --version
3.3.2
[root@centosa manifests]# hiera --version
1.3.0
I have defined my hiera.yaml as follows:
[root@centosa hieradata]# cat /etc/puppet/hiera.yaml
---
:backends:
- yaml
:yaml:
:datadir: /etc/puppet/hieradata
:hierarchy:
- %{::clientcert}
- %{::operatingsystem}
- common
And I have my various yaml files in the datadir directory:
[root@centosa hieradata]# ls
centosa.local.yaml common.yaml Solaris.yaml
[root@centosa hieradata]# cat centosa.local.yaml
---
security::tcpwrappers::hostsallow:
"puppet:///modules/security/etc/hosts.allow-centosa.local"
security::tcpwrappers::hostsdeny:
"puppet:///modules/security/etc/hosts.deny-centosa.local"
[root@centosa hieradata]# cat common.yaml
---
security::tcpwrappers::hostsallow:
"puppet:///modules/security/etc/hosts.allow-common"
security::tcpwrappers::hostsdeny:
"puppet:///modules/security/etc/hosts.deny-common"
[root@centosa hieradata]# cat Solaris.yaml
---
security::tcpwrappers::hostsallow:
"puppet:///modules/security/etc/hosts.allow-solaris"
security::tcpwrappers::hostsdeny:
"puppet:///modules/security/etc/hosts.deny-solaris"
In my /etc/puppet/modules/security/manifests/tcpwrappers.pp I''m trying
to
reference the variable:
[root@centosa manifests]# cat tcpwrappers.pp
class security::tcpwrappers {
file { "/etc/hosts.allow" :
owner => ''root'',
group => ''root'',
mode => ''0644'',
source => $hostsallow
}
file { "/etc/hosts.deny" :
owner => ''root'',
group => ''root'',
mode => ''0644'',
source => $hostsdeny
}
}
However, the variable is empty (as can be evidenced by having a fail(
"$hostsalllow" ) and checking the output on an agent run.
I''ve a similar set up on another server, and it seems to be working
fine,
and I can''t fathom what''s different here.
Any help would be appreciated.
Cheers,
Toki
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/903158ea-c59a-4116-b0dc-0cb4dfd59e7d%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Is your clientcert == ''centosa'', or is it ''centosa.example.com''? And have you tested it on the command line: hiera security::tcpwrappers::hostsallow operatingsystem=CentOS On Friday, December 13, 2013 11:17:44 PM UTC-6, Toki Winter wrote:> > Hi all, > > I''m running the following versions of Puppet and Hiera: > > [root@centosa manifests]# puppet agent --version > 3.3.2 > [root@centosa manifests]# hiera --version > 1.3.0 > > I have defined my hiera.yaml as follows: > > [root@centosa hieradata]# cat /etc/puppet/hiera.yaml > --- > :backends: > - yaml > :yaml: > :datadir: /etc/puppet/hieradata > :hierarchy: > - %{::clientcert} > - %{::operatingsystem} > - common > > And I have my various yaml files in the datadir directory: > > [root@centosa hieradata]# ls > centosa.local.yaml common.yaml Solaris.yaml > [root@centosa hieradata]# cat centosa.local.yaml > --- > security::tcpwrappers::hostsallow: > "puppet:///modules/security/etc/hosts.allow-centosa.local" > security::tcpwrappers::hostsdeny: > "puppet:///modules/security/etc/hosts.deny-centosa.local" > [root@centosa hieradata]# cat common.yaml > --- > security::tcpwrappers::hostsallow: > "puppet:///modules/security/etc/hosts.allow-common" > security::tcpwrappers::hostsdeny: > "puppet:///modules/security/etc/hosts.deny-common" > [root@centosa hieradata]# cat Solaris.yaml > --- > security::tcpwrappers::hostsallow: > "puppet:///modules/security/etc/hosts.allow-solaris" > security::tcpwrappers::hostsdeny: > "puppet:///modules/security/etc/hosts.deny-solaris" > > In my /etc/puppet/modules/security/manifests/tcpwrappers.pp I''m trying to > reference the variable: > > [root@centosa manifests]# cat tcpwrappers.pp > class security::tcpwrappers { > file { "/etc/hosts.allow" : > owner => ''root'', > group => ''root'', > mode => ''0644'', > source => $hostsallow > } > file { "/etc/hosts.deny" : > owner => ''root'', > group => ''root'', > mode => ''0644'', > source => $hostsdeny > } > } > > However, the variable is empty (as can be evidenced by having a fail( > "$hostsalllow" ) and checking the output on an agent run. > > I''ve a similar set up on another server, and it seems to be working fine, > and I can''t fathom what''s different here. > > Any help would be appreciated. > > Cheers, > Toki >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/ef4ced62-82ab-4100-88c2-40126f64211e%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
On Friday, December 13, 2013 11:17:44 PM UTC-6, Toki Winter wrote:> > Hi all, > > I''m running the following versions of Puppet and Hiera: > > [root@centosa manifests]# puppet agent --version > 3.3.2 > [root@centosa manifests]# hiera --version > 1.3.0 > > I have defined my hiera.yaml as follows: > > [root@centosa hieradata]# cat /etc/puppet/hiera.yaml > --- > :backends: > - yaml > :yaml: > :datadir: /etc/puppet/hieradata > :hierarchy: > - %{::clientcert} > - %{::operatingsystem} > - common > > And I have my various yaml files in the datadir directory: > > [root@centosa hieradata]# ls > centosa.local.yaml common.yaml Solaris.yaml > [root@centosa hieradata]# cat centosa.local.yaml > --- > security::tcpwrappers::hostsallow: > "puppet:///modules/security/etc/hosts.allow-centosa.local" > security::tcpwrappers::hostsdeny: > "puppet:///modules/security/etc/hosts.deny-centosa.local" > [root@centosa hieradata]# cat common.yaml > --- > security::tcpwrappers::hostsallow: > "puppet:///modules/security/etc/hosts.allow-common" > security::tcpwrappers::hostsdeny: > "puppet:///modules/security/etc/hosts.deny-common" > [root@centosa hieradata]# cat Solaris.yaml > --- > security::tcpwrappers::hostsallow: > "puppet:///modules/security/etc/hosts.allow-solaris" > security::tcpwrappers::hostsdeny: > "puppet:///modules/security/etc/hosts.deny-solaris" > > In my /etc/puppet/modules/security/manifests/tcpwrappers.pp I''m trying to > reference the variable: > > [root@centosa manifests]# cat tcpwrappers.pp > class security::tcpwrappers { > file { "/etc/hosts.allow" : > owner => ''root'', > group => ''root'', > mode => ''0644'', > source => $hostsallow > } > file { "/etc/hosts.deny" : > owner => ''root'', > group => ''root'', > mode => ''0644'', > source => $hostsdeny > } > } > > However, the variable is empty (as can be evidenced by having a fail( > "$hostsalllow" ) and checking the output on an agent run. > > I''ve a similar set up on another server, and it seems to be working fine, > and I can''t fathom what''s different here. > > Any help would be appreciated. > >Automatic data binding applies to class *parameters*, not generally to all class variables. You have two good alternatives: 1. Add explicit lookups to your class: $hostsallow = hiera(''security::tcpwrappers::hostsallow'') Note that in this case the key can be anything you like; it does not have to start with the class name, though there are advantages to that. Alternatively, 2. You can make $hostsallow and $hostsdeny parameters of your class: class security::tcpwrappers( $hostsallow, $hostsdeny) { # ... } John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d0ae790a-7717-45ca-a999-9f1b98ff7994%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.