Hiera vs OpenLDAP
173 views
Skip to first unread message
Steven Jonthen
Oct 30, 2013, 12:53:29 AM10/30/13
to puppet...@googlegroups.com
Hi guys,
I want to use Hiera with a OpenLDAP-Backend. The OpenLDAP-Backend should contain class parameters. When a agent connects to the puppet master then hiera should extract from the OpenLDAP-Backend which roles and which class-parameters the node has. I've found any useful example in the internet, how to integrate OpenLDAP into Puppet and howto create and use the data.
Can anyone help me?
I want to use Hiera with a OpenLDAP-Backend. The OpenLDAP-Backend should contain class parameters. When a agent connects to the puppet master then hiera should extract from the OpenLDAP-Backend which roles and which class-parameters the node has. I've found any useful example in the internet, how to integrate OpenLDAP into Puppet and howto create and use the data.
Can anyone help me?
Luke Bigum
Oct 30, 2013, 5:43:11 AM10/30/13
to puppet...@googlegroups.com
This one perhaps?
https://github.com/hunner/hiera-ldap
The example is for Users, doesn'tlook difficult to adapt the search to get a list of servers. How you model the classes and class parameters in LDAP might be trickier. Maybe your LDAP structure would look something like this (which doesn't require much schema):
The example is for Users, doesn'tlook difficult to adapt the search to get a list of servers. How you model the classes and class parameters in LDAP might be trickier. Maybe your LDAP structure would look something like this (which doesn't require much schema):
cn=nodename,ou=nodes,dc=example,dc=com
cn=classname,cn=nodename,ou=nodes,dc=example,dc=com
cn=classparameter1,cn=classname,cn=nodename,ou=nodes,dc=example,dc=com
value=woof
Johan De Wit
Oct 30, 2013, 6:48:11 AM10/30/13
to puppet...@googlegroups.com
Are you using ldap as your ENC ?
If so, all settings defined in the puppet ldap schema are available as global vars in your manifest.
Unfortunately, class parameters are not supported (at the moment), so maybe the ldap part in the puppet code could be extended to support that.
I heard more people looking for that functionality in the ldap ENC code.
You could indeed write your own hiera ldap backend, but I have some doubts about the speed.
Here is another example of an ldap backend : http://forge.ircam.fr/p/hiera-ldap-backend/
Â
It is one of the things i'm also looking into, but i have to install ldap with puppet first, and that needs some more code to write, to support the dynamic ldap config in our puppet ldap module.
Gts
Jo
If so, all settings defined in the puppet ldap schema are available as global vars in your manifest.
Unfortunately, class parameters are not supported (at the moment), so maybe the ldap part in the puppet code could be extended to support that.
I heard more people looking for that functionality in the ldap ENC code.
You could indeed write your own hiera ldap backend, but I have some doubts about the speed.
Here is another example of an ldap backend : http://forge.ircam.fr/p/hiera-ldap-backend/
Â
It is one of the things i'm also looking into, but i have to install ldap with puppet first, and that needs some more code to write, to support the dynamic ldap config in our puppet ldap module.
Gts
Jo
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1497c323-e6bb-46f8-ae26-5b785e89b6e4%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
-- Johan De Wit Open Source Consultant Red Hat Certified Engineer (805008667232363) Puppet Certified Professional 2013 (PCP0000006) _________________________________________________________ Open-Future Phone +32 (0)2/255 70 70 Zavelstraat 72 Fax +32 (0)2/255 70 71 3071 KORTENBERG Mobile +32 (0)474/42 40 73 BELGIUM http://www.open-future.be _________________________________________________________
Upcoming Events:
Puppet Advanced Training | https://www.open-future.be/puppet-advanced-training-12-till-14th-november
Zabbix Certified Training | https://www.open-future.be/zabbix-certified-training-18-till-20th-november
Zabbix Large Environments Training | https://www.open-future.be/zabbix-large-environments-training-21-till-22nd-november
Puppet Fundamentals Training | https://www.open-future.be/puppet-fundamentals-training-10-till-12th-december
Subscribe to our newsletter: http://eepurl.com/BUG8H
Steven Jonthen
Oct 30, 2013, 2:51:08 PM10/30/13
to puppet...@googlegroups.com
Hi guys,
First of all thank you for your hints. I would have suggestion:
What if we'd use Hiera with a LDAP-Backend. Hiera would automatically look up the class-variables in LDAP, wouldn't it?
First of all thank you for your hints. I would have suggestion:
What if we'd use Hiera with a LDAP-Backend. Hiera would automatically look up the class-variables in LDAP, wouldn't it?
Johan De Wit
Oct 31, 2013, 9:54:48 AM10/31/13
to puppet...@googlegroups.com
Hi,
Yes it would. Could als be the quickest solution in the short term.
Are you using ldap as ENC also ? (because we do). Then maybe adding
class parameters to the puppet-ldap code should be the proper way.
Zabbix Large Environments Training | http://www.open-future.be/zabbix-large-environments-training-21-till-22nd-november
Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-10-till-12th-december
Yes it would. Could als be the quickest solution in the short term.
Are you using ldap as ENC also ? (because we do). Then maybe adding
class parameters to the puppet-ldap code should be the proper way.
> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/c8176eed-a981-4111-8833-f142fe3fa292%40googlegroups.com.
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> For more options, visit https://groups.google.com/groups/opt_out.
--
Johan De Wit
Open Source Consultant
Red Hat Certified Engineer (805008667232363)
Puppet Certified Professional 2013 (PCP0000006)
_________________________________________________________
Open-Future Phone +32 (0)2/255 70 70
Zavelstraat 72 Fax +32 (0)2/255 70 71
3071 KORTENBERG Mobile +32 (0)474/42 40 73
BELGIUM http://www.open-future.be
_________________________________________________________
Next Events:
--
Johan De Wit
Open Source Consultant
Red Hat Certified Engineer (805008667232363)
Puppet Certified Professional 2013 (PCP0000006)
_________________________________________________________
Open-Future Phone +32 (0)2/255 70 70
Zavelstraat 72 Fax +32 (0)2/255 70 71
3071 KORTENBERG Mobile +32 (0)474/42 40 73
BELGIUM http://www.open-future.be
_________________________________________________________
Puppet Advanced Training | https://www.open-future.be/puppet-advanced-training-12-till-14th-november
Zabbix Certified Training | http://www.open-future.be/zabbix-certified-training-18-till-20th-november
Zabbix Large Environments Training | http://www.open-future.be/zabbix-large-environments-training-21-till-22nd-november
Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-10-till-12th-december
Reply all
Reply to author
Forward
0 new messages