dashboard ENC and parameterized classes
Ashley Gould
classes are not yet supported within dashboard's external node
classifier feature. A few months ago I saw a post suggesting the
following work around until there is support:
class foo ($var="default") {
notify { $var: }
}
Parametrized classes are new in Puppet 2.6. Support for parametrized
classes via ENC was introduced in 2.6.5. Support for parametrized
classes in dashboard is on the road map.
Currently here's the way to declare parametrized classes in site.pp:
node node01 {
class { foo:
var => "hello world!",
}
}
To support parametrized class in dashboard, I write a wrapper class
(necessary until Dashboard fully supports parametrized classes):
class foo::wrapper {
class { foo:
var => $::foo_var,
}
}
In this case assign class foo::wrapper to node1 in dashboard and
configure the parameter foo_var="hello world!".
---
I am tring to replicate this workaround without success. Has anyone
else gotten param classes working within dashboard ENC?
--
-ashley
Did you try poking at it with a stick?
Ken Barber
sample code and errors for your use case?
I presume you are doing an:
include foo::wrapper
At some point to evaluate that wrapper class? Otherwise nothing will happen.
ken.
> --
> You received this message because you are subscribed to the Google Groups "Puppet Users" group.
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
>
>
Ashley Gould
> What errors are you getting when you use this pattern? Do you have
> sample code and errors for your use case?
>
> I presume you are doing an:
>
> include foo::wrapper
>
> At some point to evaluate that wrapper class? Otherwise nothing will happen.
>
> ken.
There is no error. but nothing happens. the class seems to be
quietly ignored.
The basic construct works from within nodes.pp file, but not from
dashboard:
class firewall_extras (
$services = undef,
) inherits firewall {
Firewall::Firewall_conf["default"] {
fw_services_ext_tcp => $services,
fw_configurations_ext => $configs,
fw_trusted_nets => $trusted,
}
}
# Dashboard class
class firewall_extras::wrapper {
class { firewall_extras: services => $::firewall_services }
}
Here was my node def that worked:
$firewall_services = "8000"
node /unxslet0\d+/ {
include "common::suse"
include "aig_vhost"
include "firewall_extras::wrapper"
}
I'm attaching a jpg of the node from dashboard.
Ken Barber
your example so it just does a notify?
class firewall_extras (
$services = undef,
) {
notify { "msg": message => $services }
}
class myfirewall {
class { "firewall_extras": services => $::firewall_services }
}
Also - just for kicks - what is the yaml output of your external_nodes
command when you run this on the command line?
(you probably already know how to do this but ...)
To figure out the path its just:
puppet master --configprint external_nodes
Then run it like:
/somepath/external_nodes unxslet01.ucop.edu
ken.
Ashley Gould
On Wed, Jun 15, 2011 at 06:13:52PM +0100, Ken Barber wrote:
> Certainly works for me in a simplified example ... can you simplify
> your example so it just does a notify?
>
> class firewall_extras (
> � �$services � = undef,
> ) {
> notify { "msg": message => $services }
> }
>
> class myfirewall {
> class { "firewall_extras": services => $::firewall_services }
> }
>
> Also - just for kicks - what is the yaml output of your external_nodes
> command when you run this on the command line?
>
> (you probably already know how to do this but ...)
>
> To figure out the path its just:
>
> puppet master --configprint external_nodes
>
> Then run it like:
>
> /somepath/external_nodes unxslet01.ucop.edu
I did not know about running the external_nodes on the command line. Thanks
for the tip.
With siplified version I am at least getting some error output. this is
progress:
class firewall_extras (
� �$services � = undef
) {
notify { "msg": message => $services }
}
class firewall_wrapper {
class { "firewall_extras": services => $::firewall_services }
}
pmlab02-vhost:~ # /usr/share/puppet-dashboard/bin/external_node unxslet01.ucop.edu
---
name: unxslet01.ucop.edu
parameters:
firewall_services: "9080"
classes:
- firewall_wrapper
- common::suse
- db2::client
- aig_vhost
unxslet01:~ # puppet agent -t
info: Retrieving plugin
info: Loading facts in adinfo
info: Loading facts in adinfo
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse for environment production: Could not match � at /data/puppet/production/modules/firewall/manifests/init.pp:93 on node unxslet01.ucop.edu
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
---
looks like a syntax error, but I don't see it. line 93 is
� �$services � = undef
Ashley Gould
>
> On Wed, Jun 15, 2011 at 06:13:52PM +0100, Ken Barber wrote:
> > Certainly works for me in a simplified example ... can you simplify
> > your example so it just does a notify?
> >
> > class firewall_extras (
> > � �$services � = undef,
> > ) {
> > notify { "msg": message => $services }
> > }
> >
> > class myfirewall {
> > class { "firewall_extras": services => $::firewall_services }
> > }
> >
Ok, I did finally get a basic parameterized class to work from
dashboard ENC:
class firewall_extras($tcp_ports) {
notify { "msg": message => $tcp_ports, }
}
class firewall_wrapper {
class { "firewall_extras": tcp_ports => $::fw_tcp_ports, }
}
---
agould@pmlab02-vhost:/data/puppet/production> /usr/share/puppet-dashboard/bin/external_node unxslet01.ucop.edu
---
name: unxslet01.ucop.edu
parameters:
fw_tcp_ports: 22 9080 3000
classes:
- firewall_wrapper
- common::suse
unxslet01:~ # puppet agent -t
info: Retrieving plugin
info: Loading facts in adinfo
info: Loading facts in adinfo
info: Caching catalog for unxslet01.ucop.edu
info: Applying configuration version '1308273566'
notice: 22 9080 3000
notice: /Stage[main]/Firewall_extras/Notify[msg]/message: defined 'message' as '22 9080 3000'
notice: Finished catalog run in 7.64 seconds
But what I really want is to use a param class to override variables in
a base class. Below is a stripped version. the value for the param
I set in dashboard shows up in the override class but never makes it
to the base class.
# Base class
#
class firewall {
define firewall_conf (
$fw_services_ext_tcp = "22"
) {
file { "/etc/sysconfig/SuSEfirewall2":
content => template("firewall/SuSEfirewall2.erb"),
}
notify { "msg1": message => $fw_services_ext_tcp, }
}
# Implement default firewall setup
firewall_conf {"default": }
}
# Override class
#
class firewall_override ( $tcp_ports ) inherits firewall {
# modify default firewall setup
Firewall::Firewall_conf["default"] {
fw_services_ext_tcp => $tcp_ports,
}
notify { "msg0": message => $tcp_ports, }
}
# Wrapper class for Dashboard
#
class firewall_wrapper {
class { "firewall_override": tcp_ports => $::fw_tcp_ports, }
}
agould@pmlab02-vhost:/data/puppet/production> /usr/share/puppet-dashboard/bin/external_node unxslet01.ucop.edu
---
name: unxslet01.ucop.edu
parameters:
fw_tcp_ports: 22 9080 3000
classes:
- firewall_wrapper
- common::suse
- firewall
unxslet01:~ # puppet agent -t
info: Retrieving plugin
info: Loading facts in adinfo
info: Loading facts in adinfo
info: Caching catalog for unxslet01.ucop.edu
info: Applying configuration version '1308273896'
notice: 22 9080 3000
notice: /Stage[main]/Firewall_extras/Notify[msg]/message: defined 'message' as '22 9080 3000'
notice: 22
notice: /Stage[main]/Firewall/Firewall::Firewall_conf[default]/Notify[msg1]/message: defined 'message' as '22'
notice: Finished catalog run in 6.76 seconds
Ken Barber
name: unxslet01.ucop.edu
parameters:
fw_tcp_ports: 22 9080 3000
classes:
- firewall_wrapper
- common::suse
- firewall
Is including both 'firewall' and 'firewall_wrapper'. But I think you
are hitting non-deterministic ordering here ... you only really want
to include 'firewall_wrapper' and have that pull in 'firewall'.
Otherwise, you may pull in 'firewall' too early, which would apply its
default settings.
So drop 'firewall' from your classes in dashboard and you may find it
does the correct thing ...
FYI, this works for me:
kbarber:tmp ken$ puppet --version
2.6.8
kbarber:tmp ken$ cat inherits.pp
class firewall {
define firewall_conf ($fw_services_ext_tcp = "22") {
notify { "msg1": message => $fw_services_ext_tcp, }
}
firewall_conf {"default": }
}
class firewall_override ( $tcp_ports ) inherits firewall {
Firewall::Firewall_conf["default"] {
fw_services_ext_tcp => $tcp_ports,
}
notify { "msg0": message => $tcp_ports, }
}
class firewall_wrapper {
class { "firewall_override": tcp_ports => $::fw_tcp_ports, }
}
$fw_tcp_ports = "22 100 2323"
include firewall_wrapper
kbarber:tmp ken$ puppet apply -v inherits.pp
info: Applying configuration version '1308330991'
notice: 22 100 2323
notice: /Stage[main]/Firewall/Firewall::Firewall_conf[default]/Notify[msg1]/message:
defined 'message' as '22 100 2323'
notice: 22 100 2323
notice: /Stage[main]/Firewall_override/Notify[msg0]/message: defined
'message' as '22 100 2323'
notice: Finished catalog run in 0.01 seconds
kbarber:tmp ken$
ken.
Ashley Gould
On Fri, Jun 17, 2011 at 06:18:16PM +0100, Ken Barber wrote:
> So:
>
> name: unxslet01.ucop.edu
> parameters:
> fw_tcp_ports: 22 9080 3000
> classes:
> - firewall_wrapper
> - common::suse
> - firewall
>
> Is including both 'firewall' and 'firewall_wrapper'. But I think you
> are hitting non-deterministic ordering here ... you only really want
> to include 'firewall_wrapper' and have that pull in 'firewall'.
> Otherwise, you may pull in 'firewall' too early, which would apply its
> default settings.
Hi Ken,
I got it to work! Whew. But not by removing 'firewall'. I
actually need to include this class in my testing, because it gets
included by default on all nodes as part of my 'common::suse' class.
The problem was that puppet agent was not even using the correct
class list for some mysterious and buggy reason. My external_node
command returns the correct class list as you have above, but when I
looked carefully at the puppet output (sleep helped here) I saw that
the agent was not even hitting class 'firewall_wrapper' but a
different testing class called 'firewall_extras':
unxslet01:/var/lib/puppet # puppet agent -t
info: Retrieving plugin
info: Loading facts in adinfo
info: Loading facts in adinfo
info: Caching catalog for unxslet01.ucop.edu
info: Applying configuration version '1308273896'
notice: 22 9080 3000
notice: /Stage[main]/Firewall_extras/Notify[msg]/message: defined 'message' as '22 9080 3000'
notice: 22
notice: /Stage[main]/Firewall/Firewall::Firewall_conf[default]/Notify[msg1]/message: defined 'message' as '22'
notice: Finished catalog run in 8.59 seconds
I could not figure out why. I tried removing the cached catalog and
restating puppet agent, but still the wrong class was used. Only
after I deleted the 'firewall_extras' class from my manifest entirly
did agent use the configured class:
unxslet01:/var/lib/puppet # puppet agent -t
info: Retrieving plugin
info: Loading facts in adinfo
info: Loading facts in adinfo
info: Caching catalog for unxslet01.ucop.edu
info: Applying configuration version '1308331369'
notice: 22 9080 3000
notice: /Stage[main]/Firewall/Firewall::Firewall_conf[default]/Notify[msg1]/message: defined 'message' as '22 9080 3000'
notice: 22 9080 3000
notice: /Stage[main]/Firewall_override/Notify[msg0]/message: defined 'message' as '22 9080 3000'
notice: Finished catalog run in 6.80 seconds
I was not able to reproduce this bug.
--