Collecting resources from exporting node

123 views
Skip to first unread message

Martijn Grendelman

unread,
Nov 17, 2011, 7:22:51 AM11/17/11
to puppet...@googlegroups.com
Hi,

I was looking at the basic example for exporting and collecting resources
at http://docs.puppetlabs.com/guides/exported_resources.html :

class ssh {
@@sshkey { $hostname: type => dsa, key => $sshdsakey }
Sshkey <<| |>>
}

I quote:

"The above code would have every host export its SSH public key, and then
collect every host�s key and install it in the ssh_known_hosts file; this
would include the host doing the exporting."

That last statement seems untrue in my experiments.

I have the following manifest:

# Export a firewall rule, requesting access to DIR/MRC replication ports
@@firewall::rule {"xtreemfs-repl-${hostname}":
rule => [
"-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35678
-j ACCEPT",
"-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35676
-j ACCEPT",
],
}

# Collect all firewall rules from DIR/MRC servers
Firewall::Rule <<| tag == 'xtreemfs::dir_mrc' |>>

This class is included on two servers, let's call them serverA and serverB.

On serverA, I do get Firewall::Rule[xtreemfs-repl-serverB], but not
Firewall::Rule[xtreemfs-repl-serverA], and on serverB, it's the other way
around.

So exporting works (confirmed by looking at the database). So does
collecting, only not from the local node. What am I doing wrong?

Best regards,
Martijn Grendelman

Martijn Grendelman

unread,
Nov 17, 2011, 11:18:02 AM11/17/11
to puppet...@googlegroups.com
Hi,

A small addition at the bottom...

When adding the class to a third server, all servers get the
Firewall::Rule from the two others, but never from itself.

> So exporting works (confirmed by looking at the database). So does
> collecting, only not from the local node. What am I doing wrong?

Most curious...

Best regards,
Martijn Grendelman

Martijn Grendelman

unread,
Nov 18, 2011, 9:04:54 AM11/18/11
to puppet...@googlegroups.com
No one? Is my question not clear (TL;DR, perhaps?), or doesn't anyone have
an answer?

Best regards,
Martijn.

jcbollinger

unread,
Nov 18, 2011, 5:23:01 PM11/18/11
to Puppet Users


On Nov 18, 8:04 am, Martijn Grendelman <mart...@iphion.nl> wrote:
> No one? Is my question not clear (TL;DR, perhaps?), or doesn't anyone have
> an answer?


As far as I know, nodes are supposed to be able to collect their own
exported resources. If that's not working for you then perhaps Puppet
has a regression in that area. You could consider filing a bug
ticket, but I don't have any suggestion for making it work in the
short term. Unless you're prepared to fix it yourself -- PuppetLabs
loves patches, as long as you'll sign their CLA.


John

Ken Barber

unread,
Nov 28, 2011, 6:18:12 AM11/28/11
to Puppet Users
Raised:

http://projects.puppetlabs.com/issues/11049

The workaround I believe is to use explicit tags on the resource.

resource_name { "foo":
tag => "class_name",
}

Can you give that a try?

ken.

Reply all
Reply to author
Forward
0 new messages