3

I have 80 nodes, 78 need to have a specific module, except for 2.

[root@puppetmaster puppet]# cat hiera.yaml
:backends:
    - yaml

:hierarchy:
    - environment/%{::environment}/%{::hostname}
    - environment/%{::environment}
    - common

:logger: console

:yaml:
    :datadir: '/etc/puppet/hieradata'
[root@puppetmaster puppet]# cat hieradata/common.yaml
---
classes:
  - ldap
  - motd
  - ntp
  - puppet-conf
[root@puppetmaster puppet]# cat hieradata/environment/tst/tst-01.yaml
---
classes:
  - puppet-update
  - public-keys
[root@puppetmaster puppet]#

I want all nodes to have the ldap module, except for the tst-01 and tst-02 server.

How do I exclude this module from these 2 servers?

A solution would be to use 80 .yaml-files for all nodes and add "- ldap" to 78 of these .yaml-files, but this seems poor design. It would be cleaner to exclude the modules from the inherited list.

ujjain
  • 3,983
  • 16
  • 53
  • 91
  • 2
    Would it be acceptable for the `ldap` module to have a parameter which essentially disables it, and set the param for just those two nodes? – Shane Madden Jun 12 '13 at 03:59

2 Answers2

2

You can use something like this in your nodes.pp:

node default {
  hiera_include('classes')
}

node /^tst-0(1|2)\.example\.com$/ inherits default {
}

node /.*example\.com$/ inherits default {
  include ldap
}
dawud
  • 15,096
  • 3
  • 42
  • 61
2

The issue is that hiera_include will use the classes from all levels (probably uses hiera_array).

This will probably work:

[root@puppetmaster puppet]# cat hieradata/common.yaml
---
classes:
  - ldap
  - motd
  - ntp
  - puppet-conf
[root@puppetmaster puppet]# cat hieradata/environment/tst/tst-01.yaml
---
classes:
  - puppet-update
  - public-keys
  - motd
  - ntp
  - puppet-conf

In the node-def:

class { hiera('classes'): }

Downside is that you would have to specify all classes in the host-specific hiera file, if you override the default.

Does that help?

Ger Apeldoorn
  • 565
  • 3
  • 10