On Thu, 2012-10-25 at 20:45 -0700, Edwin Starkey wrote:
Hi, I'm having a problem with extlookup not respecting the 'certname'
parameter[1]. When executing a puppet run with either the --certname
or --fqdn parameters, it ends up using the specified SSL certificate
and gets the correct node definition applied from the puppetmaster.
However, it still retrieves extlookup data using the node's actual
FQDN, not the one manually specified using the parameter.
As an example, here is my existing extlookup configuration from

$hostgroup = regsubst($hostname, '-*\d+$', '')
$extlookup_datadir = "/etc/puppet/environments/${environment}/manifests/extdata"
$extlookup_precedence = [ 'hostnames/%{fqdn}', 'hostgroups/%{hostgroup}', 'common' ]
The certname value is exposed in the puppet manifests in the $clientcert
variable. Something like the following might work:

$hostgroup = regsubst($clientcert, '-*\d+$', '')
$extlookup_datadir = "/etc/puppet/environments/${environment}/manifests/extdata"
$extlookup_precedence = [ 'hostnames/%{clientcert}', 'hostgroups/%{hostgroup}', 'common' ]
This layout is quite beautiful, as it has three possible matching

1. A CSV file for a specific hostname exists. Example:
hostnames/web1.mydomain.com.csv applies to a single host -
2. A CSV file for a regular expression based on hostname exists.
Example: hostgroups/web.csv applies to all hosts whose hostname begins
with 'web' - web1.mydomain.com or web999.mydomain.com.
3. No matches are found, so default values from common.csv are used.

I'd like to replicate this behavior using hiera. Is it possible?
Absolutely. Hiera lookups can be done using arbitrary variables defined
in your puppet manifests. Something like the following should be

in site.pp toplevel:
$hostgroup = regsubst($clientcert, '-*\d+$', '')

in hiera.yaml:
:datadir: /etc/puppet/environments/${environment}/manifests/hiera
- hostnames/%{clientcert}
- hostgroups/%{hostgroup}
- common

Then you can use puppet3's automatic class parameter lookup, or call the
hiera() functions anywhere in your manifest.

Calvin Walton <calvin.walton@kepstin.ca>

Search Discussions

Discussion Posts


Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 2 of 3 | next ›
Discussion Overview
grouppuppet-users @
postedOct 26, '12 at 10:46a
activeOct 26, '12 at 4:13p



site design / logo © 2022 Grokbase