You were right about the require overrides, I moved those into the exported
sources instead (looks cleaner that way anyway)

and adding 2 collector lines, one for "everyone else" and one "for myself"
worked as you suggested, thanks.
On Wednesday, August 14, 2013 1:07:50 PM UTC-4, jcbollinger wrote:

On Tuesday, August 13, 2013 12:29:51 PM UTC-5, Chuck Bredestege wrote:

I'm trying to create a ssh class where the /etc/ssh/ssh_known_hosts and
/etc/ssh/shosts.equiv stays updated. The issue i'm finding is that if I
include a "tag == anything" in the Collector filter, it collects all
resources EXCEPT it's own. In this case, the known_hosts and .equiv files
will have all the other hostnames, but not it's own hostname. If I remove
the "tag ==" line it works as expected. I tested this with a common tag
"ssh" which I verified is in puppetdb on both exports.

[root@csep0501 ssh]# rpm -qa | grep puppet

(where $dsitename is the lowercase version of a global fact)

@@sshkey{ "${::fqdn}-ssh-pubkey" :
tag => $dsitename,

ensure => present,
host_aliases => [ $::hostname ],
key => $::sshrsakey,
name => $::fqdn,
type => 'ssh-rsa',

@@file_line{ "${::fqdn}-shosts.equiv" :
tag => $dsitename,
path => "/etc/ssh/shosts.equiv",
ensure => present,
line => "+${::fqdn}",

notify { 'testmessage' :
message => "Downcased sitename is $dsitename",

Sshkey <<| tag == 'ssh' and tag == $dsitename |>> {
require => File['/etc/ssh/ssh_known_hosts'],
File_line <<| tag == 'ssh' and tag == $dsitename and path ==
"/etc/ssh/shosts.equiv" |>> {
require => File['/etc/ssh/shosts.equiv'],
Why do you need parameter overrides for 'require'? Does it not work to
declare those directly in the original resource declarations?

Anyway, this looks similar to http://projects.puppetlabs.com/issues/11049.
Can you work around it by explicitly collecting the node's own resources?
For example, add

Sshkey <<| title == "${::fqdn}-ssh-pubkey" |>>
File_line <<| title == "${::fqdn}-shosts.equiv" |>>

(with the 'require' override too, if that turns out to be necessary).

You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

Discussion Posts


Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 3 of 3 | next ›
Discussion Overview
grouppuppet-users @
postedAug 13, '13 at 5:30p
activeAug 15, '13 at 3:37p

2 users in discussion

Chuck Bredestege: 2 posts Jcbollinger: 1 post



site design / logo © 2022 Grokbase