FAQ
Hi folks,

I have written a small LDAP backend for Hiera. I am aware of the one at
<https://github.com/hunner/hiera-ldap> but it's not what I was looking
for.

You can find mine at <http://forge.ircam.fr/p/hiera-ldap-backend/>.

How to use it
=============

Basically, the hiera.yaml file should look like that:

     ---
     :backends:
       - ldap
     :ldap:
       :server: ldap.example.com
       :port: 389
       :base: dc=example,dc=com
       :attribute: hieraData
       :name: cn
     :hierarchy:
       - %{::fqdn}
       - common

The first three lines in the :ldap section should be obvious. The next
two are the names of the attributes containing, in order, the Hiera data
itself (as "key=value" strings) and the lookup key. So, for instance, to
set the value of variable "foo" to "bar" on host "myhost.example.com",
your LDAP entry would look like that:

dn: cn=myhost.example.com, ou=hosts, dc=example, dc=com
cn: myhost.example.com
hieraData: foo=bar

It's up to you to add support for the hieraData attribute in your LDAP
schema; the schema snippet I use looks like that:

attributetype ( 1.3.6.1.4.1.7568.1.1.49.1 NAME 'hieraData' SUP name )

objectclass ( 1.3.6.1.4.1.7568.1.2.43.1 NAME 'hieraSource' SUP top STRUCTURAL
         DESC 'Hiera configuration source'
         MAY ( cn $ hieraData ) )


I have not yet tested the backend live with Puppet (waiting for my
schema changes to get pulled by all my LDAP servers) but it works with
the hiera command line.

Feedback welcome, of course. :-) I guess I should mention I'm a beginner
with both Ruby and Hiera, so my code is probably far from optimal.
--
A

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

  • Arnaud Gomes-do-Vale at Aug 12, 2013 at 2:46 pm

    Arnaud Gomes-do-Vale writes:

    objectclass ( 1.3.6.1.4.1.7568.1.2.43.1 NAME 'hieraSource' SUP top STRUCTURAL
    s/STRUCTURAL/AUXILIARY/ of cource.

    --
    A

    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
    To post to this group, send email to puppet-users@googlegroups.com.
    Visit this group at http://groups.google.com/group/puppet-users.
    For more options, visit https://groups.google.com/groups/opt_out.
  • Brunno Oliveira Prego at Mar 6, 2014 at 7:00 pm
    Arnaud,

        Is your code free for use?

       Thanks

    Em segunda-feira, 12 de agosto de 2013 10h37min39s UTC-3, Arnaud
    Gomes-do-Vale escreveu:
    Hi folks,

    I have written a small LDAP backend for Hiera. I am aware of the one at
    <https://github.com/hunner/hiera-ldap> but it's not what I was looking
    for.

    You can find mine at <http://forge.ircam.fr/p/hiera-ldap-backend/>.

    How to use it
    =============

    Basically, the hiera.yaml file should look like that:

    ---
    :backends:
    - ldap
    :ldap:
    :server: ldap.example.com
    :port: 389
    :base: dc=example,dc=com
    :attribute: hieraData
    :name: cn
    :hierarchy:
    - %{::fqdn}
    - common

    The first three lines in the :ldap section should be obvious. The next
    two are the names of the attributes containing, in order, the Hiera data
    itself (as "key=value" strings) and the lookup key. So, for instance, to
    set the value of variable "foo" to "bar" on host "myhost.example.com",
    your LDAP entry would look like that:

    dn: cn=myhost.example.com, ou=hosts, dc=example, dc=com
    cn: myhost.example.com
    hieraData: foo=bar

    It's up to you to add support for the hieraData attribute in your LDAP
    schema; the schema snippet I use looks like that:

    attributetype ( 1.3.6.1.4.1.7568.1.1.49.1 NAME 'hieraData' SUP name )

    objectclass ( 1.3.6.1.4.1.7568.1.2.43.1 NAME 'hieraSource' SUP top
    STRUCTURAL
    DESC 'Hiera configuration source'
    MAY ( cn $ hieraData ) )


    I have not yet tested the backend live with Puppet (waiting for my
    schema changes to get pulled by all my LDAP servers) but it works with
    the hiera command line.

    Feedback welcome, of course. :-) I guess I should mention I'm a beginner
    with both Ruby and Hiera, so my code is probably far from optimal.
    --
    A
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
    To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4e2c1409-b3b9-446a-9f7f-1e20f1d5f9ad%40googlegroups.com.
    For more options, visit https://groups.google.com/groups/opt_out.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedAug 12, '13 at 1:37p
activeMar 6, '14 at 7:00p
posts3
users2
websitepuppetlabs.com

People

Translate

site design / logo © 2022 Grokbase