Hi Dan,
I would write the grubipv6disable class in another way:
class grubipv6disable (
Boolean $enable,
) {
if $enable {
contain grubipv6disable::config
}
}
And keep the grubipv6disable::config class as is:
class grubipv6disable::config (
){
if $facts['os']['release']['major'] =~ /7/ {
exec { 'grub2_ipv6_disable':
command => '/usr/sbin/grubby --update-kernel=ALL --args=ipv6.disable=1',
unless => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
}
} else {
notice ('Assuming RHEL 6.x thus taking no action')
}
}
Parameters, like variables, are always local to a class.
Best,
Martin
> On 28. Sep 2020, at 12:03, [email protected] <[email protected]> wrote:
>
> Thanks for that Martin,
>
> I seem to have unearthed a different issue:
>
> # puppet agent --no-daemonize --onetime --verbose
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER:
> Server Error: Evaluation Error: Error while evaluating a Resource Statement,
> Class[Grubipv6disable]: expects a value for parameter 'enable' (file:
> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12,
> column: 3) on node lhcsrvprdidm02.fixnetix.com
> <http://lhcsrvprdidm02.fixnetix.com/>
>
> # pwd
> /etc/puppetlabs/code/environments/production/modules/grubipv6disable
> # more manifests/init.pp
> class grubipv6disable (
> Boolean $enable,
> ) {
> contain grubipv6disable::config
> }
>
> # more manifests/config.pp
> class grubipv6disable::config (
> Boolean $enable = true,
> ){
> if $enable {
> if $facts['os']['release']['major'] =~ /7/ {
> exec { 'grub2_ipv6_disable':
> command => '/usr/sbin/grubby --update-kernel=ALL --args=ipv6.disable=1',
> unless => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
> }
> } else {
> notice ('Assuming RHEL 6.x thus taking no action')
> }
> }
> }
>
> # pwd
> /etc/puppetlabs/code/environments/production/data
> # more nodes/lhcsrvprdidm02.fixnetix.com.yaml
> ---
> grubipv6disable::enable: false
>
> Seems hiera is not being read.
>
> Any further help you can provide would be appreciated
>
> Thanks,
> Dan.
> On Friday, September 18, 2020 at 12:43:26 PM UTC+1 Martin Alfke wrote:
> Add a parameter to grubipv6disable class which controls the internal
> behaviour.
> https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables
>
> <https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables>
>
> e.g.
>
> # modules/grubipv6disable/manifests/init.pp
> class grubipv6disable (
> Boolean $enable = true,
> ){
> if $enable {
> # add here the code from the class.
> }
> }
>
> Now you add hiera.yaml to your control-repo and add node specific data.
> https://puppet.com/docs/puppet/6.17/hiera_intro.html
> <https://puppet.com/docs/puppet/6.17/hiera_intro.html>
>
> e.g.
> data/nodes/<nodename>.yaml
> ---
> grubipv6disable::enable: false
>
> Hth,
> Martin
>
>
>
>> On 17. Sep 2020, at 19:19, [email protected] <http://gmail.com/>
>> <[email protected] <applewebdata://7B6293DD-2FFD-49D1-9DCD-0C0C1AA6D763>>
>> wrote:
>>
>
>> Hello experts,
>>
>> I apply all my current classes like so:
>>
>> # cat site.pp
>>
>> node default {
>> class { 'selinux':
>> mode => 'permissive',
>> type => 'targeted', }
>> class { 'commonpackages': }
>> class { 'polkit': }
>> class { 'libstoragemgmt': }
>> class { 'rngd': }
>> class { 'gssproxy': }
>> class { 'smartd': }
>> class { 'firewalld': }
>> class { 'grubipv6disable': }
>> class { 'grubrootpasswd': }
>> class { 'grubcrash': }
>> class { 'logrotate': }
>> class { 'htop': }
>> class { 'vim': }
>> class { 'yum': }
>> class { 'yumlocalrepo': }
>> class { 'sysctl': }
>> class { 'sysconfig': }
>> class { 'bashrc': }
>> class { 'vault': }
>> class { 'useradd': }
>> class { 'crontab': }
>> class { 'modprobe': }
>> class { 'rsyslogd': }
>> class { 'sudoers': }
>> class { 'motd': }
>> class { 'pam': }
>> class { 'issue': }
>> class { 'issuenet': }
>> class { 'limits': }
>> class { 'timezone': }
>> class { 'profiled': }
>> class { 'pulpconsumer': }
>> class { 'resolver': }
>> class { 'aide': }
>> class { 'autofs': }
>> class { 'vmtoolsd': }
>> class { 'ntpd': }
>> class { 'postfix': }
>> class { 'auditd': }
>> class { 'sshd': }
>> class { 'idmclient': }
>> }
>>
>> However, it's now become apparent that I need to exclude the grubipv6disable
>> from some nodes (all have idm0 in their hostname).
>>
>> What is the best way (or the less complicated) to achive this?
>>
>> Thanks in advance.
>> Dan.
>>
>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected]
>> <applewebdata://7B6293DD-2FFD-49D1-9DCD-0C0C1AA6D763>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com?utm_medium=email&utm_source=footer>.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com
>
> <https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/10312006-1B7F-4EF0-8078-7F1D4B010E1C%40gmail.com.
