Which version of puppet are you using? Puppet 5 or puppert 6? And: did you ran the puppet lookup command as root user? (I assume so, I just want to be sure)
> On 1. Oct 2020, at 12:30, [email protected] <[email protected]> wrote: > > Thanks Martin, yes (on fours servers to be specific all with idm0 in the > hostname). Problem I have, is although the lookup is returning what I need, > when I run the agent, it returns: > > Error: Could not retrieve catalog from remote server: Error 500 on SERVER: > Server Error: Evaluation Error: Error while evaluating a Resource Statement, > Class[Grubipv6disable]: expects a value for parameter 'enable' (file: > /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12, > column: 3) on node lhcsrvprdidm02.fixnetix.com > > I guessing that this is suggesting the expected hiera vaule can't be found. > > Thanks, > Dan. > > > On Thursday, October 1, 2020 at 11:24:04 AM UTC+1 Martin Alfke wrote: > Hi Dan, > > The puppet lookup explain told you what it has found: > > Environment Data Provider (hiera configuration version 5) > Using configuration > "/etc/puppetlabs/code/environments/production/hiera.yaml" > Hierarchy entry "Per-node data" > Path > "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml" > Original path: "nodes/%{trusted.certname}.yaml" > Found key: "grubipv6disable::enable" value: false > > So I assume that you want to disable ipv6 only on node > lhcsrvprdidm02.fixnetix.com <http://lhcsrvprdidm02.fixnetix.com/> > > > > >> On 1. Oct 2020, at 12:05, [email protected] <http://gmail.com/> >> <[email protected] <applewebdata://E31709E2-A78B-4E6A-8189-0CDB58003863>> >> wrote: >> > >> Hello Martin, >> >> Do you have any further thoughts on the above? >> >> Thanks, >> Dan. >> >> On Monday, September 28, 2020 at 2:37:42 PM UTC+1 [email protected] >> <http://gmail.com/> wrote: >> There is indeed a global hiera.yaml file: >> # cat /etc/puppetlabs/puppet/hiera.yaml >> --- >> # Hiera 5 Global configuration file >> >> version: 5 >> >> # defaults: >> # data_hash: yaml_data >> # hierarchy: >> # - name: Common >> # data_hash: yaml_data >> hierarchy: [] >> >> Top level environment hiera looks good: >> # cat /etc/puppetlabs/code/environments/production/hiera.yaml >> --- >> version: 5 >> defaults: >> # The default value for "datadir" is "data" under the same directory as >> the hiera.yaml >> # file (this file) >> # When specifying a datadir, make sure the directory exists. >> # See https://puppet.com/docs/puppet/latest/environments_about.html >> <https://puppet.com/docs/puppet/latest/environments_about.html> for further >> details on environments. >> datadir: data >> data_hash: yaml_data >> hierarchy: >> - name: "Per-node data" # Human-readable name. >> path: "nodes/%{trusted.certname}.yaml" # File path, relative to datadir. >> >> - name: "Per-OS defaults" >> path: "os/%{facts.os.family}.yaml" >> >> - name: "Common data" >> path: "common.yaml" >> >> There is no associated branch or alike in this instance. >> >> Here's the puppet lookup output with --explain: >> >> # puppet lookup --node lhcsrvprdidm02.fixnetix.com >> <http://lhcsrvprdidm02.fixnetix.com/> grubipv6disable::enable --explain >> Searching for "lookup_options" >> Global Data Provider (hiera configuration version 5) >> Using configuration "/etc/puppetlabs/puppet/hiera.yaml" >> No such key: "lookup_options" >> Environment Data Provider (hiera configuration version 5) >> Using configuration >> "/etc/puppetlabs/code/environments/production/hiera.yaml" >> Merge strategy hash >> Hierarchy entry "Per-node data" >> Path >> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml" >> Original path: "nodes/%{trusted.certname}.yaml" >> No such key: "lookup_options" >> Hierarchy entry "Per-OS defaults" >> Path >> "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml" >> Original path: "os/%{facts.os.family}.yaml" >> Path not found >> Hierarchy entry "Common data" >> Path "/etc/puppetlabs/code/environments/production/data/common.yaml" >> Original path: "common.yaml" >> Path not found >> Module "grubipv6disable" Data Provider (hiera configuration version 5) >> Using configuration >> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/hiera.yaml" >> Merge strategy hash >> Hierarchy entry "osfamily/major release" >> Merge strategy hash >> Path >> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/7.yaml" >> Original path: "os/%{facts.os.name >> <http://facts.os.name/>}/%{facts.os.release.major}.yaml" >> Path not found >> Path >> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/7.yaml" >> Original path: >> "os/%{facts.os.family}/%{facts.os.release.major}.yaml" >> Path not found >> Path >> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/3.10.0-1127.13.1.el7.x86_64.yaml" >> Original path: >> "os/%{facts.os.family}/%{facts.kernelrelease}.yaml" >> Path not found >> Hierarchy entry "osfamily" >> Merge strategy hash >> Path >> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml" >> Original path: "os/%{facts.os.name <http://facts.os.name/>}.yaml" >> Path not found >> Path >> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml" >> Original path: "os/%{facts.os.family}.yaml" >> Path not found >> Hierarchy entry "common" >> Path >> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/common.yaml" >> Original path: "common.yaml" >> No such key: "lookup_options" >> Searching for "grubipv6disable::enable" >> Global Data Provider (hiera configuration version 5) >> Using configuration "/etc/puppetlabs/puppet/hiera.yaml" >> No such key: "grubipv6disable::enable" >> Environment Data Provider (hiera configuration version 5) >> Using configuration >> "/etc/puppetlabs/code/environments/production/hiera.yaml" >> Hierarchy entry "Per-node data" >> Path >> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml" >> Original path: "nodes/%{trusted.certname}.yaml" >> Found key: "grubipv6disable::enable" value: false >> >> Thanks, >> Dan. >> >> >> On Monday, September 28, 2020 at 2:23:49 PM UTC+1 Martin Alfke wrote: >> In this case it is hiera. >> >> Can you please check: >> - that there is no global hiera.yaml file in >> /etc/puppetlabs/puppet/hiera.yaml or, that the data paths mentioned in that >> file are empty >> - that node is the top level environment in your environment hiera.yaml file >> (/etc/puppetlabs/code/environment/<environment>/hiera.yaml >> - that your Puppet code changes are done in production environment and not >> within a feature branch or: if you use a feature branch: that the data fir >> enabling/disabling the flag is also in environment hiera data >> >> Can you run the puppet lookup command again using the ‘--explain’ parameter? >> >> Hth, >> Martin >> >> >> >>> On 28. Sep 2020, at 15:18, [email protected] <http://gmail.com/> >>> <[email protected] <>> wrote: >>> >> >>> Thanks again Martin, >>> >>> I've changed the code as per recommended. However, the same issue still >>> persists. I'm starting to think that the issue is not code related but >>> lies elsewhere >>> >>> # puppet agent --no-daemonize --onetime --verbose >>> Info: Using configured environment 'production' >>> Info: Retrieving pluginfacts >>> Info: Retrieving plugin >>> Info: Retrieving locales >>> Info: Loading facts >>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: >>> Server Error: Evaluation Error: Error while evaluating a Resource >>> Statement, Class[Grubipv6disable]: expects a value for parameter 'enable' >>> (file: /etc/puppetlabs/code/environments/production/manifests/site.pp, >>> line: 12, column: 3) on node lhcsrvprdidm02.fixnetix.com >>> <http://lhcsrvprdidm02.fixnetix.com/> >>> Info: Using cached catalog from environment 'production' >>> Info: Applying configuration version '1601218290' >>> Notice: Applied catalog in 1.95 seconds >>> >>> I've checked if a lookup checks-out ok: >>> >>> # puppet lookup --node lhcsrvprdidm02.fixnetix.com >>> <http://lhcsrvprdidm02.fixnetix.com/> grubipv6disable::enable >>> --- false >>> >>> Thanks, >>> Dan. >>> >>> >>> >>> On Monday, September 28, 2020 at 11:54:42 AM UTC+1 Martin Alfke wrote: >>> Hi Dan, >>> >>> I would write the grubipv6disable class in another way: >>> >>> class grubipv6disable ( >>> Boolean $enable, >>> ) { >>> if $enable { >>> contain grubipv6disable::config >>> } >>> } >>> >>> And keep the grubipv6disable::config class as is: >>> >>> class grubipv6disable::config ( >>> ){ >>> >>> if $facts['os']['release']['major'] =~ /7/ { >>> exec { 'grub2_ipv6_disable': >>> command => '/usr/sbin/grubby --update-kernel=ALL >>> --args=ipv6.disable=1', >>> unless => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6' >>> } >>> } else { >>> notice ('Assuming RHEL 6.x thus taking no action') >>> } >>> } >>> >>> Parameters, like variables, are always local to a class. >>> >>> Best, >>> Martin >>> >>> >>> >>>> On 28. Sep 2020, at 12:03, [email protected] <http://gmail.com/> >>>> <[email protected] <>> wrote: >>>> >>> >>>> Thanks for that Martin, >>>> >>>> I seem to have unearthed a different issue: >>>> >>>> # puppet agent --no-daemonize --onetime --verbose >>>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: >>>> Server Error: Evaluation Error: Error while evaluating a Resource >>>> Statement, Class[Grubipv6disable]: expects a value for parameter 'enable' >>>> (file: /etc/puppetlabs/code/environments/production/manifests/site.pp, >>>> line: 12, column: 3) on node lhcsrvprdidm02.fixnetix.com >>>> <http://lhcsrvprdidm02.fixnetix.com/> >>>> >>>> # pwd >>>> /etc/puppetlabs/code/environments/production/modules/grubipv6disable >>>> # more manifests/init.pp >>>> class grubipv6disable ( >>>> Boolean $enable, >>>> ) { >>>> contain grubipv6disable::config >>>> } >>>> >>>> # more manifests/config.pp >>>> class grubipv6disable::config ( >>>> Boolean $enable = true, >>>> ){ >>>> if $enable { >>>> if $facts['os']['release']['major'] =~ /7/ { >>>> exec { 'grub2_ipv6_disable': >>>> command => '/usr/sbin/grubby --update-kernel=ALL >>>> --args=ipv6.disable=1', >>>> unless => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6' >>>> } >>>> } else { >>>> notice ('Assuming RHEL 6.x thus taking no action') >>>> } >>>> } >>>> } >>>> >>>> # pwd >>>> /etc/puppetlabs/code/environments/production/data >>>> # more nodes/lhcsrvprdidm02.fixnetix.com.yaml >>>> --- >>>> grubipv6disable::enable: false >>>> >>>> Seems hiera is not being read. >>>> >>>> Any further help you can provide would be appreciated >>>> >>>> Thanks, >>>> Dan. >>>> On Friday, September 18, 2020 at 12:43:26 PM UTC+1 Martin Alfke wrote: >>>> Add a parameter to grubipv6disable class which controls the internal >>>> behaviour. >>>> https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables >>>> >>>> <https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables> >>>> >>>> e.g. >>>> >>>> # modules/grubipv6disable/manifests/init.pp >>>> class grubipv6disable ( >>>> Boolean $enable = true, >>>> ){ >>>> if $enable { >>>> # add here the code from the class. >>>> } >>>> } >>>> >>>> Now you add hiera.yaml to your control-repo and add node specific data. >>>> https://puppet.com/docs/puppet/6.17/hiera_intro.html >>>> <https://puppet.com/docs/puppet/6.17/hiera_intro.html> >>>> >>>> e.g. >>>> data/nodes/<nodename>.yaml >>>> --- >>>> grubipv6disable::enable: false >>>> >>>> Hth, >>>> Martin >>>> >>>> >>>> >>>>> On 17. Sep 2020, at 19:19, [email protected] <http://gmail.com/> >>>>> <[email protected] <>> wrote: >>>>> >>>> >>>>> Hello experts, >>>>> >>>>> I apply all my current classes like so: >>>>> >>>>> # cat site.pp >>>>> >>>>> node default { >>>>> class { 'selinux': >>>>> mode => 'permissive', >>>>> type => 'targeted', } >>>>> class { 'commonpackages': } >>>>> class { 'polkit': } >>>>> class { 'libstoragemgmt': } >>>>> class { 'rngd': } >>>>> class { 'gssproxy': } >>>>> class { 'smartd': } >>>>> class { 'firewalld': } >>>>> class { 'grubipv6disable': } >>>>> class { 'grubrootpasswd': } >>>>> class { 'grubcrash': } >>>>> class { 'logrotate': } >>>>> class { 'htop': } >>>>> class { 'vim': } >>>>> class { 'yum': } >>>>> class { 'yumlocalrepo': } >>>>> class { 'sysctl': } >>>>> class { 'sysconfig': } >>>>> class { 'bashrc': } >>>>> class { 'vault': } >>>>> class { 'useradd': } >>>>> class { 'crontab': } >>>>> class { 'modprobe': } >>>>> class { 'rsyslogd': } >>>>> class { 'sudoers': } >>>>> class { 'motd': } >>>>> class { 'pam': } >>>>> class { 'issue': } >>>>> class { 'issuenet': } >>>>> class { 'limits': } >>>>> class { 'timezone': } >>>>> class { 'profiled': } >>>>> class { 'pulpconsumer': } >>>>> class { 'resolver': } >>>>> class { 'aide': } >>>>> class { 'autofs': } >>>>> class { 'vmtoolsd': } >>>>> class { 'ntpd': } >>>>> class { 'postfix': } >>>>> class { 'auditd': } >>>>> class { 'sshd': } >>>>> class { 'idmclient': } >>>>> } >>>>> >>>>> However, it's now become apparent that I need to exclude the >>>>> grubipv6disable from some nodes (all have idm0 in their hostname). >>>>> >>>>> What is the best way (or the less complicated) to achive this? >>>>> >>>>> Thanks in advance. >>>>> Dan. >>>>> >>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google Groups >>>>> "Puppet Users" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send an >>>>> email to [email protected] <>. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com >>>>> >>>>> <https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com?utm_medium=email&utm_source=footer>. >>>> >>>> >>>> -- >>>> You received this message because you are subscribed to the Google Groups >>>> "Puppet Users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send an >>>> email to [email protected] <>. >>> >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com?utm_medium=email&utm_source=footer>. >>> >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Puppet Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to [email protected] <>. >> >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/puppet-users/6ce33b24-d9e3-4c5d-bb9f-9295f900db36n%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/puppet-users/6ce33b24-d9e3-4c5d-bb9f-9295f900db36n%40googlegroups.com?utm_medium=email&utm_source=footer>. >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] >> <applewebdata://E31709E2-A78B-4E6A-8189-0CDB58003863>. > >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/4dd65c40-7489-4c9e-81db-0c75f2a43cddn%40googlegroups.com >> >> <https://groups.google.com/d/msgid/puppet-users/4dd65c40-7489-4c9e-81db-0c75f2a43cddn%40googlegroups.com?utm_medium=email&utm_source=footer>. > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/a6ea6ef0-94a8-426c-9df8-34f102ef8b76n%40googlegroups.com > > <https://groups.google.com/d/msgid/puppet-users/a6ea6ef0-94a8-426c-9df8-34f102ef8b76n%40googlegroups.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/E60256F6-52C7-4F20-843E-9EB096AA39A2%40gmail.com.
