Unfortunately still the same issue.
On Thursday, October 1, 2020 at 11:58:45 AM UTC+1 Martin Alfke wrote:
> One more try:
>
> In your manifests/site.pp change the class declaration from class to
> include:
>
> node default {
> # …
> # class { 'grubipv6disable': }
> include grubipv6disable
> # …
> }
>
>
> On 1. Oct 2020, at 12:44, [email protected] <[email protected]> wrote:
>
> Puppet 6:
>
> # puppet --version
> 6.15.0
>
> Yes, I ran the lookup as root.
>
> On Thursday, October 1, 2020 at 11:40:49 AM UTC+1 Martin Alfke wrote:
>
>> Which version of puppet are you using?
>> Puppet 5 or puppert 6?
>>
>> And: did you ran the puppet lookup command as root user? (I assume so, I
>> just want to be sure)
>>
>> On 1. Oct 2020, at 12:30, [email protected] <[email protected]> wrote:
>>
>> Thanks Martin, yes (on fours servers to be specific all with idm0 in the
>> hostname). Problem I have, is although the lookup is returning what I
>> need, when I run the agent, it returns:
>>
>> Error: Could not retrieve catalog from remote server: Error 500 on
>> SERVER: Server Error: Evaluation Error: Error while evaluating a Resource
>> Statement, Class[Grubipv6disable]: expects a value for parameter 'enable'
>> (file: /etc/puppetlabs/code/environments/production/manifests/site.pp,
>> line: 12, column: 3) on node lhcsrvprdidm02.fixnetix.com
>>
>> I guessing that this is suggesting the expected hiera vaule can't be
>> found.
>>
>> Thanks,
>> Dan.
>>
>>
>> On Thursday, October 1, 2020 at 11:24:04 AM UTC+1 Martin Alfke wrote:
>>
>>> Hi Dan,
>>>
>>> The puppet lookup explain told you what it has found:
>>>
>>> Environment Data Provider (hiera configuration version 5)
>>> Using configuration
>>> "/etc/puppetlabs/code/environments/production/hiera.yaml"
>>> Hierarchy entry "Per-node data"
>>> Path
>>> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
>>> Original path: "nodes/%{trusted.certname}.yaml"
>>> Found key: "grubipv6disable::enable" value: false
>>>
>>> So I assume that you want to disable ipv6 only on node
>>> lhcsrvprdidm02.fixnetix.com
>>>
>>>
>>>
>>> On 1. Oct 2020, at 12:05, [email protected] <[email protected]> wrote:
>>>
>>> Hello Martin,
>>>
>>> Do you have any further thoughts on the above?
>>>
>>> Thanks,
>>> Dan.
>>>
>>> On Monday, September 28, 2020 at 2:37:42 PM UTC+1 [email protected]
>>> wrote:
>>>
>>>> There is indeed a global hiera.yaml file:
>>>> # cat /etc/puppetlabs/puppet/hiera.yaml
>>>> ---
>>>> # Hiera 5 Global configuration file
>>>>
>>>> version: 5
>>>>
>>>> # defaults:
>>>> # data_hash: yaml_data
>>>> # hierarchy:
>>>> # - name: Common
>>>> # data_hash: yaml_data
>>>> hierarchy: []
>>>>
>>>> Top level environment hiera looks good:
>>>> # cat /etc/puppetlabs/code/environments/production/hiera.yaml
>>>> ---
>>>> version: 5
>>>> defaults:
>>>> # The default value for "datadir" is "data" under the same directory
>>>> as the hiera.yaml
>>>> # file (this file)
>>>> # When specifying a datadir, make sure the directory exists.
>>>> # See https://puppet.com/docs/puppet/latest/environments_about.html for
>>>> further details on environments.
>>>> datadir: data
>>>> data_hash: yaml_data
>>>> hierarchy:
>>>> - name: "Per-node data" # Human-readable name.
>>>> path: "nodes/%{trusted.certname}.yaml" # File path, relative to
>>>> datadir.
>>>>
>>>> - name: "Per-OS defaults"
>>>> path: "os/%{facts.os.family}.yaml"
>>>>
>>>> - name: "Common data"
>>>> path: "common.yaml"
>>>>
>>>> There is no associated branch or alike in this instance.
>>>>
>>>> Here's the puppet lookup output with --explain:
>>>>
>>>> # puppet lookup --node lhcsrvprdidm02.fixnetix.com grubipv6disable::enable
>>>> --explain
>>>> Searching for "lookup_options"
>>>> Global Data Provider (hiera configuration version 5)
>>>> Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
>>>> No such key: "lookup_options"
>>>> Environment Data Provider (hiera configuration version 5)
>>>> Using configuration
>>>> "/etc/puppetlabs/code/environments/production/hiera.yaml"
>>>> Merge strategy hash
>>>> Hierarchy entry "Per-node data"
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
>>>> Original path: "nodes/%{trusted.certname}.yaml"
>>>> No such key: "lookup_options"
>>>> Hierarchy entry "Per-OS defaults"
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
>>>> Original path: "os/%{facts.os.family}.yaml"
>>>> Path not found
>>>> Hierarchy entry "Common data"
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/data/common.yaml"
>>>> Original path: "common.yaml"
>>>> Path not found
>>>> Module "grubipv6disable" Data Provider (hiera configuration version
>>>> 5)
>>>> Using configuration
>>>> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/hiera.yaml"
>>>> Merge strategy hash
>>>> Hierarchy entry "osfamily/major release"
>>>> Merge strategy hash
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/7.yaml"
>>>> Original path: "os/%{facts.os.name
>>>> }/%{facts.os.release.major}.yaml"
>>>> Path not found
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/7.yaml"
>>>> Original path:
>>>> "os/%{facts.os.family}/%{facts.os.release.major}.yaml"
>>>> Path not found
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/3.10.0-1127.13.1.el7.x86_64.yaml"
>>>> Original path:
>>>> "os/%{facts.os.family}/%{facts.kernelrelease}.yaml"
>>>> Path not found
>>>> Hierarchy entry "osfamily"
>>>> Merge strategy hash
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml"
>>>> Original path: "os/%{facts.os.name}.yaml"
>>>> Path not found
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml"
>>>> Original path: "os/%{facts.os.family}.yaml"
>>>> Path not found
>>>> Hierarchy entry "common"
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/common.yaml"
>>>> Original path: "common.yaml"
>>>> No such key: "lookup_options"
>>>> Searching for "grubipv6disable::enable"
>>>> Global Data Provider (hiera configuration version 5)
>>>> Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
>>>> No such key: "grubipv6disable::enable"
>>>> Environment Data Provider (hiera configuration version 5)
>>>> Using configuration
>>>> "/etc/puppetlabs/code/environments/production/hiera.yaml"
>>>> Hierarchy entry "Per-node data"
>>>> Path
>>>> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
>>>> Original path: "nodes/%{trusted.certname}.yaml"
>>>> Found key: "grubipv6disable::enable" value: false
>>>>
>>>> Thanks,
>>>> Dan.
>>>>
>>>>
>>>> On Monday, September 28, 2020 at 2:23:49 PM UTC+1 Martin Alfke wrote:
>>>>
>>>>> In this case it is hiera.
>>>>>
>>>>> Can you please check:
>>>>> - that there is no global hiera.yaml file in
>>>>> /etc/puppetlabs/puppet/hiera.yaml or, that the data paths mentioned in
>>>>> that
>>>>> file are empty
>>>>> - that node is the top level environment in your environment
>>>>> hiera.yaml file (/etc/puppetlabs/code/environment/<environment>/hiera.yaml
>>>>> - that your Puppet code changes are done in production environment and
>>>>> not within a feature branch or: if you use a feature branch: that the
>>>>> data
>>>>> fir enabling/disabling the flag is also in environment hiera data
>>>>>
>>>>> Can you run the puppet lookup command again using the ‘--explain’
>>>>> parameter?
>>>>>
>>>>> Hth,
>>>>> Martin
>>>>>
>>>>>
>>>>> On 28. Sep 2020, at 15:18, [email protected] <[email protected]> wrote:
>>>>>
>>>>> Thanks again Martin,
>>>>>
>>>>> I've changed the code as per recommended. However, the same issue
>>>>> still persists. I'm starting to think that the issue is not code related
>>>>> but lies elsewhere
>>>>>
>>>>> # puppet agent --no-daemonize --onetime --verbose
>>>>> Info: Using configured environment 'production'
>>>>> Info: Retrieving pluginfacts
>>>>> Info: Retrieving plugin
>>>>> Info: Retrieving locales
>>>>> Info: Loading facts
>>>>> Error: Could not retrieve catalog from remote server: Error 500 on
>>>>> SERVER: Server Error: Evaluation Error: Error while evaluating a Resource
>>>>> Statement, Class[Grubipv6disable]: expects a value for parameter 'enable'
>>>>> (file: /etc/puppetlabs/code/environments/production/manifests/site.pp,
>>>>> line: 12, column: 3) on node lhcsrvprdidm02.fixnetix.com
>>>>> Info: Using cached catalog from environment 'production'
>>>>> Info: Applying configuration version '1601218290'
>>>>> Notice: Applied catalog in 1.95 seconds
>>>>>
>>>>> I've checked if a lookup checks-out ok:
>>>>>
>>>>> # puppet lookup --node lhcsrvprdidm02.fixnetix.com
>>>>> grubipv6disable::enable
>>>>> --- false
>>>>>
>>>>> Thanks,
>>>>> Dan.
>>>>>
>>>>>
>>>>>
>>>>> On Monday, September 28, 2020 at 11:54:42 AM UTC+1 Martin Alfke wrote:
>>>>>
>>>>>> Hi Dan,
>>>>>>
>>>>>> I would write the grubipv6disable class in another way:
>>>>>>
>>>>>> class grubipv6disable (
>>>>>> Boolean $enable,
>>>>>> ) {
>>>>>> if $enable {
>>>>>> contain grubipv6disable::config
>>>>>> }
>>>>>> }
>>>>>>
>>>>>> And keep the grubipv6disable::config class as is:
>>>>>>
>>>>>> class grubipv6disable::config (
>>>>>> ){
>>>>>>
>>>>>> if $facts['os']['release']['major'] =~ /7/ {
>>>>>> exec { 'grub2_ipv6_disable':
>>>>>> command => '/usr/sbin/grubby --update-kernel=ALL
>>>>>> --args=ipv6.disable=1',
>>>>>> unless => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
>>>>>> }
>>>>>> } else {
>>>>>> notice ('Assuming RHEL 6.x thus taking no action')
>>>>>> }
>>>>>> }
>>>>>>
>>>>>> Parameters, like variables, are always local to a class.
>>>>>>
>>>>>> Best,
>>>>>> Martin
>>>>>>
>>>>>>
>>>>>> On 28. Sep 2020, at 12:03, [email protected] <[email protected]> wrote:
>>>>>>
>>>>>> Thanks for that Martin,
>>>>>>
>>>>>> I seem to have unearthed a different issue:
>>>>>>
>>>>>> # puppet agent --no-daemonize --onetime --verbose
>>>>>> Error: Could not retrieve catalog from remote server: Error 500 on
>>>>>> SERVER: Server Error: Evaluation Error: Error while evaluating a
>>>>>> Resource
>>>>>> Statement, Class[Grubipv6disable]: expects a value for parameter
>>>>>> 'enable'
>>>>>> (file: /etc/puppetlabs/code/environments/production/manifests/site.pp,
>>>>>> line: 12, column: 3) on node lhcsrvprdidm02.fixnetix.com
>>>>>>
>>>>>> # pwd
>>>>>> /etc/puppetlabs/code/environments/production/modules/grubipv6disable
>>>>>> # more manifests/init.pp
>>>>>> class grubipv6disable (
>>>>>> Boolean $enable,
>>>>>> ) {
>>>>>> contain grubipv6disable::config
>>>>>> }
>>>>>>
>>>>>> # more manifests/config.pp
>>>>>> class grubipv6disable::config (
>>>>>> Boolean $enable = true,
>>>>>> ){
>>>>>> if $enable {
>>>>>> if $facts['os']['release']['major'] =~ /7/ {
>>>>>> exec { 'grub2_ipv6_disable':
>>>>>> command => '/usr/sbin/grubby --update-kernel=ALL
>>>>>> --args=ipv6.disable=1',
>>>>>> unless => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
>>>>>> }
>>>>>> } else {
>>>>>> notice ('Assuming RHEL 6.x thus taking no action')
>>>>>> }
>>>>>> }
>>>>>> }
>>>>>>
>>>>>> # pwd
>>>>>> /etc/puppetlabs/code/environments/production/data
>>>>>> # more nodes/lhcsrvprdidm02.fixnetix.com.yaml
>>>>>> ---
>>>>>> grubipv6disable::enable: false
>>>>>>
>>>>>> Seems hiera is not being read.
>>>>>>
>>>>>> Any further help you can provide would be appreciated
>>>>>>
>>>>>> Thanks,
>>>>>> Dan.
>>>>>> On Friday, September 18, 2020 at 12:43:26 PM UTC+1 Martin Alfke wrote:
>>>>>>
>>>>>>> Add a parameter to grubipv6disable class which controls the internal
>>>>>>> behaviour.
>>>>>>>
>>>>>>> https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables
>>>>>>>
>>>>>>> e.g.
>>>>>>>
>>>>>>> # modules/grubipv6disable/manifests/init.pp
>>>>>>> class grubipv6disable (
>>>>>>> Boolean $enable = true,
>>>>>>> ){
>>>>>>> if $enable {
>>>>>>> # add here the code from the class.
>>>>>>> }
>>>>>>> }
>>>>>>>
>>>>>>> Now you add hiera.yaml to your control-repo and add node specific
>>>>>>> data.
>>>>>>> https://puppet.com/docs/puppet/6.17/hiera_intro.html
>>>>>>>
>>>>>>> e.g.
>>>>>>> data/nodes/<nodename>.yaml
>>>>>>> ---
>>>>>>> grubipv6disable::enable: false
>>>>>>>
>>>>>>> Hth,
>>>>>>> Martin
>>>>>>>
>>>>>>>
>>>>>>> On 17. Sep 2020, at 19:19, [email protected] <[email protected]>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hello experts,
>>>>>>>
>>>>>>> I apply all my current classes like so:
>>>>>>>
>>>>>>> # cat site.pp
>>>>>>>
>>>>>>> node default {
>>>>>>> class { 'selinux':
>>>>>>> mode => 'permissive',
>>>>>>> type => 'targeted', }
>>>>>>> class { 'commonpackages': }
>>>>>>> class { 'polkit': }
>>>>>>> class { 'libstoragemgmt': }
>>>>>>> class { 'rngd': }
>>>>>>> class { 'gssproxy': }
>>>>>>> class { 'smartd': }
>>>>>>> class { 'firewalld': }
>>>>>>> class { 'grubipv6disable': }
>>>>>>> class { 'grubrootpasswd': }
>>>>>>> class { 'grubcrash': }
>>>>>>> class { 'logrotate': }
>>>>>>> class { 'htop': }
>>>>>>> class { 'vim': }
>>>>>>> class { 'yum': }
>>>>>>> class { 'yumlocalrepo': }
>>>>>>> class { 'sysctl': }
>>>>>>> class { 'sysconfig': }
>>>>>>> class { 'bashrc': }
>>>>>>> class { 'vault': }
>>>>>>> class { 'useradd': }
>>>>>>> class { 'crontab': }
>>>>>>> class { 'modprobe': }
>>>>>>> class { 'rsyslogd': }
>>>>>>> class { 'sudoers': }
>>>>>>> class { 'motd': }
>>>>>>> class { 'pam': }
>>>>>>> class { 'issue': }
>>>>>>> class { 'issuenet': }
>>>>>>> class { 'limits': }
>>>>>>> class { 'timezone': }
>>>>>>> class { 'profiled': }
>>>>>>> class { 'pulpconsumer': }
>>>>>>> class { 'resolver': }
>>>>>>> class { 'aide': }
>>>>>>> class { 'autofs': }
>>>>>>> class { 'vmtoolsd': }
>>>>>>> class { 'ntpd': }
>>>>>>> class { 'postfix': }
>>>>>>> class { 'auditd': }
>>>>>>> class { 'sshd': }
>>>>>>> class { 'idmclient': }
>>>>>>> }
>>>>>>>
>>>>>>> However, it's now become apparent that I need to exclude the
>>>>>>> grubipv6disable from some nodes (all have idm0 in their hostname).
>>>>>>>
>>>>>>> What is the best way (or the less complicated) to achive this?
>>>>>>>
>>>>>>> Thanks in advance.
>>>>>>> Dan.
>>>>>>>
>>>>>>> --
>>>>>>> You received this message because you are subscribed to the Google
>>>>>>> Groups "Puppet Users" group.
>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>> send an email to [email protected].
>>>>>>> To view this discussion on the web visit
>>>>>>> https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com
>>>>>>>
>>>>>>> <https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>>>> .
>>>>>>>
>>>>>>>
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Puppet Users" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to [email protected].
>>>>>>
>>>>>> To view this discussion on the web visit
>>>>>> https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com
>>>>>>
>>>>>> <https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>>> .
>>>>>>
>>>>>>
>>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "Puppet Users" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to [email protected].
>>>>>
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/d/msgid/puppet-users/6ce33b24-d9e3-4c5d-bb9f-9295f900db36n%40googlegroups.com
>>>>>
>>>>> <https://groups.google.com/d/msgid/puppet-users/6ce33b24-d9e3-4c5d-bb9f-9295f900db36n%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>> .
>>>>>
>>>>>
>>>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>>
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/puppet-users/4dd65c40-7489-4c9e-81db-0c75f2a43cddn%40googlegroups.com
>>>
>>> <https://groups.google.com/d/msgid/puppet-users/4dd65c40-7489-4c9e-81db-0c75f2a43cddn%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>>
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>>
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/a6ea6ef0-94a8-426c-9df8-34f102ef8b76n%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/puppet-users/a6ea6ef0-94a8-426c-9df8-34f102ef8b76n%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>>
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
>
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/7d82ef09-ada0-4b07-a894-a7068b09c954n%40googlegroups.com
>
> <https://groups.google.com/d/msgid/puppet-users/7d82ef09-ada0-4b07-a894-a7068b09c954n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/11d51fef-0c96-4feb-bbe9-924f8efedad2n%40googlegroups.com.
