Ask Your Question

How to export resource with dynamic content from agent?

asked 2014-06-20 07:05:32 -0500

I'm deploying a riak node (a no-sql database) with puppet. I also need to deploy application nodes where the applications need to be configured with credentials for accessing the riak database.

Creating the riak system includes creating accounts in the riak system (using the exec type). The response from this account creation includes the public/private key pair for the account. These riak account key pairs are to be used in the applications on other nodes, which need to access the riak database.

I would like to use Exported Resources to store these keys in puppetdb and retrieve them later on other nodes when required.

The problem with this is that I don't know these keys when the catalog for the riak node is compiled on the puppet master. The keys are created dynamically by the riak system when the agent applies the catalog on the riak node, and by then it's too late for any variable interpolation in my exported resource definition.

How can I pick up data that is generated during the puppet agent run on the riak node so that it can be sent back to puppetdb as an exported resource?

Or should I forget about exported resources and do it in a completely different way?

edit retag flag offensive close merge delete


I thought of a workaround using facts to pick up the keys, and reference these facts in the exported resource. I think this could work, except it would take two rounds of puppet agent runs to retrieve the keys (first create the keys, second populate the facts) => a very ugly workaround, IMO.

MikaelBarfred gravatar imageMikaelBarfred ( 2014-06-20 07:11:52 -0500 )edit

1 answer

Sort by ยป oldest newest most voted

answered 2015-05-11 14:01:34 -0500

JohnsonEarls gravatar image

I don't know riak, but would it be possible to generate the keys on the puppet server during catalog compilation, and then pass the private key to the riak server and export the public key?

edit flag offensive delete link more


No, unfortunately not. The keys are generated by the Riak application after it is installed on the node. Anyway, I got it working as I described in the comment to the question, and I've accepted to live with the fact that puppet agent need to be run twice to complete the configuration.

MikaelBarfred gravatar imageMikaelBarfred ( 2015-05-12 03:32:05 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools



Asked: 2014-06-20 07:05:32 -0500

Seen: 305 times

Last updated: May 11 '15