Ask Your Question
0

Separate ENC per environment

asked 2015-05-21 14:06:52 -0500

Hypnoz gravatar image

I'm trying to set my ENC as a simple script inside each $environment directory, like so:

external_nodes       = $confdir/environments/$environment/bin/enc.rb

but when I run a puppet agent, setting the environment from the CLI, like so:

puppet agent --environment=testing123 --test

it wants to use "production" environment anyways:

Warning: Error 400 on SERVER: Failed to find puppet001.example.com via exec: Execution of '/etc/puppet/environments/production/bin/enc.rb puppet001.example.com' returned 1

The puppet master is not reading the $environment that the puppet agent is sending, and is instead using the "environment" variable set in the [master] section on the puppet master (which is "production" by default).

I use git branch environments, so I'd really like to have my enc script, hieradata, and modules all in /etc/puppet/environments/$environment/ so I can test and merge those changes to production when I'm ready.

Thanks, Colin

edit retag flag offensive close merge delete

Comments

I don't believe what I am asking is possible, so I opened a feature request to have it added: https://tickets.puppetlabs.com/browse/PUP-4642

Hypnoz gravatar imageHypnoz ( 2015-05-21 19:20:35 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2015-05-22 10:58:34 -0500

millerjl1701 gravatar image

The external_nodes configuration parameter is part of the [master] section in the puppet.conf file and a paramater allowed in environment.conf.... It might be possible to write a wrapper script/enc that takes the node name, finds the environment it belongs, queries the ENC for the environment, and then returns the yaml output generated by the environment enc to the puppet master... I haven't tried that though.

If the purpose for using separate environments is to implement some sort of RBAC, use an ENC which is environment aware and can do RBAC based on that such as theForeman (http://theforeman.org/)...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-05-21 14:01:52 -0500

Seen: 188 times

Last updated: May 21 '15