Ask Your Question
2

How do I read a local (agent) file using ERB/templates?

asked 2013-08-29 17:37:19 -0500

typedeaf gravatar image

updated 2013-08-30 00:17:57 -0500

I want to make a template that can read the local /etc/passwd file. I can only get the template to read from the files on the master, or pass it a file resource. I need this template to be dynamic based on the clients configuration.

Any of the erb code that works on file paths, ends up reading from the puppet master, not the agent/client. So forget using any standard File.open() family of ruby classes.

I can not use puppet variables or file resources, because the data is unique to the local client/agent. So forget about ... (more)

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
2

answered 2013-08-29 18:45:32 -0500

nibalizer gravatar image

updated 2013-08-29 18:45:49 -0500

The thing to understand is that Templates and Functions are evaluated on the Puppet Master.

If you wanted to the the content of any file but /etc/passwd, say /etc/myapp/version I would point you in the direction of Facts.

http://docs.puppetlabs.com/guides/custom_facts.html

https://puppetlabs.com/blog/facter-1-7-introduces-external-facts/

But there is a really good Puppet provider for creating user resources, which is what /etc/passwd is all about.

Let me ask you this, what are you really trying to do with Puppet, at a high level?

edit flag offensive delete link more

Comments

What I want to do is use information that is parsed from /etc/password to build a dynamic list of users for a User_Alias in /etc/sudoers. So, the template ...(more)

typedeaf gravatar imagetypedeaf ( 2013-08-30 00:12:04 -0500 )edit

Initially again, I am tempted to push you towards writing a fact for this. But again I hesitate. I don't think you want sudo access for every user in ...(more)

nibalizer gravatar imagenibalizer ( 2013-08-30 01:57:34 -0500 )edit

There are local users, managed by puppet, that are cluster unique. Their names match an easily matchable pattern. So what I am going to do, hopefully, is generate a list ...(more)

typedeaf gravatar imagetypedeaf ( 2013-08-30 10:28:57 -0500 )edit

If you're managing the users in Puppet, then it's trivial to also allow those users access via sudo. I assure you that trying to dynamically determine state on ...(more)

ramindk gravatar imageramindk ( 2013-08-30 10:50:19 -0500 )edit

I went with creating a custom fact to use in the sudoers template. Although I agree that since I manage the users in puppet, it should be trivial to integrate ...(more)

typedeaf gravatar imagetypedeaf ( 2013-09-03 10:50:48 -0500 )edit
2

answered 2013-08-29 23:39:09 -0500

Ancillas gravatar image

Functions run on the master, facts run on the agent. At a high level, this is the basic order of things.

  1. Agent runs facts and sends them to the master, requesting a catalog.
  2. Master classifies node using facts, runs custom functions, and compiles a catalog, sending it back to the agent.
  3. Agent applies the catalog.

Facts can be placed in a module, and synced to the agents via pluginsync (enabled in puppet.conf). See the facts page for more information.

Here's one of my custom facts that I wrote to read /etc/fstab and return an array of swap ... (more)

edit flag offensive delete link more

Comments

Yeah that occurred to me on the drive home. It's all precompiled on the server. Bummer. I suppose I could make a fact. I would probably do something very ...(more)

typedeaf gravatar imagetypedeaf ( 2013-08-30 00:13:35 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2013-08-29 17:37:19 -0500

Seen: 2,635 times

Last updated: Aug 30 '13