Ask Your Question

How can Puppet enforce only one role per node?

asked 2014-02-04 15:59:22 -0500

I am using the roles and profiles pattern and want to have Puppet enforce a given node only having one role assigned. If an additional role is assigned, I want to have the Puppet run fail (probably during catalogue compilation). What sort of solutions are possible to achieve this?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2014-02-04 17:19:05 -0500

One solution seems to be to have the same profile in each role and to declare it with class and not include.


class role::A {
  class { '::profile::common': }
  include '::profile::A'


class role::B {
  class { '::profile::common': }
  include '::profile::B'

If a node is declared with both role::A and role::B, this will result in a nice error during the Puppet run.

node localhost {
  include '::role::A'
  include '::role::B'
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: Class[Profile::Common] is already declared in file /etc/puppet/modules/role/manifests ...
edit flag offensive delete link more


This one works for me, but feel free to suggest other solutions. Like what if your site does not have a common profile between all roles?

razorsedge gravatar imagerazorsedge ( 2014-02-05 19:07:22 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools



Asked: 2014-02-04 15:59:22 -0500

Seen: 205 times

Last updated: Feb 04 '14