All geek questions in one place

Puppet clients using empty classes (with default settings)

Problem: Servers running the puppet in my environment get empty [classes] (no parameters) instead of the expected parameters stored in their Hiera document. This leads to the fact that the puppet modules work with zero parameters, which in turn forces them to successfully execute default values instead of the actual expected values ​​(which is clearly undesirable and destructive).

What causes the problem? Our Hiera are based on the CouchDB document database (as I continue). When the CouchDB service is disabled, puppet agents (after requesting puppets for the new catalog) get empty [classes] (no parameters) instead of the expected parameters stored in their Hiera document.

The architecture of my environment:

  • 4 Leading Dolly Servers in NetworkLoadBalancer (Cisco Ace)
  • 1 puppet server
  • 2 Hiera servers (couchDB 1.6.0) per NetworkLoadBalancer (Cisco Ace)
  • all server OS - RedHat 6.3
  • Puppet version 3.7.4
  • Puppet theater owners communicate with hiera servers with Http_Backend v1.0.1
  • Using puppetDB with postgress sql to maintain server inventory.

How can we model the problem?

  • CouchDB Hiera - hiera01 ( ), .

  • "connection reject..." , hiera01 20 .

  • , couchdb .

  • hiera02.

  • , master hiera01 - !!!

[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = %vardir/ssl {group = service, mode = 640}
ca = false
certname = master_server_01.domain
dns_alt_names = puppet-master-ace.domain, puppet-master-ace
use_srv_records = true
pluginsource = puppet:///plugins
pluginfactsource = puppet:///pluginfacts
reports = log, foreman
enviromentpath = $confdir/enviroments
basemodulepath = $confdir/modules

[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig

[master]
storeconfigs = true
storeconfigs_backend = puppetdb
always_cache_features = true

Hiera.yaml(-)

---
:backends:
 - http
 - yaml
:hierarchy:
 - "%{fqdn}"
 - "%{enviroment}"
 - common
:http:
 :host: hieraserverace.domain
 :use_auth: true
 :auth_user: admin
 :auth_pass: Passowrd
 :api_user: apiUser
 :api_pass: apipassword
 :merge_behavior: deeper
 :port: 5984
 :output: json
 :failure: graceful
 :path:
  - "/%{environment}/%{fqdn}"
  - "/%{environment}/%{osfamily}"
  - "/%{environment}/%{enviroment}"
  - "/%{environment}/common"

:yaml:
 :datadir: /etc/puppet/hieradata

  • - , .
  • hieradata ( yaml)

!

PS: , - , .

+4

:

Source: https://habr.com/ru/post/1630040/

More articles:


All Articles