On Friday, March 28, 2014 2:14:12 PM UTC-5, Martin Langhoff wrote:
>
> On Friday, March 28, 2014 3:08:00 PM UTC-4, Jose Luis Ledesma wrote:
>
>> Realize some of them
>>
> Right. That does not address my concern, which is the implicit realize.
>
> The rule for which users we realize on our infra are orthogonal to the
> modules that define functionality; and need to remain so...
>
>
You can still use tagging to support what you want, provided that you are
willing to assign tags everywhere that you realize users. For example:
# Some random place:
User<| title='alice' |> {
tag +> 'present'
}
# and similar everywhere else that you realize a User
# Elsewhere:
User <| groups == 'wheel' and tag == 'present' |> {
groups +> [ 'apache' ]
}
You can also override the parameters of specific users via a collector if
you intend them to be present anyway
User <| title == 'adam_the_administrator' |> {
groups +> [ 'apache' ]
}
. Or you can override parameters of specific users without realizing them
if you to so in a subclass:
class our_web_users inherits our_users {
# Declared in class 'our_users':
User['david_the_developer'] {
groups +> [ 'apache' ]
}
}
Puppet DSL provides no mechanism, however, for selecting resources via a
search expression without realizing all virtual resources among those
selected.
Perhaps, however, you could do something clever at the point where you
declare the users in the first place. If class our_users has some kind of
visibility of whether the target node is (supposed to be) a web server,
then it could initially declare users with the correct groups, so that you
don't have to perform any fixup later. "Some kind of visibility" could be
achieved via hiera or with the help of the roles & profiles pattern; there
are probably other alternatives as well.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/e477ac3e-04bc-4adb-8a72-699c83183aca%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
