On Tuesday, August 12, 2014 12:49:27 PM UTC-5, treydock wrote:
I have noticed a very strange problem on CentOS 7 nodes where they are
collecting and/or applying their exported resources. I have a class called
brazos::firewall that's used internally to export a firewall rule that is
then collected by brazos::gw to allow specific systems through the
gateway server's NAT. Below are the actual classes. I've found that on
CentOS 6 systems, the resource is correctly exported (NOT applied by
exporting host) and collected by the gw server. On CentOS 7 systems the
resource is exported, and also applied by the exporting host when it's not
supposed to be.
Are you applying you using agent and master, or are you just running
'puppet apply'? The former makes much more sense to me for exporting and
collecting resources (though I *think* the latter can work, too). On the
other hand, only if you are running 'puppet apply' does catalog compilation
happen in different environments for different machines. If you are
running in master/agent mode, then the problem must be in your manifests
and/or data.
Are you certain that the exported firewall rules are in fact being
collected on the wrong nodes? Is it possible that those rules were added
previously, and just not cleaned out? You can check by cleaning them out
manually and then rerunning Puppet, or by looking for them in the nodes'
catalogs.
Alternatively, are you certain that there is no other Firewall| |
collector somewhere in your manifests that might be picking up the rules at
issue?
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/2880f45a-ae80-4ee2-99a2-a24a551961cc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.