我对木偶还很陌生,所以这可能只是我没有看到显而易见的东西。
我想使用 puppetlabs-firewall 模块,并编写了一个自己的小模块。init.pp 如下所示:
class cmmfirewall {
resources { 'firewall':
purge => true,
}
Firewall {
before => Class['cmmfirewall::postv4', 'cmmfirewall::postv6'],
require => Class['cmmfirewall::prev4', 'cmmfirewall::prev6'],
}
class { ['cmmfirewall::prev4', 'cmmfirewall::postv4']: }
class { ['cmmfirewall::prev6', 'cmmfirewall::postv6']: }
}
当我将此类应用到节点时,我收到以下消息:
err: Failed to apply catalog: Parameter name failed on Resources[firewall]: Could not find resource type 'firewall' at /etc/puppet/environments/testing/modules/cmmfirewall/manifests/init.pp:42
代理上的 puppet.conf 如下所示:
# File managed by Puppet
[main]
vardir = /var/lib/puppet
ssldir = $vardir/ssl
logdir = /var/log/puppet
rundir = /var/run/puppet
modulepath = /etc/puppet/modules:/opt/puppet/share/puppet/modules
user = puppet
group = puppet
archive_files = true
archive_file_server = handsoff.dc0.mynetwork.de
[agent]
certname = test3.dc0.mynetwork.de
server = handsoff.dc0.mynetwork.de
report = true
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
graph = true
pluginsync = true
runinterval = 300
如您所见,pluginsync 应该已激活,但 modulepath 中的两个文件夹/etc/puppet/modules:/opt/puppet/share/puppet/modules都是空的。所以我猜问题出在某个地方,pluginsync 无法像我预期的那样工作。
有人能指出我在哪里寻找错误的正确方向吗?
答案1
好的,实际上,当我将 puppetlabs-firewall 模块复制到我的公共文件夹(包含在测试和生产两个环境中)时,它就起作用了。
现在我真的很想知道为什么。这是 puppetmaster 配置文件。也许有人可以告诉我为什么它的行为是这样的。
### File managed with puppet ###
## Module: 'puppet'
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
# Allow services in the 'puppet' group to access key (Foreman + proxy)
privatekeydir = $ssldir/private_keys { group = service }
hostprivkey = $privatekeydir/$certname.pem { mode = 640 }
# Puppet 3.0.x requires this in both [main] and [master] - harmless on agents
autosign = $confdir/autosign.conf { mode = 664 }
show_diff = false
### Next part of the file is managed by a different template ###
## Module: 'puppet'
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$statedir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
# Disable the default schedules as they cause continual skipped
# resources to be displayed in Foreman - only for Puppet >= 3.4
default_schedules = false
report = true
pluginsync = true
masterport = 8140
environment = production
certname = handsoff.dc0.mynetwork.de
server = handsoff.dc0.mynetwork.de
listen = false
splay = false
runinterval = 300
noop = false
configtimeout = 120
### Next part of the file is managed by a different template ###
## Module: 'puppet'
[master]
autosign = $confdir/autosign.conf { mode = 664 }
reports = foreman
external_nodes = /etc/puppet/node.rb
node_terminus = exec
ca = true
ssldir = /var/lib/puppet/ssl
certname = handsoff.dc0.mynetwork.de
strict_variables = false
[production]
modulepath = /etc/puppet/environments/production/modules:/etc/puppet/environments/common:/usr/share/puppet/modules
config_version =
[testing]
modulepath = /etc/puppet/environments/testing/modules:/etc/puppet/environments/common:/usr/share/puppet/modules
config_version =