Puppet 6 和模块 puppetlabs/accounts 不会以 Hiera YAML 格式创建用户帐户 [英] Puppet 6 and module puppetlabs/accounts does not create user account in Hiera YAML format
问题描述
当我运行 puppet agent --test 我没有错误输出但用户没有创建.
When I run puppet agent --test I have no errors output but the user did not create.
我的 puppet hira.yaml 配置是:
My puppet hira.yaml configuration is:
---
version: 5
datadir: "/etc/puppetlabs/code/environments"
data_hash: yaml_data
hierarchy:
- name: "Per-node data (yaml version)"
path: "%{::environment}/nodes/%{::trusted.certname}.yaml"
- name: "Common YAML hierarchy levels"
paths:
- "defaults/common.yaml"
- "defaults/users.yaml"
users.yaml 是:
users.yaml is:
accounts::user:
joed:
locked: false
comment: System Operator
uid: '1700'
gid: '1700'
groups:
- admin
- sudonopw
sshkeys:
- ssh-rsa ...Hw== sysop+moduledevkey@puppetlabs.com
推荐答案
Hiera 数据本身没有任何东西会导致 anything 应用于目标节点.在某处的清单或外部节点分类器脚本的输出中需要某种声明.此外,puppetlabs/accounts 模块只提供定义的类型,而不提供类.您可以将定义类型的数据存储在 Hiera 中并读回,但通过 Hiera 的自动参数绑定仅适用于类,而不适用于定义的类型.
Nothing in Hiera data itself causes anything to be applied to target nodes. Some kind of declaration is required in a manifest somewhere or in the output of an external node classifier script. Moreover, the puppetlabs/accounts module provides only defined types, not classes. You can store defined-type data in Hiera and read it back, but automated parameter binding via Hiera applies only to classes, not defined types.
简而言之,不会创建用户(也不会报告错误),因为没有将相关资源声明到目标节点的目录中.你没有给 Puppet 做任何事情.
In short, then, no user is created (and no error is reported) because no relevant resources are declared into the target node's catalog. You haven't given Puppet anything to do.
如果你想将存储的用户数据应用到你的节点,你会想要一些类似的东西:
If you want to apply the stored user data presented to your nodes, you would want something along these lines:
$user_data = lookup('accounts::user', Hash[String,Hash], 'hash', {})
$user_data.each |$user,$props| {
accounts::user { $user: * => $props }
}
这将进入与您的目标节点匹配的节点块,或者更好的是,进入由该节点块或等效项声明的类.这么几行就相当复杂了,但简而言之:
That would go into the node block matched to your target node, or, better, into a class that is declared by that node block or an equivalent. It's fairly complicated for so few lines, but in brief:
lookup函数在您的 Hiera 数据中查找关键的 'accounts::user'
the
lookupfunction looks up key 'accounts::user' in your Hiera data
- 对出现在层次结构不同级别的结果执行哈希合并
- 期望结果是带有字符串键和散列值的散列
- 如果没有找到结果,则默认为空哈希;
结果哈希中的映射被迭代,并且对于每个映射,accounts::user 定义类型的实例被声明
the mappings in the result hash are iterated, and for each one, an instance of the accounts::user defined type is declared
- 使用(外部)哈希键作为用户名,
- 以及与该键关联的值作为从参数名称到参数值的映射.
这篇关于Puppet 6 和模块 puppetlabs/accounts 不会以 Hiera YAML 格式创建用户帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
