Created
August 10, 2018 18:11
-
-
Save natemccurdy/ca2ae3f71e29bfe1a66ca1fadce6c5ee to your computer and use it in GitHub Desktop.
An example of the containment problem with roles and profiles in Puppet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A WebServer role that may have a containment problem. | |
| class role::webserver { | |
| include profile::base | |
| include profile::nginx | |
| # We want EVERYTHING in base to come before the nginx profile | |
| # but that is only possible if the base profile "contains" all of its | |
| # included classes. | |
| Class['profile::base'] | |
| -> Class['profile::nginx'] | |
| } | |
| class profile::base { | |
| ## Here be containment issues! | |
| #include profile::firewall | |
| #include profile::os_settings | |
| #include profile::ldap | |
| #include profile::yum | |
| #include profile::users | |
| ## To allow other classes to make relationships to base, | |
| ## we should instead contain those included classes. | |
| contain profile::firewall | |
| contain profile::os_settings | |
| contain profile::ldap | |
| contain profile::yum | |
| contain profile::users | |
| } | |
| class profile::nginx { | |
| class { 'nginx': | |
| foo => 'bar', | |
| baz => 'buz', | |
| } | |
| firewalld::service { 'http': | |
| ensure => present, | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment