Puppet 循环，如果else超过erb模板中的hiera哈希_Puppet_Erb_Freeradius_Hiera

Puppet 循环，如果else超过erb模板中的hiera哈希

puppet

Puppet 循环，如果else超过erb模板中的hiera哈希,puppet,erb,freeradius,hiera,Puppet,Erb,Freeradius,Hiera,我的freeradius木偶模块快完成了。我现在面临的问题是如何在ERB模板中循环哈希键。我正在使用radius for 802.1x对用户进行身份验证。如果用户是特定LDAP组的成员，radius将为其分配与此组关联的vlan，依此类推。这是我当前的配置： /etc/freeradius/sites available/intre tunnel .... .... .... ldap if (LDAP-Group == vlan_101) { update reply {

我的freeradius木偶模块快完成了。我现在面临的问题是如何在ERB模板中循环哈希键。我正在使用radius for 802.1x对用户进行身份验证。如果用户是特定LDAP组的成员，radius将为其分配与此组关联的vlan，依此类推。这是我当前的配置：

/etc/freeradius/sites available/intre tunnel

.... .... .... ldap if (LDAP-Group == vlan_101) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = 101 } } elsif (LDAP-Group == vlan_102) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = 102 } } elsif (LDAP-Group == vlan_103) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = 103 } } else { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = 110 } } .... .... ....
我想通过ERB模板创建此文件
普通。yaml

test_freeradius::tunnel: 'vlan_101': vlan: '101' 'vlan_102': vlan: '102' 'vlan_103': vlan: '103' 'vlan_110': vlan: '110'

define test_freeradius::tunnel ( $vlan, ){ include test_freeradius::service file { '/etc/freeradius/sites-available/inner-tunnel' : ensure => 'file', owner => 'root', group => 'freerad', mode => '0644', content => template("${module_name}/tunnel.erb"), require => Class['test_freeradius::install'], notify => Service['freeradius'], } }

define test_freeradius::tunnel ( $vlan, ){ include test_freeradius::service ensure_resource('file', '/etc/freeradius/sites-available/inner-tunnel', { ensure => 'file', owner => 'root', group => 'freerad', mode => '0644', content => template("${module_name}/tunnel.erb"), require => Class['test_freeradius::install'], notify => Service['freeradius'], } ) ensure_resource('file', '/etc/freeradius/sites-enabled/inner-tunnel', { ensure => 'link', target => '/etc/freeradius/sites-available/inner-tunnel', } ) }
我使用下面的定义
定义测试半径：：隧道

test_freeradius::tunnel: 'vlan_101': vlan: '101' 'vlan_102': vlan: '102' 'vlan_103': vlan: '103' 'vlan_110': vlan: '110'

define test_freeradius::tunnel ( $vlan, ){ include test_freeradius::service file { '/etc/freeradius/sites-available/inner-tunnel' : ensure => 'file', owner => 'root', group => 'freerad', mode => '0644', content => template("${module_name}/tunnel.erb"), require => Class['test_freeradius::install'], notify => Service['freeradius'], } }

define test_freeradius::tunnel ( $vlan, ){ include test_freeradius::service ensure_resource('file', '/etc/freeradius/sites-available/inner-tunnel', { ensure => 'file', owner => 'root', group => 'freerad', mode => '0644', content => template("${module_name}/tunnel.erb"), require => Class['test_freeradius::install'], notify => Service['freeradius'], } ) ensure_resource('file', '/etc/freeradius/sites-enabled/inner-tunnel', { ensure => 'link', target => '/etc/freeradius/sites-available/inner-tunnel', } ) }
现在在init.pp中调用它
init.pp

.... .... $groups = hiera('test_freeradius::tunnel') create_resources(test_freeradius::tunnel, $groups) .... ....

是否可以使用ERB模板创建内部隧道文件，我如何才能做到？或者我应该将它作为一个没有hiera的简单文件使用，并在文件中进行更改吗？
我可以解决它，因此我不知道它是否是一个干净的ruby代码。由于
文件
资源的声明重复，我不得不重新安排定义
定义测试半径：：隧道

test_freeradius::tunnel: 'vlan_101': vlan: '101' 'vlan_102': vlan: '102' 'vlan_103': vlan: '103' 'vlan_110': vlan: '110'

define test_freeradius::tunnel ( $vlan, ){ include test_freeradius::service file { '/etc/freeradius/sites-available/inner-tunnel' : ensure => 'file', owner => 'root', group => 'freerad', mode => '0644', content => template("${module_name}/tunnel.erb"), require => Class['test_freeradius::install'], notify => Service['freeradius'], } }

define test_freeradius::tunnel ( $vlan, ){ include test_freeradius::service ensure_resource('file', '/etc/freeradius/sites-available/inner-tunnel', { ensure => 'file', owner => 'root', group => 'freerad', mode => '0644', content => template("${module_name}/tunnel.erb"), require => Class['test_freeradius::install'], notify => Service['freeradius'], } ) ensure_resource('file', '/etc/freeradius/sites-enabled/inner-tunnel', { ensure => 'link', target => '/etc/freeradius/sites-available/inner-tunnel', } ) }
以下是隧道的相关部分。erb：
隧道.erb

..... ..... ..... ldap <% @groups.each do |key,value| -%> <% if key == 'vlan_10' %> if (LDAP-Group == vlan_10) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = 10 } } <% else %> elsif (LDAP-Group == <%= key %>) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = <%= value['vlan'] %> } } <% end -%> <% end -%> ..... ..... .....

。。。。。 ..... ..... ldap 如果（LDAP组==vlan_10）{ 更新回复{ 隧道类型=VLAN 隧道介质类型=IEEE-802 隧道专用组ID=10 } } elsif（LDAP组==）{ 更新回复{ 隧道类型=VLAN 隧道介质类型=IEEE-802 隧道专用组ID= } } ..... ..... .....
我去掉了上一个
else
语句，因为我将为来宾LAN和WLAN使用LDAP组
我很乐意为您提供一些建议，使代码更简洁一些

谢谢
傀儡哈希在ERB中作为Ruby哈希公开。您可以通过所有Ruby哈希提供的方法访问其密钥集、查找值或迭代整个哈希。@JohnBollinger，谢谢您的回复。我这里的问题是
elsif
和
else
语句。我认为，只要使用
if
语句，就可以通过循环键和添加值来简化一条语句。我只是找不到使用
elsif
和
else
语句的方法。